From f576985cc921b2d2cc206ca03b4366c9f96fcb3e Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Mon, 29 Apr 2019 20:07:18 +0200 Subject: [PATCH] remove django guardian and check application access via PolicyEngine --- passbook/core/requirements.txt | 2 +- passbook/core/views/overview.py | 12 +++++++++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/passbook/core/requirements.txt b/passbook/core/requirements.txt index 782bc5b103..b3ddc9a87b 100644 --- a/passbook/core/requirements.txt +++ b/passbook/core/requirements.txt @@ -1,6 +1,5 @@ celery colorlog -django-guardian django-ipware django-model-utils django-redis @@ -13,3 +12,4 @@ PyYAML sentry-sdk pip whitenoise +urllib3<1.25,>=1.21.1 diff --git a/passbook/core/views/overview.py b/passbook/core/views/overview.py index 7c85b3d63b..76bb2cbc1c 100644 --- a/passbook/core/views/overview.py +++ b/passbook/core/views/overview.py @@ -2,7 +2,8 @@ from django.contrib.auth.mixins import LoginRequiredMixin from django.views.generic import TemplateView -from guardian.shortcuts import get_objects_for_user +from passbook.core.models import Application +from passbook.core.policies import PolicyEngine class OverviewView(LoginRequiredMixin, TemplateView): @@ -12,6 +13,11 @@ class OverviewView(LoginRequiredMixin, TemplateView): template_name = 'overview/index.html' def get_context_data(self, **kwargs): - kwargs['applications'] = get_objects_for_user(self.request.user, - 'passbook_core.view_application') + kwargs['applications'] = [] + for application in Application.objects.all(): + engine = PolicyEngine(application.policies.all()) + engine.for_user(self.request.user).with_request(self.request) + engine.build() + if engine.passing: + kwargs['applications'].append(application) return super().get_context_data(**kwargs)