mpeltriaux
f122778232
* refactors team views * split views.py into users.py and teams.py in users app * refactors method headers for _user_has_permission() * adds method and class comments and documentation to base view classes
82 lines
2.6 KiB
Python
82 lines
2.6 KiB
Python
"""
|
|
Author: Michel Peltriaux
|
|
Organization: Struktur- und Genehmigungsdirektion Nord, Rhineland-Palatinate, Germany
|
|
Contact: ksp-servicestelle@sgdnord.rlp.de
|
|
Created on: 22.08.22
|
|
|
|
"""
|
|
from django.contrib import messages
|
|
from django.contrib.auth.mixins import LoginRequiredMixin
|
|
from django.shortcuts import get_object_or_404, redirect
|
|
from django.utils.translation import gettext_lazy as _
|
|
|
|
from intervention.forms.modals.share import ShareModalForm
|
|
from konova.utils.message_templates import DATA_SHARE_SET
|
|
from konova.views.base import BaseView, BaseModalFormView
|
|
|
|
|
|
class AbstractShareByTokenView(LoginRequiredMixin, BaseView):
|
|
_MODEL_CLS = None
|
|
_REDIRECT_URL = None
|
|
|
|
class Meta:
|
|
abstract = True
|
|
|
|
def get(self, request, id: str, token: str):
|
|
""" Performs sharing of an entry
|
|
|
|
If token given in url is not valid, the user will be redirected to the dashboard
|
|
|
|
Args:
|
|
request (HttpRequest): The incoming request
|
|
id (str): Object's id
|
|
token (str): Access token for object
|
|
|
|
Returns:
|
|
|
|
"""
|
|
user = request.user
|
|
obj = get_object_or_404(self._MODEL_CLS, id=id)
|
|
# Check tokens
|
|
if obj.access_token == token:
|
|
# Send different messages in case user has already been added to list of sharing users
|
|
if obj.is_shared_with(user):
|
|
messages.info(
|
|
request,
|
|
_("{} has already been shared with you").format(obj.identifier)
|
|
)
|
|
else:
|
|
messages.success(
|
|
request,
|
|
_("{} has been shared with you").format(obj.identifier)
|
|
)
|
|
obj.share_with_user(user)
|
|
return redirect(self._REDIRECT_URL, id=id)
|
|
else:
|
|
messages.error(
|
|
request,
|
|
_("Share link invalid"),
|
|
extra_tags="danger",
|
|
)
|
|
return redirect("home")
|
|
|
|
def _user_has_permission(self, user, **kwargs):
|
|
# No permissions are needed to get shared access via token
|
|
return True
|
|
|
|
def _user_has_shared_access(self, user, **kwargs):
|
|
# The user does not need to have shared access to call the endpoint which gives them shared access
|
|
return True
|
|
|
|
|
|
class AbstractShareFormView(LoginRequiredMixin, BaseModalFormView):
|
|
_MODEL_CLS = None
|
|
_FORM_CLS = ShareModalForm
|
|
_MSG_SUCCESS = DATA_SHARE_SET
|
|
|
|
class Meta:
|
|
abstract = True
|
|
|
|
def _user_has_permission(self, user, **kwargs):
|
|
return user.is_default_user()
|