WIP: Refactor permissions

dc37e79f · Skia · f7bfd6da · dc37e79f · dc37e79f
Commit dc37e79f authored Dec 08, 2015 by Skia
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 11 deletions

core/models.py core/models.py +2 -2

core/views/__init__.py core/views/__init__.py +10 -9

No files found.
--- a/core/models.py
+++ b/core/models.py
@@ -251,7 +251,7 @@ class Page(models.Model):
            raise AlreadyLocked("The page is already locked by someone else")
        Page.lock_mutex[self.pk] = {'user': user,
                                    'time': timezone.now()}
-        # print("Locking page")
+        print("Locking page")

    def set_lock_recursive(self, user):
        """
@@ -264,7 +264,7 @@ class Page(models.Model):
    def unset_lock(self):
        """Always try to unlock, even if there is no lock"""
        Page.lock_mutex.pop(self.pk, None)
-        # print("Unlocking page")
+        print("Unlocking page")

    def get_lock(self):
        """

--- a/core/views/__init__.py
+++ b/core/views/__init__.py

 from django.shortcuts import render
 from django.http import HttpResponseForbidden
-from django.core.exceptions import PermissionDenied
+from django.core.exceptions import PermissionDenied, ObjectDoesNotExist
 from django.views.generic.base import View

 from core.models import Group
@@ -31,6 +31,8 @@ class CanEditPropMixin(View):
        # all objects of a class if they are in the right group
        if user.is_superuser or user.groups.filter(name=obj.owner_group.name).exists():
            return res
+        print("Guyuy")
+        self.object.unset_lock()
        raise PermissionDenied
        return HttpResponseForbidden("403, Forbidden")

@@ -43,19 +45,19 @@ class CanEditMixin(CanEditPropMixin):
        # TODO: WIP: fix permissions with exceptions!
        try:
            res = super(CanEditMixin, self).dispatch(request, *arg, **kwargs)
+            return res
        except PermissionDenied:
            pass
-        except:
-            return res
+        res = super(CanEditPropMixin, self).dispatch(request, *arg, **kwargs)
        obj = self.object
        user = self.request.user
        if obj is None:
            return res
        for g in obj.edit_group.all():
            if user.groups.filter(name=g.name).exists():
-                return super(CanEditPropMixin, self).dispatch(request, *arg, **kwargs)
+                return res
        if isinstance(obj, User) and obj == user:
-            return super(CanEditPropMixin, self).dispatch(request, *arg, **kwargs)
+            return res
        raise PermissionDenied
        return HttpResponseForbidden("403, Forbidden")

@@ -67,19 +69,18 @@ class CanViewMixin(CanEditMixin):
    def dispatch(self, request, *arg, **kwargs):
        try:
            res = super(CanViewMixin, self).dispatch(request, *arg, **kwargs)
+            return res
        except PermissionDenied:
            pass
-        except:
-            return res
+        res = super(CanEditPropMixin, self).dispatch(request, *arg, **kwargs)
        obj = self.object
        user = self.request.user
        if obj is None:
            return res
        for g in obj.view_group.all():
            if user.groups.filter(name=g.name).exists():
-                return super(CanEditPropMixin, self).dispatch(request, *arg, **kwargs)
+                return res
        raise PermissionDenied
-        return HttpResponseForbidden("403, Forbidden")

 from .user import *
 from .page import *