More view->model cleanup

lib/main/base_views.py

@@ -44,7 +44,7 @@ class BaseDetail(generics.RetrieveUpdateDestroyAPIView):
         return HttpResponse(status=204)
 
     def delete_permissions_check(self, request, obj):
-        raise exceptions.NotImplementedError()
+        return self.__class__.model.can_user_delete(request.user, obj)
 
     def item_permissions_check(self, request, obj):
 

lib/main/models/__init__.py

@@ -31,12 +31,15 @@ class CommonModel(models.Model):
     def __unicode__(self):
         return unicode(self.name)
 
+    @classmethod 
     def can_user_administrate(cls, user):
         raise exceptions.NotImplementedError()
 
+    @classmethod 
     def can_user_delete(cls, user, obj):
         raise exceptions.NotImplementedError
 
+    @classmethod 
     def can_user_access(cls, user, obj):
         raise exceptions.NotImplementedError()
 
@@ -88,18 +91,21 @@ class Organization(CommonModel):
         import lib.urls
         return reverse(lib.urls.views_OrganizationsDetail, args=(self.pk,))
 
+    @classmethod 
     def can_user_delete(cls, user, obj):
         return user in obj.admins.all()
 
+    @classmethod 
     def can_user_administrate(cls, user, obj):
-        return request.user in obj.admins.all()
+        return user in obj.admins.all()
 
+    @classmethod 
     def can_user_access(cls, user, obj):
-        return self.can_user_administrate(user,obj) or request.user in obj.users.all()
+        return cls.can_user_administrate(user,obj) or request.user in obj.users.all()
 
+    @classmethod 
     def can_user_delete(cls, user, obj):
-        return self.can_user_administrate(user, obj)
+        return cls.can_user_administrate(user, obj)
-
 
 class Inventory(CommonModel):
     ''' 
@@ -197,8 +203,9 @@ class Project(CommonModel):
         import lib.urls
         return reverse(lib.urls.views_ProjectsDetail, args=(self.pk,))
 
-    def can_user_administrate(self, user):
+    @classmethod 
-        organizations = Organization.filter(admins__in = [ user ])
+    def can_user_administrate(cls, user, obj):
+        organizations = Organization.filter(admins__in = [ user ], projects__in = [ obj ])
         organizations = self.organizations()
         for org in organizations:
             if org in project.organizations():

lib/main/views.py

@@ -51,10 +51,6 @@ class OrganizationsDetail(BaseDetail):
             return is_admin
         return False
 
-    def delete_permissions_check(self, request, obj):
-        
-        return request.user in obj.admins.all() 
-
 class OrganizationsAuditTrailList(BaseList):
 
     model = AuditTrail
@@ -174,24 +170,20 @@ class ProjectsDetail(BaseDetail):
     serializer_class = ProjectSerializer
     permission_classes = (CustomRbac,)
 
-    def item_permissions_check(self, request, obj):
+#    #def item_permissions_check(self, request, obj):
+#
+#        # to get, must be in a team assigned to this project
+#        # or be an org admin of an org this project is in
+#
+#        raise exceptions.NotImplementedError()
+#
+#        #is_admin = request.user in obj.admins.all()
+#        #is_user  = request.user in obj.users.all()
+#        #
+#        #if request.method == 'GET':
+#        #    return is_admin or is_user
+#        #elif request.method in [ 'PUT' ]:
+#        #    return is_admin
+#        #return False
 
-        # to get, must be in a team assigned to this project
-        # or be an org admin of an org this project is in
-
-        raise exceptions.NotImplementedError()
-
-        #is_admin = request.user in obj.admins.all()
-        #is_user  = request.user in obj.users.all()
-        #
-        #if request.method == 'GET':
-        #    return is_admin or is_user
-        #elif request.method in [ 'PUT' ]:
-        #    return is_admin
-        #return False
-
-    def delete_permissions_check(self, request, obj):
-        # FIXME: logic TBD
-        raise exceptions.NotImplementedError()
-        #return request.user in obj.admins.all()