diff --git a/aleksis/apps/alsijil/rules.py b/aleksis/apps/alsijil/rules.py
index 171a0765737f8b68164af78b3823c96481eef044..c72915af383fcb852849a20af98695edd692a844 100644
--- a/aleksis/apps/alsijil/rules.py
+++ b/aleksis/apps/alsijil/rules.py
@@ -20,9 +20,7 @@ from .util.predicates import (
can_view_documentation,
can_view_participation_status,
can_view_personal_note,
- has_lesson_group_object_perm,
has_person_group_object_perm,
- has_personal_note_group_perm,
is_course_group_owner,
is_course_member,
is_course_teacher,
@@ -33,144 +31,11 @@ from .util.predicates import (
is_in_allowed_time_range_for_participation_status,
is_lesson_event_group_owner,
is_lesson_event_teacher,
- is_lesson_original_teacher,
- is_lesson_parent_group_owner,
- is_lesson_participant,
- is_lesson_teacher,
- is_none,
- is_own_personal_note,
is_owner_of_any_group,
is_parent_group_owner,
is_person_group_owner,
- is_person_primary_group_owner,
- is_personal_note_lesson_original_teacher,
- is_personal_note_lesson_parent_group_owner,
- is_personal_note_lesson_teacher,
- is_teacher,
)
-# View lesson
-view_register_object_predicate = has_person & (
- is_none # View is opened as "Current lesson"
- | is_lesson_teacher
- | is_lesson_original_teacher
- | is_lesson_participant
- | is_lesson_parent_group_owner
- | has_global_perm("alsijil.view_lesson")
- | has_lesson_group_object_perm("core.view_week_class_register_group")
-)
-add_perm("alsijil.view_register_object_rule", view_register_object_predicate)
-
-# View lesson in menu
-add_perm("alsijil.view_lesson_menu_rule", has_person)
-
-# View lesson personal notes
-view_lesson_personal_notes_predicate = view_register_object_predicate & (
- ~is_lesson_participant
- | is_lesson_teacher
- | is_lesson_original_teacher
- | (
- is_lesson_parent_group_owner
- & is_site_preference_set("alsijil", "inherit_privileges_from_parent_group")
- )
- | has_global_perm("alsijil.view_personalnote")
- | has_lesson_group_object_perm("core.view_personalnote_group")
-)
-add_perm("alsijil.view_register_object_personalnote_rule", view_lesson_personal_notes_predicate)
-
-# Edit personal note
-edit_lesson_personal_note_predicate = view_lesson_personal_notes_predicate & (
- is_lesson_teacher
- | (
- is_lesson_original_teacher
- & is_site_preference_set("alsijil", "edit_lesson_documentation_as_original_teacher")
- )
- | (
- is_lesson_parent_group_owner
- & is_site_preference_set("alsijil", "inherit_privileges_from_parent_group")
- )
- | has_global_perm("alsijil.change_personalnote")
- | has_lesson_group_object_perm("core.edit_personalnote_group")
-)
-add_perm("alsijil.edit_register_object_personalnote_rule", edit_lesson_personal_note_predicate)
-
-# View personal note
-view_personal_note_predicate = has_person & (
- (is_own_personal_note & is_site_preference_set("alsijil", "view_own_personal_notes"))
- | is_personal_note_lesson_teacher
- | is_personal_note_lesson_original_teacher
- | is_personal_note_lesson_parent_group_owner
- | has_global_perm("alsijil.view_personalnote")
- | has_personal_note_group_perm("core.view_personalnote_group")
-)
-add_perm("alsijil.view_personalnote_rule", view_personal_note_predicate)
-
-# Edit personal note
-edit_personal_note_predicate = view_personal_note_predicate & (
- ~is_own_personal_note
- & ~(
- is_personal_note_lesson_original_teacher
- | ~is_site_preference_set("alsijil", "edit_lesson_documentation_as_original_teacher")
- )
- | (
- is_personal_note_lesson_parent_group_owner
- | is_site_preference_set("alsijil", "inherit_privileges_from_parent_group")
- )
- | has_global_perm("alsijil.view_personalnote")
- | has_personal_note_group_perm("core.edit_personalnote_group")
-)
-add_perm("alsijil.edit_personalnote_rule", edit_personal_note_predicate)
-
-# View lesson documentation
-view_lesson_documentation_predicate = view_register_object_predicate
-add_perm("alsijil.view_lessondocumentation_rule", view_lesson_documentation_predicate)
-
-# Edit lesson documentation
-edit_lesson_documentation_predicate = view_register_object_predicate & (
- is_lesson_teacher
- | (
- is_lesson_original_teacher
- & is_site_preference_set("alsijil", "edit_lesson_documentation_as_original_teacher")
- )
- | (
- is_lesson_parent_group_owner
- & is_site_preference_set("alsijil", "inherit_privileges_from_parent_group")
- )
