vperms.perms -> visit_perms

backend/mixins.py

@@ -94,13 +94,12 @@ class VisitPersonMixin(VisitorMixin):
 
     def check_permissions(self):
         super(VisitPersonMixin, self).check_permissions()
-        if self.require_visit_perms and self.require_visit_perms not in self.visit_perms.perms:
+        if self.require_visit_perms and self.require_visit_perms not in self.visit_perms:
             raise PermissionDenied
 
     def get_context_data(self, **kw):
         ctx = super(VisitPersonMixin, self).get_context_data(**kw)
         ctx["person"] = self.person
-        ctx["vperms"] = self.visit_perms
         ctx["visit_perms"] = self.visit_perms
         return ctx
 

backend/models.py

@@ -32,12 +32,7 @@ class Permissions(set):
     """
     Set of strings, each string represent a permission
     """
-    @property
-    def perms(self):
-        """
-        Compatibility property for old code doing if "foo" in vperms.perms
-        """
-        return self
+    pass
 
 
 class VisitorPermissions(Permissions):

backend/tests/test_perms.py

@@ -126,29 +126,29 @@ class TestVisitPersonNoProcess(OldProcessFixtureMixin, TestVisitPersonMixin, Tes
         other_visitors.add(None)
         for visitor, expected_perms in perms.perms.items():
             other_visitors.discard(visitor)
-            vperms = self.persons[visited].permissions_of(self.persons[visitor])
+            visit_perms = self.persons[visited].permissions_of(self.persons[visitor])
             self.assertPermsEqual(
                 "{} visiting {}".format(visitor, visited), "permissions",
-                expected_perms, vperms.perms)
+                expected_perms, visit_perms)
         for visitor in other_visitors:
-            vperms = self.persons[visited].permissions_of(self.persons[visitor] if visitor else None)
+            visit_perms = self.persons[visited].permissions_of(self.persons[visitor] if visitor else None)
             self.assertPermsEqual(
                 "{} visiting {}".format(visitor, visited), "permissions",
-                [], vperms.perms)
+                [], visit_perms)
 
         other_visitors = set(self.persons.keys())
         other_visitors.add(None)
         for visitor, expected_targets in perms.advs.items():
             other_visitors.discard(visitor)
-            vperms = self.persons[visited].permissions_of(self.persons[visitor])
+            visit_perms = self.persons[visited].permissions_of(self.persons[visitor])
             self.assertPermsEqual(
                 "{} advocating {}".format(visitor, visited), "target",
-                    expected_targets, vperms.advocate_targets)
+                    expected_targets, visit_perms.advocate_targets)
         for visitor in other_visitors:
-            vperms = self.persons[visited].permissions_of(self.persons[visitor] if visitor else None)
+            visit_perms = self.persons[visited].permissions_of(self.persons[visitor] if visitor else None)
             self.assertPermsEqual(
                 "{} advocating {}".format(visitor, visited), "target",
-                [], vperms.advocate_targets)
+                [], visit_perms.advocate_targets)
 
 
 class TestVisitApplicant(OldProcessFixtureMixin, TestVisitPersonMixin, TestCase):
@@ -157,29 +157,29 @@ class TestVisitApplicant(OldProcessFixtureMixin, TestVisitPersonMixin, TestCase)
         other_visitors.add(None)
         for visitor, expected_perms in perms.perms.items():
             other_visitors.discard(visitor)
-            vperms = self.processes.app.permissions_of(self.persons[visitor])
+            visit_perms = self.processes.app.permissions_of(self.persons[visitor])
             self.assertPermsEqual(
                 "{} visiting app process".format(visitor), "permissions",
-                expected_perms, vperms.perms)
+                expected_perms, visit_perms)
         for visitor in other_visitors:
-            vperms = self.processes.app.permissions_of(self.persons[visitor] if visitor else None)
+            visit_perms = self.processes.app.permissions_of(self.persons[visitor] if visitor else None)
             self.assertPermsEqual(
                 "{} visiting app process".format(visitor), "permissions",
-                [], vperms.perms)
+                [], visit_perms)
 
