DigitaleAgentur___ALT
/
digitaleagenturnc
5
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Sicherheitslücke Standards

This commit is contained in:
holger.trampe 2021-04-14 17:00:52 +02:00
parent a2555511cd
commit 848bd524e8
2 changed files with 373 additions and 322 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
standards/templates/standards/standards_management.html
View File

@ -61,8 +61,11 @@
{% for s in task.standards %}
<!-- VISIBLE GROUPCHECK -->
{% setbool False %}
{% for ag in s.visibleby.all %}
{% if request.user|has_group:ag.group.name %}
{% setbool True %}
{% endif %}
{% endfor %}

692
standards/views.py
View File

@ -274,348 +274,395 @@ def StandardAdd(request, id=False):
standard = Standards.objects.get(pk=id, agency=request.user.profile.agency)
# SAVE UPDATED STANDARD
if request.method == 'POST':
normalForm = StandardUpdateStandard(request.POST, instance=standard)
editorForm = StandardUpdateStandardEditor(request.POST, instance=standard)
if editorForm.is_valid() and normalForm.is_valid():
standard.last_modified_by = request.user
standard.last_modified_on = datetime.now()
standard.task = normalForm.cleaned_data['task']
standard.area = normalForm.cleaned_data['area']
standard.name = normalForm.cleaned_data['name']
standard.public = normalForm.cleaned_data['public']
standard.content = editorForm.cleaned_data['content']
standard.freefield_content = normalForm.cleaned_data['freefield_content']
standard.freefield_title = normalForm.cleaned_data['freefield_title']
# Clear Users, will set again next step
standard.authority.clear()
standard.executor.clear()
standard.representative.clear()
# GROUPS
standard.authority_group.clear()
standard.executor_group.clear()
standard.representative_group.clear()
standard.visibleby.clear()
standard.linked_standards.clear()
standard.addedfiles.clear()
standard.addedquicklinks.clear()
standard.addedpasswords.clear()
standard.addedcontacts.clear()
# ADD NEW INFOS
# REPRESENTATIV
verant = normalForm.cleaned_data['us_verant'].split(",")
for v in verant:
if(v.isdigit()):
standard.authority.add(User.objects.get(pk=v))
# EXECUTORS
ex = normalForm.cleaned_data['us_ex'].split(",")
for v in ex:
if(v.isdigit()):
standard.executor.add(User.objects.get(pk=v))
# AUTHORITY
ver = normalForm.cleaned_data['us_ver'].split(",")
for v in ver:
if(v.isdigit()):
standard.representative.add(User.objects.get(pk=v))
verant_group = normalForm.cleaned_data['group_verant'].split(",")
for v in verant_group:
if(v.isdigit()):
standard.authority_group.add(AgencyGroup.objects.get(pk=v))
# EXECUTORS
ex_group = normalForm.cleaned_data['group_ex'].split(",")
for v in ex_group:
if(v.isdigit()):
standard.executor_group.add(AgencyGroup.objects.get(pk=v))
# CHECK IF USER HAS RIGHTS TO SEE THIS DIR
groupsofstandard = standard
# AUTHORITY
ver_group = normalForm.cleaned_data['group_ver'].split(",")
for v in ver_group:
if(v.isdigit()):
standard.representative_group.add(AgencyGroup.objects.get(pk=v))
userisingroup = False
# ADD GROUPS
groups = normalForm.cleaned_data['checked_groups'].split(",")
if len(groupsofstandard.visibleby.all()) == 0:
userisingroup = True
else:
for ag in groupsofstandard.visibleby.all():
if ag.group in request.user.groups.all():
userisingroup = True
if userisingroup:
for g in groups:
if(g.isdigit()):
standard.visibleby.add(AgencyGroup.objects.get(pk=g))
normalForm = StandardUpdateStandard(request.POST, instance=standard)
