Python源码示例:guardian.shortcuts.get_objects_for_user()
示例1
def get_queryset(self):
"""
Get the list of items for this view
based on user's view_%(model_name)s permissions.
"""
# Sometime there is no model object
model = getattr(self, 'model', None)
self.model = model or getattr(self.queryset, 'model', None)
if self.request is not None and self.model is not None:
kwargs = {
'app_label': self.model._meta.app_label,
# module_name is now named model_name in django 1.8
'model_name': self.model._meta.model_name
}
perms = ['%(app_label)s.view_%(model_name)s' % kwargs]
return get_objects_for_user(self.request.user, perms, self.model)
if self.model is not None:
return self.model._default_manager.all()
raise ImproperlyConfigured("'%s' must define 'queryset' or 'model'"
% self.__class__.__name__)
示例2
def project_search(request):
if request.method == "POST":
project_name = request.POST.get('project_name')
person_name = request.POST.get('person_name')
index = int(request.POST.get('index'))
if len(project_name) == 0 and len(person_name) == 0:
return JsonResponse(get_ajax_msg(0, 0, '搜索条件无效'))
else:
projects = ProjectInfo.objects.all()
if len(project_name) > 0:
projects = projects.filter(project_name__contains=project_name)
if len(person_name) > 0:
projects = projects.filter(responsible_name__contains=person_name)
if projects is None:
return JsonResponse(get_ajax_msg(0, 0, '查询出错'))
objects = get_objects_for_user(request.user, AUTH_VIEW, projects) # 根据用户权限筛选项目对象
projects = pagination_for_objects(objects, index)
count = objects.count()
data = dataToJson([model_to_dict(i) for i in projects])
return JsonResponse(get_ajax_msg(1, 1, '搜索成功', {'projects': data, 'count': count, 'currPage': index}))
示例3
def list(self, request, collection, *args, **kwargs):
"""
return experiments for the collection that the user has permissions for
Args:
request: DRF request
collection : Collection name
*args:
**kwargs:
Returns: Experiments that user has view permissions on and are not marked for deletion
"""
collection_obj = Collection.objects.get(name=collection)
all_experiments = get_objects_for_user(request.user, 'read', klass=Experiment)\
.exclude(to_be_deleted__isnull=False)
experiments = all_experiments.filter(collection=collection_obj)
data = {"experiments": [experiment.name for experiment in experiments]}
return Response(data)
示例4
def list(self, request, collection, experiment, *args, **kwargs):
"""
Display only objects that a user has access to
Args:
request: DRF request
collection: Collection Name
experiment: Experiment Name
*args:
**kwargs:
Returns: Channel that user has view permissions on
"""
collection_obj = Collection.objects.get(name=collection)
experiment_obj = Experiment.objects.get(name=experiment, collection=collection_obj)
channels = get_objects_for_user(request.user, 'read', klass=Channel).filter(experiment=experiment_obj)
channels= channels.exclude(to_be_deleted__isnull=False)
data = {"channels": [channel.name for channel in channels]}
return Response(data)
示例5
def list(self, request, *args, **kwargs):
"""
Display only objects that a user has access to
Args:
request: DRF request
*args:
**kwargs:
Returns: Coordinate frames that user has view permissions on
"""
# Note: the line below returns all coordinate frames that the user has read permissions on
#coords = get_objects_for_user(request.user, 'read', klass=CoordinateFrame).exclude(to_be_deleted__isnull=False)
if 'owner' in request.query_params:
owner_flag = request.query_params.get('owner', "False")
else:
owner_flag = "False"
if str.capitalize(owner_flag) == "True":
coords = CoordinateFrame.objects.filter(creator=request.user).exclude(to_be_deleted__isnull=False)
else:
coords = CoordinateFrame.objects.all().exclude(to_be_deleted__isnull=False)
data = {"coords": [coord.name for coord in coords]}
return Response(data)
示例6
def get_queryset(self):
user = self.request.user
partner = self.request.site.partner
if user.is_staff:
return serializers.OrganizationSerializer.prefetch_queryset(partner=partner)
else:
organizations = get_objects_for_user(
user,
OrganizationExtension.VIEW_COURSE,
OrganizationExtension,
use_groups=True,
with_superuser=False
).values_list('organization')
