I'm learning django viewflow (non-Pro) and the all processes that I've been creating works for superuser users only
Is that normal?
Thanks, José.-
Edit 2: My specific problem is that my user can start the process, but he can't continue it (can't see the "otro_paso" task. See the code below), only if he's not superuser. When I cnange him to superuser, works.. why??
Edit 1: I'm using django-material auto-generated forms
A way to make it work is implementing custom views, making the permission validation programmatically
Edit 3:
Here's the flows.py part:
#frontend.register
class Flujo_Proceso_Recursos_fisicos(Flow):
process_class = Proceso_Recursos_fisicos
process_title = 'Recursos físicos'
process_description = 'Registro de recursos físicos'
inicio = flow.Start(
CreateProcessView,
fields=['anio'],
task_title='Iniciar'
).Available(
username='jose'
).Permission(
'helloworld.puede_participar_biblioteca'
).Next(this.otro_paso)
otro_paso = flow.View(
UpdateProcessView,
fields=['campus'],
task_title='Campus',
task_description= "Completar campus",
).Permission(
'helloworld.puede_participar_biblioteca'
).Assign(
username='jose'
).Next(this.fin)
fin = flow.End(
task_title='Finalizado',
)
To make a task available for a user, you need to auto-assign it with flow.View(..).Assign(...) or provide permission that would make this task available for a user - flow.View(..).Permission(..)
For the reference, you can check the demos
https://github.com/viewflow/viewflow/blob/master/demo/helloworld/flows.py#L42
https://github.com/viewflow/viewflow/blob/master/demo/shipment/flows.py#L28
Related
It is a very specific question regarding Flask-appbuilder. During my development, I found FAB's ModelView is suitable for admin role, but need more user logic handlers/views for complex designs.
There is a many to many relationship between devices and users, since each device could be shared between many users, and each user could own many device. So there is a secondary table called accesses, describes the access control between devices and users. In this table, I add "isHost" to just if the user owns the device. Therefore, we have two roles: host and (regular) user. However, these roles are not two roles defined as other applications, since one man can be either host or user in same time. In a very simple application, enforce the user to switch two roles are not very convinient. That makes things worse.
Anyway, I need design some custom handlers with traditional Flask/Jinja2 templates. For example:
class PageView(ModelView):
# FAB default URL: "/pageview/list"
datamodel = SQLAInterface(Page)
list_columns = ['name', 'date', 'get_url']
#expose("/p/<string:url>")
def p(self, url):
title = urllib.unquote(url)
r = db.session.query(Page).filter_by(name = title).first()
if r:
md = r.markdown
parser = mistune.Markdown()
body = parser(md)
return self.render_template('page.html', title = title, body = body)
else:
return self.render_template('404.html'), 404
Above markdown page URL is simple, since it is a seperate UI. But if I goes to DeviceView/AccountView/AccessView for list/show/add/edit operations. I realized that I need a unique styles of UI.
So, now how can I reuse the existing templates/widgets of FAB with custom sqlalchemy queries? Here is my code for DeviceView.
class DeviceView(ModelView):
datamodel = SQLAInterface(Device)
related_views = [EventView, AccessView]
show_template = 'appbuilder/general/model/show_cascade.html'
edit_template = 'appbuilder/general/model/edit_cascade.html'
#expose('/host')
#has_access
def host(self):
base_filters = [['name', FilterStartsWith, 'S'],]
#if there is not return, FAB will throw error
return "host view:{}".format(repr(base_filters))
#expose('/my')
#has_access
def my(self):
# A pure testing method
rec = db.session.query(Access).filter_by(id = 1).all()
if rec:
for r in rec:
print "rec, acc:{}, dev:{}, host:{}".format(r.account_id, r.device_id, r.is_host)
return self.render_template('list.html', title = "My Accesses", body = "{}".format(repr(r)))
else:
return repr(None)
Besides sqlalchemy code with render_template(), I guess base_filters can also help to define custom queries, however, I have no idea how to get query result and get them rendered.
Please give me some reference code or example if possible. Actually I have grep keywords of "db.session/render_template/expoaw"in FAB's github sources. But no luck.
I am working with a Delayed Job that, after its completion, sends an email to the admin user that requested it. So, to do this, I need to know who is the admin user that launched it inside the Spree::Order model.
I've tried with try_spree_current_user and spree_current_user but they don't work returning:
NameError (undefined local variable or method `try_spree_current_user' for #<Spree::Order:0x007f93811d7240>):
app/models/spree/order_decorator.rb:30:in `after_cancel'
app/controllers/spree/admin/orders_controller_decorator.rb:4:in `cancel'
Some how you need to make sure that an admin can launch the order:
# Is this user an admin
if spree_current_user.admin?
# Do some delayed job
# send the email
# because spree_current_user.id is the one that sends it
else
flash[:error] = "You need to be an admin to do this."
redirect_back_or_default(spree.root_path)
end
The above should do what you want to do. You need to test if the current user is an admin then do what he/she needs to do.