         other_visitors = set(self.persons.keys())
         other_visitors.add(None)
         for visitor, expected_targets in perms.advs.items():
             other_visitors.discard(visitor)
-            vperms = self.processes.app.permissions_of(self.persons[visitor])
+            visit_perms = self.processes.app.permissions_of(self.persons[visitor])
             self.assertPermsEqual(
                 "{} advocating app".format(visitor), "target",
-                expected_targets, vperms.advocate_targets)
+                expected_targets, visit_perms.advocate_targets)
         for visitor in other_visitors:
-            vperms = self.processes.app.permissions_of(self.persons[visitor] if visitor else None)
+            visit_perms = self.processes.app.permissions_of(self.persons[visitor] if visitor else None)
             self.assertPermsEqual(
                 "{} advocating app".format(visitor), "target",
-                [], vperms.advocate_targets)
+                [], visit_perms.advocate_targets)
 
     def assertApplicantPermsInitialProcess(self, expected):
         for p in (const.PROGRESS_APP_NEW, const.PROGRESS_APP_RCVD, const.PROGRESS_APP_HOLD, const.PROGRESS_ADV_RCVD, const.PROGRESS_POLL_SENT):

fprs/templates/fprs/list.html

@@ -46,9 +46,9 @@
   <tr>
       <td>{{fpr.fpr|fingerprint}}</td>
       <td>
-        {% if "edit_statements" in vperms.perms %}
+        {% if "edit_statements" in visit_perms %}
         <a href="{% url 'fprs_agreement_edit' key=person.lookup_key fpr=fpr.fpr %}">{{fpr.agreement_status}}</a>
-        {% elif "see_statements" in vperms.perms %}
+        {% elif "see_statements" in visit_perms %}
         <a href="{% url 'fprs_agreement_show' key=person.lookup_key fpr=fpr.fpr %}">{{fpr.agreement_status}}</a>
         {% endif %}
         </a>

process/templates/process/show.html

@@ -106,7 +106,7 @@
   <tr><th>FD comments</th><td>{{process.fd_comment}}</td></tr>
   {% endif %}
 
-  {% if "view_mbox" in vperms.perms %}
+  {% if "view_mbox" in visit_perms %}
   <tr>
     <th>Mail archive</th>
     <td>
@@ -139,7 +139,7 @@
 </table>
 
 {% comment %}
-{% if "edit_bio" in vperms.perms or "edit_ldap" in vperms.perms %}
+{% if "edit_bio" in visit_perms or "edit_ldap" in visit_perms %}
 <a href="{% url 'restricted_person' key=person.lookup_key %}">Edit personal information</a>
 {% endif %}
 {% endcomment %}

process/templates/process/statement_table_widget.html

@@ -15,14 +15,14 @@
       <td>{{s.uploaded_time|date:"Y-m-d"}}</td>
       <td>
         <a href="{% url 'process_statement_raw' pk=process.pk type=requirement.type st=s.pk %}">[view raw]</a>
-        {% if "edit_statements" in vperms.perms %}
+        {% if "edit_statements" in visit_perms %}
         <a href="{% url 'process_statement_delete' pk=process.pk type=requirement.type st=s.pk %}">[delete]</a>
         {% endif %}
       </td>
     </tr>
     {% endfor %}
   </tbody>
-  {% if "edit_statements" in vperms.perms %}
+  {% if "edit_statements" in visit_perms %}
   <tfoot>
     <tr>
       <td colspan="3">

process/tests/test_perms.py

@@ -140,19 +140,19 @@ class TestVisitApplicant(ProcessFixtureMixin, TestCase):
     def assertPerms(self, perms):
         # Check advocacy targets
         for visitor in perms.advs.visitors:
-            vperms = self.processes.app.permissions_of(self.persons[visitor])
-            perms.advs.assertEqual(self, visitor, vperms.advocate_targets)
+            visit_perms = self.processes.app.permissions_of(self.persons[visitor])
+            perms.advs.assertEqual(self, visitor, visit_perms.advocate_targets)
         for visitor in perms.advs.select_others(self.persons):
-            vperms = self.processes.app.permissions_of(self.persons[visitor] if visitor else None)
-            perms.advs.assertEmpty(self, visitor, vperms.advocate_targets)
+            visit_perms = self.processes.app.permissions_of(self.persons[visitor] if visitor else None)
+            perms.advs.assertEmpty(self, visitor, visit_perms.advocate_targets)
 
