From 848bd524e82378b491f43ae6db63eb193832feca Mon Sep 17 00:00:00 2001 From: "holger.trampe" Date: Wed, 14 Apr 2021 17:00:52 +0200 Subject: [PATCH] =?UTF-8?q?Sicherheitsl=C3=BCcke=20Standards?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../standards/standards_management.html | 3 + standards/views.py | 692 ++++++++++-------- 2 files changed, 373 insertions(+), 322 deletions(-) diff --git a/standards/templates/standards/standards_management.html b/standards/templates/standards/standards_management.html index 0fc259d..d456044 100644 --- a/standards/templates/standards/standards_management.html +++ b/standards/templates/standards/standards_management.html @@ -61,8 +61,11 @@ {% for s in task.standards %} {% setbool False %} + {% for ag in s.visibleby.all %} + {% if request.user|has_group:ag.group.name %} + {% setbool True %} {% endif %} {% endfor %} diff --git a/standards/views.py b/standards/views.py index 17d900c..9394383 100644 --- a/standards/views.py +++ b/standards/views.py @@ -274,348 +274,395 @@ def StandardAdd(request, id=False): standard = Standards.objects.get(pk=id, agency=request.user.profile.agency) # SAVE UPDATED STANDARD if request.method == 'POST': - normalForm = StandardUpdateStandard(request.POST, instance=standard) - editorForm = StandardUpdateStandardEditor(request.POST, instance=standard) - if editorForm.is_valid() and normalForm.is_valid(): - standard.last_modified_by = request.user - standard.last_modified_on = datetime.now() - standard.task = normalForm.cleaned_data['task'] - standard.area = normalForm.cleaned_data['area'] - standard.name = normalForm.cleaned_data['name'] - standard.public = normalForm.cleaned_data['public'] - standard.content = editorForm.cleaned_data['content'] - standard.freefield_content = normalForm.cleaned_data['freefield_content'] - standard.freefield_title = normalForm.cleaned_data['freefield_title'] - - # Clear Users, will set again next step - standard.authority.clear() - standard.executor.clear() - standard.representative.clear() - - # GROUPS - standard.authority_group.clear() - standard.executor_group.clear() - standard.representative_group.clear() - - standard.visibleby.clear() - standard.linked_standards.clear() - standard.addedfiles.clear() - standard.addedquicklinks.clear() - standard.addedpasswords.clear() - standard.addedcontacts.clear() - - # ADD NEW INFOS - # REPRESENTATIV - verant = normalForm.cleaned_data['us_verant'].split(",") - for v in verant: - if(v.isdigit()): - standard.authority.add(User.objects.get(pk=v)) - - # EXECUTORS - ex = normalForm.cleaned_data['us_ex'].split(",") - for v in ex: - if(v.isdigit()): - standard.executor.add(User.objects.get(pk=v)) - - # AUTHORITY - ver = normalForm.cleaned_data['us_ver'].split(",") - for v in ver: - if(v.isdigit()): - standard.representative.add(User.objects.get(pk=v)) + - verant_group = normalForm.cleaned_data['group_verant'].split(",") - for v in verant_group: - if(v.isdigit()): - standard.authority_group.add(AgencyGroup.objects.get(pk=v)) - # EXECUTORS - ex_group = normalForm.cleaned_data['group_ex'].split(",") - for v in ex_group: - if(v.isdigit()): - standard.executor_group.add(AgencyGroup.objects.get(pk=v)) + # CHECK IF USER HAS RIGHTS TO SEE THIS DIR + groupsofstandard = standard - # AUTHORITY - ver_group = normalForm.cleaned_data['group_ver'].split(",") - for v in ver_group: - if(v.isdigit()): - standard.representative_group.add(AgencyGroup.objects.get(pk=v)) + userisingroup = False - # ADD GROUPS - groups = normalForm.cleaned_data['checked_groups'].split(",") + if len(groupsofstandard.visibleby.all()) == 0: + userisingroup = True + else: + for ag in groupsofstandard.visibleby.all(): + + if ag.group in request.user.groups.all(): + userisingroup = True + + if userisingroup: - for g in groups: - if(g.isdigit()): - standard.visibleby.add(AgencyGroup.objects.get(pk=g)) + normalForm = StandardUpdateStandard(request.POST, instance=standard) + editorForm = StandardUpdateStandardEditor(request.POST, instance=standard) - # ADD STANDARDS - standards = normalForm.cleaned_data['added_standards'].split(",") - for s in standards: - if(s.isdigit()): - standard.linked_standards.add(Standards.objects.get(pk=s)) + if editorForm.is_valid() and normalForm.is_valid(): + standard.last_modified_by = request.user + standard.last_modified_on = datetime.now() + standard.task = normalForm.cleaned_data['task'] + standard.area = normalForm.cleaned_data['area'] + standard.name = normalForm.cleaned_data['name'] + standard.public = normalForm.cleaned_data['public'] + standard.content = editorForm.cleaned_data['content'] + standard.freefield_content = normalForm.cleaned_data['freefield_content'] + standard.freefield_title = normalForm.cleaned_data['freefield_title'] + + # Clear Users, will set again next step + standard.authority.clear() + standard.executor.clear() + standard.representative.clear() + + # GROUPS + standard.authority_group.clear() + standard.executor_group.clear() + standard.representative_group.clear() + + standard.visibleby.clear() + standard.linked_standards.clear() + standard.addedfiles.clear() + standard.addedquicklinks.clear() + standard.addedpasswords.clear() + standard.addedcontacts.clear() + + # ADD NEW INFOS + # REPRESENTATIV + verant = normalForm.cleaned_data['us_verant'].split(",") + for v in verant: + if(v.isdigit()): + standard.authority.add(User.objects.get(pk=v)) + + # EXECUTORS + ex = normalForm.cleaned_data['us_ex'].split(",") + for v in ex: + if(v.isdigit()): + standard.executor.add(User.objects.get(pk=v)) + + # AUTHORITY + ver = normalForm.cleaned_data['us_ver'].split(",") + for v in ver: + if(v.isdigit()): + standard.representative.add(User.objects.get(pk=v)) + + + verant_group = normalForm.cleaned_data['group_verant'].split(",") + for v in verant_group: + if(v.isdigit()): + standard.authority_group.add(AgencyGroup.objects.get(pk=v)) + + # EXECUTORS + ex_group = normalForm.cleaned_data['group_ex'].split(",") + for v in ex_group: + if(v.isdigit()): + standard.executor_group.add(AgencyGroup.objects.get(pk=v)) + + # AUTHORITY + ver_group = normalForm.cleaned_data['group_ver'].split(",") + for v in ver_group: + if(v.isdigit()): + standard.representative_group.add(AgencyGroup.objects.get(pk=v)) + + # ADD GROUPS + groups = normalForm.cleaned_data['checked_groups'].split(",") + + for g in groups: + if(g.isdigit()): + standard.visibleby.add(AgencyGroup.objects.get(pk=g)) + + # ADD STANDARDS + standards = normalForm.cleaned_data['added_standards'].split(",") + for s in standards: + if(s.isdigit()): + standard.linked_standards.add(Standards.objects.get(pk=s)) + + # ADD FILES + files = normalForm.cleaned_data['added_files'].split(",") + for f in files: + if(f.isdigit()): + standard.addedfiles.add(DataFile.objects.get(pk=f)) + + # ADD QUICKLINKS + quicklinks = normalForm.cleaned_data['added_quicklinks'].split(",") + for f in quicklinks: + if(f.isdigit()): + standard.addedquicklinks.add(QuickLinks.objects.get(pk=f)) + + # ADD PASSWORDS + addedpasswords = normalForm.cleaned_data['added_passwords'].split(",") + for f in addedpasswords: + if(f.isdigit()): + standard.addedpasswords.add(AGPassword.objects.get(pk=f)) + + # ADD CONTACTS + contacts = normalForm.cleaned_data['added_contacts'].split(",") + for f in contacts: + if(f.isdigit()): + standard.addedcontacts.add(AGContacts.objects.get(pk=f)) + + # ADD TO NETWORKS + networks = normalForm.cleaned_data['checked_networks'].split(",") + ''' + Alle Agenturverbunde laden, in denen die Agentur drin ist. + ''' + agencynetworks_all = AgencyNetwork.objects.all() + agencynetworks = [] + for a in agencynetworks_all: + if request.user.profile.agency in a.adminagencys.all() or request.user.profile.agency