Commit 9b3bc1d0 authored by klafyvel's avatar klafyvel
Browse files

ACL for applications.

parent 225731b2
...@@ -33,7 +33,7 @@ from django.utils.translation import ugettext as _ ...@@ -33,7 +33,7 @@ from django.utils.translation import ugettext as _
def _create_api_permission(): def _create_api_permission():
"""Creates the 'use_api' permission if not created. """Creates the 'use_api' permission if not created.
The 'use_api' is a fake permission in the sense it is not associated with an The 'use_api' is a fake permission in the sense it is not associated with an
existing model and this ensure the permission is created every time this file existing model and this ensure the permission is created every time this file
is imported. is imported.
...@@ -70,6 +70,7 @@ def can_view(user): ...@@ -70,6 +70,7 @@ def can_view(user):
'app_label': settings.API_CONTENT_TYPE_APP_LABEL, 'app_label': settings.API_CONTENT_TYPE_APP_LABEL,
'codename': settings.API_PERMISSION_CODENAME 'codename': settings.API_PERMISSION_CODENAME
} }
can = user.has_perm('%(app_label)s.%(codename)s' % kwargs) permission = '%(app_label)s.%(codename)s' % kwargs
can = user.has_perm(permission)
return can, None if can else _("You don't have the right to see this" return can, None if can else _("You don't have the right to see this"
" application.") " application."), (permission,)
...@@ -40,7 +40,11 @@ def can_view(user): ...@@ -40,7 +40,11 @@ def can_view(user):
""" """
can = user.has_module_perms('cotisations') can = user.has_module_perms('cotisations')
if can: if can:
return can, None return can, None, ('cotisations',)
else: else:
return can, _("You don't have the right to view this application.") return (
can,
_("You don't have the right to view this application."),
('cotisations',)
)
...@@ -39,5 +39,10 @@ def can_view(user): ...@@ -39,5 +39,10 @@ def can_view(user):
viewing is granted and msg is a message (can be None). viewing is granted and msg is a message (can be None).
""" """
can = user.has_module_perms('machines') can = user.has_module_perms('machines')
return can, None if can else _("You don't have the right to view this" return (
" application.") can,
None if can else _("You don't have the right to view this"
" application."),
('machines',)
)
...@@ -39,6 +39,10 @@ def can_view(user): ...@@ -39,6 +39,10 @@ def can_view(user):
viewing is granted and msg is a message (can be None). viewing is granted and msg is a message (can be None).
""" """
can = user.has_module_perms('preferences') can = user.has_module_perms('preferences')
return can, None if can else _("You don't have the right to view this" return (
" application.") can,
None if can else _("You don't have the right to view this"
" application."),
('preferences',)
)
...@@ -39,6 +39,10 @@ def can_view(user): ...@@ -39,6 +39,10 @@ def can_view(user):
viewing is granted and msg is a message (can be None). viewing is granted and msg is a message (can be None).
""" """
can = user.has_module_perms('topologie') can = user.has_module_perms('topologie')
return can, None if can else _("You don't have the right to view this" return (
" application.") can,
None if can else _("You don't have the right to view this"
" application."),
('topologie',)
)
...@@ -38,6 +38,10 @@ def can_view(user): ...@@ -38,6 +38,10 @@ def can_view(user):
viewing is granted and msg is a message (can be None). viewing is granted and msg is a message (can be None).
""" """
can = user.has_module_perms('users') can = user.has_module_perms('users')
return can, None if can else _("You don't have the right to view this" return (
" application.") can,
None if can else _("You don't have the right to view this"
" application."),
('users',)
)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment