ACL for applications.

6 years ago · 9b3bc1d053
6 changed files with 35 additions and 13 deletions
--- a/api/acl.py
+++ b/api/acl.py
@ -33,7 +33,7 @@ from django.utils.translation import ugettext as _

 def _create_api_permission():
    """Creates the 'use_api' permission if not created.
-    
+
    The 'use_api' is a fake permission in the sense it is not associated with an
    existing model and this ensure the permission is created every time this file
    is imported.
@ -70,6 +70,7 @@ def can_view(user):
        'app_label': settings.API_CONTENT_TYPE_APP_LABEL,
        'codename': settings.API_PERMISSION_CODENAME
    }
-    can = user.has_perm('%(app_label)s.%(codename)s' % kwargs)
+    permission = '%(app_label)s.%(codename)s' % kwargs
+    can = user.has_perm(permission)
    return can, None if can else _("You don't have the right to see this"
-                                   " application.")
+                                   " application."), (permission,)
--- a/cotisations/acl.py
+++ b/cotisations/acl.py
@ -40,7 +40,11 @@ def can_view(user):
    """
    can = user.has_module_perms('cotisations')
    if can:
-        return can, None
+        return can, None, ('cotisations',)
    else:
-        return can, _("You don't have the right to view this application.")
+        return (
+            can,
+            _("You don't have the right to view this application."),
+            ('cotisations',)
+        )

--- a/machines/acl.py
+++ b/machines/acl.py
@ -39,5 +39,10 @@ def can_view(user):
        viewing is granted and msg is a message (can be None).
    """
    can = user.has_module_perms('machines')
-    return can, None if can else _("You don't have the right to view this"
-                                   " application.")
+    return (
+        can,
+        None if can else _("You don't have the right to view this"
+                                   " application."),
+        ('machines',)
+    )
+
--- a/preferences/acl.py
+++ b/preferences/acl.py
@ -39,6 +39,10 @@ def can_view(user):
        viewing is granted and msg is a message (can be None).
    """
    can = user.has_module_perms('preferences')
-    return can, None if can else _("You don't have the right to view this"
-                                   " application.")
+    return (
+        can,
+        None if can else _("You don't have the right to view this"
+                                   " application."),
+        ('preferences',)
+    )

--- a/topologie/acl.py
+++ b/topologie/acl.py
@ -39,6 +39,10 @@ def can_view(user):
        viewing is granted and msg is a message (can be None).
    """
    can = user.has_module_perms('topologie')
-    return can, None if can else _("You don't have the right to view this"
-                                   " application.")
+    return (
+        can,
+        None if can else _("You don't have the right to view this"
+                                   " application."),
+        ('topologie',)
+    )

--- a/users/acl.py
+++ b/users/acl.py
@ -38,6 +38,10 @@ def can_view(user):
        viewing is granted and msg is a message (can be None).
    """
    can = user.has_module_perms('users')
-    return can, None if can else _("You don't have the right to view this"
-                                   " application.")
+    return (
+        can,
+        None if can else _("You don't have the right to view this"
+                                   " application."),
+        ('users',)
+    )