* Redo the permissions system again. It is now much simpler and the c…

…ode is easier to follow (sort of).

* The tests have been fixed. There still needs to a be a lot more testing to make sure that everything is correct.

django_kala/api/v1/projects/urls.py

@@ -27,11 +27,11 @@
         view=DocumentView.as_view()
     ),
 
-    path(
-        'projects/<int:pk>/permissions/',
-        name='project_permissions',
-        view=ProjectPermissionsView.as_view()
-    ),
+    # path(
+    #     'projects/<int:pk>/permissions/',
+    #     name='project_permissions',
+    #     view=ProjectPermissionsView.as_view()
+    # ),
     #
     # path(
     #     'projects/<int:project_pk>/documents/<int:document_pk>/settings',

django_kala/api/v1/projects/views.py

@@ -7,8 +7,7 @@
 from rest_framework import status
 from rest_framework.views import APIView
 
-from api.v1.serializers.permission_serializer import PermissionsSerializer
-from auth.models import Permissions
+# from api.v1.serializers.permission_serializer import PermissionsSerializer
 from projects.models import Project
 
 
@@ -27,38 +26,38 @@ class DocumentsView(APIView):
 class DocumentView(APIView):
     pass
 
-
-class ProjectPermissionsView(ListCreateAPIView, UpdateModelMixin):
-    serializer_class = PermissionsSerializer
-    queryset = Permissions.objects.all().select_related('permission').prefetch_related('permission')
-
-    def dispatch(self, request, pk, *args, **kwargs):
-        self.project = get_object_or_404(Project.objects.active(), pk=pk)
-        if not Permissions.has_perms(
-                [
-                    'change_project',
-                    'add_project',
-                    'delete_project'
-                ], request.user, self.project.uuid) and not Permissions.has_perms([
-                    'change_organization',
-                    'add_organization',
-                    'delete_organization'
-                ], request.user, self.project.organization.uuid) and not self.project.document_set.filter(
-            uuid__in=Permissions.objects.filter(
-                permission__codename__in=[
-                    'change_document',
-                    'add_document',
-                    'delete_document'
-                ], user=request.user).values_list('object_uuid', flat=True)).exists():
-            raise PermissionDenied(
-                _('You do not have permission to view this project.')
-            )
-        return super(ProjectPermissionsView, self).dispatch(request, *args, **kwargs)
-
-    def list(self, request, *args, **kwargs):
-        permissions = self.queryset.filter(object_uuid=self.project.uuid)
-        serializer = self.serializer_class(permissions, many=True)
-        return Response(serializer.data)
+#
+# class ProjectPermissionsView(ListCreateAPIView, UpdateModelMixin):
+#     serializer_class = PermissionsSerializer
+#     queryset = Permissions.objects.all().select_related('permission').prefetch_related('permission')
+#
+#     def dispatch(self, request, pk, *args, **kwargs):
+#         self.project = get_object_or_404(Project.objects.active(), pk=pk)
+#         if not Permissions.has_perms(
+#                 [
+#                     'change_project',
+#                     'add_project',
+#                     'delete_project'
+#                 ], request.user, self.project.uuid) and not Permissions.has_perms([
+#                     'change_organization',
+#                     'add_organization',
+#                     'delete_organization'
+#                 ], request.user, self.project.organization.uuid) and not self.project.document_set.filter(
+#             uuid__in=Permissions.objects.filter(
+#                 permission__codename__in=[
+#                     'change_document',
+#                     'add_document',
+#                     'delete_document'
+#                 ], user=request.user).values_list('object_uuid', flat=True)).exists():
+#             raise PermissionDenied(
+#                 _('You do not have permission to view this project.')
+#             )
+#         return super(ProjectPermissionsView, self).dispatch(request, *args, **kwargs)
+#
+#     def list(self, request, *args, **kwargs):
+#         permissions = self.queryset.filter(object_uuid=self.project.uuid)
+#         serializer = self.serializer_class(permissions, many=True)
+#         return Response(serializer.data)
 
 class DocumentPermissionsView(APIView):
     pass

django_kala/api/v1/serializers/permission_serializer.py

@@ -1,25 +1,25 @@
-from django.contrib.auth import get_user_model
-from django.contrib.auth.models import Permission
-from rest_framework import serializers
-
-from auth.models import Permissions
-
-User = get_user_model()
-
-
-class UserSerializer(serializers.ModelSerializer):
-    class Meta:
-        model = User
-        fields = ('id', 'email', 'first_name', 'last_name')
-
-
-class PermissionSerializer(serializers.ModelSerializer):
-    class Meta:
-        model = Permission
-        fields = ('id', 'name')
-
-
-class PermissionsSerializer(serializers.ModelSerializer):
-    class Meta:
-        model = Permissions
-        fields = ['user', 'permission', 'object_uuid']
+# from django.contrib.auth import get_user_model
+# from django.contrib.auth.models import Permission
+# from rest_framework import serializers
+#
+# from auth.models import Permissions
+#
+# User = get_user_model()
+#
+#
+# class UserSerializer(serializers.ModelSerializer):
+#     class Meta:
+#         model = User
+#         fields = ('id', 'email', 'first_name', 'last_name')
+#
+#
+# class PermissionSerializer(serializers.ModelSerializer):
+#     class Meta:
+#         model = Permission
+#         fields = ('id', 'name')
+#
+#
+# class PermissionsSerializer(serializers.ModelSerializer):
+#     class Meta:
+#         model = Permissions
+#         fields = ['user', 'permission', 'object_uuid']

django_kala/auth/forms/manage_access.py

@@ -1,29 +1,28 @@
 from django import forms
 
-from auth.models import Permissions
 from django.contrib.auth.models import Permission
 
 
-def manage_access_forms(request, obj, app_label):
+def manage_access_forms(request, obj, permission_class, field):
     forms = []
 
-    can_create = Permission.objects.get(codename='can_create', content_type__app_label=app_label)
-    can_invite = Permission.objects.get(codename='can_invite', content_type__app_label=app_label)
-    can_manage = Permission.objects.get(codename='can_manage', content_type__app_label=app_label)
+    can_create = Permission.objects.get(codename='can_create', content_type__app_label='{0}s'.format(field))
+    can_invite = Permission.objects.get(codename='can_invite', content_type__app_label='{0}s'.format(field))
+    can_manage = Permission.objects.get(codename='can_manage', content_type__app_label='{0}s'.format(field))
 
     users = request.user.get_users()
-    permissions = Permissions.objects.filter(
-        object_uuid=obj.uuid,
-        user__in=users,
-    ).select_related(
+    permissions = permission_class.objects.filter(**{
+            field: obj,
+            "user__in": users
+    }).select_related(
         'permission',
         'user'
     )
 
     for user in users:
         forms.append(ManageAccessForm(
             request.POST or None,
-            organization=obj,
+            obj=obj,
             user=user,
             can_create=can_create,
             can_invite=can_invite,
@@ -40,7 +39,7 @@ def __init__(self, *args, **kwargs):
         self.can_invite = kwargs.pop('can_invite')
         self.can_manage = kwargs.pop('can_manage')
 
