Merge pull request #4007 from archesproject/3998_show_read_permissions

allow users to view read-only cards in the resource editor report, re #3998

Author: apeters

arches/app/media/js/viewmodels/card.js

@@ -60,6 +60,7 @@ define([
         var permsLiteral = ko.observableArray();
         var nodegroups = params.graphModel.get('nodegroups');
         var multiselect = params.multiselect || false;
+        var isWritable = params.card.is_writable || false;
         var selection;
         if (params.multiselect) {
             selection = params.selection || ko.observableArray([]);
@@ -117,6 +118,7 @@ define([
         });
 
         _.extend(this, nodegroup, {
+            isWritable: isWritable,
             model: cardModel,
             multiselect: params.multiselect,
             widgets: cardModel.widgets,

arches/app/templates/views/components/cards/default.htm

@@ -2,6 +2,7 @@
 <!-- ko foreach: { data: [$data], as: 'self' } -->
 
 <!-- ko if: state === 'editor-tree' -->
+<!-- ko if: card.isWritable -->
 <li role="treeitem card-treeitem" class="jstree-node" data-bind="css: {'jstree-open': (card.tiles().length > 0 && card.expanded()), 'jstree-closed' : (card.tiles().length > 0 && !card.expanded()), 'jstree-leaf': card.tiles().length === 0}, scrollTo: card.scrollTo, container: '.resource-editor-tree'">
     <i class="jstree-icon jstree-ocl" role="presentation" data-bind="click: function(){card.expanded(!card.expanded())}"></i>
     <a class="jstree-anchor" href="#" tabindex="-1" data-bind="css:{'filtered': card.highlight(), 'jstree-clicked': card.selected, 'child-selected': card.isChildSelected()}, click: function () { card.canAdd() ? card.selected(true) : card.tiles()[0].selected(true) },">
@@ -65,6 +66,7 @@
     </ul>
 </li>
 <!-- /ko -->
+<!-- /ko -->
 
 <!-- ko if: state === 'designer-tree' -->
 <li role="treeitem card-treeitem" class="jstree-node" data-bind="css: {'jstree-open': ((card.cards().length > 0 || card.widgets().length > 0) && card.expanded()), 'jstree-closed' : ((card.cards().length > 0 || card.widgets().length > 0) && !card.expanded()), 'jstree-leaf': card.cards().length === 0 && card.widgets().length === 0}, scrollTo: card.scrollTo, container: '.designer-card-tree'">

arches/app/utils/permission_backend.py

@@ -7,7 +7,9 @@
 from guardian.exceptions import WrongAppError
 from django.contrib.auth.models import User, Group, Permission
 
+
 class PermissionBackend(ObjectPermissionBackend):
+
     def has_perm(self, user_obj, perm, obj=None):
         # check if user_obj and object are supported (pulled directly from guardian)
         support, user_obj = check_support(user_obj, obj)
@@ -65,6 +67,7 @@ def has_group_perm(group, perm, obj):
             ret.append(group)
     return ret
 
+
 def get_users_for_object(perm, obj):
     """
     returns a list of user objects that have the given permission on the given object
@@ -81,6 +84,7 @@ def get_users_for_object(perm, obj):
             ret.append(user)
     return ret
 
+
 def get_nodegroups_by_perm(user, perms, any_perm=True):
     """
     returns a list of node groups that a user has the given permission on
@@ -97,10 +101,11 @@ def get_nodegroups_by_perm(user, perms, any_perm=True):
         'models.write_nodegroup',
         'models.delete_nodegroup',
         'models.no_access_to_nodegroup'
-        ], accept_global_perms=False, any_perm=True))
+    ], accept_global_perms=False, any_perm=True))
     B = set(get_objects_for_user(user, perms, accept_global_perms=False, any_perm=any_perm))
     C = set(get_objects_for_user(user, perms, accept_global_perms=True, any_perm=any_perm))
-    return list(C-A|B)
+    return list(C - A | B)
+
 
 def get_editable_resource_types(user):
     """
@@ -113,6 +118,7 @@ def get_editable_resource_types(user):
 
     return get_resource_types_by_perm(user, ['models.write_nodegroup', 'models.delete_nodegroup'])
 
+
 def get_createable_resource_types(user):
     """
     returns a list of graphs that a user can create resource instances of
@@ -161,10 +167,12 @@ def user_can_edit_resources(user):
     """
 
     if user.is_authenticated():
-        return user.is_superuser or (len(get_editable_resource_types(user)) > 0 and
-                user.groups.filter(name__in=settings.RESOURCE_EDITOR_GROUPS).exists())
+        return user.is_superuser or \
+            len(get_editable_resource_types(user)) > 0 or \
+            user.groups.filter(name__in=settings.RESOURCE_EDITOR_GROUPS).exists()
     return False
 
+
 def user_can_read_concepts(user):
     """
     Requires that a user is a part of the RDM Administrator group

arches/app/views/resource.py

@@ -97,8 +97,19 @@ def get(self, request, graphid=None, resourceid=None, view_template='views/resou
             pk=settings.SYSTEM_SETTINGS_RESOURCE_MODEL_ID).exclude(isresource=False).exclude(isactive=False)
         ontologyclass = [node for node in nodes if node.istopnode is True][0].ontologyclass
         relationship_type_values = get_resource_relationship_types()
-        nodegroups = [node.nodegroup for node in nodes if node.is_collector and request.user.has_perm(
-            'write_nodegroup', node.nodegroup)]
+
+        nodegroups = []
+        editable_nodegroups = []
+        for node in nodes:
+            if node.is_collector:
+                added = False
+                if request.user.has_perm('write_nodegroup', node.nodegroup):
+                    editable_nodegroups.append(node.nodegroup)
+                    nodegroups.append(node.nodegroup)
+                    added = True
+                if not added and request.user.has_perm('read_nodegroup', node.nodegroup):
+                    nodegroups.append(node.nodegroup)
+
         nodes = nodes.filter(nodegroup__in=nodegroups)
         cards = graph.cardmodel_set.order_by('sortorder').filter(
             nodegroup__in=nodegroups).prefetch_related('cardxnodexwidget_set')
@@ -148,6 +159,13 @@ def get(self, request, graphid=None, resourceid=None, view_template='views/resou
         geocoding_providers = models.Geocoder.objects.all()
         templates = models.ReportTemplate.objects.all()
 
+        cards = JSONSerializer().serializeToPython(cards)
+        editable_nodegroup_ids = [str(nodegroup.pk) for nodegroup in editable_nodegroups]
+        for card in cards:
+            card['is_writable'] = False
+            if str(card['nodegroup_id']) in editable_nodegroup_ids:
+                card['is_writable'] = True
+
         context = self.get_context_data(
             main_script=main_script,
             resourceid=resourceid,