diff --git a/metadata_catalogue/nina/rules.py b/metadata_catalogue/nina/rules.py new file mode 100644 index 0000000..b290ea7 --- /dev/null +++ b/metadata_catalogue/nina/rules.py @@ -0,0 +1,19 @@ +import rules + +from .conf import settings + + +@rules.predicate +def always_visible(user, object): + return True + + +@rules.predicate +def is_project_owner(user, object): + return user in object.members.all() + + +rules.add_perm("nina.project_view", always_visible) +rules.add_perm("nina.project_edit", is_project_owner | rules.is_staff) +rules.add_perm("nina.project_add", rules.is_staff) +rules.add_perm("nina.project_delete", rules.is_staff) diff --git a/metadata_catalogue/nina/views.py b/metadata_catalogue/nina/views.py index 35eca99..34e9837 100644 --- a/metadata_catalogue/nina/views.py +++ b/metadata_catalogue/nina/views.py @@ -1,7 +1,8 @@ from typing import Any -from django.views.generic import DetailView, ListView +from django.views.generic import DetailView, ListView, UpdateView from django_filters.views import FilterView +from rules.contrib.views import PermissionRequiredMixin from metadata_catalogue.projects import views @@ -15,8 +16,10 @@ class ProjectListView(FilterView): filterset_class = ProjectFilter -class ProjectUpdateView(views.ProjectUpdateView): +class ProjectUpdateView(PermissionRequiredMixin, UpdateView): fields = ["description", "tags", "topics"] + model = Project + permission_required = "nina.project_edit" class ProjectDetailView(views.ProjectDetailView): diff --git a/metadata_catalogue/templates/nina/project_detail.html b/metadata_catalogue/templates/nina/project_detail.html index 688dfdb..e2aff91 100644 --- a/metadata_catalogue/templates/nina/project_detail.html +++ b/metadata_catalogue/templates/nina/project_detail.html @@ -1,5 +1,8 @@ {% extends 'base.html' %} +{% load rules %} + +{% has_perm 'nina.edit_project' request.user object as can_edit %} {% block content %}
{{ object.description|default_if_none:"No description" }}
@@ -43,8 +46,10 @@