I'm sure you meant the OrdersController? Not model.
I'm using django 1.6
Now when I define a model, it will create three permissions record for it (can_create, can_update, can_delete).
I'm now adding other permissions on the models (which doesn't matter in this question), and want to make a view to let the user assign them all to users and groups.
Now the problem is:
I want to replace the default name displayed for the three default created permissions.
Is there any way to do this?
Yes there is possibility to create custom permission while creating the models/table in django. But this will create the extra custom permission, by default 3 permission will create i.e( add, change, delete). One can create custom permission by following thing.
class Task(models.Model):
...
class Meta:
permissions = (
("view_task", "Can see available tasks"),
("change_task_status", "Can change the status of tasks"),
("close_task", "Can remove a task by setting its status as closed"),
)
The only thing this does is create those extra permissions when you run manage.py migrate (the function that creates permissions is connected to the post_migrate signal). Your code is in charge of checking the value of these permissions when a user is trying to access the functionality provided by the application (viewing tasks, changing the status of tasks, closing tasks.) Continuing the above example, the following checks if a user may view tasks:
user.has_perm('app.view_task')
One can see the django doc here django permission description
Based on this blog post and this Django ticket, I would say it is not possible and also not advisable to change these codenames (since they are used in the admin). It is however possible to change the human readable name (such as 'Can add permission')
I cannot add comment to the answers already there, hence adding a new answer.
I have been looking for a solution and could not find any. So I just make use of default permissions and use permissions to re-create them and use whatever name and codename you want. Django documentation here
class Foo(models.Model):
title = models.CharField(max_length=250)
class Meta:
default_permissions = ()
permissions = (
("add_foo", "Can add foo"),
("change_foo", "Can change foo"),
("delete_foo", "Can delete foo"),
("view_foo", "Can view foo"),
("list_foo", "Can list all foo")
)
I am new to django/python and working my way through my webapp. I need assistance in solving one of my problems.
In my app, I am planning to assign each user (from auth_user) to one of the group ( from auth_group). Each group can have multiple users. I have entry in auth_group, auth_user and auth_user_groups. Here is my question:
At time of login I want to check that logging user belongs to which group?
I want to keep that group info in session/cache so all pages I can show information about that group only.
If you have any sample code will be great.
Giving support to the very well #trinchet's answer with an example of context_processor code.
Puts inside your webapp a new file called context_processors.py and writes this lines on it:
def user_groups(request):
"""
Add `groups` var to the context with all the
groups the logged in user has, so you can access
in your templates to this var as: {{ groups }}
"""
groups = None
if request.user.is_authenticated():
groups = user.groups
return {'groups': groups}
Finally on your settings.py add 'webbapp.context_processors.user_groups'to TEMPLATE_CONTEXT_PROCESSOR:
TEMPLATE_CONTEXT_PROCESSORS = (
'webbapp.context_processors.user_groups',
)
1) Be user an instance of auth.models.User, you can get all groups the user belong to, through user.groups. If you want to ask at time of login then you should do this in your login view.
2) You can use session or cache approaches to deal with, this is irrelevant, but once you have the group you need to render the pages having this value, i mean, you need to provide the group to the template rendering, to do this I suggest to you using a custom context processor.
Im new to Pimcore and I'm trying to use Zend Auth with pimcore objects. I assume this is a wise approach and it seems more or less logical to me. I've done the initial setup of the object within pimcore itself. Now I'm trying to work out how to connect it to zend auth, that is, for example when I extend zend auth and have my own login function, how do i check if the login is valid in my object?
Does someone have a guide that I could use on this perhaps? otherwise if someone could point me in the right direction that would be great
Jason
You can follow this guide: http://www.pimcore.org/forum/discussion/419/zend_auth_adapter-for-pimcore-objects , it worked well for me.
UPDATE: The link above has been taken away, so laying out the full answer here:
First, you need to put ObjectAdapter.php in website/lib/Website/Auth/ObjectAdapter.php .
Then, this is how you login your user (use as you prefer, for example in your controller init function):
$authAdapter = new Website_Auth_ObjectAdapter('Object_Users', 'o_key', 'password', '/users/');
// The parameters are 1. object you keep your users in, 2. the field that contains their username (I use o_key which is the name of the object itself, to keep unique usernames without fuzz), and 3. the password field in the user object.
// Setup auth adapter
$authAdapter->setIdentity($username)->setCredential($password);
$auth = Zend_Auth::getInstance();
// Authenticate
$result = $auth->authenticate($authAdapter);
if ($result->isValid()) {
// Login successful
} else {
// Login failed
}
To check for a login-session, use:
$this->auth = Zend_Auth::getInstance();
if ($this->auth->hasIdentity()) {
// We have a login session (user is logged in)
$userObject = $this->auth->getIdentity();
}
To kill a session:
Zend_Auth::getInstance()->clearIdentity();