From 8536ef9e2338711f9c8c43719de9c7886650e4ae Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Wed, 10 Apr 2019 18:46:33 +0200 Subject: [PATCH] Add guardian for Application permissions --- .../migrations/0022_remove_user_applications.py | 17 +++++++++++++++++ passbook/core/models.py | 1 - passbook/core/requirements.txt | 1 + passbook/core/settings.py | 5 ++++- passbook/core/views/overview.py | 6 +++--- 5 files changed, 25 insertions(+), 5 deletions(-) create mode 100644 passbook/core/migrations/0022_remove_user_applications.py diff --git a/passbook/core/migrations/0022_remove_user_applications.py b/passbook/core/migrations/0022_remove_user_applications.py new file mode 100644 index 000000000..d984f461c --- /dev/null +++ b/passbook/core/migrations/0022_remove_user_applications.py @@ -0,0 +1,17 @@ +# Generated by Django 2.2 on 2019-04-09 16:13 + +from django.db import migrations + + +class Migration(migrations.Migration): + + dependencies = [ + ('passbook_core', '0021_policy_timeout'), + ] + + operations = [ + migrations.RemoveField( + model_name='user', + name='applications', + ), + ] diff --git a/passbook/core/models.py b/passbook/core/models.py index cc4642ebb..04140a167 100644 --- a/passbook/core/models.py +++ b/passbook/core/models.py @@ -47,7 +47,6 @@ class User(AbstractUser): name = models.TextField() sources = models.ManyToManyField('Source', through='UserSourceConnection') - applications = models.ManyToManyField('Application') groups = models.ManyToManyField('Group') password_change_date = models.DateTimeField(auto_now_add=True) diff --git a/passbook/core/requirements.txt b/passbook/core/requirements.txt index fd80ba3f1..3a37ce628 100644 --- a/passbook/core/requirements.txt +++ b/passbook/core/requirements.txt @@ -1,6 +1,7 @@ celery cherrypy colorlog +django-guardian django-ipware django-model-utils django-redis diff --git a/passbook/core/settings.py b/passbook/core/settings.py index 421d9c122..63f9c2f72 100644 --- a/passbook/core/settings.py +++ b/passbook/core/settings.py @@ -58,7 +58,8 @@ SESSION_CACHE_ALIAS = "default" LANGUAGE_COOKIE_NAME = 'passbook_language' AUTHENTICATION_BACKENDS = [ - 'django.contrib.auth.backends.ModelBackend' + 'django.contrib.auth.backends.ModelBackend', + 'guardian.backends.ObjectPermissionBackend', ] # Application definition @@ -73,6 +74,8 @@ INSTALLED_APPS = [ 'django.contrib.postgres', 'rest_framework', 'drf_yasg', + 'guardian', + 'raven.contrib.django.raven_compat', 'passbook.core.apps.PassbookCoreConfig', 'passbook.admin.apps.PassbookAdminConfig', 'passbook.api.apps.PassbookAPIConfig', diff --git a/passbook/core/views/overview.py b/passbook/core/views/overview.py index 07b55ace8..b641bcde9 100644 --- a/passbook/core/views/overview.py +++ b/passbook/core/views/overview.py @@ -2,6 +2,7 @@ from django.contrib.auth.mixins import LoginRequiredMixin from django.views.generic import TemplateView +from guardian.shortcuts import get_objects_for_user from passbook.core.models import Application @@ -13,7 +14,6 @@ class OverviewView(LoginRequiredMixin, TemplateView): template_name = 'overview/index.html' def get_context_data(self, **kwargs): - kwargs['applications'] = self.request.user.applications.all() - if self.request.user.is_superuser: - kwargs['applications'] = Application.objects.all() + kwargs['applications'] = get_objects_for_user(self.request.user, + 'passbook_core.view_application') return super().get_context_data(**kwargs)