         # Check process permissions
         for visitor in perms.proc.visitors:
-            vperms = self.processes.app.permissions_of(self.persons[visitor])
-            perms.proc.assertEqual(self, visitor, vperms.perms)
+            visit_perms = self.processes.app.permissions_of(self.persons[visitor])
+            perms.proc.assertEqual(self, visitor, visit_perms)
         for visitor in perms.proc.select_others(self.persons):
-            vperms = self.processes.app.permissions_of(self.persons[visitor] if visitor else None)
-            perms.advs.assertEmpty(self, visitor, vperms.perms)
+            visit_perms = self.processes.app.permissions_of(self.persons[visitor] if visitor else None)
+            perms.advs.assertEmpty(self, visitor, visit_perms)
 
         # Check requirements
         for req in ("intent", "sc_dmup", "advocate", "keycheck", "am_ok"):
@@ -162,11 +162,11 @@ class TestVisitApplicant(ProcessFixtureMixin, TestCase):
 
             requirement = pmodels.Requirement.objects.get(process=self.processes.app, type=req)
             for visitor in wanted.visitors:
-                vperms = requirement.permissions_of(self.persons[visitor])
-                wanted.assertEqual(self, visitor, vperms.perms)
+                visit_perms = requirement.permissions_of(self.persons[visitor])
+                wanted.assertEqual(self, visitor, visit_perms)
             for visitor in wanted.select_others(self.persons):
-                vperms = requirement.permissions_of(self.persons[visitor] if visitor else None)
-                wanted.assertEmpty(self, visitor, vperms.perms)
+                visit_perms = requirement.permissions_of(self.persons[visitor] if visitor else None)
+                wanted.assertEmpty(self, visitor, visit_perms)
 
 
 ##    def assertApplicantPermsInitialProcess(self, expected):

public/templates/public/person.html

@@ -21,7 +21,7 @@
 <a href="{% url 'admin:backend_am_add' %}?person={{person.id}}">make am</a>
 {% endif %}
 {% endif %}
-{% for s in vperms.advocate_targets %}
+{% for s in visit_perms.advocate_targets %}
 {% if s == "dd_u" or s == "dd_nu" %}
 <a href="{% url 'restricted_advocate' key=person.lookup_key applying_for=s %}">advocate for {{s|sdesc_status}}</a>
 {% endif %}
@@ -38,12 +38,12 @@
 
 <table class="personinfo">
     <tr><th>Account name</th><td>{{person.uid|default:"None chosen yet"}}</td></tr>
-    <tr><th>OpenPGP fingerprint</th><td>{{person.fpr|fingerprint}}{% if "edit_ldap" in vperms.perms %} (<a href="{% url 'fprs_person_list' key=person.lookup_key %}">manage</a>){% endif %}</td></tr>
+    <tr><th>OpenPGP fingerprint</th><td>{{person.fpr|fingerprint}}{% if "edit_ldap" in visit_perms %} (<a href="{% url 'fprs_person_list' key=person.lookup_key %}">manage</a>){% endif %}</td></tr>
     <tr><th>Status</th><td>{{person.status|desc_status}} since {{person.status_changed|date:"Y-m-d"}}
     {% if person.changed_before_data_import %}
     (changed before data import)
     {% endif %}
-    {% if "request_new_status" in vperms.perms and person.possible_new_statuses %}(<a href="{% url 'process_create' key=person.lookup_key %}">request new status</a>){% endif %}
+    {% if "request_new_status" in visit_perms and person.possible_new_statuses %}(<a href="{% url 'process_create' key=person.lookup_key %}">request new status</a>){% endif %}
     </td></tr>
     {% if person.pending %}
     <tr><th>Pending</th><td>This is a new entry that requires confirmation before {{person.expires}}. Click <a href="{% url 'public_newnm_resend_challenge' key=person.lookup_key %}">here</a> to send the email challenge again.</td></tr>
@@ -70,7 +70,7 @@
     {% endwith %}
 </table>
 
