misc cleanup

2026-01-10 15:32:07 -03:30 · 2013-03-22 18:16:40 -04:00 · 2013-03-22 18:16:40 -04:00 · 85897049d9
commit 85897049d9
parent e405c9b746
3 changed files with 8 additions and 7 deletions
--- a/lib/main/base_views.py
+++ b/lib/main/base_views.py
@ -45,14 +45,12 @@ class BaseSubList(BaseList):
  
        if not 'disassociate' in request.DATA:
            if not request.user.is_superuser or not self.__class__.parent_model.can_user_attach(request.user, main, sub, self.__class__.relationship):
-                print "cond1"
                raise PermissionDenied()
            if sub in relationship.all():
                return Response(status=status.HTTP_409_CONFLICT)
            relationship.add(sub)
        else:
            if not request.user.is_superuser and not self.__class__.parent_model.can_user_unattach(request.user, main, sub, self.__class__.relationship):
-                print "cond2"
                raise PermissionDenied()
            relationship.remove(sub)
        return Response(status=status.HTTP_204_NO_CONTENT)
@ -61,7 +59,7 @@ class BaseSubList(BaseList):
 class BaseDetail(generics.RetrieveUpdateDestroyAPIView):

    def pre_save(self, obj):
-       obj.created_by = owner = self.request.user
+        obj.created_by = self.request.user

    def destroy(self, request, *args, **kwargs):
        # somewhat lame that delete has to call it's own permissions check
--- a/lib/main/models/init.py
+++ b/lib/main/models/init.py
@ -33,11 +33,12 @@ class CommonModel(models.Model):

    @classmethod 
    def can_user_administrate(cls, user, obj):
+        # FIXME: do we want a seperate method to override put?  This is kind of general purpose
        raise exceptions.NotImplementedError()

    @classmethod 
    def can_user_delete(cls, user, obj):
-        raise exceptions.NotImplementedError
+        raise exceptions.NotImplementedError()

    @classmethod 
    def can_user_read(cls, user, obj):
@ -45,6 +46,7 @@ class CommonModel(models.Model):

    @classmethod
    def can_user_attach(cls, user, obj, sub_obj, relationship):
+        ''' whether you can add sub_obj to obj using the relationship type in a subobject view '''
        if relationship in [ 'projects', 'admins', 'users' ]:
            if not sub_obj.can_user_read(user, sub_obj):
                return False
@ -108,6 +110,7 @@ class Organization(CommonModel):

    @classmethod 
    def can_user_administrate(cls, user, obj):
+        # FIXME: super user checks should be higher up so we don't have to repeat them
        if user.is_superuser:
            return True
        rc = user in obj.admins.all()
@ -118,7 +121,6 @@ class Organization(CommonModel):
        rc =  cls.can_user_administrate(user,obj) or user in obj.users.all()
        return rc

-
    @classmethod 
    def can_user_delete(cls, user, obj):
        return cls.can_user_administrate(user, obj)
--- a/lib/main/views.py
+++ b/lib/main/views.py
@ -91,10 +91,11 @@ class OrganizationsAdminsList(BaseList):
 class OrganizationsProjectsList(BaseSubList):
    
    model = Project
-    parent_model = Organization
-    relationship = 'projects'
    serializer_class = ProjectSerializer
    permission_classes = (CustomRbac,)
+
+    parent_model = Organization  # for sub list
+    relationship = 'projects'    # " "
    
    # I can see the projects from the organization if:
    #    I'm the superuser