-        self.organization = kwargs.pop('organization')
+        self.obj = kwargs.pop('obj')
         self.user = kwargs.pop('user')
         self.permissions_dict = {}
         for permission in kwargs.pop('permissions'):
@@ -60,41 +59,41 @@ def __init__(self, *args, **kwargs):
             label='',
             initial=True if 'can_create' in self.permissions_dict.get(self.user.pk, []) else False,
             widget=forms.CheckboxInput(
-                attrs={'pk': self.organization.pk}
+                attrs={'pk': self.obj.pk}
             )
         )
         self.fields['can_invite_{0}'.format(self.user.pk)] = forms.BooleanField(
             required=False,
             label='',
             initial=True if 'can_invite' in self.permissions_dict.get(self.user.pk, []) else False,
             widget=forms.CheckboxInput(
-                attrs={'pk': self.organization.pk}
+                attrs={'pk': self.obj.pk}
             )
         )
         self.fields['can_manage_{0}'.format(self.user.pk)] = forms.BooleanField(
             required=False,
             label='',
             initial=True if 'can_manage' in self.permissions_dict.get(self.user.pk, []) else False,
             widget=forms.CheckboxInput(
-                attrs={'pk': self.organization.pk}
+                attrs={'pk': self.obj.pk}
             )
         )
 
     def save(self):
         if self.cleaned_data['can_create_{0}'.format(self.user.pk)]:
             if 'can_create' not in self.permissions_dict.get(self.user.pk, []):
-                self.organization.add_create(self.user)
+                self.obj.add_create(self.user)
         elif 'can_create' in self.permissions_dict.get(self.user.pk, []):
-            self.organization.delete_create(self.user)
+            self.obj.delete_create(self.user)
 
         if self.cleaned_data['can_invite_{0}'.format(self.user.pk)]:
             if 'can_invite' not in self.permissions_dict.get(self.user.pk, []):
-                self.organization.add_invite(self.user)
+                self.obj.add_invite(self.user)
         elif 'can_invite' in self.permissions_dict.get(self.user.pk, []):
-            self.organization.delete_invite(self.user)
+            self.obj.delete_invite(self.user)
 
         if self.cleaned_data['can_manage_{0}'.format(self.user.pk)]:
             if 'can_manage' not in self.permissions_dict.get(self.user.pk, []):
-                self.organization.add_manage(self.user)
+                self.obj.add_manage(self.user)
         elif 'can_manage' in self.permissions_dict.get(self.user.pk, []):
-            self.organization.delete_manage(self.user)
+            self.obj.delete_manage(self.user)

django_kala/auth/migrations/0003_auto_20181002_0231.py

@@ -0,0 +1,27 @@
+# Generated by Django 2.0.8 on 2018-10-02 00:15
+from django.db import migrations
+
+
+def create_permission(Permission, content_type, name):
+    Permission.objects.get_or_create(name='Can manage {0}'.format(name), content_type=content_type, codename='can_manage')
+    Permission.objects.get_or_create(name='Can invite users to {0}'.format(name), content_type=content_type, codename='can_invite')
+    Permission.objects.get_or_create(name='Can create {0}'.format(name), content_type=content_type, codename='can_create')
+
+
+def create_permissions(apps, schema_editor):
+    ContentType = apps.get_model("contenttypes", "ContentType")
+    Permission = apps.get_model("auth", "Permission")
+    create_permission(Permission, ContentType.objects.get_or_create(app_label='documents', model='document')[0], 'documents')
+    create_permission(Permission, ContentType.objects.get_or_create(app_label='projects', model='project')[0], 'projects')
+    create_permission(Permission, ContentType.objects.get_or_create(app_label='organizations', model='organization')[0], 'organizations')
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('kala_auth', '0002_auto_20180116_0036'),
+    ]
+
+    operations = [
+        migrations.RunPython(create_permissions),
+    ]

django_kala/auth/migrations/0004_auto_20181009_0252.py

@@ -0,0 +1,25 @@
+# Generated by Django 2.0.8 on 2018-10-09 02:52
+
+import auth.models
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('kala_auth', '0003_auto_20181002_0231'),
+    ]
+
+    operations = [
+        migrations.AlterModelManagers(
+            name='user',
+            managers=[
+                ('objects', auth.models.KalaUserManager()),
+            ],
+        ),
+        migrations.AlterField(
+            model_name='user',
+            name='last_name',
+            field=models.CharField(blank=True, max_length=150, verbose_name='last name'),
+        ),
+    ]