rules first attempt

2020-01-10 08:06:18 +01:00
parent 1f96ff4fa7
commit 79afd29b19
6 changed files with 126 additions and 82 deletions
--- a/rowers/models.py
+++ b/rowers/models.py
@@ -39,6 +39,9 @@ import pandas as pd
 from dateutil import parser
 import datetime

+import rules
+from rules.contrib.models import RulesModel
+
 from rowers.rows import validate_file_extension
 from collections import OrderedDict
 from timezonefinder import TimezoneFinder
@@ -53,6 +56,37 @@ from rowsandall_app.settings import (
    TWEET_CONSUMER_SECRET,
    )

+# PERMISSIONS
+
+@rules.predicate
+def is_team_manager(user,team):
+    print('aap')
+    return team.manager == user
+
+@rules.predicate
+def is_team_member(user,team):
+    members = Rower.objects.filter(team__in=[team])
+    return user in [member.user for member in members]
+
+@rules.predicate
+def is_coach(user):
+    r = Rower.objects.get(user=user)
+    return r.rowerplan in ['coach','freecoach']
+
+@rules.predicate
+def can_view_team(user,team):
+    # user based
+    r = Rower.objects.get(user=user)
+    if r.rowerplan == 'basic' and team.manager.rower.rowerplan != 'coach':
+        return False
+    # team is public
+    if team.private == 'open':
+        return True
+    # team is private
+    return is_team_member(user,team) | is_team_manager(user,team)
+
+# END PERMISSIONS
+
 tweetapi = twitter.Api(consumer_key=TWEET_CONSUMER_KEY,
                       consumer_secret=TWEET_CONSUMER_SECRET,
                       access_token_key=TWEET_ACCESS_TOKEN_KEY,
@@ -331,7 +365,7 @@ def is_not_basic(user):

 # For future Team functionality
@python_2_unicode_compatible
-class Team(models.Model):
+class Team(RulesModel):
    choices = (
        ('private','private'),
        ('open','open'),
@@ -350,6 +384,13 @@ class Team(models.Model):

    viewing = models.CharField(max_length=30,choices=viewchoices,default='allmembers',verbose_name='Sharing Behavior')

+    class Meta:
+        rules_permissions = {
+            "add": is_coach,
+            "change": is_team_manager,
+            "delete": is_team_manager,
+            "view": can_view_team,
+        }

    def __str__(self):
        return self.name