From 32b9e61093c8208c5e0a221b7c853fcccfcdde7e Mon Sep 17 00:00:00 2001 From: Eduardo Calil Date: Mon, 12 Sep 2016 13:04:42 -0300 Subject: [PATCH 1/7] =?UTF-8?q?Conserta=20a=20l=C3=B3gica=20das=20permisso?= =?UTF-8?q?es=20de=20proposicoes?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- sapl/materia/views.py | 54 +++++++++++++++++++++++++++++++++++-------- 1 file changed, 44 insertions(+), 10 deletions(-) diff --git a/sapl/materia/views.py b/sapl/materia/views.py index 239384030..f5005b74f 100644 --- a/sapl/materia/views.py +++ b/sapl/materia/views.py @@ -4,6 +4,7 @@ from string import ascii_letters, digits from crispy_forms.helper import FormHelper from crispy_forms.layout import HTML, Button +from django.db.models import Q from django.conf import settings from django.contrib import messages from django.contrib.auth.mixins import PermissionRequiredMixin @@ -31,7 +32,7 @@ from sapl.crud.masterdetail import MasterDetailCrud from sapl.norma.models import LegislacaoCitada from sapl.utils import (autor_label, autor_modal, gerar_hash_arquivo, get_base_url, permissao_tb_aux, permissoes_autor, - permissoes_materia) + permissoes_materia, permissoes_protocoloadm) from .forms import (AcompanhamentoMateriaForm, AnexadaForm, AutorForm, AutoriaForm, ConfirmarProposicaoForm, DespachoInicialForm, @@ -243,11 +244,12 @@ class UnidadeTramitacaoCrud(Crud): permission_required = permissoes_materia() -class ProposicaoDevolvida(ListView): +class ProposicaoDevolvida(PermissionRequiredMixin, ListView): template_name = 'materia/prop_devolvidas_list.html' model = Proposicao ordering = ['data_envio'] paginate_by = 10 + permission_required = permissoes_protocoloadm() def get_queryset(self): return Proposicao.objects.filter( @@ -265,11 +267,12 @@ class ProposicaoDevolvida(ListView): return context -class ProposicaoPendente(ListView): +class ProposicaoPendente(PermissionRequiredMixin, ListView): template_name = 'materia/prop_pendentes_list.html' model = Proposicao ordering = ['data_envio', 'autor', 'tipo', 'descricao'] paginate_by = 10 + permission_required = permissoes_protocoloadm() def get_queryset(self): return Proposicao.objects.filter( @@ -287,11 +290,12 @@ class ProposicaoPendente(ListView): return context -class ProposicaoRecebida(ListView): +class ProposicaoRecebida(PermissionRequiredMixin, ListView): template_name = 'materia/prop_recebidas_list.html' model = Proposicao ordering = ['data_envio'] paginate_by = 10 + permission_required = permissoes_protocoloadm() def get_queryset(self): return Proposicao.objects.filter( @@ -309,9 +313,10 @@ class ProposicaoRecebida(ListView): return context -class ReceberProposicao(CreateView): +class ReceberProposicao(PermissionRequiredMixin, CreateView): template_name = "materia/receber_proposicao.html" form_class = ReceberProposicaoForm + permission_required = permissoes_protocoloadm() def get_context_data(self, **kwargs): context = super(ReceberProposicao, self).get_context_data(**kwargs) @@ -341,9 +346,10 @@ class ReceberProposicao(CreateView): return reverse('sapl.materia:receber-proposicao') -class ConfirmarProposicao(CreateView): +class ConfirmarProposicao(PermissionRequiredMixin, CreateView): template_name = "materia/confirmar_proposicao.html" form_class = ConfirmarProposicaoForm + permission_required = permissoes_protocoloadm() def get_context_data(self, **kwargs): context = super(ConfirmarProposicao, self).get_context_data(**kwargs) @@ -440,7 +446,8 @@ class ProposicaoCrud(Crud): proposicao = Proposicao.objects.get( id=self.kwargs['pk'], autor__user_id=self.request.user.id) - if not proposicao.data_recebimento: + if (not proposicao.data_recebimento or + proposicao.data_devolucao): return True else: msg = _('Essa proposição já foi recebida. ' + @@ -480,32 +487,59 @@ class ProposicaoCrud(Crud): obj.data_recebimento = 'Não recebida' else: obj.data_recebimento = obj.data_recebimento.strftime( - "%d/%m/%Y %H:%M") + "%d/%m/%Y %H:%M") return [self._as_row(obj) for obj in object_list] def get_queryset(self): + # Só tem acesso as Proposicoes criadas por ele que ainda nao foram + # recebidas ou foram devolvidas lista = Proposicao.objects.filter( autor__user_id=self.request.user.id) + lista = lista.filter( + Q(data_recebimento__isnull=True) | + Q(data_devolucao__isnull=False)) + return lista class DeleteView(PermissionRequiredMixin, CrudDeleteView): permission_required = {'materia.delete_proposicao'} + def has_permission(self): + perms = self.get_permission_required() + if self.request.user.has_perms(perms): + if (Proposicao.objects.filter( + id=self.kwargs['pk'], + autor__user_id=self.request.user.id).exists()): + return True + else: + return False + else: + return False + def delete(self, request, *args, **kwargs): proposicao = Proposicao.objects.get(id=self.kwargs['pk']) - if not proposicao.data_envio: + if not proposicao.data_envio or proposicao.data_devolucao: proposicao.delete() return HttpResponseRedirect( reverse('sapl.materia:proposicao_list')) - else: + + elif not proposicao.data_recebimento: proposicao.data_envio = None proposicao.save() return HttpResponseRedirect( reverse('sapl.materia:proposicao_detail', kwargs={'pk': proposicao.pk})) + else: + msg = _('Essa proposição já foi recebida. ' + + 'Não pode mais ser excluída/recuperada') + messages.add_message(self.request, messages.ERROR, msg) + return HttpResponseRedirect( + reverse('sapl.materia:proposicao_detail', + kwargs={'pk': proposicao.pk})) + class ReciboProposicaoView(TemplateView): template_name = "materia/recibo_proposicao.html" From cb9029fd311ba8e4db6f9de24187919de03ba204 Mon Sep 17 00:00:00 2001 From: Eduardo Calil Date: Tue, 13 Sep 2016 13:57:56 -0300 Subject: [PATCH 2/7] Completa as permissoes de proposicoes --- sapl/materia/views.py | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/sapl/materia/views.py b/sapl/materia/views.py index f5005b74f..de8a16811 100644 --- a/sapl/materia/views.py +++ b/sapl/materia/views.py @@ -543,6 +543,19 @@ class ProposicaoCrud(Crud): class ReciboProposicaoView(TemplateView): template_name = "materia/recibo_proposicao.html" + permission_required = permissoes_autor() + + def has_permission(self): + perms = self.get_permission_required() + if self.request.user.has_perms(perms): + if (Proposicao.objects.filter( + id=self.kwargs['pk'], + autor__user_id=self.request.user.id).exists()): + return True + else: + return False + else: + return False def get_context_data(self, **kwargs): context = super(ReciboProposicaoView, self).get_context_data( @@ -550,8 +563,8 @@ class ReciboProposicaoView(TemplateView): proposicao = Proposicao.objects.get(pk=self.kwargs['pk']) context.update({'proposicao': proposicao, 'hash': gerar_hash_arquivo( - proposicao.texto_original.path, - self.kwargs['pk'])}) + proposicao.texto_original.path, + self.kwargs['pk'])}) return context From 2dfea6489981cb0c9ef126bb2964b44d0b2b311d Mon Sep 17 00:00:00 2001 From: Eduardo Calil Date: Tue, 13 Sep 2016 16:14:03 -0300 Subject: [PATCH 3/7] =?UTF-8?q?Impede=20o=20acesso=20do=20superusuario=20?= =?UTF-8?q?=C3=A0s=20proposicoes?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- sapl/materia/admin.py | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/sapl/materia/admin.py b/sapl/materia/admin.py index 5c02ebd40..333e64a7a 100644 --- a/sapl/materia/admin.py +++ b/sapl/materia/admin.py @@ -1,3 +1,20 @@ +from django.contrib import admin +from sapl.materia.models import Proposicao +from sapl.settings import DEBUG from sapl.utils import register_all_models_in_admin register_all_models_in_admin(__name__) + +DEBUG = False +if not DEBUG: + + admin.site.unregister(Proposicao) + + class ProposicaoAdmin(admin.ModelAdmin): + def has_change_permission(self, request, obj=None): + return False + + def has_delete_permission(self, request, obj=None): + return False + + admin.site.register(Proposicao, ProposicaoAdmin) From f0f6a15ddea6737098ebdc90d44f389398d0863a Mon Sep 17 00:00:00 2001 From: Eduardo Calil Date: Tue, 13 Sep 2016 16:14:03 -0300 Subject: [PATCH 4/7] =?UTF-8?q?Impede=20o=20acesso=20do=20superusuario=20?