23 |
23 |
from . import managers, fields
|
24 |
24 |
|
25 |
25 |
|
26 |
|
class OrganizationalUnit(OrganizationalUnitAbstractBase):
|
27 |
|
username_is_unique = models.BooleanField(
|
28 |
|
blank=True,
|
29 |
|
default=False,
|
30 |
|
verbose_name=_('Username is unique'))
|
31 |
|
email_is_unique = models.BooleanField(
|
32 |
|
blank=True,
|
33 |
|
default=False,
|
34 |
|
verbose_name=_('Email is unique'))
|
35 |
|
default = fields.UniqueBooleanField(
|
36 |
|
verbose_name=_('Default organizational unit'))
|
37 |
|
|
38 |
|
validate_emails = models.BooleanField(
|
39 |
|
blank=True,
|
40 |
|
default=False,
|
41 |
|
verbose_name=_('Validate emails'))
|
42 |
|
|
43 |
|
admin_perms = GenericRelation(rbac_utils.get_permission_model_name(),
|
44 |
|
content_type_field='target_ct',
|
45 |
|
object_id_field='target_id')
|
46 |
|
|
47 |
|
objects = managers.OrganizationalUnitManager()
|
48 |
|
|
49 |
|
class Meta:
|
50 |
|
verbose_name = _('organizational unit')
|
51 |
|
verbose_name_plural = _('organizational units')
|
52 |
|
ordering = ('name',)
|
53 |
|
unique_together = (
|
54 |
|
('name',),
|
55 |
|
('slug',),
|
56 |
|
)
|
57 |
|
|
58 |
|
def clean(self):
|
59 |
|
# if we set this ou as the default one, we must unset the other one if
|
60 |
|
# there is
|
61 |
|
if self.default:
|
62 |
|
qs = self.__class__.objects.filter(default=True)
|
63 |
|
if self.pk:
|
64 |
|
qs = qs.exclude(pk=self.pk)
|
65 |
|
qs.update(default=None)
|
66 |
|
if self.pk and not self.default \
|
67 |
|
and self.__class__.objects.get(pk=self.pk).default:
|
68 |
|
raise ValidationError(_('You cannot unset this organizational '
|
69 |
|
'unit as the default, but you can set '
|
70 |
|
'another one as the default.'))
|
71 |
|
super(OrganizationalUnit, self).clean()
|
72 |
|
|
73 |
|
def get_admin_role(self):
|
74 |
|
'''Get or create the generic admin role for this organizational
|
75 |
|
unit.
|
76 |
|
'''
|
77 |
|
name = _('Managers of "{ou}"').format(ou=self)
|
78 |
|
slug = '_a2-managers-of-{ou.slug}'.format(ou=self)
|
79 |
|
return Role.objects.get_admin_role(
|
80 |
|
instance=self, name=name, slug=slug, operation=VIEW_OP,
|
81 |
|
update_name=True, update_slug=True)
|
82 |
|
|
83 |
|
def delete(self, *args, **kwargs):
|
84 |
|
Permission.objects.filter(ou=self).delete()
|
85 |
|
return super(OrganizationalUnitAbstractBase, self).delete(*args, **kwargs)
|
86 |
|
|
87 |
|
def natural_key(self):
|
88 |
|
return [self.slug]
|
89 |
|
|
90 |
|
@classmethod
|
91 |
|
@GlobalCache(timeout=5)
|
92 |
|
def cached(cls):
|
93 |
|
return cls.objects.all()
|
94 |
|
|
95 |
|
def export_json(self):
|
96 |
|
return {
|
97 |
|
'uuid': self.uuid, 'slug': self.slug, 'name': self.name,
|
98 |
|
'description': self.description, 'default': self.default,
|
99 |
|
'email_is_unique': self.email_is_unique,
|
100 |
|
'username_is_unique': self.username_is_unique,
|
101 |
|
'validate_emails': self.validate_emails
|
102 |
|
}
|
103 |
|
|
104 |
|
|
105 |
|
OrganizationalUnit._meta.natural_key = [['uuid'], ['slug'], ['name']]
|
106 |
|
|
107 |
|
|
108 |
26 |
class Permission(PermissionAbstractBase):
|
109 |
27 |
class Meta:
|
110 |
28 |
verbose_name = _('permission')
|
... | ... | |
260 |
178 |
]
|
261 |
179 |
|
262 |
180 |
|
|
181 |
