Update the permission model
parent
92e4a37858
commit
b54dc61901
|
@ -1,24 +1,48 @@
|
|||
from django.core.exceptions import ObjectDoesNotExist
|
||||
|
||||
|
||||
def schedule_perms(user, station=None):
|
||||
def schedule_perms(user):
|
||||
"""
|
||||
This context flag will determine if user can schedule an observation.
|
||||
That includes station owners, moderators, admins.
|
||||
see: https://wiki.satnogs.org/Operation#Network_permissions_matrix
|
||||
"""
|
||||
if user.is_authenticated():
|
||||
if station:
|
||||
if station.is_offline:
|
||||
return False
|
||||
if station.is_testing:
|
||||
if user.is_superuser:
|
||||
return True
|
||||
if station not in user.ground_stations.all():
|
||||
return False
|
||||
|
||||
if user.ground_stations.exists():
|
||||
# User has online station (status=2)
|
||||
if user.ground_stations.filter(status=2).exists():
|
||||
return True
|
||||
# User has testing station (status=1)
|
||||
if user.ground_stations.filter(status=1).exists():
|
||||
return True
|
||||
# User has special permissions
|
||||
if user.groups.filter(name='Moderators').exists():
|
||||
return True
|
||||
if user.is_superuser:
|
||||
return True
|
||||
|
||||
return False
|
||||
|
||||
|
||||
def schedule_station_perms(user, station):
|
||||
"""
|
||||
This context flag will determine if user can schedule an observation.
|
||||
That includes station owners, moderators, admins.
|
||||
see: https://wiki.satnogs.org/Operation#Network_permissions_matrix
|
||||
"""
|
||||
if user.is_authenticated():
|
||||
# User has online station (status=2) and station is online
|
||||
try:
|
||||
if user.ground_stations.filter(status=2).exists() and station.status == 2:
|
||||
return True
|
||||
except (AttributeError, ObjectDoesNotExist):
|
||||
pass
|
||||
# If the station is testing (status=1) and user is its owner
|
||||
try:
|
||||
if station.status == 1 and station.owner == user:
|
||||
return True
|
||||
except (AttributeError, ObjectDoesNotExist):
|
||||
pass
|
||||
# User has special permissions
|
||||
if user.groups.filter(name='Moderators').exists():
|
||||
return True
|
||||
if user.is_superuser:
|
||||
|
@ -33,23 +57,25 @@ def delete_perms(user, observation):
|
|||
That includes observer, station owner involved, moderators, admins.
|
||||
see: https://wiki.satnogs.org/Operation#Network_permissions_matrix
|
||||
"""
|
||||
can_delete = False
|
||||
if user.is_authenticated():
|
||||
# User owns the observation
|
||||
try:
|
||||
if observation.author == user:
|
||||
can_delete = True
|
||||
return True
|
||||
except AttributeError:
|
||||
pass
|
||||
# User owns the station
|
||||
try:
|
||||
if observation.ground_station.owner == user:
|
||||
can_delete = True
|
||||
return True
|
||||
except (AttributeError, ObjectDoesNotExist):
|
||||
pass
|
||||
# User has special permissions
|
||||
if user.groups.filter(name='Moderators').exists():
|
||||
can_delete = True
|
||||
return True
|
||||
if user.is_superuser:
|
||||
can_delete = True
|
||||
return can_delete
|
||||
return True
|
||||
return False
|
||||
|
||||
|
||||
def vet_perms(user, observation):
|
||||
|
@ -58,20 +84,25 @@ def vet_perms(user, observation):
|
|||
That includes observer, station owner involved, moderators, admins.
|
||||
see: https://wiki.satnogs.org/Operation#Network_permissions_matrix
|
||||
"""
|
||||
can_vet = False
|
||||
if user.is_authenticated():
|
||||
# User has online station (status=2)
|
||||
if user.ground_stations.filter(status=2).exists():
|
||||
return True
|
||||
# User owns the observation
|
||||
try:
|
||||
if observation.author == user:
|
||||
can_vet = True
|
||||
return True
|
||||
except AttributeError:
|
||||
pass
|
||||
# User owns the station
|
||||
try:
|
||||
if observation.ground_station.owner == user:
|
||||
can_vet = True
|
||||
return True
|
||||
except AttributeError:
|
||||
pass
|
||||
# User has special permissions
|
||||
if user.groups.filter(name='Moderators').exists():
|
||||
can_vet = True
|
||||
return True
|
||||
if user.is_superuser:
|
||||
can_vet = True
|
||||
return can_vet
|
||||
return True
|
||||
return False
|
||||
|
|
|
@ -4,7 +4,7 @@ from datetime import timedelta
|
|||
from django.conf import settings
|
||||
from django.utils.timezone import now, make_aware, utc
|
||||
from network.base.models import Satellite, Station, Tle, Transmitter, Observation
|
||||
from network.base.perms import schedule_perms
|
||||
from network.base.perms import schedule_station_perms
|
||||
|
||||
import ephem
|
||||
|
||||
|
@ -331,7 +331,7 @@ def create_new_observation(station_id,
|
|||
def get_available_stations(stations, downlink, user):
|
||||
available_stations = []
|
||||
for station in stations:
|
||||
if not schedule_perms(user, station):
|
||||
if not schedule_station_perms(user, station):
|
||||
continue
|
||||
|
||||
# Skip if this station is not capable of receiving the frequency
|
||||
|
|
|
@ -23,7 +23,7 @@ from network.base.forms import StationForm, SatelliteFilterForm
|
|||
from network.base.decorators import admin_required, ajax_required
|
||||
from network.base.scheduling import (create_new_observation, ObservationOverlapError,
|
||||
predict_available_observation_windows, get_available_stations)
|
||||
from network.base.perms import schedule_perms, delete_perms, vet_perms
|
||||
from network.base.perms import schedule_perms, schedule_station_perms, delete_perms, vet_perms
|
||||
from network.base.tasks import update_all_tle, fetch_data
|
||||
|
||||
|
||||
|
@ -338,9 +338,7 @@ def observation_new_post(request):
|
|||
@login_required
|
||||
def observation_new(request):
|
||||
"""View for new observation"""
|
||||
me = request.user
|
||||
|
||||
can_schedule = schedule_perms(me)
|
||||
can_schedule = schedule_perms(request.user)
|
||||
if not can_schedule:
|
||||
messages.error(request, 'You don\'t have permissions to schedule observations')
|
||||
return redirect(reverse('base:observations_list'))
|
||||
|
@ -585,7 +583,7 @@ def station_view(request, id):
|
|||
antennas = Antenna.objects.all()
|
||||
unsupported_frequencies = request.GET.get('unsupported_frequencies', '0')
|
||||
|
||||
can_schedule = schedule_perms(request.user, station)
|
||||
can_schedule = schedule_station_perms(request.user, station)
|
||||
|
||||
# Calculate uptime
|
||||
uptime = '-'
|
||||
|
|
Loading…
Reference in New Issue