Home Explore Help
Sign In
221V
/
Misago
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 0f2c443f6f
Branches Tags
Misago
/
misago
/
threads
/
permissions
/
attachments.py

attachments.py 2.1 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576 
  1. from django import forms
    2. 

  2. from django.utils.translation import ugettext_lazy as _
    3. 

  3. 

  4. from misago.acl import algebra
    5. 

  5. from misago.acl.models import Role
    6. 

  6. from misago.core.forms import YesNoSwitch
    7. 

  7. from misago.threads.models import Attachment
    8. 

  8. 

  9. 

  10. """
    11. 

  11. Admin Permissions Form
    12. 

  12. """
    13. 

  13. class PermissionsForm(forms.Form):
    14. 

  14.     legend = _("Attachments")
    15. 

  15. 

  16.     max_attachment_size = forms.IntegerField(
    17. 

  17.         label=_("Max attached file size (in kb)"),
    18. 

  18.         help_text=_("Enter 0 to don't allow uploading end deleting attachments."),
    19. 

  19.         initial=500,
    20. 

  20.         min_value=0
    21. 

  21.     )
    22. 

  22. 

  23.     can_download_other_users_attachments = YesNoSwitch(label=_("Can download other users attachments"))
    24. 

  24.     can_delete_other_users_attachments = YesNoSwitch(label=_("Can delete other users attachments"))
    25. 

  25. 

  26. 

  27. class AnonymousPermissionsForm(forms.Form):
    28. 

  28.     legend = _("Attachments")
    29. 

  29. 

  30.     can_download_other_users_attachments = YesNoSwitch(label=_("Can download attachments"))
    31. 

  31. 

  32. 

  33. def change_permissions_form(role):
    34. 

  34.     if isinstance(role, Role):
    35. 

  35.         if role.special_role != 'anonymous':
    36. 

  36.             return PermissionsForm
    37. 

  37.         else:
    38. 

  38.             return AnonymousPermissionsForm
    39. 

  39.     else:
    40. 

  40.         return None
    41. 

  41. 

  42. 

  43. """
    44. 

  44. ACL Builder
    45. 

  45. """
    46. 

  46. def build_acl(acl, roles, key_name):
    47. 

  47.     new_acl = {
    48. 

  48.         'max_attachment_size': 0,
    49. 

  49.         'can_download_other_users_attachments': False,
    50. 

  50.         'can_delete_other_users_attachments': False,
    51. 

  51.     }
    52. 

  52.     new_acl.update(acl)
    53. 

  53. 

  54.     return algebra.sum_acls(new_acl, roles=roles, key=key_name,
    55. 

  55.         max_attachment_size=algebra.greater,
    56. 

  56.         can_download_other_users_attachments=algebra.greater,
    57. 

  57.         can_delete_other_users_attachments=algebra.greater
    58. 

  58.     )
    59. 

  59. 

  60. 

  61. """
    62. 

  62. ACL's for targets
    63. 

  63. """
    64. 

  64. def add_acl_to_attachment(user, attachment):
    65. 

  65.     if user.is_authenticated and user.id == attachment.uploader_id:
    66. 

  66.         attachment.acl.update({
    67. 

  67.             'can_delete': True,
    68. 

  68.         })
    69. 

  69.     else:
    70. 

  70.         attachment.acl.update({
    71. 

  71.             'can_delete': user.is_authenticated and user.acl['can_delete_other_users_attachments'],
    72. 

  72.         })
    73. 

  73. 

  74. 

  75. def register_with(registry):
    76. 

  76.     registry.acl_annotator(Attachment, add_acl_to_attachment)
    77.