Fini de structurer les parties group, group_invitation et cluster pou…

…r models, views et serializer
ProjetSigma · Nov 25, 2016 · b552126 · b552126
1 parent 7800eed
commit b552126
Show file tree

Hide file tree

Showing 11 changed files with 412 additions and 354 deletions.
diff --git a/sigma_core/migrations/0032_auto_20161123_1711.py b/sigma_core/migrations/0032_auto_20161123_1711.py
@@ -0,0 +1,25 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.9 on 2016-11-23 16:11
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('sigma_core', '0031_auto_20161005_1803'),
+    ]
+
+    operations = [
+        migrations.RenameField(
+            model_name='group',
+            old_name='confidentiality',
+            new_name='user_confidentiality',
+        ),
+        migrations.AddField(
+            model_name='group',
+            name='visibility',
+            field=models.PositiveSmallIntegerField(default=0),
+        ),
+    ]
diff --git a/sigma_core/migrations/0033_remove_group_is_private.py b/sigma_core/migrations/0033_remove_group_is_private.py
@@ -0,0 +1,19 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.9 on 2016-11-25 08:07
+from __future__ import unicode_literals
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('sigma_core', '0032_auto_20161123_1711'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='group',
+            name='is_private',
+        ),
+    ]
diff --git a/sigma_core/models/cluster.py b/sigma_core/models/cluster.py
@@ -14,12 +14,21 @@ def save(self, *args, **kwargs):
         """
         Clusters are special groups: some params cannot be specified by user.
         """
-        self.is_private = False
         self.is_protected = True
-        self.can_anyone_join = False
+        self.can_anyone_ask = False
+        self.user_confidentiality= CONF_SECRET
+        self.visibility = CONF_PUBLIC
 
         return super().save(*args, **kwargs)
 
     @property
     def subgroups_list(self):
         return self.group_ptr.subgroups_list
+
+    @staticmethod
+    def has_read_permission(request):
+        return True
+
+    @staticmethod
+    def has_write_permission(request):
+        return request.user.is_authenticated() and request.user.is_sigma_admin()
diff --git a/sigma_core/models/group.py b/sigma_core/models/group.py
@@ -1,5 +1,6 @@
 from django.db import models
-
+from sigma_core.models.user import User
+from sigma_core.models.group_member import GroupMember
 
 class Group(models.Model):
     #########################
@@ -14,7 +15,6 @@ class Group(models.Model):
     # Fields #
     ##########
     name = models.CharField(max_length=254)
-    is_private = models.BooleanField(default=False)
     description = models.TextField(blank=True)
     is_protected = models.BooleanField(default=False) # if True, the Group cannot be deleted
     can_anyone_ask = models.BooleanField(default=False) #if True, people don't need invitation to ask to join
@@ -25,8 +25,14 @@ class Group(models.Model):
             CONF_PUBLIC -> The group is public (all members can be seen)
             CONF_NORMAL -> The group is normal (all members that I am connected to can be seen)
             CONF_SECRET -> The group is private (only the members can see themselves) """
-    confidentiality = models.PositiveSmallIntegerField(default=CONF_NORMAL)
+    user_confidentiality = models.PositiveSmallIntegerField(default=CONF_NORMAL)
 
+    """Set the visibility
+        If set to :
+            CONF_PUBLIC -> The group can be seen by everyone
+            CONF_NORMAL -> The group can be seen by people from acknowledged groups
+            CONF_SECRET -> The group can be seen only by people who are in it """
+    visibility= models.PositiveSmallIntegerField(default=CONF_PUBLIC)
 
     # Related fields:
     #   - invited_users (model User)
@@ -37,17 +43,18 @@ class Group(models.Model):
     #   - group_parents (model Group)
     # TODO: Determine whether 'memberships' fields needs to be retrieved every time or not...
 
