forked from extern/django-helpdesk
88 lines
2.9 KiB
Python
88 lines
2.9 KiB
Python
from helpdesk.models import (
|
|
Ticket,
|
|
Queue,
|
|
KBCategory,
|
|
KBItem,
|
|
)
|
|
|
|
from helpdesk import settings as helpdesk_settings
|
|
|
|
|
|
def huser_from_request(req):
|
|
return HelpdeskUser(req.user)
|
|
|
|
|
|
class HelpdeskUser:
|
|
def __init__(self, user):
|
|
self.user = user
|
|
|
|
def get_queues(self):
|
|
"""Return the list of Queues the user can access.
|
|
|
|
:param user: The User (the class should have the has_perm method)
|
|
:return: A Python list of Queues
|
|
"""
|
|
user = self.user
|
|
all_queues = Queue.objects.all()
|
|
public_ids = [q.pk for q in
|
|
Queue.objects.filter(allow_public_submission=True)]
|
|
limit_queues_by_user = \
|
|
helpdesk_settings.HELPDESK_ENABLE_PER_QUEUE_STAFF_PERMISSION \
|
|
and not user.is_superuser
|
|
if limit_queues_by_user:
|
|
id_list = [q.pk for q in all_queues if user.has_perm(q.permission_name)]
|
|
id_list += public_ids
|
|
return all_queues.filter(pk__in=id_list)
|
|
else:
|
|
return all_queues
|
|
|
|
def get_allowed_kb_categories(self):
|
|
categories = []
|
|
for cat in KBCategory.objects.all():
|
|
if self.can_access_kbcategory(cat):
|
|
categories.append(cat)
|
|
return categories
|
|
|
|
def get_assigned_kb_items(self):
|
|
kbitems = []
|
|
for item in KBItem.objects.all():
|
|
if item.team and item.team.is_member(self.user):
|
|
kbitems.append(item)
|
|
return kbitems
|
|
|
|
def get_tickets_in_queues(self):
|
|
return Ticket.objects.filter(queue__in=self.get_queues())
|
|
|
|
def has_full_access(self):
|
|
return self.user.is_superuser or self.user.is_staff \
|
|
or helpdesk_settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE
|
|
|
|
def can_access_queue(self, queue):
|
|
"""Check if a certain user can access a certain queue.
|
|
|
|
:param user: The User (the class should have the has_perm method)
|
|
:param queue: The django-helpdesk Queue instance
|
|
:return: True if the user has permission (either by default or explicitly), false otherwise
|
|
"""
|
|
if self.has_full_access():
|
|
return True
|
|
else:
|
|
return helpdesk_settings.HELPDESK_ENABLE_PER_QUEUE_STAFF_PERMISSION and self.user.has_perm(queue.permission_name)
|
|
|
|
def can_access_ticket(self, ticket):
|
|
"""Check to see if the user has permission to access
|
|
a ticket. If not then deny access."""
|
|
user = self.user
|
|
if self.can_access_queue(ticket.queue):
|
|
return True
|
|
elif self.has_full_access() or \
|
|
(ticket.assigned_to and user.id == ticket.assigned_to.id):
|
|
return True
|
|
else:
|
|
return False
|
|
|
|
def can_access_kbcategory(self, category):
|
|
if category.public:
|
|
return True
|
|
return self.has_full_access() or (category.queue and self.can_access_queue(category.queue))
|