django-helpdesk/helpdesk/user.py

79 lines
2.6 KiB
Python
Raw Normal View History

2019-10-11 17:12:39 +02:00
from helpdesk.models import (
Ticket,
2020-01-27 17:37:59 +01:00
Queue,
KBCategory,
2019-10-11 17:12:39 +02:00
)
from helpdesk import settings as helpdesk_settings
2020-01-27 17:37:59 +01:00
def huser_from_request(req):
return HelpdeskUser(req.user)
2019-10-11 17:12:39 +02:00
class HelpdeskUser:
def __init__(self, user):
self.user = user
def get_queues(self):
"""Return the list of Queues the user can access.
:param user: The User (the class should have the has_perm method)
:return: A Python list of Queues
"""
user = self.user
all_queues = Queue.objects.all()
public_ids = [q.pk for q in
Queue.objects.filter(allow_public_submission=True)]
limit_queues_by_user = \
helpdesk_settings.HELPDESK_ENABLE_PER_QUEUE_STAFF_PERMISSION \
and not user.is_superuser
if limit_queues_by_user:
id_list = [q.pk for q in all_queues if user.has_perm(q.permission_name)]
id_list += public_ids
return all_queues.filter(pk__in=id_list)
else:
return all_queues
2020-01-27 17:37:59 +01:00
def get_kb_categories(self):
categories = []
for cat in KBCategory.objects.all():
if self.can_access_kbcategory(cat):
categories.append(cat)
return categories
2019-10-11 17:12:39 +02:00
def get_tickets_in_queues(self):
return Ticket.objects.filter(queue__in=self.get_queues())
2020-01-27 17:37:59 +01:00
def has_full_access(self):
return self.user.is_superuser or self.user.is_staff
2019-10-11 17:12:39 +02:00
def can_access_queue(self, queue):
"""Check if a certain user can access a certain queue.
:param user: The User (the class should have the has_perm method)
:param queue: The django-helpdesk Queue instance
:return: True if the user has permission (either by default or explicitly), false otherwise
"""
2020-01-27 17:37:59 +01:00
if self.has_full_access():
2019-10-11 17:12:39 +02:00
return True
else:
2020-01-27 17:37:59 +01:00
return helpdesk_settings.HELPDESK_ENABLE_PER_QUEUE_STAFF_PERMISSION and self.user.has_perm(queue.permission_name)
2019-10-11 17:12:39 +02:00
def can_access_ticket(self, ticket):
"""Check to see if the user has permission to access
a ticket. If not then deny access."""
user = self.user
if self.can_access_queue(ticket.queue):
return True
2020-01-27 17:37:59 +01:00
elif self.has_full_access() or \
(ticket.assigned_to and user.id == ticket.assigned_to.id):
2019-10-11 17:12:39 +02:00
return True
else:
return False
2020-01-27 17:37:59 +01:00
def can_access_kbcategory(self, category):
if category.public:
return True
return self.has_full_access() or (category.queue and self.can_access_queue(category.queue))