spacecruft
/
satnogs-network
1
0
Fork 0
Code Releases Activity

Update the permission model

environments/production/deployments/315
Alfredos-Panagiotis Damkalis 2019-02-24 22:41:35 +02:00
parent 92e4a37858
commit b54dc61901
3 changed files with 59 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
network/base/perms.py
View File

@ -1,24 +1,48 @@
from django.core.exceptions import ObjectDoesNotExist
def schedule_perms(user, station=None):
def schedule_perms(user):
"""
This context flag will determine if user can schedule an observation.
That includes station owners, moderators, admins.
see: https://wiki.satnogs.org/Operation#Network_permissions_matrix
"""
if user.is_authenticated():
if station:
if station.is_offline:
return False
if station.is_testing:
if user.is_superuser:
return True
if station not in user.ground_stations.all():
return False
if user.ground_stations.exists():
# User has online station (status=2)
if user.ground_stations.filter(status=2).exists():
return True
# User has testing station (status=1)
if user.ground_stations.filter(status=1).exists():
return True
# User has special permissions
if user.groups.filter(name='Moderators').exists():
return True
if user.is_superuser:
return True
return False
def schedule_station_perms(user, station):
"""
This context flag will determine if user can schedule an observation.
That includes station owners, moderators, admins.
see: https://wiki.satnogs.org/Operation#Network_permissions_matrix
"""
if user.is_authenticated():
# User has online station (status=2) and station is online
try:
if user.ground_stations.filter(status=2).exists() and station.status == 2:
return True
except (AttributeError, ObjectDoesNotExist):
pass
# If the station is testing (status=1) and user is its owner
try:
if station.status == 1 and station.owner == user:
return True
except (AttributeError, ObjectDoesNotExist):
pass
# User has special permissions
if user.groups.filter(name='Moderators').exists():
return True
if user.is_superuser:
@ -33,23 +57,25 @@ def delete_perms(user, observation):
That includes observer, station owner involved, moderators, admins.
see: https://wiki.satnogs.org/Operation#Network_permissions_matrix
"""
can_delete = False
if user.is_authenticated():
# User owns the observation
try:
if observation.author == user:
can_delete = True
return True
except AttributeError:
pass
# User owns the station
try:
if observation.ground_station.owner == user:
can_delete = True
return True
except (AttributeError, ObjectDoesNotExist):
pass
# User has special permissions
if user.groups.filter(name='Moderators').exists():
can_delete = True
return True
if user.is_superuser:
can_delete = True
return can_delete
return True
return False
def vet_perms(user, observation):
@ -58,20 +84,25 @@ def vet_perms(user, observation):
That includes observer, station owner involved, moderators, admins.
see: https://wiki.satnogs.org/Operation#Network_permissions_matrix
"""
can_vet = False
if user.is_authenticated():
# User has online station (status=2)
if user.ground_stations.filter(status=2).exists():
return True
# User owns the observation
try:
if observation.author == user:
can_vet = True
return True
except AttributeError:
pass
# User owns the station
try:
if observation.ground_station.owner == user:
can_vet = True
return True
except AttributeError:
pass
# User has special permissions
if user.groups.filter(name='Moderators').exists():
can_vet = True
return True
if user.is_superuser:
can_vet = True
return can_vet
return True
return False

4
network/base/scheduling.py
View File

@ -4,7 +4,7 @@ from datetime import timedelta
from django.conf import settings
from django.utils.timezone import now, make_aware, utc
from network.base.models import Satellite, Station, Tle, Transmitter, Observation
from network.base.perms import schedule_perms
from network.base.perms import schedule_station_perms
import ephem
@ -331,7 +331,7 @@ def create_new_observation(station_id,
def get_available_stations(stations, downlink, user):
available_stations = []
for station in stations:
if not schedule_perms(user, station):
if not schedule_station_perms(user, station):
continue
# Skip if this station is not capable of receiving the frequency

8
network/base/views.py
View File

@ -23,7 +23,7 @@ from network.base.forms import StationForm, SatelliteFilterForm
from network.base.decorators import admin_required, ajax_required
from network.base.scheduling import (create_new_observation, ObservationOverlapError,
predict_available_observation_windows, get_available_stations)
from network.base.perms import schedule_perms, delete_perms, vet_perms
from network.base.perms import schedule_perms, schedule_station_perms, delete_perms, vet_perms
from network.base.tasks import update_all_tle, fetch_data
@ -338,9 +338,7 @@ def observation_new_post(request):
@login_required
def observation_new(request):
"""View for new observation"""
me = request.user
can_schedule = schedule_perms(me)
can_schedule = schedule_perms(request.user)
if not can_schedule:
messages.error(request, 'You don\'t have permissions to schedule observations')
return redirect(reverse('base:observations_list'))
@ -585,7 +583,7 @@ def station_view(request, id):
antennas = Antenna.objects.all()
unsupported_frequencies = request.GET.get('unsupported_frequencies', '0')
can_schedule = schedule_perms(request.user, station)
can_schedule = schedule_station_perms(request.user, station)
# Calculate uptime
uptime = '-'