daniel
/
oshipka
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix some permissions

This commit is contained in:
Daniel Tsvetkov 2023-07-22 13:05:11 +03:00
parent 688b093155
commit 755487ee14
4 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
oshipka/persistance/__init__.py
View File

@ -369,7 +369,7 @@ def generate_permissions():
f.write("{},,permission.change_owner,models.{},,0\n".format(subject, model)) f.write("{},,permission.change_owner,models.{},,0\n".format(subject, model))
for permission in DEFAULT_MODEL_PERMISSIONS: for permission in DEFAULT_MODEL_PERMISSIONS:
# TODO: TEST AND FIX THIS - VERY NAIVE RIGHT NOW!!! # TODO: TEST AND FIX THIS - VERY NAIVE RIGHT NOW!!!
this_perm = int(not model_acls.get(permission)['authn']) this_perm = int(model_acls.get(permission)['authn'])
f.write("{},,model.{},models.{},,{}\n".format(subject, permission, model, this_perm)) f.write("{},,model.{},models.{},,{}\n".format(subject, permission, model, this_perm))
for column in model_view.definitions.get('columns'): for column in model_view.definitions.get('columns'):
column_name = column.get('name') column_name = column.get('name')

2
oshipka/webapp/default_routes.py
View File

@ -24,7 +24,7 @@ def get_media(model_name, instance_id, column, filepath):
if not instance: if not instance:
abort(404) abort(404)
verb = "{}.read".format(column) verb = "{}.read".format(column)
if not has_permission(model_name, verb, instance): if not has_permission(model_name, verb, action_prefix='column', object_prefix="columns"): # TODO: , instance):
abort(401) abort(401)
return send_from_directory(MEDIA_DIR, filepath) return send_from_directory(MEDIA_DIR, filepath)

3
oshipka/webapp/views.py
View File

@ -24,7 +24,8 @@ MODEL_VIEWS = dict()
def has_permission(obj, action, instance=None, object_prefix="models", action_prefix="model"): def has_permission(obj, action, instance=None, object_prefix="models", action_prefix="model"):
if object_prefix in ['models']: model_view = None
if object_prefix in ['models', 'columns']:
model_view = MODEL_VIEWS.get(obj, {}) model_view = MODEL_VIEWS.get(obj, {})
if not model_view: if not model_view:
return False return False

2
vm_gen/templates/html/_get.html
View File

@ -1,5 +1,5 @@
[%- for column in columns %] [%- for column in columns %]
{% if has_permission("[[ name|camel_to_snake ]]", "[[ column.name ]].read", instance) %} {% if has_permission("[[ name|camel_to_snake ]]", "[[ column.name ]].read", instance, object_prefix="columns", action_prefix="column") %}
{% if "[[ column.name ]]" not in skip_list %} {% if "[[ column.name ]]" not in skip_list %}
<li id="display-[[ name|camel_to_snake ]]-[[ column.name ]]"><strong>[%- if column.type in ['relationship'] and column.multiple %]{{ _("[[ column.name|pluralize ]]") }}[%- else %]{{ _("[[ column.name ]]") }}[%- endif %]</strong>: <li id="display-[[ name|camel_to_snake ]]-[[ column.name ]]"><strong>[%- if column.type in ['relationship'] and column.multiple %]{{ _("[[ column.name|pluralize ]]") }}[%- else %]{{ _("[[ column.name ]]") }}[%- endif %]</strong>:
[%- if not column.type in ['bool', 'boolean', ] %] [%- if not column.type in ['bool', 'boolean', ] %]