orgs_queryset = serializers.OrganizationSerializer.prefetch_queryset(partner=partner).filter(
pk__in=organizations
)
return orgs_queryset
示例7
def apply_filters(self, request, applicable_filters):
permission = applicable_filters.pop('permission', None)
# NOTE: We change this filter name from type to geom_type because it
# overrides geonode type filter(vector,raster)
layer_geom_type = applicable_filters.pop('geom_type', None)
filtered = super(LayerFilterExtensionResource, self).apply_filters(
request, applicable_filters)
if layer_geom_type:
filtered = filtered.filter(
attribute_set__attribute_type__icontains=layer_geom_type)
if permission is not None:
try:
permitted_ids = get_objects_for_user(request.user,
permission).values('id')
except BaseException:
permitted_ids = get_objects_for_user(
request.user, permission, klass=filtered).values('id')
filtered = filtered.filter(id__in=permitted_ids)
return filtered
示例8
def cartoview_processor(request):
permitted = get_objects_for_user(request.user,
'base.view_resourcebase')
cartoview_counters = {
"apps": App.objects.count(),
"app_instances": AppInstance.objects.filter(id__in=permitted).count(),
"maps": Map.objects.filter(id__in=permitted).count(),
"layers": Layer.objects.filter(id__in=permitted).count(),
"users": Profile.objects.exclude(username="AnonymousUser").count(),
"groups": Group.objects.exclude(name="anonymous").count()
}
defaults = {
'apps': App.objects.all().order_by('order'),
'CARTOVIEW_VERSION': get_version(__version__),
'APPS_MENU': settings.APPS_MENU,
'apps_instance_count': AppInstance.objects.all().count(),
"cartoview_counters": cartoview_counters,
'instances': AppInstance.objects.all().order_by('app__order')[:5]
}
return defaults
示例9
def for_user(self, user, perms, any_perm=False, with_superuser=False):
"""Get a queryset filtered by perms for the user.
:param user: the user itself
:param perms: a string or list of perms to check for
:param any_perm: if any perm or all perms should be cosidered
:param with_superuser: if a superuser should skip the checks
"""
if not has_guardian:
return self.all()
perms = [perms] if isinstance(perms, str) else perms
return get_objects_for_user(
user,
perms,
klass=self.model,
any_perm=any_perm,
with_superuser=with_superuser,
)
示例10
def filter_queryset(self, request, queryset, view):
# We want to defer this import until run-time, rather than import-time.
# See https://github.com/encode/django-rest-framework/issues/4608
# (Also see #1624 for why we need to make this import explicitly)
from guardian.shortcuts import get_objects_for_user
extra = {}
user = request.user
model_cls = queryset.model
kwargs = {
'app_label': model_cls._meta.app_label,
'model_name': model_cls._meta.model_name
}
permission = self.perm_format % kwargs
if tuple(guardian.VERSION) >= (1, 3):
# Maintain behavior compatibility with versions prior to 1.3
extra = {'accept_global_perms': False}
else:
extra = {}
return get_objects_for_user(user, permission, queryset, **extra)
示例11
def filter_owners(self, queryset, name, value):
"""Filter queryset by owner's id."""
try:
user = user_model.objects.get(pk=value)
except user_model.DoesNotExist:
return queryset.none()
return get_objects_for_user(
user, self.owner_permission, queryset, with_superuser=False
)
示例12
def filter_owners_name(self, queryset, name, value):
"""Filter queryset by owner's name."""
result = queryset.model.objects.none()
user_subquery = self._get_user_subquery(value)
for user in user_subquery:
result = result.union(
get_objects_for_user(
user, self.owner_permission, queryset, with_superuser=False
)
)
# Union can no longer be filtered, so we have to create a new queryset
# for following filters.
return result.model.objects.filter(pk__in=Subquery(result.values("pk")))
示例13
def list_keys(request):
"""View to list all SSH keys for the logged-in user."""
ssh_keys = get_objects_for_user(
request.user,
"keys.view_sshkey",
SSHKey.objects.all().order_by("-created_at"),
use_groups=False,
with_superuser=False,
)
context = {"ssh_keys": ssh_keys}
return render(request, "atmo/keys/list.html", context)
示例14
def get_queryset(self, *args, **kwargs):
"""
Gets the set of ``ObservationRecord`` objects associated with the targets that the user is authorized to view.
