models,views: compute limitations by unioning with limitations from delegators
Only if the delegate had no limitation before the delegation, then no limitation is applied to him. fixes #3587
This commit is contained in:
parent
0bc9c7e93c
commit
78ac477e6e
|
@ -548,7 +548,10 @@ class MailingListManager(GetByNameManager):
|
|||
return self.filter(is_active=True)
|
||||
|
||||
def is_member_of(self, user):
|
||||
lists = set(MailingList.objects.filter(members=user))
|
||||
return self.are_member_of([user])
|
||||
|
||||
def are_member_of(self, users):
|
||||
lists = set(MailingList.objects.filter(members__in=users))
|
||||
count = len(lists)
|
||||
while True: # accumulate lists until it grows no more
|
||||
lists |= set(MailingList.objects.filter(mailing_list_members__in=lists))
|
||||
|
|
|
@ -91,21 +91,36 @@ def get_file_form_kwargs(request):
|
|||
|
||||
|
||||
def get_filetype_limitation(user):
|
||||
# find delegation relations
|
||||
if is_guest(user):
|
||||
user = user.delegations_by.get().by
|
||||
delegators = []
|
||||
else:
|
||||
delegators = User.objects.filter(
|
||||
Q(id=user.id) |
|
||||
Q(delegations_to__to=user)).distinct()
|
||||
# if user has basically no limitation, do not limit him
|
||||
user_lists = MailingList.objects.is_member_of(user)
|
||||
return FileType.objects \
|
||||
own_limitations = FileType.objects \
|
||||
.filter(filetype_limitation__mailing_list__in=user_lists) \
|
||||
.distinct() \
|
||||
.order_by('name')
|
||||
if not own_limitations.exists():
|
||||
return FileType.objects.none()
|
||||
if delegators:
|
||||
user_lists = MailingList.objects.are_member_of([user] + list(delegators))
|
||||
return FileType.objects \
|
||||
.filter(filetype_limitation__mailing_list__in=user_lists) \
|
||||
.distinct() \
|
||||
.order_by('name')
|
||||
else:
|
||||
return own_limitations
|
||||
|
||||
|
||||
@login_required
|
||||
@never_cache
|
||||
def send_file(request, file_type_id):
|
||||
file_type = get_object_or_404(FileType, id=file_type_id)
|
||||
limitations = get_filetype_limitation(request.user)
|
||||
if limitations:
|
||||
if not limitations.filter(id=file_type.id).exists():
|
||||
return redirect('send-file-selector')
|
||||
reply_to = None
|
||||
if 'reply_to' in request.GET:
|
||||
reply_to = get_mailbox(request, request.GET['reply_to'])
|
||||
|
@ -117,6 +132,10 @@ def send_file(request, file_type_id):
|
|||
delegators = User.objects.filter(
|
||||
Q(id=request.user.id) |
|
||||
Q(delegations_to__to=request.user)).distinct()
|
||||
limitations = get_filetype_limitation(request.user)
|
||||
if limitations:
|
||||
if not limitations.filter(id=file_type.id).exists():
|
||||
return redirect('send-file-selector')
|
||||
if request.method == 'POST':
|
||||
if 'send' not in request.POST:
|
||||
return redirect('outbox')
|
||||
|
|
Loading…
Reference in New Issue