Add user access check for editing/reviewing exams in GenericViewBase
This commit is contained in:
@@ -3125,6 +3125,58 @@ class GenericViewBase:
|
||||
|
||||
self.checker_group = g[app_name]
|
||||
|
||||
def check_user_edit_access(self, user, exam_id=None):
|
||||
"""Check if a user should be able to access editing/reviewing an exam.
|
||||
|
||||
This mirrors the older permission helper used elsewhere in the file but
|
||||
references `self.exam_object` and `self.app_name` (since GenericViewBase
|
||||
is instantiated per app).
|
||||
"""
|
||||
if user.is_superuser:
|
||||
return True
|
||||
|
||||
# If a user is an exam author they should have access
|
||||
if exam_id is not None:
|
||||
exam = get_object_or_404(self.exam_object, pk=exam_id)
|
||||
if user in exam.get_author_objects():
|
||||
return True
|
||||
|
||||
if getattr(exam, "authors_only", False):
|
||||
return False
|
||||
|
||||
# App-specific group checks (require checker role for edit/review)
|
||||
if (
|
||||
self.app_name == "rapids"
|
||||
and not user.groups.filter(name="rapid_checker").exists()
|
||||
):
|
||||
return False
|
||||
if (
|
||||
self.app_name == "anatomy"
|
||||
and not user.groups.filter(name="anatomy_checker").exists()
|
||||
):
|
||||
return False
|
||||
if (
|
||||
self.app_name == "longs"
|
||||
and not user.groups.filter(name__in=("long_checker",)).exists()
|
||||
):
|
||||
return False
|
||||
if (
|
||||
self.app_name == "physics"
|
||||
and not user.groups.filter(name="physics_checker").exists()
|
||||
):
|
||||
return False
|
||||
if (
|
||||
self.app_name == "sbas"
|
||||
and not user.groups.filter(name="sba_checker").exists()
|
||||
):
|
||||
return False
|
||||
if (
|
||||
self.app_name == "casecollection"
|
||||
and not user.groups.filter(name="casecollection_checker").exists()
|
||||
):
|
||||
return False
|
||||
return False
|
||||
|
||||
def help(self, request):
|
||||
return render(request, f"{self.app_name}/help.html", {"app_name": self.app_name})
|
||||
|
||||
|
||||
Reference in New Issue
Block a user