django-admin2/djadmin2/viewmixins.py

import os

from django.contrib.auth.views import redirect_to_login
from django.core.exceptions import PermissionDenied
from django.forms.models import modelform_factory
from django.http import HttpResponseRedirect
from django.urls import reverse, reverse_lazy
from django.utils.encoding import force_str
from django.utils.text import get_text_list
from django.utils.translation import ugettext as _

# braces 1.3 views exported AccessMixin
# in braces 1.4 this was moved views._access and not exported in views
# not sure if this was the intent of braces or an oversight
# if intent - should look at AccessMixin vs. using a more specific mixin
try:
    from braces.views import AccessMixin
except ImportError:
    from braces.views._access import AccessMixin

from . import settings, permissions
from .utils import admin2_urlname, model_options


class PermissionMixin(AccessMixin):
    do_not_call_in_templates = True
    permission_classes = (permissions.IsStaffPermission,)
    login_url = reverse_lazy('admin2:dashboard')

    def __init__(self, **kwargs):
        self.permissions = [
            permission_class()
            for permission_class in self.permission_classes]
        super(PermissionMixin, self).__init__(**kwargs)

    def has_permission(self, obj=None):
        '''
        Return ``True`` if the permission for this view shall be granted,
        ``False`` otherwise. Supports object-level permission by passing the
        related object as first argument.
        '''
        for permission in self.permissions:
            if not permission.has_permission(self.request, self, obj):
                return False
        return True

    def dispatch(self, request, *args, **kwargs):
        # Raise exception or redirect to login if user doesn't have
        # permissions.
        if not self.has_permission():
            if self.raise_exception:
                raise PermissionDenied  # return a forbidden response
            else:
                return redirect_to_login(
                    request.get_full_path(),
                    self.get_login_url(),
                    self.get_redirect_field_name())
        return super(PermissionMixin, self).dispatch(request, *args, **kwargs)

    def get_context_data(self, **kwargs):
        context = super(PermissionMixin, self).get_context_data(**kwargs)
        permission_checker = permissions.TemplatePermissionChecker(
            self.request, self.model_admin)
        context.update({
            'permissions': permission_checker,
        })
        return context


class Admin2Mixin(PermissionMixin):
    # are set in the ModelAdmin2 class when creating the view via
    # .as_view(...)
    model_admin = None
    model_name = None
    app_label = None
    login_view = None

    index_path = reverse_lazy('admin2:dashboard')

    def get_template_names(self):
        return [os.path.join(
            settings.ADMIN2_THEME_DIRECTORY, self.default_template_name)]

    def get_templates(self):
        return os.path.join(settings.ADMIN2_THEME_DIRECTORY, self.default_template_name)

    def get_model(self):
        return self.model

    def get_queryset(self):
        return self.get_model()._default_manager.all()

    def get_form_class(self):
        if self.form_class is not None:
            return self.form_class
        return modelform_factory(self.get_model())

    def is_user(self, request):
        return hasattr(request, 'user') and not (request.user.is_active and
                                                 request.user.is_staff)

    def dispatch(self, request, *args, **kwargs):

        if self.is_user(request):
            if request.path == reverse('admin2:logout'):
                return HttpResponseRedirect(self.index_path)

            if request.path == self.index_path:
                extra = {
                    'next': request.GET.get('next', self.index_path)
                }
                return self.login_view().dispatch(request, extra_context=extra, *args, **kwargs)

        return super(Admin2Mixin, self).dispatch(request, *args, **kwargs)


class Admin2ModelMixin(Admin2Mixin):
    model_admin = None

    def get_context_data(self, **kwargs):
        context = super(Admin2ModelMixin, self).get_context_data(**kwargs)
        model = self.get_model()
        model_meta = model_options(model)
        app_verbose_names = self.model_admin.admin.app_verbose_names
        context.update({
            'app_label': model_meta.app_label,
            'app_verbose_name': app_verbose_names.get(model_meta.app_label),
            'model_name': model_meta.verbose_name,
            'model_name_pluralized': model_meta.verbose_name_plural
        })
        return context

    def get_model(self):
        return self.model

    def get_queryset(self):
        return self.get_model()._default_manager.all()

    def get_form_class(self):
        if self.form_class is not None:
            return self.form_class
        return modelform_factory(self.get_model(), fields='__all__')


class Admin2ModelFormMixin(object):
    def get_success_url(self):
        if '_continue' in self.request.POST:
            view_name = admin2_urlname(self, 'update')
            return reverse(view_name, kwargs={'pk': self.object.pk})

        if '_addanother' in self.request.POST:
            return reverse(admin2_urlname(self, 'create'))