- | has_global_perm("alsijil.change_lessondocumentation")
- | has_lesson_group_object_perm("core.edit_lessondocumentation_group")
-)
-add_perm("alsijil.edit_lessondocumentation_rule", edit_lesson_documentation_predicate)
-
-# View week overview
-view_week_predicate = has_person & (
- is_current_person
- | is_group_member
- | is_group_owner
- | (
- is_parent_group_owner
- & is_site_preference_set("alsijil", "inherit_privileges_from_parent_group")
- )
- | has_global_perm("alsijil.view_week")
- | has_object_perm("core.view_week_class_register_group")
-)
-add_perm("alsijil.view_week_rule", view_week_predicate)
-
-# View week overview in menu
-add_perm("alsijil.view_week_menu_rule", has_person)
-
-# View week personal notes
-view_week_personal_notes_predicate = has_person & (
- (is_current_person & is_teacher)
- | is_group_owner
- | (
- is_parent_group_owner
- & is_site_preference_set("alsijil", "inherit_privileges_from_parent_group")
- )
- | has_global_perm("alsijil.view_personalnote")
- | has_object_perm("core.view_personalnote_group")
-)
-add_perm("alsijil.view_week_personalnote_rule", view_week_personal_notes_predicate)
-
# Register absence
view_register_absence_predicate = has_person & (
can_register_absence_for_at_least_one_group | has_global_perm("alsijil.register_absence")
@@ -197,86 +62,6 @@ view_full_register_predicate = has_person & (
)
add_perm("alsijil.view_full_register_rule", view_full_register_predicate)
-# View students list
-view_my_students_predicate = has_person & is_teacher
-add_perm("alsijil.view_my_students_rule", view_my_students_predicate)
-
-# View groups list
-view_my_groups_predicate = has_person & is_teacher
-add_perm("alsijil.view_my_groups_rule", view_my_groups_predicate)
-
-# View students list
-view_students_list_predicate = view_my_groups_predicate & (
- is_group_owner
- | (
- is_parent_group_owner
- & is_site_preference_set("alsijil", "inherit_privileges_from_parent_group")
- )
- | has_global_perm("alsijil.view_personalnote")
- | has_object_perm("core.view_personalnote_group")
-)
-add_perm("alsijil.view_students_list_rule", view_students_list_predicate)
-
-# View person overview
-view_person_overview_predicate = has_person & (
- (is_current_person & is_site_preference_set("alsijil", "view_own_personal_notes"))
- | is_person_group_owner
-)
-add_perm("alsijil.view_person_overview_rule", view_person_overview_predicate)
-
-# View person overview
-view_person_overview_menu_predicate = has_person
-add_perm("alsijil.view_person_overview_menu_rule", view_person_overview_menu_predicate)
-
-# View person overview personal notes
-view_person_overview_personal_notes_predicate = view_person_overview_predicate & (
- (is_current_person & is_site_preference_set("alsijil", "view_own_personal_notes"))
- | is_person_primary_group_owner
- | has_global_perm("alsijil.view_personalnote")
- | has_person_group_object_perm("core.view_personalnote_group")
-)
-add_perm(
- "alsijil.view_person_overview_personalnote_rule",
- view_person_overview_personal_notes_predicate,
-)
-
-# Edit person overview personal notes
-edit_person_overview_personal_notes_predicate = view_person_overview_predicate & (
- ~is_current_person
- | has_global_perm("alsijil.change_personalnote")
- | has_person_group_object_perm("core.edit_personalnote_group")
-)
-add_perm(
- "alsijil.edit_person_overview_personalnote_rule",
- edit_person_overview_personal_notes_predicate,
-)
-
-# View person statistics on personal notes
-view_person_statistics_personal_notes_predicate = view_person_overview_personal_notes_predicate
-add_perm(
- "alsijil.view_person_statistics_personalnote_rule",
- view_person_statistics_personal_notes_predicate,
-)
-
-# View excuse type list
-view_excusetypes_predicate = has_person & has_global_perm("alsijil.view_excusetype")
-add_perm("alsijil.view_excusetypes_rule", view_excusetypes_predicate)
-
-# Add excuse type
-add_excusetype_predicate = view_excusetypes_predicate & has_global_perm("alsijil.add_excusetype")
-add_perm("alsijil.add_excusetype_rule", add_excusetype_predicate)
-
-# Edit excuse type
-edit_excusetype_predicate = view_excusetypes_predicate & has_global_perm(
- "alsijil.change_excusetype"
-)
-add_perm("alsijil.edit_excusetype_rule", edit_excusetype_predicate)
-
-# Delete excuse type
