models,views: compute limitations by unioning with limitations from delegators

Only if the delegate had no limitation before the delegation, then no
limitation is applied to him.

fixes #3587
This commit is contained in:
Benjamin Dauvergne 2013-09-11 12:19:52 +02:00
parent 0bc9c7e93c
commit 78ac477e6e
2 changed files with 28 additions and 6 deletions

View File

@ -548,7 +548,10 @@ class MailingListManager(GetByNameManager):
return self.filter(is_active=True)
def is_member_of(self, user):
lists = set(MailingList.objects.filter(members=user))
return self.are_member_of([user])
def are_member_of(self, users):
lists = set(MailingList.objects.filter(members__in=users))
count = len(lists)
while True: # accumulate lists until it grows no more
lists |= set(MailingList.objects.filter(mailing_list_members__in=lists))

View File

@ -91,21 +91,36 @@ def get_file_form_kwargs(request):
def get_filetype_limitation(user):
# find delegation relations
if is_guest(user):
user = user.delegations_by.get().by
delegators = []
else:
delegators = User.objects.filter(
Q(id=user.id) |
Q(delegations_to__to=user)).distinct()
# if user has basically no limitation, do not limit him
user_lists = MailingList.objects.is_member_of(user)
return FileType.objects \
own_limitations = FileType.objects \
.filter(filetype_limitation__mailing_list__in=user_lists) \
.distinct() \
.order_by('name')
if not own_limitations.exists():
return FileType.objects.none()
if delegators:
user_lists = MailingList.objects.are_member_of([user] + list(delegators))
return FileType.objects \
.filter(filetype_limitation__mailing_list__in=user_lists) \
.distinct() \
.order_by('name')
else:
return own_limitations
@login_required
@never_cache
def send_file(request, file_type_id):
file_type = get_object_or_404(FileType, id=file_type_id)
limitations = get_filetype_limitation(request.user)
if limitations:
if not limitations.filter(id=file_type.id).exists():
return redirect('send-file-selector')
reply_to = None
if 'reply_to' in request.GET:
reply_to = get_mailbox(request, request.GET['reply_to'])
@ -117,6 +132,10 @@ def send_file(request, file_type_id):
delegators = User.objects.filter(
Q(id=request.user.id) |
Q(delegations_to__to=request.user)).distinct()
limitations = get_filetype_limitation(request.user)
if limitations:
if not limitations.filter(id=file_type.id).exists():
return redirect('send-file-selector')
if request.method == 'POST':
if 'send' not in request.POST:
return redirect('outbox')