= =?UTF-8?q?=C3=A0s=20proposicoes?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- sapl/materia/admin.py | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/sapl/materia/admin.py b/sapl/materia/admin.py index 5c02ebd40..04b98c5a9 100644 --- a/sapl/materia/admin.py +++ b/sapl/materia/admin.py @@ -1,3 +1,24 @@ +from django.contrib import admin +from sapl.materia.models import Proposicao +from sapl.settings import DEBUG from sapl.utils import register_all_models_in_admin register_all_models_in_admin(__name__) + +DEBUG = False + +if not DEBUG: + + admin.site.unregister(Proposicao) + + class ProposicaoAdmin(admin.ModelAdmin): + def has_add_permission(self, request, obj=None): + return False + + def has_change_permission(self, request, obj=None): + return False + + def has_delete_permission(self, request, obj=None): + return False + + admin.site.register(Proposicao, ProposicaoAdmin) From bedcd21f7c5d639f5a54213b8027a3e50703eb53 Mon Sep 17 00:00:00 2001 From: Eduardo Calil Date: Tue, 13 Sep 2016 17:13:21 -0300 Subject: [PATCH 5/7] Otimiza as verificacoes de permissoes --- sapl/materia/views.py | 60 ++++++++++++++++++++----------------------- 1 file changed, 28 insertions(+), 32 deletions(-) diff --git a/sapl/materia/views.py b/sapl/materia/views.py index de8a16811..9ad9d3f29 100644 --- a/sapl/materia/views.py +++ b/sapl/materia/views.py @@ -439,39 +439,37 @@ class ProposicaoCrud(Crud): def has_permission(self): perms = self.get_permission_required() - if self.request.user.has_perms(perms): - if (Proposicao.objects.filter( - id=self.kwargs['pk'], - autor__user_id=self.request.user.id).exists()): - proposicao = Proposicao.objects.get( - id=self.kwargs['pk'], - autor__user_id=self.request.user.id) - if (not proposicao.data_recebimento or - proposicao.data_devolucao): - return True - else: - msg = _('Essa proposição já foi recebida. ' + - 'Não pode mais ser editada') - messages.add_message(self.request, messages.ERROR, msg) - return False - else: + if not self.request.user.has_perms(perms): return False + if (Proposicao.objects.filter( + id=self.kwargs['pk'], + autor__user_id=self.request.user.id).exists()): + proposicao = Proposicao.objects.get( + id=self.kwargs['pk'], + autor__user_id=self.request.user.id) + if (not proposicao.data_recebimento or + proposicao.data_devolucao): + return True + else: + msg = _('Essa proposição já foi recebida. ' + + 'Não pode mais ser editada') + messages.add_message(self.request, messages.ERROR, msg) + return False + class DetailView(PermissionRequiredMixin, CrudDetailView): permission_required = permissoes_autor() def has_permission(self): perms = self.get_permission_required() - if self.request.user.has_perms(perms): - if (Proposicao.objects.filter( - id=self.kwargs['pk'], - autor__user_id=self.request.user.id).exists()): - return True - else: - return False - else: + if not self.request.user.has_perms(perms): return False + else: + return (Proposicao.objects.filter( + id=self.kwargs['pk'], + autor__user_id=self.request.user.id).exists()) + class ListView(PermissionRequiredMixin, CrudListView): ordering = ['-data_envio', 'descricao'] permission_required = permissoes_autor() @@ -507,16 +505,14 @@ class ProposicaoCrud(Crud): def has_permission(self): perms = self.get_permission_required() - if self.request.user.has_perms(perms): - if (Proposicao.objects.filter( - id=self.kwargs['pk'], - autor__user_id=self.request.user.id).exists()): - return True - else: - return False - else: + if not self.request.user.has_perms(perms): return False + else: + return (Proposicao.objects.filter( + id=self.kwargs['pk'], + autor__user_id=self.request.user.id).exists()) + def delete(self, request, *args, **kwargs): proposicao = Proposicao.objects.get(id=self.kwargs['pk']) From 6679624eb04f37deed1efbc1bdc43b43c5c3efd5 Mon Sep 17 00:00:00 2001 From: Eduardo Calil Date: Tue, 13 Sep 2016 17:13:21 -0300 Subject: [PATCH 6/7] Otimiza as verificacoes de permissoes --- sapl/materia/views.py | 58 +++++++++++++++++++------------------------ 1 file changed, 26 insertions(+), 32 deletions(-) diff --git a/sapl/materia/views.py b/sapl/materia/views.py index de8a16811..f8160db5f 100644 --- a/sapl/materia/views.py +++ b/sapl/materia/views.py @@ -439,39 +439,36 @@ class ProposicaoCrud(Crud): def has_permission(self): perms = self.get_permission_required() - if self.request.user.has_perms(perms): - if (Proposicao.objects.filter( - id=self.kwargs['pk'], - autor__user_id=self.request.user.id).exists()): - proposicao = Proposicao.objects.get( - id=self.kwargs['pk'], - autor__user_id=self.request.user.id) - if (not proposicao.data_recebimento or - proposicao.data_devolucao): - return True - else: - msg = _('Essa proposição já foi recebida. ' + - 'Não pode mais ser editada') - messages.add_message(self.request, messages.ERROR, msg) - return False - else: + if not self.request.user.has_perms(perms): return False + if (Proposicao.objects.filter( + id=self.kwargs['pk'], + autor__user_id=self.request.user.id).exists()): + proposicao = Proposicao.objects.get( + id=self.kwargs['pk'], + autor__user_id=self.request.user.id) + if (not proposicao.data_recebimento or + proposicao.data_devolucao): + return True + else: + msg = _('Essa proposição já foi recebida. ' + + 'Não pode mais ser editada') + messages.add_message(self.request, messages.ERROR, msg) + return False + class DetailView(PermissionRequiredMixin, CrudDetailView): permission_required = permissoes_autor() def has_permission(self): perms = self.get_permission_required() - if self.request.user.has_perms(perms): - if (Proposicao.objects.filter( - id=self.kwargs['pk'], - autor__user_id=self.request.user.id).exists()): - return True - else: - return False - else: + if not self.request.user.has_perms(perms): return False + return (Proposicao.objects.filter( + id=self.kwargs['pk'], + autor__user_id=self.request.user.id).exists()) + class ListView(PermissionRequiredMixin, CrudListView): ordering = ['-data_envio', 'descricao'] permission_required = permissoes_autor() @@ -507,16 +504,13 @@ class ProposicaoCrud(Crud): def has_permission(self): perms = self.get_permission_required() - if self.request.user.has_perms(perms): - if (Proposicao.objects.filter( - id=self.kwargs['pk'], - autor__user_id=self.request.user.id).exists()): - return True - else: - return False - else: + if not self.request.user.has_perms(perms): return False + return (Proposicao.objects.filter( + id=self.kwargs['pk'], + autor__user_id=self.request.user.id).exists()) + def delete(self, request, *args, **kwargs): proposicao = Proposicao.objects.get(id=self.kwargs['pk']) From ee2e0b38db1b9b674eb9011c3e4d1519112fd3c3 Mon Sep 17 00:00:00 2001 From: Eduardo Calil Date: Wed, 14 Sep 2016 08:24:33 -0300 Subject: [PATCH 7/7] Otimizacao de codigo de autorizacao em recibo de proposicao --- sapl/materia/views.py | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/sapl/materia/views.py b/sapl/materia/views.py index f8160db5f..4f7966118 100644 --- a/sapl/materia/views.py +++ b/sapl/materia/views.py @@ -541,16 +541,13 @@ class ReciboProposicaoView(TemplateView): def has_permission(self): perms = self.get_permission_required() - if self.request.user.has_perms(perms): - if (Proposicao.objects.filter( - id=self.kwargs['pk'], - autor__user_id=self.request.user.id).exists()): - return True - else: - return False - else: + if not self.request.user.has_perms(perms): return False + return (Proposicao.objects.filter( + id=self.kwargs['pk'], + autor__user_id=self.request.user.id).exists()) + def get_context_data(self, **kwargs): context = super(ReciboProposicaoView, self).get_context_data( **kwargs)