Restructurate code

apps/member/admin.py

@@ -6,7 +6,7 @@ from django.contrib.auth.admin import UserAdmin
 from django.contrib.auth.models import User
 
 from .forms import ProfileForm
-from .models import Club, Membership, Profile, Role, RolePermissions
+from .models import Club, Membership, Profile, Role
 
 
 class ProfileInline(admin.StackedInline):
@@ -40,4 +40,3 @@ admin.site.register(User, CustomUserAdmin)
 admin.site.register(Club)
 admin.site.register(Membership)
 admin.site.register(Role)
-admin.site.register(RolePermissions)

apps/member/backends.py

@@ -1,96 +0,0 @@
-# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-from django.contrib.auth.backends import ModelBackend
-from django.contrib.auth.models import User
-from django.contrib.contenttypes.models import ContentType
-from django.db.models import Q, F
-from note.models import Note, NoteUser, NoteClub, NoteSpecial
-from note_kfet.middlewares import get_current_session
-from permission.models import Permission
-
-from .models import Membership, Club
-
-
-class PermissionBackend(ModelBackend):
-    supports_object_permissions = True
-    supports_anonymous_user = False
-    supports_inactive_user = False
-
-    @staticmethod
-    def permissions(user, model, type):
-        for permission in Permission.objects.annotate(club=F("rolepermissions__role__membership__club")) \
-                .filter(
-            rolepermissions__role__membership__user=user,
-            model__app_label=model.app_label,  # For polymorphic models, we don't filter on model type
-            type=type,
-        ).all():
-            club = Club.objects.get(pk=permission.club)
-            permission = permission.about(
-                user=user,
-                club=club,
-                User=User,
-                Club=Club,
-                Membership=Membership,
-                Note=Note,
-                NoteUser=NoteUser,
-                NoteClub=NoteClub,
-                NoteSpecial=NoteSpecial,
-                F=F,
-                Q=Q
-            )
-            if permission.mask.rank <= get_current_session().get("permission_mask", 0):
-                yield permission
-
-    @staticmethod
-    def filter_queryset(user, model, t, field=None):
-        """
-        Filter a queryset by considering the permissions of a given user.
-        :param user: The owner of the permissions that are fetched
-        :param model: The concerned model of the queryset
-        :param t: The type of modification (view, add, change, delete)
-        :param field: The field of the model to test, if concerned
-        :return: A query that corresponds to the filter to give to a queryset
-        """
-
-        if user.is_superuser and get_current_session().get("permission_mask", 0) >= 42:
-            # Superusers have all rights
-            return Q()
-
-        if not isinstance(model, ContentType):
-            model = ContentType.objects.get_for_model(model)
-
-        # Never satisfied
-        query = Q(pk=-1)
-        perms = PermissionBackend.permissions(user, model, t)
-        for perm in perms:
-            if perm.field and field != perm.field:
-                continue
-            if perm.type != t or perm.model != model:
-                continue
-            perm.update_query()
-            query = query | perm.query
-        return query
-
-    def has_perm(self, user_obj, perm, obj=None):
-        if user_obj.is_superuser and get_current_session().get("permission_mask", 0) >= 42:
-            return True
-
-        if obj is None:
-            return True
-
-        perm = perm.split('.')[-1].split('_', 2)
-        perm_type = perm[0]
-        perm_field = perm[2] if len(perm) == 3 else None
-        ct = ContentType.objects.get_for_model(obj)
-        if any(permission.applies(obj, perm_type, perm_field)
-               for permission in self.permissions(user_obj, ct, perm_type)):
-            return True
-        return False
-
-    def has_module_perms(self, user_obj, app_label):
-        return False
-
-    def get_all_permissions(self, user_obj, obj=None):
-        ct = ContentType.objects.get_for_model(obj)
-        return list(self.permissions(user_obj, ct, "view"))

apps/member/models.py

@@ -162,21 +162,3 @@ class Membership(models.Model):
         verbose_name = _('membership')
         verbose_name_plural = _('memberships')
         indexes = [models.Index(fields=['user'])]
-
-
-class RolePermissions(models.Model):
-    """
-    Permissions associated with a Role
-    """
-    role = models.ForeignKey(
-        Role,
-        on_delete=models.PROTECT,
-        related_name='+',
-        verbose_name=_('role'),
-    )
-    permissions = models.ManyToManyField(
-        'permission.Permission'
-    )
-
-    def __str__(self):
-        return str(self.role)

apps/member/views.py

@@ -25,7 +25,7 @@ from note.models import Alias, NoteUser
 from note.models.transactions import Transaction
 from note.tables import HistoryTable, AliasTable
 
-from .backends import PermissionBackend
+from permission.backends import PermissionBackend
 from .filters import UserFilter, UserFilterFormHelper
 from .forms import SignUpForm, ProfileForm, ClubForm, MembershipForm, MemberFormSet, FormSetHelper, \
     CustomAuthenticationForm