        # default to index view
        return reverse(admin2_urlname(self, 'index'))

    def construct_change_message(self, request, form, formsets):
        """ Construct a change message from a changed object """
        change_message = []
        if form.changed_data:
            change_message.append(
                _('Changed {0}.'.format(
                    get_text_list(form.changed_data, _('and')))))

        if formsets:
            for formset in formsets:
                for added_object in formset.new_objects:
                    change_message.append(
                        _('Added {0} "{1}".'.format(
                            force_str(added_object._meta.verbose_name),
                            force_str(added_object))))
                for changed_object, changed_fields in formset.changed_objects:
                    change_message.append(
                        _('Changed {0} for {1} "{2}".'.format(
                            get_text_list(changed_fields, _('and')),
                            force_str(changed_object._meta.verbose_name),
                            force_str(changed_object))))
                for deleted_object in formset.deleted_objects:
                    change_message.append(
                        _('Deleted {0} "{1}".'.format(
                            force_str(deleted_object._meta.verbose_name),
                            force_str(deleted_object))))

        change_message = ' '.join(change_message)
        return change_message or _('No fields changed.')
Move mixins to their own directory so the apiviews aren't directly importing from views 2013-05-22 16:40:53 +00:00			`import os`

			`from django.contrib.auth.views import redirect_to_login`
			`from django.core.exceptions import PermissionDenied`
			`from django.forms.models import modelform_factory`
login view 2013-05-24 04:06:31 +00:00			`from django.http import HttpResponseRedirect`
fixed reverse reverse_lazy import errors 2018-05-10 19:23:23 +00:00			`from django.urls import reverse, reverse_lazy`
feat: upgrade Django and Python to supported versions 2020-09-26 21:21:43 +00:00			`from django.utils.encoding import force_str`
Why don't you PEP your 8! Add in change messages. 2013-07-19 00:23:48 +00:00			`from django.utils.text import get_text_list`
			`from django.utils.translation import ugettext as _`

fix for django-braces>=1.4.0 braces 1.3 views exported AccessMixin in braces 1.4 this was moved views._access and not exported in views not sure if this was the intent of braces or an oversight if intent - should look at AccessMixin vs. using a more specific mixin tested against django-braces 1.3.1 and django-braces 1.4.0 2014-06-19 17:12:13 +00:00			`# braces 1.3 views exported AccessMixin`
			`# in braces 1.4 this was moved views._access and not exported in views`
			`# not sure if this was the intent of braces or an oversight`
			`# if intent - should look at AccessMixin vs. using a more specific mixin`
			`try:`
			`from braces.views import AccessMixin`
			`except ImportError:`
			`from braces.views._access import AccessMixin`
Move mixins to their own directory so the apiviews aren't directly importing from views 2013-05-22 16:40:53 +00:00
Rename constants module to settings 2013-06-03 20:44:16 +00:00			`from . import settings, permissions`
Wrapped all calls to model._meta with model_options function. fix #134 2013-05-23 18:00:14 +00:00			`from .utils import admin2_urlname, model_options`
Move mixins to their own directory so the apiviews aren't directly importing from views 2013-05-22 16:40:53 +00:00

Moving permission checking from AdminModel2Mixin to PermissionMixin were it belongs. 2013-05-26 14:55:44 +00:00			`class PermissionMixin(AccessMixin):`
Adding \|for_view filter to bind permissions for a view name. 2013-05-26 11:32:43 +00:00			`do_not_call_in_templates = True`
Implementing a class-based permission handling. 2013-05-22 23:21:01 +00:00			`permission_classes = (permissions.IsStaffPermission,)`
deleted LoginRequiredMixin 2013-05-31 00:39:58 +00:00			`login_url = reverse_lazy('admin2:dashboard')`
Implementing a class-based permission handling. 2013-05-22 23:21:01 +00:00
			`def __init__(self, **kwargs):`
			`self.permissions = [`
			`permission_class()`
			`for permission_class in self.permission_classes]`
Moving permission logic of views into its own mixin. Also allow to check permission on other views via the PermissionMixin. 2013-05-23 22:33:51 +00:00			`super(PermissionMixin, self).__init__(**kwargs)`

Adding ability to check for permissions of any registered model admin in the templates. 2013-05-25 18:10:21 +00:00			`def has_permission(self, obj=None):`
Moving permission logic of views into its own mixin. Also allow to check permission on other views via the PermissionMixin. 2013-05-23 22:33:51 +00:00			`'''`
			Return ``True`` if the permission for this view shall be granted,
			``False`` otherwise. Supports object-level permission by passing the
			`related object as first argument.`
			`'''`
Re-wording the variable 'backend' based on @RaphaelKimmig's code review. 2013-05-29 09:00:11 +00:00			`for permission in self.permissions:`
			`if not permission.has_permission(self.request, self, obj):`
Moving permission logic of views into its own mixin. Also allow to check permission on other views via the PermissionMixin. 2013-05-23 22:33:51 +00:00			`return False`
			`return True`

