Added django-guardian, set owner permissions on post save, testing, CSS fixes

2016-10-04 16:36:08 -04:00 · 2016-10-04 16:36:08 -04:00 · 90cc52ff2d
commit 90cc52ff2d
--- a/app/admin.py
+++ b/app/admin.py
@ -1 +1,8 @@
 from django.contrib import admin
 from guardian.admin import GuardedModelAdmin
 from .models import Project
 class ProjectAdmin(GuardedModelAdmin):
    pass
 admin.site.register(Project, ProjectAdmin)
--- a/app/api/projects.py
+++ b/app/api/projects.py
@ -11,7 +11,7 @@ class ProjectSerializer(serializers.HyperlinkedModelSerializer):
 class ProjectViewSet(viewsets.ModelViewSet):
    """
-    Projects the current user has access to, including the ability to create new ones.
+    Projects the current user has access to.
    """
    queryset = models.Project.objects.all()
    serializer_class = ProjectSerializer
--- a/app/apps.py
+++ b/app/apps.py
@ -1,7 +1,7 @@
 from __future__ import unicode_literals
 from django.apps import AppConfig
-
+import .signals
 class MainConfig(AppConfig):
    name = 'main'
--- a/app/fixtures/test_users.yaml
+++ b/app/fixtures/test_users.yaml
@ -20,7 +20,7 @@
    #  password: test1234
    password: pbkdf2_sha256$30000$pFwIz88hEEZ4$siNaZefZB3bb0DlemWNOkj6+tCq3I3LW+IgVw5VsRmE=
    last_login: null
-    is_superuser: true
+    is_superuser: false
    username: testuser2
    first_name: ''
    last_name: ''
@ -29,4 +29,20 @@
    is_active: true
    date_joined: '2016-09-11T22:26:52.582858+00:00'
    groups: []
    user_permissions: []
 - model: auth.user
  pk: 3
  fields:
    #  password: test1234
    password: pbkdf2_sha256$30000$pFwIz88hEEZ4$siNaZefZB3bb0DlemWNOkj6+tCq3I3LW+IgVw5VsRmE=
    last_login: null
    is_superuser: false
    username: testuser3
    first_name: ''
    last_name: ''
    email: test2@mail.com
    is_staff: true
    is_active: true
    date_joined: '2016-09-11T22:26:52.582858+00:00'
    groups: []
    user_permissions: []
--- a/app/models.py
+++ b/app/models.py
@ -1,10 +1,15 @@
 from __future__ import unicode_literals
 from django.db import models
 from django.db.models import signals
 from django.utils import timezone
 from django.contrib.auth.models import User
 from django.contrib.postgres import fields
 from nodeodm.models import ProcessingNode
 from django.dispatch import receiver
 from guardian.shortcuts import get_perms_for_model, assign_perm
 from guardian.models import UserObjectPermissionBase
 from guardian.models import GroupObjectPermissionBase
 def assets_directory_path(taskId, projectId, filename):
    # files will be uploaded to MEDIA_ROOT/project_<id>/task_<id>/<filename>
@ -14,12 +19,37 @@ def assets_directory_path(taskId, projectId, filename):
 class Project(models.Model):
    owner = models.ForeignKey(User, on_delete=models.PROTECT, help_text="The person who created the project")
    name = models.CharField(max_length=255, help_text="A label used to describe the project")
-    description = models.TextField(null=True, help_text="More in-depth description of the project")
+    description = models.TextField(null=True, blank=True, help_text="More in-depth description of the project")
    created_at = models.DateTimeField(default=timezone.now, help_text="Creation date")
    def __str__(self):
        return self.name
    class Meta:
        permissions = (
            ('view_project', 'Can view project'),
        )
@receiver(signals.post_save, sender=Project, dispatch_uid="project_post_save")
 def project_post_save(sender, instance, created, **kwargs):
    """
    Automatically assigns all permissions to the owner. If the owner changes
    it's up to the user/developer to remove the previous owner's permissions.
    """
    for perm in get_perms_for_model(sender).all():
        assign_perm(perm.codename, instance.owner, instance)
 class ProjectUserObjectPermission(UserObjectPermissionBase):
    content_object = models.ForeignKey(Project)
 class ProjectGroupObjectPermission(GroupObjectPermissionBase):
    content_object = models.ForeignKey(Project)
