Domů Procházet Nápověda
Přihlásit se
LBP
/
netbox
zrcadlo https://github.com/netbox-community/netbox.git
2
0
Rozštěpit 0
Soubory Úkoly 0 Wiki
Strom: 3b44e7c1c4
Větve Značky
netbox
/
netbox
/
utilities
/
permissions.py

permissions.py 2.3 KB
Historie Surový

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 
  1. from django.conf import settings
    2. 

  2. from django.contrib.contenttypes.models import ContentType
    3. 

  3. 

  4. 

  5. def get_permission_for_model(model, action):
    6. 

  6.     """
    7. 

  7.     Resolve the named permission for a given model (or instance) and action (e.g. view or add).
    8. 

  8. 

  9.     :param model: A model or instance
    10. 

  10.     :param action: View, add, change, or delete (string)
    11. 

  11.     """
    12. 

  12.     if action not in ('view', 'add', 'change', 'delete'):
    13. 

  13.         raise ValueError(f"Unsupported action: {action}")
    14. 

  14. 

  15.     return '{}.{}_{}'.format(
    16. 

  16.         model._meta.app_label,
    17. 

  17.         action,
    18. 

  18.         model._meta.model_name
    19. 

  19.     )
    20. 

  20. 

  21. 

  22. def resolve_permission(name):
    23. 

  23.     """
    24. 

  24.     Given a permission name, return the app_label, action, and model_name components. For example, "dcim.view_site"
    25. 

  25.     returns ("dcim", "view", "site").
    26. 

  26. 

  27.     :param name: Permission name in the format <app_label>.<action>_<model>
    28. 

  28.     """
    29. 

  29.     try:
    30. 

  30.         app_label, codename = name.split('.')
    31. 

  31.         action, model_name = codename.rsplit('_', 1)
    32. 

  32.     except ValueError:
    33. 

  33.         raise ValueError(
    34. 

  34.             f"Invalid permission name: {name}. Must be in the format <app_label>.<action>_<model>"
    35. 

  35.         )
    36. 

  36. 

  37.     return app_label, action, model_name
    38. 

  38. 

  39. 

  40. def resolve_permission_ct(name):
    41. 

  41.     """
    42. 

  42.     Given a permission name, return the relevant ContentType and action. For example, "dcim.view_site" returns
    43. 

  43.     (Site, "view").
    44. 

  44. 

  45.     :param name: Permission name in the format <app_label>.<action>_<model>
    46. 

  46.     """
    47. 

  47.     app_label, action, model_name = resolve_permission(name)
    48. 

  48.     try:
    49. 

  49.         content_type = ContentType.objects.get(app_label=app_label, model=model_name)
    50. 

  50.     except ContentType.DoesNotExist:
    51. 

  51.         raise ValueError(f"Unknown app_label/model_name for {name}")
    52. 

  52. 

  53.     return content_type, action
    54. 

  54. 

  55. 

  56. def permission_is_exempt(name):
    57. 

  57.     """
    58. 

  58.     Determine whether a specified permission is exempt from evaluation.
    59. 

  59. 

  60.     :param name: Permission name in the format <app_label>.<action>_<model>
    61. 

  61.     """
    62. 

  62.     app_label, action, model_name = resolve_permission(name)
    63. 

  63. 

  64.     if action == 'view':
    65. 

  65.         if (
    66. 

  66.             # All models are exempt from view permission enforcement
    67. 

  67.             '*' in settings.EXEMPT_VIEW_PERMISSIONS
    68. 

  68.         ) or (
    69. 

  69.             # This specific model is exempt from view permission enforcement
    70. 

  70.             '{}.{}'.format(app_label, model_name) in settings.EXEMPT_VIEW_PERMISSIONS
    71. 

  71.         ):
    72. 

  72.             return True
    73. 

  73. 

  74.     return False
    75.