-{% if "edit_bio" in vperms.perms or "edit_ldap" in vperms.perms %}
+{% if "edit_bio" in visit_perms or "edit_ldap" in visit_perms %}
 <a href="{% url 'restricted_person' key=person.lookup_key %}">edit</a>
 {% endif %}
 

public/templates/public/process.html

@@ -130,15 +130,15 @@ See: <a href="http://lists.debian.org/debian-project/2010/09/msg00026.html">hand
     <tr>
       <th>OpenPGP fingerprint</th>
       <td>
-        {{fpr.fpr|fingerprint}}{% if "edit_ldap" in vperms.perms %} (<a href="{% url 'fprs_person_list' key=person.lookup_key %}">manage</a>){% endif %}
+        {{fpr.fpr|fingerprint}}{% if "edit_ldap" in visit_perms %} (<a href="{% url 'fprs_person_list' key=person.lookup_key %}">manage</a>){% endif %}
         {% if fpr %}
         <small>
         <ul class="packed">
           <li>
             SC/DFSG/DMUP agreement:
-            {% if "edit_statements" in vperms.perms %}
+            {% if "edit_statements" in visit_perms %}
               <a href="{% url 'fprs_agreement_edit' key=person.lookup_key fpr=fpr.fpr %}">{{fpr.agreement_status}}</a>
-            {% elif "see_statements" in vperms.perms %}
+            {% elif "see_statements" in visit_perms %}
               <a href="{% url 'fprs_agreement_show' key=person.lookup_key fpr=fpr.fpr %}">{{fpr.agreement_status}}</a>
             {% else %}
               {{fpr.agreement_status}}
@@ -146,7 +146,7 @@ See: <a href="http://lists.debian.org/debian-project/2010/09/msg00026.html">hand
           </li>
           {% if keycheck %}
           <li>Main key: <i>{{keycheck.main.remarks}}</i> (last updated: {{keycheck.updated|date:"Y-m-d H:i T"}})
-            {% if "update_keycheck" in vperms.perms %}
+            {% if "update_keycheck" in visit_perms %}
             <form class="inline" action="{% url 'public_process_update_keycheck' key=process.lookup_key %}" method="POST">{% csrf_token %}
               <button type="submit">Update</button>
             </form>
@@ -175,7 +175,7 @@ See: <a href="http://lists.debian.org/debian-project/2010/09/msg00026.html">hand
     {% if visitor.is_admin %}
     <tr><th>FD comments</th><td>{{person.fd_comment}}</td></tr>
     {% endif %}
-    {% if "view_mbox" in vperms.perms %}
+    {% if "view_mbox" in visit_perms %}
     <tr><th>Mail archive</th>
         <td>
             <tt><a href="mailto:{{process.archive_email}}">{{process.archive_email}}</a></tt>
@@ -201,7 +201,7 @@ See: <a href="http://lists.debian.org/debian-project/2010/09/msg00026.html">hand
     {% endif %}
     {% endif %}
 </table>
-{% if "edit_bio" in vperms.perms or "edit_ldap" in vperms.perms %}
+{% if "edit_bio" in visit_perms or "edit_ldap" in visit_perms %}
 <a href="{% url 'restricted_person' key=person.lookup_key %}">Edit personal information</a>
 {% endif %}
 

public/views.py

@@ -141,7 +141,7 @@ class Process(VisitProcessTemplateView):
         # Process form ASAP, so we compute the rest with updated values
         am = self.visitor.am_or_none if self.visitor else None
         if am and (self.process.manager == am or am.is_admin) and (
-            "edit_bio" in self.visit_perms.perms or "edit_ldap" in self.visit_perms.perms):
+            "edit_bio" in self.visit_perms or "edit_ldap" in self.visit_perms):
             StatusUpdateForm = make_statusupdateform(am)
             form = StatusUpdateForm(initial=dict(progress=self.process.progress))
         else:
@@ -510,7 +510,7 @@ class Person(VisitPersonTemplateView):
             am_processes = []
 
         audit_log = []
-        if "view_person_audit_log" in self.visit_perms.perms:
+        if "view_person_audit_log" in self.visit_perms:
             is_admin = self.visitor.is_admin
             for e in self.person.audit_log.order_by("-logdate"):
                 if is_admin:

restricted/templates/restricted/person.html

@@ -22,7 +22,7 @@
     <input type="submit" value="Submit" />
 </form>
 
-{% if "edit_ldap" not in vperms.perms %}
+{% if "edit_ldap" not in visit_perms %}
 <p>
 Name, uid and email cannot be changed here:<br>
 Either {{person.fullname}} already has an LDAP record (<tt>finger

restricted/views.py

 # coding: utf8
-# nm.debian.org AM interaction
-#
-# Copyright (C) 2013--2015  Enrico Zini <enrico@debian.org>
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
 from __future__ import print_function
 from __future__ import absolute_import
 from __future__ import division
@@ -26,14 +10,14 @@ from django.contrib.auth.decorators import login_required
 from django.utils.translation import ugettext as _
 from django.core.urlresolvers import reverse
 from django.core.exceptions import PermissionDenied
-from django.views.generic import View
+from django.views.generic import View, TemplateView
 from django.views.generic.edit import FormView
 from django.utils.timezone import now
 from django.db import transaction
 import backend.models as bmodels
 import minechangelogs.models as mmodels
 from backend import const
-from backend.mixins import VisitorMixin, VisitPersonMixin, VisitorTemplateView, VisitPersonTemplateView
+from backend.mixins import VisitorMixin, VisitPersonMixin, VisitorTemplateView, VisitPersonTemplateView, VisitProcessMixin
 import backend.email
 import json
 import datetime
@@ -460,20 +444,17 @@ def _assign_am(request, visitor, nm, am):
         l.logtext = "[%s as %s] %s" % (request.user, visitor.lookup_key, l.logtext)
     l.save()
 
-class MailArchive(VisitorMixin, View):
-    def get(self, request, key, *args, **kw):
-        process = bmodels.Process.lookup_or_404(key)
-        vperms = process.permissions_of(self.visitor)
 
-        if "view_mbox" not in vperms.perms:
-            raise PermissionDenied
+class MailArchive(VisitProcessMixin, View):
+    require_visit_perms = "view_mbox"
 
-        fname = process.mailbox_file
+    def get(self, request, key, *args, **kw):
+        fname = self.process.mailbox_file
         if fname is None:
             from django.http import Http404
             raise Http404
 
-        user_fname = "%s.mbox" % (process.person.uid or process.person.email)
+        user_fname = "%s.mbox" % (self.process.person.uid or self.process.person.email)
 
         res = http.HttpResponse(content_type="application/octet-stream")
         res["Content-Disposition"] = "attachment; filename=%s.gz" % user_fname
@@ -491,27 +472,24 @@ class MailArchive(VisitorMixin, View):
             outfd.close()
         return res
 
-class DisplayMailArchive(VisitorTemplateView):
+
+class DisplayMailArchive(VisitProcessMixin, TemplateView):
     template_name = "restricted/display-mail-archive.html"
+    require_visit_perms = "view_mbox"
+
     def get_context_data(self, **kw):
         ctx = super(DisplayMailArchive, self).get_context_data(**kw)
-        key = self.kwargs["key"]
-        process = bmodels.Process.lookup_or_404(key)
-        vperms = process.permissions_of(self.visitor)
-
-        if "view_mbox" not in vperms.perms:
-            raise PermissionDenied
 
-        fname = process.mailbox_file
+        fname = self.process.mailbox_file
         if fname is None:
             from django.http import Http404
             raise Http404
 
         ctx["mails"] = backend.email.get_mbox_as_dicts(fname)
-        ctx["process"] = process
         ctx["class"] = "clickable"
         return ctx
 
+
 class AssignAM(VisitorTemplateView):
     template_name = "restricted/assign-am.html"
     require_visitor = "admin"
@@ -540,6 +518,7 @@ class AssignAM(VisitorTemplateView):
         _assign_am(request, self.visitor, process, am)
         return redirect(process.get_absolute_url())
 
+
 class MailboxStats(VisitorTemplateView):
     template_name = "restricted/mailbox-stats.html"
     require_visitor = "admin"