editorForm = StandardUpdateStandardEditor(request.POST, instance=standard)
# ADD STANDARDS
standards = normalForm.cleaned_data['added_standards'].split(",")
for s in standards:
if(s.isdigit()):
standard.linked_standards.add(Standards.objects.get(pk=s))
if editorForm.is_valid() and normalForm.is_valid():
standard.last_modified_by = request.user
standard.last_modified_on = datetime.now()
standard.task = normalForm.cleaned_data['task']
standard.area = normalForm.cleaned_data['area']
standard.name = normalForm.cleaned_data['name']
standard.public = normalForm.cleaned_data['public']
standard.content = editorForm.cleaned_data['content']
standard.freefield_content = normalForm.cleaned_data['freefield_content']
standard.freefield_title = normalForm.cleaned_data['freefield_title']
# Clear Users, will set again next step
standard.authority.clear()
standard.executor.clear()
standard.representative.clear()
# GROUPS
standard.authority_group.clear()
standard.executor_group.clear()
standard.representative_group.clear()
standard.visibleby.clear()
standard.linked_standards.clear()
standard.addedfiles.clear()
standard.addedquicklinks.clear()
standard.addedpasswords.clear()
standard.addedcontacts.clear()
# ADD NEW INFOS
# REPRESENTATIV
verant = normalForm.cleaned_data['us_verant'].split(",")
for v in verant:
if(v.isdigit()):
standard.authority.add(User.objects.get(pk=v))
# EXECUTORS
ex = normalForm.cleaned_data['us_ex'].split(",")
for v in ex:
if(v.isdigit()):
standard.executor.add(User.objects.get(pk=v))
# AUTHORITY
ver = normalForm.cleaned_data['us_ver'].split(",")
for v in ver:
if(v.isdigit()):
standard.representative.add(User.objects.get(pk=v))
verant_group = normalForm.cleaned_data['group_verant'].split(",")
for v in verant_group:
if(v.isdigit()):
standard.authority_group.add(AgencyGroup.objects.get(pk=v))
# EXECUTORS
ex_group = normalForm.cleaned_data['group_ex'].split(",")
for v in ex_group:
if(v.isdigit()):
standard.executor_group.add(AgencyGroup.objects.get(pk=v))
# AUTHORITY
ver_group = normalForm.cleaned_data['group_ver'].split(",")
for v in ver_group:
if(v.isdigit()):
standard.representative_group.add(AgencyGroup.objects.get(pk=v))
# ADD GROUPS
groups = normalForm.cleaned_data['checked_groups'].split(",")
for g in groups:
if(g.isdigit()):
standard.visibleby.add(AgencyGroup.objects.get(pk=g))
# ADD STANDARDS
standards = normalForm.cleaned_data['added_standards'].split(",")
for s in standards:
if(s.isdigit()):
standard.linked_standards.add(Standards.objects.get(pk=s))
# ADD FILES
files = normalForm.cleaned_data['added_files'].split(",")
for f in files:
if(f.isdigit()):
standard.addedfiles.add(DataFile.objects.get(pk=f))
# ADD QUICKLINKS
quicklinks = normalForm.cleaned_data['added_quicklinks'].split(",")
for f in quicklinks:
if(f.isdigit()):
standard.addedquicklinks.add(QuickLinks.objects.get(pk=f))
# ADD PASSWORDS
addedpasswords = normalForm.cleaned_data['added_passwords'].split(",")
for f in addedpasswords:
if(f.isdigit()):
standard.addedpasswords.add(AGPassword.objects.get(pk=f))
# ADD CONTACTS
contacts = normalForm.cleaned_data['added_contacts'].split(",")
for f in contacts:
if(f.isdigit()):
standard.addedcontacts.add(AGContacts.objects.get(pk=f))
# ADD TO NETWORKS
networks = normalForm.cleaned_data['checked_networks'].split(",")
'''
Alle Agenturverbunde laden, in denen die Agentur drin ist.