in a.members.all() or request.user.profile.agency in a.sharemembers.all(): + agencynetworks.append(a) + + + agencynetworks_standard_in = [] + + # Agenturverbünde, in denen der Standard drin sein soll + for f in networks: + if(f.isdigit()): + tempnetwork = AgencyNetwork.objects.get(pk=f) + #tempnetwork.standards.add(standard) + agencynetworks_standard_in.append(tempnetwork) + + #print(agencynetworks_standard_in) + + # Wenn Standard im gewünschten Verbund, dann rein, ansonsten raus + for a in agencynetworks: + if a in agencynetworks_standard_in and standard not in a.standards.all(): + a.standards.add(standard) + elif a not in agencynetworks_standard_in: + a.standards.remove(standard) + + + ''' + Info an die Agenturen über einen neuen Standard + + ''' + agency_send = [] + for agencynetwork_single in agencynetworks_standard_in: + for agn_admin in agencynetwork_single.adminagencys.all(): + if(agn_admin not in agency_send): + agency_send.append(agn_admin) + if agn_admin != request.user.profile.agency: + users_of_other_ag = User.objects.filter(profile__agency=agn_admin) + for u in users_of_other_ag: + if u.has_perm('users.standardmanager') and u.has_perm('users.agencynetwork'): + if u.usernotifications.agn_standard_created_mail: + notificationtext = "im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name + sendMailNoti(notificationtext, u) + + if u.usernotifications.agn_standard_created_push: + newnotification = UserNotification(touser=u, notificationtext="im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name, notificationtype="") + newnotification.save() + + channel_layer = channels.layers.get_channel_layer() + async_to_sync(channel_layer.group_send)("user_" + str(u.pk), {'type' : 'pushhandler', 'pushtext' : "pushnotification__Agenturverbund | Im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name}) + for agn_admin in agencynetwork_single.members.all(): + if(agn_admin not in agency_send): + agency_send.append(agn_admin) + if agn_admin != request.user.profile.agency: + users_of_other_ag = User.objects.filter(profile__agency=agn_admin) + for u in users_of_other_ag: + if u.has_perm('users.standardmanager') and u.has_perm('users.agencynetwork'): + if u.usernotifications.agn_standard_created_mail: + notificationtext = "im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name + sendMailNoti(notificationtext, u) + + if u.usernotifications.agn_standard_created_push: + newnotification = UserNotification(touser=u, notificationtext="im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name, notificationtype="") + newnotification.save() + + channel_layer = channels.layers.get_channel_layer() + async_to_sync(channel_layer.group_send)("user_" + str(u.pk), {'type' : 'pushhandler', 'pushtext' : "pushnotification__Agenturverbund | Im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name}) + for agn_admin in agencynetwork_single.sharemembers.all(): + if(agn_admin not in agency_send): + agency_send.append(agn_admin) + if agn_admin != request.user.profile.agency: + users_of_other_ag = User.objects.filter(profile__agency=agn_admin) + for u in users_of_other_ag: + if u.has_perm('users.standardmanager') and u.has_perm('users.agencynetwork'): + if u.usernotifications.agn_standard_created_mail: + notificationtext = "im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name + sendMailNoti(notificationtext, u) + + if u.usernotifications.agn_standard_created_push: + newnotification = UserNotification(touser=u, notificationtext="im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name, notificationtype="") + newnotification.save() + + channel_layer = channels.layers.get_channel_layer() + async_to_sync(channel_layer.group_send)("user_" + str(u.pk), {'type' : 'pushhandler', 'pushtext' : "pushnotification__Agenturverbund | Im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name}) + # Clear