From 78ac477e6e0eb37d0e6937046ac90cc3689af821 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Wed, 11 Sep 2013 12:19:52 +0200
Subject: [PATCH] models,views: compute limitations by unioning with
 limitations from delegators

Only if the delegate had no limitation before the delegation, then no
limitation is applied to him.

fixes #3587
---
 docbow_project/docbow/models.py |  5 ++++-
 docbow_project/docbow/views.py  | 29 ++++++++++++++++++++++++-----
 2 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/docbow_project/docbow/models.py b/docbow_project/docbow/models.py
index 169bdfc..e797f58 100644
--- a/docbow_project/docbow/models.py
+++ b/docbow_project/docbow/models.py
@@ -548,7 +548,10 @@ class MailingListManager(GetByNameManager):
         return self.filter(is_active=True)
 
     def is_member_of(self, user):
-        lists = set(MailingList.objects.filter(members=user))
+        return self.are_member_of([user])
+
+    def are_member_of(self, users):
+        lists = set(MailingList.objects.filter(members__in=users))
         count = len(lists)
         while True: # accumulate lists until it grows no more
             lists |= set(MailingList.objects.filter(mailing_list_members__in=lists))
diff --git a/docbow_project/docbow/views.py b/docbow_project/docbow/views.py
index 87178fb..1bf28b2 100644
--- a/docbow_project/docbow/views.py
+++ b/docbow_project/docbow/views.py
@@ -91,21 +91,36 @@ def get_file_form_kwargs(request):
 
 
 def get_filetype_limitation(user):
+    # find delegation relations
+    if is_guest(user):
+        user = user.delegations_by.get().by
+        delegators = []
+    else:
+        delegators = User.objects.filter(
+                Q(id=user.id) |
+                Q(delegations_to__to=user)).distinct()
+    # if user has basically no limitation, do not limit him
     user_lists = MailingList.objects.is_member_of(user)
-    return FileType.objects \
+    own_limitations = FileType.objects \
             .filter(filetype_limitation__mailing_list__in=user_lists) \
             .distinct() \
             .order_by('name')
+    if not own_limitations.exists():
+        return FileType.objects.none()
+    if delegators:
+        user_lists = MailingList.objects.are_member_of([user] + list(delegators))
+        return FileType.objects \
+                .filter(filetype_limitation__mailing_list__in=user_lists) \
+                .distinct() \
+                .order_by('name')
+    else:
+        return own_limitations
 
 
 @login_required
 @never_cache
 def send_file(request, file_type_id):
     file_type = get_object_or_404(FileType, id=file_type_id)
-    limitations = get_filetype_limitation(request.user)
-    if limitations:
-        if not limitations.filter(id=file_type.id).exists():
-            return redirect('send-file-selector')
     reply_to = None
     if 'reply_to' in request.GET:
         reply_to = get_mailbox(request, request.GET['reply_to'])
@@ -117,6 +132,10 @@ def send_file(request, file_type_id):
         delegators = User.objects.filter(
                 Q(id=request.user.id) |
                 Q(delegations_to__to=request.user)).distinct()
+    limitations = get_filetype_limitation(request.user)
+    if limitations:
+        if not limitations.filter(id=file_type.id).exists():
+            return redirect('send-file-selector')
     if request.method == 'POST':
         if 'send' not in request.POST:
             return redirect('outbox')