Moving permission checking from AdminModel2Mixin to PermissionMixin were it belongs. 2013-05-26 14:55:44 +00:00			`def dispatch(self, request, args, *kwargs):`
			`# Raise exception or redirect to login if user doesn't have`
			`# permissions.`
			`if not self.has_permission():`
			`if self.raise_exception:`
			`raise PermissionDenied # return a forbidden response`
			`else:`
PEP8 2013-07-18 23:08:38 +00:00			`return redirect_to_login(`
			`request.get_full_path(),`
			`self.get_login_url(),`
			`self.get_redirect_field_name())`
Moving permission checking from AdminModel2Mixin to PermissionMixin were it belongs. 2013-05-26 14:55:44 +00:00			`return super(PermissionMixin, self).dispatch(request, args, *kwargs)`

Adding the ability to check for permissions in templates. 2013-05-23 23:02:08 +00:00			`def get_context_data(self, **kwargs):`
			`context = super(PermissionMixin, self).get_context_data(**kwargs)`
			`permission_checker = permissions.TemplatePermissionChecker(`
Adding possibility to swap model admin that is checked for permissions in the template. 2013-05-26 10:48:10 +00:00			`self.request, self.model_admin)`
Adding the ability to check for permissions in templates. 2013-05-23 23:02:08 +00:00			`context.update({`
			`'permissions': permission_checker,`
			`})`
			`return context`

Moving permission logic of views into its own mixin. Also allow to check permission on other views via the PermissionMixin. 2013-05-23 22:33:51 +00:00
			`class Admin2Mixin(PermissionMixin):`
			`# are set in the ModelAdmin2 class when creating the view via`
			`# .as_view(...)`
			`model_admin = None`
			`model_name = None`
			`app_label = None`
Hardcoded LoginView (#436) * Add a way to customize LoginView and Document about it Resolve #416 * Add test for custom login view * Remove unused code in test_views 2016-09-03 09:17:37 +00:00			`login_view = None`
Move mixins to their own directory so the apiviews aren't directly importing from views 2013-05-22 16:40:53 +00:00
login view 2013-05-24 04:06:31 +00:00			`index_path = reverse_lazy('admin2:dashboard')`
use django-braces for login required views 2013-05-24 02:54:28 +00:00
Move mixins to their own directory so the apiviews aren't directly importing from views 2013-05-22 16:40:53 +00:00			`def get_template_names(self):`
PEP8 2013-07-18 23:08:38 +00:00			`return [os.path.join(`
			`settings.ADMIN2_THEME_DIRECTORY, self.default_template_name)]`
Move mixins to their own directory so the apiviews aren't directly importing from views 2013-05-22 16:40:53 +00:00
feat: upgrade Django and Python to supported versions 2020-09-26 21:21:43 +00:00			`def get_templates(self):`
			`return os.path.join(settings.ADMIN2_THEME_DIRECTORY, self.default_template_name)`

Move mixins to their own directory so the apiviews aren't directly importing from views 2013-05-22 16:40:53 +00:00			`def get_model(self):`
			`return self.model`

			`def get_queryset(self):`
			`return self.get_model()._default_manager.all()`

			`def get_form_class(self):`
			`if self.form_class is not None:`
			`return self.form_class`
			`return modelform_factory(self.get_model())`

merge from develop 2013-05-30 23:55:34 +00:00			`def is_user(self, request):`
login view 2013-05-24 04:06:31 +00:00			`return hasattr(request, 'user') and not (request.user.is_active and`
			`request.user.is_staff)`

			`def dispatch(self, request, args, *kwargs):`

merge from develop 2013-05-30 23:55:34 +00:00			`if self.is_user(request):`
login view 2013-05-24 04:06:31 +00:00			`if request.path == reverse('admin2:logout'):`
			`return HttpResponseRedirect(self.index_path)`

			`if request.path == self.index_path:`
			`extra = {`
			`'next': request.GET.get('next', self.index_path)`
			`}`
Hardcoded LoginView (#436) * Add a way to customize LoginView and Document about it Resolve #416 * Add test for custom login view * Remove unused code in test_views 2016-09-03 09:17:37 +00:00			`return self.login_view().dispatch(request, extra_context=extra, args, *kwargs)`
login view 2013-05-24 04:06:31 +00:00
			`return super(Admin2Mixin, self).dispatch(request, args, *kwargs)`