-    @property
-    def subgroups_list(self):
-        return [ga.subgroup for ga in self.subgroups.filter(validated=True).select_related('subgroup')]
-
-    @property
-    def group_parents_list(self):
-        return [ga.parent_group for ga in self.group_parents.filter(validated=True).select_related('parent_group')]
-
-    @property
-    def members_count(self):
-        return self.memberships.count()
+    # WAS USED IN THE FRONT BUT WE MIGHT CHANGE IT
+    # @property
+    # def subgroups_list(self):
+    #     return [ga.subgroup for ga in self.subgroups.filter(validated=True).select_related('subgroup')]
+    #
+    # @property
+    # def group_parents_list(self):
+    #     return [ga.parent_group for ga in self.group_parents.filter(validated=True).select_related('parent_group')]
+    #
+    # @property
+    # def members_count(self):
+    #     return self.memberships.count()
 
     #################
     # Model methods #
@@ -67,6 +74,26 @@ def has_perm(self, perm, obj=None): # pragma: no cover
     def has_module_perms(self, app_label): # pragma: no cover
         return True
 
+    @staticmethod
+    def has_read_permission(request):
+        return True
+    @staticmethod
+    def has_write_permission(request):
+        return True
+
+    def has_object_read_permission(self, request):
+        return True
+
+    def has_object_update_permission(self, request):
+        if not request.user.can_modify_group_infos(self):
+            return False
+
+    def has_object_destroy_permission(self, request):
+        try:
+            user_mship=GroupMember.all().get(user=request.user,group=self)
+            return user_mship.is_super_administrator
+        except GroupMember.DoesNotExist:
+            return False
 
 class GroupAcknowledgment(models.Model):
     subgroup = models.ForeignKey(Group, related_name='group_parents')

diff --git a/sigma_core/models/group_invitation.py b/sigma_core/models/group_invitation.py
@@ -35,12 +35,12 @@ def has_write_permission(request):
     ## Read permissions
 
     @staticmethod
-    def has_list_permission(self, request):
+    def has_list_permission(request):
         return False
 
     def has_object_retrieve_permission(self, request):
         try:
-            if request.user.id == self.user.id:
+            if request.user.id == self.invitee.id:
                 return True
             else:
                 mb = GroupMember.objects.get(group=self.group.id, user=request.user.id)
@@ -57,7 +57,9 @@ def has_create_permission(request):
         try:
             if request.data.get('emmited_by_invitee'):
                 #check if the user who is connected is the invitee
-                return request.data.get('invitee') == request.user.id
+                #and if the group can be asked this way
+                group=request.data.get('group')
+                return (request.data.get('invitee').id == request.user.id and group.can_anyone_ask)
             else:
                 #here, the user is the one who created the invitation, not the invitee
                 mb = GroupMember.objects.get(group=request.data.get('group'), user=request.user.id)
@@ -73,7 +75,7 @@ def has_object_confirm_permission(self, request):
                 mb = GroupMember.objects.get(group=self.group.id, user=request.user.id)
                 return mb.can_invite
             else:
-                return request.user.id == self.user.id
+                return request.user.id == self.invitee.id
         except GroupMember.DoesNotExist:
             return False
 
@@ -84,10 +86,17 @@ def has_object_destroy_permission(self, request):
         #the people that can destroy the invitation are the invited,
         #and members of the group that have the adequate right
 
-        if request.user.id==self.user.id:
+        if request.user.id==self.invitee.id:
             return True
         try:
             mb = GroupMember.objects.get(group=self.group.id, user=request.user.id)
             return mb.can_invite
         except GroupMember.DoesNotExist:
             return False
+
+    #if not need_validation_to_join then the GroupMember is directly created
+    def save(self, *args, **kwargs):
+        if not need_validation_to_join:
+            GroupMember.objets.create(user=new_member,group=group)
+        else:
+            super(GroupInvitation, self).save(*args, **kwargs)
diff --git a/sigma_core/serializers/group.py b/sigma_core/serializers/group.py
@@ -10,4 +10,4 @@ class GroupSerializer(serializers.ModelSerializer):
     class Meta:
         model = Group
 
-    members_count = serializers.IntegerField(read_only=True)
+    #members_count = serializers.IntegerField(read_only=True)