'''
agencynetworks_all = AgencyNetwork.objects.all()
agencynetworks = []
for a in agencynetworks_all:
if request.user.profile.agency in a.adminagencys.all() or request.user.profile.agency in a.members.all() or request.user.profile.agency in a.sharemembers.all():
agencynetworks.append(a)
agencynetworks_standard_in = []
# Agenturverbünde, in denen der Standard drin sein soll
for f in networks:
if(f.isdigit()):
tempnetwork = AgencyNetwork.objects.get(pk=f)
#tempnetwork.standards.add(standard)
agencynetworks_standard_in.append(tempnetwork)
#print(agencynetworks_standard_in)
# Wenn Standard im gewünschten Verbund, dann rein, ansonsten raus
for a in agencynetworks:
if a in agencynetworks_standard_in and standard not in a.standards.all():
a.standards.add(standard)
elif a not in agencynetworks_standard_in:
a.standards.remove(standard)
'''
Info an die Agenturen über einen neuen Standard
'''
agency_send = []
for agencynetwork_single in agencynetworks_standard_in:
for agn_admin in agencynetwork_single.adminagencys.all():
if(agn_admin not in agency_send):
agency_send.append(agn_admin)
if agn_admin != request.user.profile.agency:
users_of_other_ag = User.objects.filter(profile__agency=agn_admin)
for u in users_of_other_ag:
if u.has_perm('users.standardmanager') and u.has_perm('users.agencynetwork'):
if u.usernotifications.agn_standard_created_mail:
notificationtext = "im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name
sendMailNoti(notificationtext, u)
if u.usernotifications.agn_standard_created_push:
newnotification = UserNotification(touser=u, notificationtext="im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name, notificationtype="")
newnotification.save()
channel_layer = channels.layers.get_channel_layer()
async_to_sync(channel_layer.group_send)("user_" + str(u.pk), {'type' : 'pushhandler', 'pushtext' : "pushnotification__Agenturverbund | Im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name})
for agn_admin in agencynetwork_single.members.all():
if(agn_admin not in agency_send):
agency_send.append(agn_admin)
if agn_admin != request.user.profile.agency:
users_of_other_ag = User.objects.filter(profile__agency=agn_admin)
for u in users_of_other_ag:
if u.has_perm('users.standardmanager') and u.has_perm('users.agencynetwork'):
if u.usernotifications.agn_standard_created_mail:
notificationtext = "im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name
sendMailNoti(notificationtext, u)
if u.usernotifications.agn_standard_created_push:
newnotification = UserNotification(touser=u, notificationtext="im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name, notificationtype="")
newnotification.save()
channel_layer = channels.layers.get_channel_layer()
async_to_sync(channel_layer.group_send)("user_" + str(u.pk), {'type' : 'pushhandler', 'pushtext' : "pushnotification__Agenturverbund | Im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name})
for agn_admin in agencynetwork_single.sharemembers.all():
if(agn_admin not in agency_send):
agency_send.append(agn_admin)
if agn_admin != request.user.profile.agency:
users_of_other_ag = User.objects.filter(profile__agency=agn_admin)
for u in users_of_other_ag:
if u.has_perm('users.standardmanager') and u.has_perm('users.agencynetwork'):
if u.usernotifications.agn_standard_created_mail:
notificationtext = "im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name
sendMailNoti(notificationtext, u)
if u.usernotifications.agn_standard_created_push:
newnotification = UserNotification(touser=u, notificationtext="im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name, notificationtype="")
newnotification.save()
channel_layer = channels.layers.get_channel_layer()
async_to_sync(channel_layer.group_send)("user_" + str(u.pk), {'type' : 'pushhandler', 'pushtext' : "pushnotification__Agenturverbund | Im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name})
# Clear sended Agencys for multiple Networks
agency_send = []
if request.user.has_perm('users.standardmanager'):
messages.success(request, f'Standard {standard.name} aktualisiert!')
else:
if standard.public:
standard.public = False
messages.warning(request, f'Standard <a href="#">{standard.name}</a> aktualisiert und ist nicht mehr öffentlich, damit Änderungen geprüft werden können.')
else:
messages.success(request, f'Standard <a href="#">{standard.name}</a> aktualisiert!')
standard.save()
return redirect('/standards')
# SHOW EXISTING STANDARD
else:
# CHECK IF USER HAS RIGHTS TO SEE THIS DIR
groupsofstandard = standard
userisingroup = False
if len(groupsofstandard.visibleby.all()) == 0:
userisingroup = True
else:
for ag in groupsofstandard.visibleby.all():
if ag.group in request.user.groups.all():
userisingroup = True
if userisingroup:
# ADD FILES
files = normalForm.cleaned_data['added_files'].split(",")
for f in files:
if(f.isdigit()):
standard.addedfiles.add(DataFile.objects.get(pk=f))
# ADD QUICKLINKS
quicklinks = normalForm.cleaned_data['added_quicklinks'].split(",")
for f in quicklinks:
if(f.isdigit()):
standard.addedquicklinks.add(QuickLinks.objects.get(pk=f))
# ADD PASSWORDS
addedpasswords = normalForm.cleaned_data['added_passwords'].split(",")
for f in addedpasswords:
if(f.isdigit()):
standard.addedpasswords.add(AGPassword.objects.get(pk=f))
# ADD CONTACTS
contacts = normalForm.cleaned_data['added_contacts'].split(",")
for f in contacts:
if(f.isdigit()):
standard.addedcontacts.add(AGContacts.objects.get(pk=f))
# ADD TO NETWORKS
networks = normalForm.cleaned_data['checked_networks'].split(",")
'''
Alle Agenturverbunde laden, in denen die Agentur drin ist.