:returns: set of ObservationRecords
:rtype: QuerySet
"""
if settings.TARGET_PERMISSIONS_ONLY:
return ObservationRecord.objects.filter(
target__in=get_objects_for_user(self.request.user, 'tom_targets.view_target')
)
else:
return get_objects_for_user(self.request.user, 'tom_observations.view_observationrecord')
示例15
def get_queryset(self, *args, **kwargs):
"""
Gets the set of ``ObservationRecord`` objects associated with targets that the current user is authorized to
view.
:returns: set of ObservationRecords
:rtype: QuerySet
"""
if settings.TARGET_PERMISSIONS_ONLY:
return ObservationRecord.objects.filter(
target__in=get_objects_for_user(self.request.user, 'tom_targets.view_target')
)
else:
return get_objects_for_user(self.request.user, 'tom_observations.view_observationrecord')
示例16
def observation_list(context, target=None):
"""
Displays a list of all observations in the TOM, limited to an individual target if specified.
"""
if target:
if settings.TARGET_PERMISSIONS_ONLY:
observations = target.observationrecord_set.all()
else:
observations = get_objects_for_user(
context['request'].user,
'tom_observations.view_observationrecord'
).filter(target=target)
else:
observations = ObservationRecord.objects.all().order_by('-created')
return {'observations': observations}
示例17
def get_queryset(self, *args, **kwargs):
"""
Returns the queryset that will be used to look up the Target by limiting the result to targets that the user is
authorized to modify.
:returns: Set of targets
:rtype: QuerySet
"""
return get_objects_for_user(self.request.user, 'tom_targets.change_target')
示例18
def recent_targets(context, limit=10):
"""
Displays a list of the most recently created targets in the TOM up to the given limit, or 10 if not specified.
"""
user = context['request'].user
return {'targets': get_objects_for_user(user, 'tom_targets.view_target').order_by('-created')[:limit]}
示例19
def get_queryset(self):
"""
Gets the set of ``DataProduct`` objects that the user has permission to view.
:returns: Set of ``DataProduct`` objects
:rtype: QuerySet
"""
if settings.TARGET_PERMISSIONS_ONLY:
return super().get_queryset().filter(
target__in=get_objects_for_user(self.request.user, 'tom_targets.view_target')
)
else:
return get_objects_for_user(self.request.user, 'tom_dataproducts.view_dataproduct')
示例20
def dataproduct_list_for_target(context, target):
"""
Given a ``Target``, returns a list of ``DataProduct`` objects associated with that ``Target``
"""
if settings.TARGET_PERMISSIONS_ONLY:
target_products_for_user = target.dataproduct_set.all()
else:
target_products_for_user = get_objects_for_user(
context['request'].user, 'tom_dataproducts.view_dataproduct', klass=target.dataproduct_set.all())
return {
'products': target_products_for_user,
'target': target
}
示例21
def dataproduct_list_all(context):
"""
Returns the full list of data products in the TOM, with the most recent first.
"""
if settings.TARGET_PERMISSIONS_ONLY:
products = DataProduct.objects.all().order_by('-created')
else:
products = get_objects_for_user(context['request'].user, 'tom_dataproducts.view_dataproduct')
return {'products': products}
示例22
def spectroscopy_for_target(context, target, dataproduct=None):
"""
Renders a spectroscopic plot for a ``Target``. If a ``DataProduct`` is specified, it will only render a plot with
that spectrum.
