From d2f0800a26f60f15455a9df0c85278b531b21615 Mon Sep 17 00:00:00 2001
From: Erwan Rouchet <rouchet@teklia.com>
Date: Wed, 12 Sep 2018 14:15:20 +0200
Subject: [PATCH] Remove filtering for admins
---
arkindex/dataimport/api.py | 26 +++++++++++++++++---------
1 file changed, 17 insertions(+), 9 deletions(-)
diff --git a/arkindex/dataimport/api.py b/arkindex/dataimport/api.py
index e2af85ac89..bf764b476f 100644
--- a/arkindex/dataimport/api.py
+++ b/arkindex/dataimport/api.py
@@ -41,7 +41,8 @@ class DataImportsList(CorpusACLMixin, ListCreateAPIView):
if serializer.validated_data['mode'] not in (DataImportMode.Images, ):
raise ValidationError('Unsupported mode for now, sorry.')
- if Right.Write not in serializer.validated_data['corpus'].get_acl_rights(self.request.user):
+ if not self.request.user.is_admin and \
+ Right.Write not in serializer.validated_data['corpus'].get_acl_rights(self.request.user):
raise PermissionDenied
return super().perform_create(serializer)
@@ -60,7 +61,8 @@ class DataImportDetails(RetrieveUpdateDestroyAPIView):
def perform_update(self, serializer):
dataimport = serializer.instance
- if Right.Write not in dataimport.corpus.get_acl_rights(self.request.user):
+ if not self.request.user.is_admin and \
+ Right.Write not in dataimport.corpus.get_acl_rights(self.request.user):
raise PermissionDenied
if dataimport.state not in (DataImportState.Created, DataImportState.Configured):
@@ -84,7 +86,8 @@ class DataImportDetails(RetrieveUpdateDestroyAPIView):
dataimport.save()
def perform_destroy(self, instance):
- if Right.Write not in instance.corpus.get_acl_rights(self.request.user):
+ if not self.request.user.is_admin and \
+ Right.Write not in instance.corpus.get_acl_rights(self.request.user):
raise PermissionDenied
if instance.state == DataImportState.Running:
raise ValidationError("Cannot delete a workflow while it is running")
@@ -133,7 +136,7 @@ class DataImportDemo(CreateAPIView):
volume = get_object_or_404(Element, **filters)
- assert Right.Write in volume.corpus.get_acl_rights(self.request.user), \
+ assert self.request.user.is_admin or Right.Write in volume.corpus.get_acl_rights(self.request.user), \
'Corpus is not writable'
# Start the import
@@ -175,12 +178,14 @@ class DataFileRetrieve(RetrieveUpdateDestroyAPIView):
return DataFile.objects.filter(corpus__in=Corpus.objects.readable(self.request.user))
def perform_update(self, serializer):
- if Right.Write not in serializer.instance.corpus.get_acl_rights(self.request.user):
+ if not self.request.user.is_admin and \
+ Right.Write not in serializer.instance.corpus.get_acl_rights(self.request.user):
raise PermissionDenied
return super().perform_update(serializer)
def perform_destroy(self, instance):
- if Right.Write not in instance.corpus.get_acl_rights(self.request.user):
+ if not self.request.user.is_admin and \
+ Right.Write not in instance.corpus.get_acl_rights(self.request.user):
raise PermissionDenied
return super().perform_destroy(instance)
@@ -201,7 +206,8 @@ class DataFileUpload(APIView):
corpus = corpus_qs.get()
# Check corpus is writable for current user
- if Right.Write not in corpus.get_acl_rights(self.request.user):
+ if not self.request.user.is_admin and \
+ Right.Write not in corpus.get_acl_rights(self.request.user):
raise PermissionDenied
file_obj = request.FILES['file']
@@ -298,12 +304,14 @@ class RepositoryRetrieve(RetrieveUpdateDestroyAPIView):
)
def perform_update(self, serializer):
- if Right.Write not in serializer.instance.corpus.get_acl_rights(self.request.user):
+ if not self.request.user.is_admin and \
+ Right.Write not in serializer.instance.corpus.get_acl_rights(self.request.user):
raise PermissionDenied
return super().perform_update(self, serializer)
def perform_destroy(self, instance):
- if Right.Write not in instance.corpus.get_acl_rights(self.request.user):
+ if not self.request.user.is_admin and \
+ Right.Write not in instance.corpus.get_acl_rights(self.request.user):
raise PermissionDenied
return super().perform_destroy(self, instance)
--
GitLab