remove django guardian and check application access via PolicyEngine
This commit is contained in:
parent
22a6aef60b
commit
f576985cc9
|
@ -1,6 +1,5 @@
|
|||
celery
|
||||
colorlog
|
||||
django-guardian
|
||||
django-ipware
|
||||
django-model-utils
|
||||
django-redis
|
||||
|
@ -13,3 +12,4 @@ PyYAML
|
|||
sentry-sdk
|
||||
pip
|
||||
whitenoise
|
||||
urllib3<1.25,>=1.21.1
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
|
||||
from django.contrib.auth.mixins import LoginRequiredMixin
|
||||
from django.views.generic import TemplateView
|
||||
from guardian.shortcuts import get_objects_for_user
|
||||
from passbook.core.models import Application
|
||||
from passbook.core.policies import PolicyEngine
|
||||
|
||||
|
||||
class OverviewView(LoginRequiredMixin, TemplateView):
|
||||
|
@ -12,6 +13,11 @@ class OverviewView(LoginRequiredMixin, TemplateView):
|
|||
template_name = 'overview/index.html'
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
kwargs['applications'] = get_objects_for_user(self.request.user,
|
||||
'passbook_core.view_application')
|
||||
kwargs['applications'] = []
|
||||
for application in Application.objects.all():
|
||||
engine = PolicyEngine(application.policies.all())
|
||||
engine.for_user(self.request.user).with_request(self.request)
|
||||
engine.build()
|
||||
if engine.passing:
|
||||
kwargs['applications'].append(application)
|
||||
return super().get_context_data(**kwargs)
|
||||
|
|
Reference in New Issue