"""
spectral_dataproducts = DataProduct.objects.filter(target=target,
data_product_type=settings.DATA_PRODUCT_TYPES['spectroscopy'][0])
if dataproduct:
spectral_dataproducts = DataProduct.objects.get(data_product=dataproduct)
plot_data = []
if settings.TARGET_PERMISSIONS_ONLY:
datums = ReducedDatum.objects.filter(data_product__in=spectral_dataproducts)
else:
datums = get_objects_for_user(context['request'].user,
'tom_dataproducts.view_reduceddatum',
klass=ReducedDatum.objects.filter(data_product__in=spectral_dataproducts))
for datum in datums:
deserialized = SpectrumSerializer().deserialize(datum.value)
plot_data.append(go.Scatter(
x=deserialized.wavelength.value,
y=deserialized.flux.value,
name=datetime.strftime(datum.timestamp, '%Y%m%d-%H:%M:%s')
))
layout = go.Layout(
height=600,
width=700,
xaxis=dict(
tickformat="d"
),
yaxis=dict(
tickformat=".1eg"
)
)
return {
'target': target,
'plot': offline.plot(go.Figure(data=plot_data, layout=layout), output_type='div', show_link=False)
}
示例23
def project_list(request):
if request.method == "GET":
return render(request, 'api/project_list.html')
elif request.method == "POST":
index = int(request.POST.get('index'))
objects = get_objects_for_user(request.user, AUTH_VIEW).all()
projects = pagination_for_objects(objects, index)
count = objects.count()
data = dataToJson([model_to_dict(i) for i in projects])
return JsonResponse(get_ajax_msg(1, 1, '获取工程列表成功', {'projects': data, 'count': count, 'currPage': index}))
示例24
def project_query(request):
if request.method == 'POST':
project_id = request.POST.get('id')
projects = ProjectInfo.objects.filter(id=project_id)
if len(projects) == 0:
return JsonResponse(get_ajax_msg(0, 0, '没有这条数据', {}))
projects = get_objects_for_user(request.user, AUTH_VIEW, projects) # 根据用户权限筛选项目对象
data = dataToJson([model_to_dict(i) for i in projects])
return JsonResponse(get_ajax_msg(1, 1, '获取项目成功', {'projects': data}))
示例25
def list(self, request, *args, **kwargs):
"""
Display only objects that a user has access to
Args:
request: DRF request
*args:
**kwargs:
Returns: Collections that user has view permissions on
"""
# queryset = self.get_queryset()
collections = get_objects_for_user(request.user, 'read', klass=Collection).exclude(to_be_deleted__isnull=False)
data = {"collections": [collection.name for collection in collections]}
return Response(data)
示例26
def get_fields(self):
fields = super(ExperimentSerializer, self).get_fields()
if 'request' in self.context:
collections = get_objects_for_user(self.context['view'].request.user, 'add_collection', klass=Collection)
fields['collection'].queryset = collections
return fields
示例27
def get_experiments_permissions(self, collection, cur_user):
"return all experiments that are not marked to be deleted and that the user has read permissions on"
collection_obj = Collection.objects.get(name=collection)
all_experiments = get_objects_for_user(cur_user, 'read', klass=Experiment).exclude(to_be_deleted__isnull=False)
return all_experiments.filter(collection=collection_obj).values_list('name', flat=True)
示例28
def filter_list_queryset(self, request, queryset, view):
""" Filters the list queryset, returning only the objects accessible by the user.
If a username parameter is passed on the querystring, the filter will will return objects accessible by
the user corresponding to the given username. NOTE: This functionality is only accessible to staff users.
Raises:
PermissionDenied -- If a username querystring parameter is specified, but the user is not a staff user.
Http404 -- If no User corresponding to the given username exists.
Returns:
QuerySet
"""
perm = queryset.model.get_permission('view')
user = request.user
username = request.query_params.get('username', None)
if username:
if request.user.is_staff:
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
raise NotFound(_('No user with the username [{username}] exists.').format(username=username))
else:
raise PermissionDenied(
_('Only staff users are permitted to filter by username. Remove the username parameter.')
)
return get_objects_for_user(user, perm)
示例29
def filter_queryset(self, request, queryset, view):
# We want to defer this import until runtime, rather than import-time.
# See https://github.com/encode/django-rest-framework/issues/4608
# (Also see #1624 for why we need to make this import explicitly)
from guardian.shortcuts import get_objects_for_user
user = request.user
permission = self.perm_format % {
'app_label': queryset.model._meta.app_label,
'model_name': queryset.model._meta.model_name,
}
return get_objects_for_user(
user, permission, queryset,
**self.shortcut_kwargs)
示例30
def get(self,request,pk):
code_id = codebase.objects.filter(id=pk)
obj = get_objects_for_user(self.request.user, 'asset.task_asset')
return render(self.request, 'release/release-upload.html',
{ "release_active": "active",
"release_list_active": "active", "asset_list":obj, "code":code_id })
