Home Explore Help
Sign In
221V
/
Misago
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: f23e09c835
Branches Tags
Misago
/
misago
/
threads
/
permissions
/
attachments.py

attachments.py 2.0 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576 
  1. from django.utils.translation import ugettext_lazy as _
    2. 

  2. 

  3. from misago.acl import algebra
    4. 

  4. from misago.acl.models import Role
    5. 

  5. from misago.core import forms
    6. 

  6. 

  7. from ..models import Attachment
    8. 

  8. 

  9. 

  10. """
    11. 

  11. Admin Permissions Form
    12. 

  12. """
    13. 

  13. class PermissionsForm(forms.Form):
    14. 

  14.     legend = _("Attachments")
    15. 

  15. 

  16.     max_attachment_size = forms.IntegerField(
    17. 

  17.         label=_("Max attached file size (in kb)"),
    18. 

  18.         help_text=_("Enter 0 to don't allow uploading end deleting attachments."),
    19. 

  19.         initial=500,
    20. 

  20.         min_value=0
    21. 

  21.     )
    22. 

  22. 

  23.     can_download_other_users_attachments = forms.YesNoSwitch(label=_("Can download other users attachments"))
    24. 

  24.     can_delete_other_users_attachments = forms.YesNoSwitch(label=_("Can delete other users attachments"))
    25. 

  25. 

  26. 

  27. class AnonymousPermissionsForm(forms.Form):
    28. 

  28.     legend = _("Attachments")
    29. 

  29. 

  30.     can_download_other_users_attachments = forms.YesNoSwitch(label=_("Can download attachments"))
    31. 

  31. 

  32. 

  33. def change_permissions_form(role):
    34. 

  34.     if isinstance(role, Role):
    35. 

  35.         if role.special_role != 'anonymous':
    36. 

  36.             return PermissionsForm
    37. 

  37.         else:
    38. 

  38.             return AnonymousPermissionsForm
    39. 

  39.     else:
    40. 

  40.         return None
    41. 

  41. 

  42. 

  43. """
    44. 

  44. ACL Builder
    45. 

  45. """
    46. 

  46. def build_acl(acl, roles, key_name):
    47. 

  47.     new_acl = {
    48. 

  48.         'max_attachment_size': 0,
    49. 

  49.         'can_download_other_users_attachments': False,
    50. 

  50.         'can_delete_other_users_attachments': False,
    51. 

  51.     }
    52. 

  52.     new_acl.update(acl)
    53. 

  53. 

  54.     return algebra.sum_acls(new_acl, roles=roles, key=key_name,
    55. 

  55.         max_attachment_size=algebra.greater,
    56. 

  56.         can_download_other_users_attachments=algebra.greater,
    57. 

  57.         can_delete_other_users_attachments=algebra.greater
    58. 

  58.     )
    59. 

  59. 

  60. 

  61. """
    62. 

  62. ACL's for targets
    63. 

  63. """
    64. 

  64. def add_acl_to_attachment(user, attachment):
    65. 

  65.     if user.is_authenticated() and user.id == attachment.uploader_id:
    66. 

  66.         attachment.acl.update({
    67. 

  67.             'can_delete': True,
    68. 

  68.         })
    69. 

  69.     else:
    70. 

  70.         attachment.acl.update({
    71. 

  71.             'can_delete': user.is_authenticated() and user.acl['can_delete_other_users_attachments'],
    72. 

  72.         })
    73. 

  73. 

  74. 

  75. def register_with(registry):
    76. 

  76.     registry.acl_annotator(Attachment, add_acl_to_attachment)
    77.