'''
normalForm = StandardUpdateStandard(instance=standard)
editorForm = StandardUpdateStandardEditor(instance=standard)
# GET ALL DATAS FROM STANDARD
# FILES
possibleFilesByVisible = []
allfiles = DataFile.objects.filter(agency=request.user.profile.agency)
# Get all files by view
for f in allfiles:
actParent = DataDir.objects.get(pk=f.parent.pk)
if actParent.is_root:
possibleFilesByVisible.append(f)
else:
if(checkUserDirRights(request, actParent, request.user.pk)):
possibleFilesByVisible.append(f)
# Remove files which are in standard
for f in possibleFilesByVisible:
if f in standard.addedfiles.all():
possibleFilesByVisible.remove(f)
# STANDARDS
possible_standards = []
allstandards = Standards.objects.filter(agency=request.user.profile.agency, public=True)
for s in allstandards:
if s not in standard.linked_standards.all():
possible_standards.append(s)
# USERS VER AUTH EX
possible_verant = User.objects.filter(profile__agency__pk=request.user.profile.agency.pk)
possible_verant_final = []
for pv in possible_verant:
if pv not in standard.authority.all():
possible_verant_final.append(pv)
possible_ex = User.objects.filter(profile__agency__pk=request.user.profile.agency.pk)
possible_ex_final = []
for pv in possible_ex:
if pv not in standard.executor.all():
possible_ex_final.append(pv)
possible_ver = User.objects.filter(profile__agency__pk=request.user.profile.agency.pk)
possible_ver_final = []
for pv in possible_ver:
if pv not in standard.representative.all():
possible_ver_final.append(pv)
# GROUPS VER AUTH EX
#possible_verant_group_final
#possible_ex_group_final
#possible_ver_group_final
possible_verant_group = AgencyGroup.objects.filter(agency=request.user.profile.agency)
possible_verant_group_final = []
for g in possible_verant_group:
if g not in standard.authority_group.all():
possible_verant_group_final.append(g)
possible_ex_group = AgencyGroup.objects.filter(agency=request.user.profile.agency)
possible_ex_group_final = []
for g in possible_ex_group:
if g not in standard.executor_group.all():
possible_ex_group_final.append(g)
possible_ver_group = AgencyGroup.objects.filter(agency=request.user.profile.agency)
possible_ver_group_final = []
for g in possible_ver_group:
if g not in standard.representative_group.all():
possible_ver_group_final.append(g)
# QUICKLINKS
possible_quicklinks = []
quicklinks = QuickLinks.objects.filter(agency=request.user.profile.agency)
for q in quicklinks:
if q not in standard.addedquicklinks.all():
possible_quicklinks.append(q)
# CONTACTS
possible_contacts = []
contacts = AGContacts.objects.filter(agency=request.user.profile.agency)
for q in contacts:
if q not in standard.addedcontacts.all():
possible_contacts.append(q)
# PASSWORDS
possible_passwords = []
contacts = AGPassword.objects.filter(agency=request.user.profile.agency)
for q in contacts:
if q not in standard.addedpasswords.all():
possible_passwords.append(q)
# AGENCYNETWORKS
agencynetworks_all = AgencyNetwork.objects.all()
agencynetworks = []
for a in agencynetworks_all:
if request.user.profile.agency in a.adminagencys.all() or request.user.profile.agency in a.members.all() or request.user.profile.agency in a.sharemembers.all():
agencynetworks.append(a)
# GROUPS
# Nicht nötig, da alles über agencygroups und direkt im Standard gemacht wird
agencynetworks_standard_in = []
# Agenturverbünde, in denen der Standard drin sein soll
for f in networks:
if(f.isdigit()):
tempnetwork = AgencyNetwork.objects.get(pk=f)
#tempnetwork.standards.add(standard)
agencynetworks_standard_in.append(tempnetwork)
#print(agencynetworks_standard_in)
# Wenn Standard im gewünschten Verbund, dann rein, ansonsten raus
for a in agencynetworks:
if a in agencynetworks_standard_in and standard not in a.standards.all():
a.standards.add(standard)
elif a not in agencynetworks_standard_in:
a.standards.remove(standard)
'''
Info an die Agenturen über einen neuen Standard
'''
agency_send = []
for agencynetwork_single in agencynetworks_standard_in:
for agn_admin in agencynetwork_single.adminagencys.all():
if(agn_admin not in agency_send):
agency_send.append(agn_admin)
if agn_admin != request.user.profile.agency:
users_of_other_ag = User.objects.filter(profile__agency=agn_admin)
for u in users_of_other_ag:
if u.has_perm('users.standardmanager') and u.has_perm('users.agencynetwork'):