sended Agencys for multiple Networks + agency_send = [] + + if request.user.has_perm('users.standardmanager'): + messages.success(request, f'Standard {standard.name} aktualisiert!') + else: + if standard.public: + standard.public = False + messages.warning(request, f'Standard {standard.name} aktualisiert und ist nicht mehr öffentlich, damit Änderungen geprüft werden können.') + else: + messages.success(request, f'Standard {standard.name} aktualisiert!') + standard.save() + return redirect('/standards') + # SHOW EXISTING STANDARD + else: + + + # CHECK IF USER HAS RIGHTS TO SEE THIS DIR + groupsofstandard = standard + + userisingroup = False + + if len(groupsofstandard.visibleby.all()) == 0: + userisingroup = True + else: + for ag in groupsofstandard.visibleby.all(): + + if ag.group in request.user.groups.all(): + userisingroup = True + + if userisingroup: - # ADD FILES - files = normalForm.cleaned_data['added_files'].split(",") - for f in files: - if(f.isdigit()): - standard.addedfiles.add(DataFile.objects.get(pk=f)) - # ADD QUICKLINKS - quicklinks = normalForm.cleaned_data['added_quicklinks'].split(",") - for f in quicklinks: - if(f.isdigit()): - standard.addedquicklinks.add(QuickLinks.objects.get(pk=f)) - # ADD PASSWORDS - addedpasswords = normalForm.cleaned_data['added_passwords'].split(",") - for f in addedpasswords: - if(f.isdigit()): - standard.addedpasswords.add(AGPassword.objects.get(pk=f)) - # ADD CONTACTS - contacts = normalForm.cleaned_data['added_contacts'].split(",") - for f in contacts: - if(f.isdigit()): - standard.addedcontacts.add(AGContacts.objects.get(pk=f)) - # ADD TO NETWORKS - networks = normalForm.cleaned_data['checked_networks'].split(",") - ''' - Alle Agenturverbunde laden, in denen die Agentur drin ist. - ''' + + normalForm = StandardUpdateStandard(instance=standard) + editorForm = StandardUpdateStandardEditor(instance=standard) + # GET ALL DATAS FROM STANDARD + # FILES + possibleFilesByVisible = [] + + allfiles = DataFile.objects.filter(agency=request.user.profile.agency) + # Get all files by view + for f in allfiles: + actParent = DataDir.objects.get(pk=f.parent.pk) + if actParent.is_root: + possibleFilesByVisible.append(f) + else: + if(checkUserDirRights(request, actParent, request.user.pk)): + possibleFilesByVisible.append(f) + + # Remove files which are in standard + for f in possibleFilesByVisible: + if f in standard.addedfiles.all(): + possibleFilesByVisible.remove(f) + + + # STANDARDS + possible_standards = [] + allstandards = Standards.objects.filter(agency=request.user.profile.agency, public=True) + + for s in allstandards: + if s not in standard.linked_standards.all(): + possible_standards.append(s) + + + # USERS VER AUTH EX + possible_verant = User.objects.filter(profile__agency__pk=request.user.profile.agency.pk) + possible_verant_final = [] + for pv in possible_verant: + if pv not in standard.authority.all(): + possible_verant_final.append(pv) + + possible_ex = User.objects.filter(profile__agency__pk=request.user.profile.agency.pk) + possible_ex_final = [] + for pv in possible_ex: + if pv not in standard.executor.all(): + possible_ex_final.append(pv) + + possible_ver = User.objects.filter(profile__agency__pk=request.user.profile.agency.pk) + possible_ver_final = [] + for pv in possible_ver: + if pv not in standard.representative.all(): + possible_ver_final.append(pv) + + + # GROUPS VER AUTH EX + #possible_verant_group_final + #possible_ex_group_final + #possible_ver_group_final + possible_verant_group = AgencyGroup.objects.filter(agency=request.user.profile.agency) + possible_verant_group_final = [] + for g in possible_verant_group: + if g not in standard.authority_group.all(): + possible_verant_group_final.append(g) + + possible_ex_group = AgencyGroup.objects.filter(agency=request.user.profile.agency) + possible_ex_group_final = [] + for g in possible_ex_group: + if g not in standard.executor_group.all(): + possible_ex_group_final.append(g) + + possible_ver_group = AgencyGroup.objects.filter(agency=request.user.profile.agency) + possible_ver_group_final = [] + for g in possible_ver_group: + if g not in standard.representative_group.all(): + possible_ver_group_final.append(g) + + + + # QUICKLINKS + possible_quicklinks = [] + quicklinks = QuickLinks.objects.filter(agency=request.user.profile.agency) + + for q in quicklinks: + if q not in standard.addedquicklinks.all(): + possible_quicklinks.append(q) + + # CONTACTS + possible_contacts = [] + contacts = AGContacts.objects.filter(agency=request.user.profile.agency) + + for q in contacts: + if q not in standard.addedcontacts.all(): + possible_contacts.append(q) + + # PASSWORDS + possible_passwords = [] + contacts = AGPassword.objects.filter(agency=request.user.profile.agency) + + for q in contacts: + if q not in standard.addedpasswords.all(): + possible_passwords.append(q) + + # AGENCYNETWORKS + agencynetworks_all = AgencyNetwork.objects.all() agencynetworks = [] + for a in agencynetworks_all: if request.user.profile.agency in a.adminagencys.all() or request.user.profile.agency in a.members.all() or request.user.profile.agency in a.sharemembers.all(): agencynetworks.append(a) + # GROUPS + # Nicht nötig, da alles über agencygroups und direkt im Standard gemacht wird - agencynetworks_standard_in = [] - - # Agenturverbünde, in denen der Standard drin sein soll - for f in networks: - if(f.isdigit()): - tempnetwork = AgencyNetwork.objects.get(pk=f) - #tempnetwork.standards.add(standard) - agencynetworks_standard_in.append(tempnetwork) - - #print(agencynetworks_standard_in) - - # Wenn Standard im gewünschten Verbund, dann rein, ansonsten raus - for a in agencynetworks: - if a in agencynetworks_standard_in and standard not in a.standards.all(): - a.standards.add(standard) - elif a not in agencynetworks_standard_in: - a.standards.remove(standard) - - - ''' - Info an die Agenturen über einen neuen Standard - - ''' - agency_send = [] - for agencynetwork_single in agencynetworks_standard_in: - for agn_admin in agencynetwork_single.adminagencys.all(): - if(agn_admin not in agency_send): - agency_send.append(agn_admin) - if agn_admin != request.user.profile.agency: - users_of_other_ag = User.objects.filter(profile__agency=agn_admin) - for u in users_of_other_ag: - if u.has_perm('users.standardmanager') and u.has_perm('users.agencynetwork'): - if u.usernotifications.agn_standard_created_mail: - notificationtext = "im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name - sendMailNoti(notificationtext, u) - - if u.usernotifications.agn_standard_created_push: - newnotification = UserNotification(touser=u, notificationtext="im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name, notificationtype="") - newnotification.save() - - channel_layer = channels.layers.get_channel_layer() - async_to_sync(channel_layer.group_send)("user_" + str(u.pk), {'type' : 'pushhandler', 'pushtext' : "pushnotification__Agenturverbund | Im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name}) - for agn_admin in agencynetwork_single.members.all(): - if(agn_admin not in agency_send): - agency_send.append(agn_admin) - if agn_admin != request.user.profile.agency: - users_of_other_ag = User.objects.filter(profile__agency=agn_admin) - for u in users_of_other_ag: - if u.has_perm('users.standardmanager') and u.has_perm('users.agencynetwork'): - if u.usernotifications.agn_standard_created_mail: - notificationtext = "im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name - sendMailNoti(notificationtext, u) - - if u.usernotifications.agn_standard_created_push: - newnotification = UserNotification(touser=u, notificationtext="im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name, notificationtype="") - newnotification.save() - - channel_layer = channels.layers.get_channel_layer() - async_to_sync(channel_layer.group_send)("user_" + str(u.pk), {'type' : 'pushhandler', 'pushtext' : "pushnotification__Agenturverbund | Im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name}) - for agn_admin in agencynetwork_single.sharemembers.all(): - if(agn_admin not in agency_send): - agency_send.append(agn_admin) - if agn_admin != request.user.profile.agency: - users_of_other_ag = User.objects.filter(profile__agency=agn_admin) - for u in users_of_other_ag: - if u.has_perm('users.standardmanager') and u.has_perm('users.agencynetwork'): - if u.usernotifications.agn_standard_created_mail: - notificationtext = "im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name - sendMailNoti(notificationtext, u) - - if u.usernotifications.agn_standard_created_push: - newnotification = UserNotification(touser=u, notificationtext="im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name, notificationtype="") - newnotification.save() - - channel_layer = channels.layers.get_channel_layer() - async_to_sync(channel_layer.group_send)("user_" + str(u.pk), {'type' : 'pushhandler', 'pushtext' : "pushnotification__Agenturverbund | Im Agenturverbund " + agencynetwork_single.name + " wurde ein neuer Standard geteilt: " + standard.name}) - # Clear sended Agencys for multiple Networks - agency_send = [] - - if request.user.has_perm('users.standardmanager'): - messages.success(request, f'Standard {standard.name} aktualisiert!') - else: - if standard.public: - standard.public = False - messages.warning(request, f'Standard {standard.name} aktualisiert und ist nicht mehr öffentlich, damit Änderungen geprüft werden können.') - else: - messages.success(request, f'Standard {standard.name} aktualisiert!') - standard.save() - return redirect('/standards') - # SHOW EXISTING STANDARD - else: - normalForm = StandardUpdateStandard(instance=standard) - editorForm = StandardUpdateStandardEditor(instance=standard) - # GET ALL DATAS FROM STANDARD - # FILES - possibleFilesByVisible = [] - - allfiles = DataFile.objects.filter(agency=request.user.profile.agency) - # Get all files by view - for f in allfiles: - actParent = DataDir.objects.get(pk=f.parent.pk) - if actParent.is_root: - possibleFilesByVisible.append(f) - else: - if(checkUserDirRights(request, actParent, request.user.pk)): - possibleFilesByVisible.append(f) - - # Remove files which are in standard - for f in possibleFilesByVisible: - if f in standard.addedfiles.all(): - possibleFilesByVisible.remove(f) - - - # STANDARDS - possible_standards = [] - allstandards = Standards.objects.filter(agency=request.user.profile.agency, public=True) - - for s in allstandards: - if s not in standard.linked_standards.all(): - possible_standards.append(s) - - - # USERS VER AUTH EX - possible_verant = User.objects.filter(profile__agency__pk=request.user.profile.agency.pk) - possible_verant_final = [] - for pv in possible_verant: - if pv not in standard.authority.all(): - possible_verant_final.append(pv) - - possible_ex = User.objects.filter(profile__agency__pk=request.user.profile.agency.pk) - possible_ex_final = [] - for pv in possible_ex: - if pv not in standard.executor.all(): - possible_ex_final.append(pv) - - possible_ver = User.objects.filter(profile__agency__pk=request.user.profile.agency.pk) - possible_ver_final = [] - for pv in possible_ver: - if pv not in standard.representative.all(): - possible_ver_final.append(pv) - - - # GROUPS VER AUTH EX - #possible_verant_group_final - #possible_ex_group_final - #possible_ver_group_final - possible_verant_group = AgencyGroup.objects.filter(agency=request.user.profile.agency) - possible_verant_group_final = [] - for g in possible_verant_group: - if g not in