class OrganizationalUnit(OrganizationalUnitAbstractBase):
|
|
182 |
username_is_unique = models.BooleanField(
|
|
183 |
blank=True,
|
|
184 |
default=False,
|
|
185 |
verbose_name=_('Username is unique'))
|
|
186 |
email_is_unique = models.BooleanField(
|
|
187 |
blank=True,
|
|
188 |
default=False,
|
|
189 |
verbose_name=_('Email is unique'))
|
|
190 |
default = fields.UniqueBooleanField(
|
|
191 |
verbose_name=_('Default organizational unit'))
|
|
192 |
|
|
193 |
validate_emails = models.BooleanField(
|
|
194 |
blank=True,
|
|
195 |
default=False,
|
|
196 |
verbose_name=_('Validate emails'))
|
|
197 |
|
|
198 |
automatic_roles = models.ManyToManyField(Role)
|
|
199 |
|
|
200 |
admin_perms = GenericRelation(rbac_utils.get_permission_model_name(),
|
|
201 |
content_type_field='target_ct',
|
|
202 |
object_id_field='target_id')
|
|
203 |
|
|
204 |
objects = managers.OrganizationalUnitManager()
|
|
205 |
|
|
206 |
class Meta:
|
|
207 |
verbose_name = _('organizational unit')
|
|
208 |
verbose_name_plural = _('organizational units')
|
|
209 |
ordering = ('name',)
|
|
210 |
unique_together = (
|
|
211 |
('name',),
|
|
212 |
('slug',),
|
|
213 |
)
|
|
214 |
|
|
215 |
def clean(self):
|
|
216 |
# if we set this ou as the default one, we must unset the other one if
|
|
217 |
# there is
|
|
218 |
if self.default:
|
|
219 |
qs = self.__class__.objects.filter(default=True)
|
|
220 |
if self.pk:
|
|
221 |
qs = qs.exclude(pk=self.pk)
|
|
222 |
qs.update(default=None)
|
|
223 |
if self.pk and not self.default \
|
|
224 |
and self.__class__.objects.get(pk=self.pk).default:
|
|
225 |
raise ValidationError(_('You cannot unset this organizational '
|
|
226 |
'unit as the default, but you can set '
|
|
227 |
'another one as the default.'))
|
|
228 |
super(OrganizationalUnit, self).clean()
|
|
229 |
|
|
230 |
def get_admin_role(self):
|
|
231 |
'''Get or create the generic admin role for this organizational
|
|
232 |
unit.
|
|
233 |
'''
|
|
234 |
name = _('Managers of "{ou}"').format(ou=self)
|
|
235 |
slug = '_a2-managers-of-{ou.slug}'.format(ou=self)
|
|
236 |
return Role.objects.get_admin_role(
|
|
237 |
instance=self, name=name, slug=slug, operation=VIEW_OP,
|
|
238 |
update_name=True, update_slug=True)
|
|
239 |
|
|
240 |
def delete(self, *args, **kwargs):
|
|
241 |
Permission.objects.filter(ou=self).delete()
|
|
242 |
return super(OrganizationalUnitAbstractBase, self).delete(*args, **kwargs)
|
|
243 |
|
|
244 |
def natural_key(self):
|
|
245 |
return [self.slug]
|
|
246 |
|
|
247 |
@classmethod
|
|
248 |
@GlobalCache(timeout=5)
|
|
249 |
def cached(cls):
|
|
250 |
return cls.objects.all()
|
|
251 |
|
|
252 |
def export_json(self):
|
|
253 |
return {
|
|
254 |
'uuid': self.uuid, 'slug': self.slug, 'name': self.name,
|
|
255 |
'description': self.description, 'default': self.default,
|
|
256 |
'email_is_unique': self.email_is_unique,
|
|
257 |
'username_is_unique': self.username_is_unique,
|
|
258 |
'validate_emails': self.validate_emails
|
|
259 |
}
|
|
260 |
|
|
261 |
|
|
262 |
OrganizationalUnit._meta.natural_key = [['uuid'], ['slug'], ['name']]
|
|
263 |
|
263 |
264 |
class RoleParenting(RoleParentingAbstractBase):
|
264 |
265 |
class Meta(RoleParentingAbstractBase.Meta):
|
265 |
266 |
verbose_name = _('role parenting relation')
|