Hide keyboard shortcuts

Hot-keys on this page

r m x p   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

# encoding='utf-8' 

# Translation https://stackoverflow.com/questions/2938692/ 

# django-internationalization-for-admin-pages-translate-model-name-and-attribute 

 

from django.db import models 

try: 

from django.utils.translation import ugettex_lazy as _ 

except: 

from django.utils.translation import gettext_lazy as _ 

from django.contrib.auth.models import Group 

 

 

class ViewAccess(models.Model): 

""" 

Implements security in views having a name. 

 

The view name is *view* attribute value. The security for view name is 

configured with next two attributes: type (type of security) and roles 

(only if type is By role). 

""" 

 

PUBLIC = 'pu' 

AUTHORIZED = 'au' 

BY_ROLE = 'br' 

 

ACCESS_TYPES = ( 

(PUBLIC, _('Public')), 

(AUTHORIZED, _('Authorized')), 

(BY_ROLE, _('By role')) 

) 

 

#: View's name to be secured. Value can be just a view name 'objects_a', 

#: with application name: 'app_name:index', or a nested configurations with 

#: namespaces: 'namespace_1:namespace_2:index'. 

view = models.CharField(max_length=255, unique=True, default=None, 

help_text=_(u'View name to be secured: ' 

u'<em>namespace:view_name</em>'), 

verbose_name=_(u'View')) 

#: The type of access as defined by ACCESS_TYPES 

type = models.CharField(max_length=2, choices=ACCESS_TYPES, default=None, 

help_text=_(u'Type of access for the view. ' 

u'Select from available options.'), 

verbose_name=_(u'Type')) 

#: One or more roles (:func:`django.contrib.auth.models.Group`) with access. 

#: This attributes can always be empty. If the type selected is *By role* 

#: and no roles are added to this attribute, then *checkviewaccess* will 

#: report an ERROR. 

roles = models.ManyToManyField(Group, help_text= 

_(u'Select the groups (roles) with view ' 

u'access if access type = By role.'), 

related_name='view_access', 

verbose_name=_(u'Roles'), 

blank=True) 

 

class Meta: 

verbose_name = _('View access') 

verbose_name_plural = _('Views access') 

 

def __str__(self): 

return self.view 

 

 

class TemplateAccess(models.Model): 

""" 

Implements content security. 

 

This model let administrator to add or remove Groups (roles) from *roles* 

attribute. In templates, users belonging to any added group will pass the 

check. 

""" 

#: Template's flag, text label, to identify each template access object. 

#: Flag must be unique. 

flag = models.CharField(max_length=255, unique=True, default=None, 

help_text=_(u'Unique between all applications.' 

u'Flag is used with template tag ' 

u'check_role to restrict access in ' 

u'templates.'), 

verbose_name=_(u'Flag')) 

#: One or more roles (:func:`django.contrib.auth.models.Group`) with access. 

roles = models.ManyToManyField(Group, help_text= 

_(u'Select the groups (roles) with access ' 

u'with check_role template tag and ' 

u'flag.'), 

related_name='template_access', 

verbose_name=_(u'Roles')) 

 

class Meta: 

verbose_name = _('Template access') 

verbose_name_plural = _('Templates access') 

 

def __str__(self): 

return self.flag