standard.authority_group.all(): - possible_verant_group_final.append(g) - - possible_ex_group = AgencyGroup.objects.filter(agency=request.user.profile.agency) - possible_ex_group_final = [] - for g in possible_ex_group: - if g not in standard.executor_group.all(): - possible_ex_group_final.append(g) - - possible_ver_group = AgencyGroup.objects.filter(agency=request.user.profile.agency) - possible_ver_group_final = [] - for g in possible_ver_group: - if g not in standard.representative_group.all(): - possible_ver_group_final.append(g) - - - - # QUICKLINKS - possible_quicklinks = [] - quicklinks = QuickLinks.objects.filter(agency=request.user.profile.agency) - - for q in quicklinks: - if q not in standard.addedquicklinks.all(): - possible_quicklinks.append(q) - - # CONTACTS - possible_contacts = [] - contacts = AGContacts.objects.filter(agency=request.user.profile.agency) - - for q in contacts: - if q not in standard.addedcontacts.all(): - possible_contacts.append(q) - - # PASSWORDS - possible_passwords = [] - contacts = AGPassword.objects.filter(agency=request.user.profile.agency) - - for q in contacts: - if q not in standard.addedpasswords.all(): - possible_passwords.append(q) - - # AGENCYNETWORKS - - agencynetworks_all = AgencyNetwork.objects.all() - agencynetworks = [] - - for a in agencynetworks_all: - if request.user.profile.agency in a.adminagencys.all() or request.user.profile.agency in a.members.all() or request.user.profile.agency in a.sharemembers.all(): - agencynetworks.append(a) - - # GROUPS - # Nicht nötig, da alles über agencygroups und direkt im Standard gemacht wird - - context = { - 'normalForm' : normalForm, - 'editorForm' : editorForm, - 'standard' : standard, - 'files' : possibleFilesByVisible, - 'standard_possible' : possible_standards, - 'poss_verant' : possible_verant_final, - 'poss_ex' : possible_ex_final, - 'poss_ver' : possible_ver_final, - 'possgroup_verant' : possible_verant_group_final, - 'possgroup_ex' : possible_ex_group_final, - 'possgroup_ver' : possible_ver_group_final, - 'possible_quicklinks' : possible_quicklinks, - 'possible_passwords' : possible_passwords, - 'possible_contacts' : possible_contacts, - 'agencynetworks' : agencynetworks, - 'agencygroups' : AgencyGroup.objects.filter(agency=request.user.profile.agency), - 'parentid' : list(DataDir.objects.filter(agency=request.user.profile.agency, is_root=True))[0].pk, - 'active_link' : 'standards', - 'update' : True, - 'aggroups' : AgencyGroup.objects.filter(agency=request.user.profile.agency) - } - return render(request, 'standards/standards_add.html', context) + context = { + 'normalForm' : normalForm, + 'editorForm' : editorForm, + 'standard' : standard, + 'files' : possibleFilesByVisible, + 'standard_possible' : possible_standards, + 'poss_verant' : possible_verant_final, + 'poss_ex' : possible_ex_final, + 'poss_ver' : possible_ver_final, + 'possgroup_verant' : possible_verant_group_final, + 'possgroup_ex' : possible_ex_group_final, + 'possgroup_ver' : possible_ver_group_final, + 'possible_quicklinks' : possible_quicklinks, + 'possible_passwords' : possible_passwords, + 'possible_contacts' : possible_contacts, + 'agencynetworks' : agencynetworks, + 'agencygroups' : AgencyGroup.objects.filter(agency=request.user.profile.agency), + 'parentid' : list(DataDir.objects.filter(agency=request.user.profile.agency, is_root=True))[0].pk, + 'active_link' : 'standards', + 'update' : True, + 'aggroups' : AgencyGroup.objects.filter(agency=request.user.profile.agency) + } + return render(request, 'standards/standards_add.html', context) + else: + context = { + 'active_link':'standards' + } + return render(request, 'standards/standards_noentrie.html', context) ''' @@ -713,6 +760,7 @@ def StandardSingle(request, pk): userisingroup = True else: for ag in groupsofstandard.visibleby.all(): + if ag.group in request.user.groups.all(): userisingroup = True