Move mixins to their own directory so the apiviews aren't directly importing from views 2013-05-22 16:40:53 +00:00
Rename AdminModel2Mixin to Admin2ModelMixin 2016-05-07 22:25:12 +00:00			`class Admin2ModelMixin(Admin2Mixin):`
Move mixins to their own directory so the apiviews aren't directly importing from views 2013-05-22 16:40:53 +00:00			`model_admin = None`

			`def get_context_data(self, **kwargs):`
Rename AdminModel2Mixin to Admin2ModelMixin 2016-05-07 22:25:12 +00:00			`context = super(Admin2ModelMixin, self).get_context_data(**kwargs)`
Wrapped all calls to model._meta with model_options function. fix #134 2013-05-23 18:00:14 +00:00			`model = self.get_model()`
			`model_meta = model_options(model)`
Registering and making the app verbose names accessible into the views. 2013-08-05 07:35:03 +00:00			`app_verbose_names = self.model_admin.admin.app_verbose_names`
Move mixins to their own directory so the apiviews aren't directly importing from views 2013-05-22 16:40:53 +00:00			`context.update({`
Initial stab at breadcrumbs There's currently a lot of copy-pasting of breadcrumbs, this can be revisited once we have a better understanding of how we're going to handle navigation. I've also tried to make template context variables more logical and consistent throughout. 2013-05-26 00:55:43 +00:00			`'app_label': model_meta.app_label,`
Registering and making the app verbose names accessible into the views. 2013-08-05 07:35:03 +00:00			`'app_verbose_name': app_verbose_names.get(model_meta.app_label),`
Initial stab at breadcrumbs There's currently a lot of copy-pasting of breadcrumbs, this can be revisited once we have a better understanding of how we're going to handle navigation. I've also tried to make template context variables more logical and consistent throughout. 2013-05-26 00:55:43 +00:00			`'model_name': model_meta.verbose_name,`
			`'model_name_pluralized': model_meta.verbose_name_plural`
Move mixins to their own directory so the apiviews aren't directly importing from views 2013-05-22 16:40:53 +00:00			`})`
			`return context`

			`def get_model(self):`
			`return self.model`

			`def get_queryset(self):`
			`return self.get_model()._default_manager.all()`

			`def get_form_class(self):`
			`if self.form_class is not None:`
			`return self.form_class`
Fix some Django 1.8 compatibility issues. 2015-03-21 15:44:11 +00:00			`return modelform_factory(self.get_model(), fields='__all__')`
Move mixins to their own directory so the apiviews aren't directly importing from views 2013-05-22 16:40:53 +00:00

			`class Admin2ModelFormMixin(object):`
			`def get_success_url(self):`
			`if '_continue' in self.request.POST:`
			`view_name = admin2_urlname(self, 'update')`
			`return reverse(view_name, kwargs={'pk': self.object.pk})`

			`if '_addanother' in self.request.POST:`
			`return reverse(admin2_urlname(self, 'create'))`

			`# default to index view`
			`return reverse(admin2_urlname(self, 'index'))`
Why don't you PEP your 8! Add in change messages. 2013-07-19 00:23:48 +00:00
			`def construct_change_message(self, request, form, formsets):`
			`""" Construct a change message from a changed object """`
			`change_message = []`
			`if form.changed_data:`
			`change_message.append(`
			`_('Changed {0}.'.format(`
			`get_text_list(form.changed_data, _('and')))))`

			`if formsets:`
			`for formset in formsets:`
			`for added_object in formset.new_objects:`
			`change_message.append(`
			`_('Added {0} "{1}".'.format(`
feat: upgrade Django and Python to supported versions 2020-09-26 21:21:43 +00:00			`force_str(added_object._meta.verbose_name),`
			`force_str(added_object))))`
Why don't you PEP your 8! Add in change messages. 2013-07-19 00:23:48 +00:00			`for changed_object, changed_fields in formset.changed_objects:`
			`change_message.append(`
			`_('Changed {0} for {1} "{2}".'.format(`
			`get_text_list(changed_fields, _('and')),`
feat: upgrade Django and Python to supported versions 2020-09-26 21:21:43 +00:00			`force_str(changed_object._meta.verbose_name),`
			`force_str(changed_object))))`
Why don't you PEP your 8! Add in change messages. 2013-07-19 00:23:48 +00:00			`for deleted_object in formset.deleted_objects:`
			`change_message.append(`
			`_('Deleted {0} "{1}".'.format(`
feat: upgrade Django and Python to supported versions 2020-09-26 21:21:43 +00:00			`force_str(deleted_object._meta.verbose_name),`
			`force_str(deleted_object))))`
Why don't you PEP your 8! Add in change messages. 2013-07-19 00:23:48 +00:00
			`change_message = ' '.join(change_message)`
			`return change_message or _('No fields changed.')`