if u.usernotifications.agn_standard_created_mail:
notificationtext = "im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name
sendMailNoti(notificationtext, u)
if u.usernotifications.agn_standard_created_push:
newnotification = UserNotification(touser=u, notificationtext="im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name, notificationtype="")
newnotification.save()
channel_layer = channels.layers.get_channel_layer()
async_to_sync(channel_layer.group_send)("user_" + str(u.pk), {'type' : 'pushhandler', 'pushtext' : "pushnotification__Agenturverbund | Im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name})
for agn_admin in agencynetwork_single.members.all():
if(agn_admin not in agency_send):
agency_send.append(agn_admin)
if agn_admin != request.user.profile.agency:
users_of_other_ag = User.objects.filter(profile__agency=agn_admin)
for u in users_of_other_ag:
if u.has_perm('users.standardmanager') and u.has_perm('users.agencynetwork'):
if u.usernotifications.agn_standard_created_mail:
notificationtext = "im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name
sendMailNoti(notificationtext, u)
if u.usernotifications.agn_standard_created_push:
newnotification = UserNotification(touser=u, notificationtext="im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name, notificationtype="")
newnotification.save()
channel_layer = channels.layers.get_channel_layer()
async_to_sync(channel_layer.group_send)("user_" + str(u.pk), {'type' : 'pushhandler', 'pushtext' : "pushnotification__Agenturverbund | Im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name})
for agn_admin in agencynetwork_single.sharemembers.all():
if(agn_admin not in agency_send):
agency_send.append(agn_admin)
if agn_admin != request.user.profile.agency:
users_of_other_ag = User.objects.filter(profile__agency=agn_admin)
for u in users_of_other_ag:
if u.has_perm('users.standardmanager') and u.has_perm('users.agencynetwork'):
if u.usernotifications.agn_standard_created_mail:
notificationtext = "im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name
sendMailNoti(notificationtext, u)
if u.usernotifications.agn_standard_created_push:
newnotification = UserNotification(touser=u, notificationtext="im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name, notificationtype="")
newnotification.save()
channel_layer = channels.layers.get_channel_layer()
async_to_sync(channel_layer.group_send)("user_" + str(u.pk), {'type' : 'pushhandler', 'pushtext' : "pushnotification__Agenturverbund | Im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name})
# Clear sended Agencys for multiple Networks
agency_send = []
if request.user.has_perm('users.standardmanager'):
messages.success(request, f'Standard {standard.name} aktualisiert!')
else:
if standard.public:
standard.public = False
messages.warning(request, f'Standard <a href="#">{standard.name}</a> aktualisiert und ist nicht mehr öffentlich, damit Änderungen geprüft werden können.')
else:
messages.success(request, f'Standard <a href="#">{standard.name}</a> aktualisiert!')
standard.save()
return redirect('/standards')
# SHOW EXISTING STANDARD
else:
normalForm = StandardUpdateStandard(instance=standard)
editorForm = StandardUpdateStandardEditor(instance=standard)
# GET ALL DATAS FROM STANDARD
# FILES
possibleFilesByVisible = []
allfiles = DataFile.objects.filter(agency=request.user.profile.agency)
# Get all files by view
for f in allfiles:
actParent = DataDir.objects.get(pk=f.parent.pk)
if actParent.is_root:
possibleFilesByVisible.append(f)
else:
if(checkUserDirRights(request, actParent, request.user.pk)):
possibleFilesByVisible.append(f)
# Remove files which are in standard
for f in possibleFilesByVisible:
if f in standard.addedfiles.all():
possibleFilesByVisible.remove(f)
# STANDARDS
possible_standards = []
allstandards = Standards.objects.filter(agency=request.user.profile.agency, public=True)
for s in allstandards:
if s not in standard.linked_standards.all():
possible_standards.append(s)
# USERS VER AUTH EX
possible_verant = User.objects.filter(profile__agency__pk=request.user.profile.agency.pk)
possible_verant_final = []
for pv in possible_verant:
if pv not in standard.authority.all():
possible_verant_final.append(pv)
possible_ex = User.objects.filter(profile__agency__pk=request.user.profile.agency.pk)