 # from guardian.shortcuts import get_objects_for_user
 # ...
 # videos = get_objects_for_user(request.user, "view_video", Video.objects.all())
 def gcp_directory_path(task, filename):
    return assets_directory_path(task.id, task.project.id, filename)
--- a/app/static/admin/css/base.css
+++ b/app/static/admin/css/base.css
@ -19,6 +19,8 @@
  /* HEADER */
  /* SIDEBAR */
  /* POPUP */ }
  .admin-area #changelist-filter {
    display: none; }
  .admin-area a:link, .admin-area a:visited {
    color: #447e9b;
    text-decoration: none; }
--- a/app/static/admin/css/base.css.map
+++ b/app/static/admin/css/base.css.map
--- a/app/static/admin/css/base.scss
+++ b/app/static/admin/css/base.scss
@ -3,6 +3,10 @@
 */
 .admin-area{
    #changelist-filter{
        display: none;
    }
    a:link, a:visited {
        color: #447e9b;
        text-decoration: none;
--- a/app/static/admin/css/forms.css
+++ b/app/static/admin/css/forms.css
@ -72,8 +72,8 @@
  .admin-area .colMS .aligned .vLargeTextField, .admin-area .colMS .aligned .vXMLLargeTextField {
    width: 350px; }
  .admin-area form .aligned ul {
-    margin-left: 160px;
+    margin-left: 6px;
-    padding-left: 10px; }
+    padding-left: 3px; }
  .admin-area form .aligned ul.radiolist {
    display: inline-block;
    margin: 0;
@ -302,8 +302,8 @@
    background-image: url(../img/search.svg); }
  .admin-area form .related-widget-wrapper ul {
    display: inline-block;
-    margin-left: 0;
+    margin-left: 6px;
-    padding-left: 0; }
+    padding-left: 3px; }
  .admin-area .clearable-file-input input {
    margin-top: 0; }
--- a/app/static/admin/css/forms.css.map
+++ b/app/static/admin/css/forms.css.map
--- a/app/static/admin/css/forms.scss
+++ b/app/static/admin/css/forms.scss
@ -105,8 +105,8 @@
    }
    form .aligned ul {
-        margin-left: 160px;
+        margin-left: 6px;
-        padding-left: 10px;
+        padding-left: 3px;
    }
    form .aligned ul.radiolist {
@ -489,8 +489,8 @@
    form .related-widget-wrapper ul {
        display: inline-block;
-        margin-left: 0;
+        margin-left: 6px;
-        padding-left: 0;
+        padding-left: 3px;
    }
    .clearable-file-input input {
--- a/app/templates/app/base.html
+++ b/app/templates/app/base.html
@ -24,6 +24,7 @@
    {% block extra-headers %}{% endblock %}
    <link rel="stylesheet" type="text/css" href="{% static 'app/css/main.css' %}" />
    <script src="{% static 'app/js/vendor/modernizr-2.8.3.min.js' %}"></script>
    <script src="{% static 'app/js/vendor/knockout-3.4.0.js' %}"></script>
    <script src="{% static 'app/js/vendor/jquery-1.11.2.min.js' %}"></script>
    <title>{{title|default:"Login"}} - WebODM</title>
 </head>
--- a/app/tests.py
+++ b/app/tests.py
@ -84,3 +84,32 @@ class TestApp(TestCase):
        res = c.get('/processingnode/abc/')
        self.assertTrue(res.status_code == 404)
    def test_projects(self):
        # Get a normal user
        user = User.objects.get(pk=2)
        self.assertFalse(user.is_superuser)
        # Create a new project
        p = Project(owner=user, name="test")
        p.save()
        # Have the proper permissions been set?
        self.assertTrue(user.has_perm("view_project", p))
        self.assertTrue(user.has_perm("add_project", p))
        self.assertTrue(user.has_perm("change_project", p))
        self.assertTrue(user.has_perm("delete_project", p))
        # Get a superuser
        superUser = User.objects.get(pk=1)
        self.assertTrue(superUser.is_superuser)
        # He should also have permissions, although not explicitly set
        self.assertTrue(superUser.has_perm("delete_project", p))
        # Get another user
        anotherUser = User.objects.get(pk=3)
        self.assertFalse(anotherUser.is_superuser)
        # Should not have permission
        self.assertFalse(anotherUser.has_perm("delete_project", p))
--- a/app/views.py
+++ b/app/views.py
@ -15,7 +15,7 @@ def dashboard(request):
    no_processingnodes = ProcessingNode.objects.count() == 0
    # Create first project automatically
-    if Project.objects.count() == 0:
+    if Project.objects.filter(owner=request.user).count() == 0:
        proj = Project(owner=request.user, name=_("First Project"))
        proj.save()
--- a/requirements.txt
+++ b/requirements.txt
@ -8,6 +8,8 @@ cryptography==1.5
 Django==1.10
 django-common-helpers==0.8.0
 django-filter==0.15.2
 django-guardian==1.4.6
 django-knockout==0.3.2
 djangorestframework==3.4.7
 enum34==1.1.6
 fido==3.2.0
--- a/webodm/settings.py
+++ b/webodm/settings.py
@ -38,6 +38,7 @@ INSTALLED_APPS = [
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'guardian',
    'rest_framework',
    'app',
    'nodeodm',
@ -111,6 +112,11 @@ AUTH_PASSWORD_VALIDATORS = [
   },
 ]
 # Hook guardian
 AUTHENTICATION_BACKENDS = (
    'django.contrib.auth.backends.ModelBackend', # this is default
    'guardian.backends.ObjectPermissionBackend',
 )
 # Internationalization
 # https://docs.djangoproject.com/en/1.10/topics/i18n/