possible_ex_final = []
for pv in possible_ex:
if pv not in standard.executor.all():
possible_ex_final.append(pv)
possible_ver = User.objects.filter(profile__agency__pk=request.user.profile.agency.pk)
possible_ver_final = []
for pv in possible_ver:
if pv not in standard.representative.all():
possible_ver_final.append(pv)
# GROUPS VER AUTH EX
#possible_verant_group_final
#possible_ex_group_final
#possible_ver_group_final
possible_verant_group = AgencyGroup.objects.filter(agency=request.user.profile.agency)
possible_verant_group_final = []
for g in possible_verant_group:
if g not in standard.authority_group.all():
possible_verant_group_final.append(g)
possible_ex_group = AgencyGroup.objects.filter(agency=request.user.profile.agency)
possible_ex_group_final = []
for g in possible_ex_group:
if g not in standard.executor_group.all():
possible_ex_group_final.append(g)
possible_ver_group = AgencyGroup.objects.filter(agency=request.user.profile.agency)
possible_ver_group_final = []
for g in possible_ver_group:
if g not in standard.representative_group.all():
possible_ver_group_final.append(g)
# QUICKLINKS
possible_quicklinks = []
quicklinks = QuickLinks.objects.filter(agency=request.user.profile.agency)
for q in quicklinks:
if q not in standard.addedquicklinks.all():
possible_quicklinks.append(q)
# CONTACTS
possible_contacts = []
contacts = AGContacts.objects.filter(agency=request.user.profile.agency)
for q in contacts:
if q not in standard.addedcontacts.all():
possible_contacts.append(q)
# PASSWORDS
possible_passwords = []
contacts = AGPassword.objects.filter(agency=request.user.profile.agency)
for q in contacts:
if q not in standard.addedpasswords.all():
possible_passwords.append(q)
# AGENCYNETWORKS
agencynetworks_all = AgencyNetwork.objects.all()
agencynetworks = []
for a in agencynetworks_all:
if request.user.profile.agency in a.adminagencys.all() or request.user.profile.agency in a.members.all() or request.user.profile.agency in a.sharemembers.all():
agencynetworks.append(a)
# GROUPS
# Nicht nötig, da alles über agencygroups und direkt im Standard gemacht wird
context = {
'normalForm' : normalForm,
'editorForm' : editorForm,
'standard' : standard,
'files' : possibleFilesByVisible,
'standard_possible' : possible_standards,
'poss_verant' : possible_verant_final,
'poss_ex' : possible_ex_final,
'poss_ver' : possible_ver_final,
'possgroup_verant' : possible_verant_group_final,
'possgroup_ex' : possible_ex_group_final,
'possgroup_ver' : possible_ver_group_final,
'possible_quicklinks' : possible_quicklinks,
'possible_passwords' : possible_passwords,
'possible_contacts' : possible_contacts,
'agencynetworks' : agencynetworks,
'agencygroups' : AgencyGroup.objects.filter(agency=request.user.profile.agency),
'parentid' : list(DataDir.objects.filter(agency=request.user.profile.agency, is_root=True))[0].pk,
'active_link' : 'standards',
'update' : True,
'aggroups' : AgencyGroup.objects.filter(agency=request.user.profile.agency)
}
return render(request, 'standards/standards_add.html', context)
context = {
'normalForm' : normalForm,
'editorForm' : editorForm,
'standard' : standard,
'files' : possibleFilesByVisible,
'standard_possible' : possible_standards,
'poss_verant' : possible_verant_final,
'poss_ex' : possible_ex_final,
'poss_ver' : possible_ver_final,
'possgroup_verant' : possible_verant_group_final,
'possgroup_ex' : possible_ex_group_final,
'possgroup_ver' : possible_ver_group_final,
'possible_quicklinks' : possible_quicklinks,
'possible_passwords' : possible_passwords,
'possible_contacts' : possible_contacts,
'agencynetworks' : agencynetworks,
'agencygroups' : AgencyGroup.objects.filter(agency=request.user.profile.agency),
'parentid' : list(DataDir.objects.filter(agency=request.user.profile.agency, is_root=True))[0].pk,
'active_link' : 'standards',
'update' : True,
'aggroups' : AgencyGroup.objects.filter(agency=request.user.profile.agency)
}
return render(request, 'standards/standards_add.html', context)
else:
context = {
'active_link':'standards'
}
return render(request, 'standards/standards_noentrie.html', context)
'''
@ -713,6 +760,7 @@ def StandardSingle(request, pk):
userisingroup = True
else:
for ag in groupsofstandard.visibleby.all():
if ag.group in request.user.groups.all():
userisingroup = True