-delete_excusetype_predicate = view_excusetypes_predicate & has_global_perm(
- "alsijil.delete_excusetype"
-)
-add_perm("alsijil.delete_excusetype_rule", delete_excusetype_predicate)
# View extra mark list
view_extramarks_predicate = has_person & has_global_perm("alsijil.view_extramark")
@@ -327,17 +112,6 @@ view_assigned_group_roles_predicate = has_person & (
)
add_perm("alsijil.view_assigned_grouproles_rule", view_assigned_group_roles_predicate)
-view_assigned_group_roles_register_object_predicate = has_person & (
- is_lesson_teacher
- | is_lesson_original_teacher
- | is_lesson_parent_group_owner
- | has_global_perm("alsijil.assign_grouprole")
-)
-add_perm(
- "alsijil.view_assigned_grouproles_for_register_object",
- view_assigned_group_roles_register_object_predicate,
-)
-
assign_group_role_person_predicate = has_person & (
is_person_group_owner | has_global_perm("alsijil.assign_grouprole")
)
diff --git a/aleksis/apps/alsijil/util/predicates.py b/aleksis/apps/alsijil/util/predicates.py
index fd49ca4a2f044064e6739d8f53ed27e8eb0e2539..2a27bca7e2260a13d12199027d3501add3494b60 100644
--- a/aleksis/apps/alsijil/util/predicates.py
+++ b/aleksis/apps/alsijil/util/predicates.py
@@ -1,4 +1,4 @@
-from typing import Any, Union
+from typing import Union
from django.contrib.auth.models import User
from django.db.models import Q
@@ -6,7 +6,7 @@ from django.utils.timezone import localdate, now
from rules import predicate
-from aleksis.apps.chronos.models import Event, ExtraLesson, LessonEvent, LessonPeriod
+from aleksis.apps.chronos.models import LessonEvent
from aleksis.apps.cursus.models import Course
from aleksis.core.models import Group, Person
from aleksis.core.util.core_helpers import get_site_preferences
@@ -15,70 +15,6 @@ from aleksis.core.util.predicates import check_object_permission
from ..models import Documentation, NewPersonalNote
-@predicate
-def is_none(user: User, obj: Any) -> bool:
- """Predicate that checks if the provided object is None-like."""
- return not bool(obj)
-
-
-@predicate
-def is_lesson_teacher(user: User, obj: Union[LessonPeriod, Event, ExtraLesson]) -> bool:
- """Predicate for teachers of a lesson.
-
- Checks whether the person linked to the user is a teacher in the register object.
- If the register object is a lesson period and has a substitution linked,
- this will **only** check if the person is one of the substitution teachers.
- """
- if obj:
- return user.person in obj.get_teachers().all()
- return False
-
-
-@predicate
-def is_lesson_original_teacher(user: User, obj: Union[LessonPeriod, Event, ExtraLesson]) -> bool:
- """Predicate for teachers of a lesson.
-
- Checks whether the person linked to the user is a teacher in the register object.
- If the register object is a lesson period and has a substitution linked,
- this will **also** check if the person is one of the substitution teachers.
- """
- if obj:
- if isinstance(obj, LessonPeriod) and user.person in obj.lesson.teachers.all():
- return True
- return user.person in obj.get_teachers().all()
- return False
-
-
-@predicate
-def is_lesson_participant(user: User, obj: LessonPeriod) -> bool:
- """Predicate for participants of a lesson.
-
- Checks whether the person linked to the user is a member in
- the groups linked to the given LessonPeriod.
- """
- if hasattr(obj, "lesson") or hasattr(obj, "groups"):
- for group in obj.get_groups().all():
- if user.person in list(group.members.all()):
- return True
- return False
-
-
-@predicate
-def is_lesson_parent_group_owner(user: User, obj: LessonPeriod) -> bool:
- """
- Predicate for parent group owners of a lesson.
-
- Checks whether the person linked to the user is the owner of
- any parent groups of any groups of the given LessonPeriods lesson.
- """
- if hasattr(obj, "lesson") or hasattr(obj, "groups"):
- for group in obj.get_groups().all():
- for parent_group in group.parent_groups.all():
- if user.person in list(parent_group.owners.all()):
- return True
- return False
-
-
@predicate
def is_group_owner(user: User, obj: Union[Group, Person]) -> bool:
"""Predicate for group owners of a given group.
@@ -130,19 +66,6 @@ def use_prefetched(obj, attr):
return getattr(obj, attr).all()
-@predicate
-def is_person_primary_group_owner(user: User, obj: Person) -> bool:
- """
- Predicate for group owners of the person's primary group.
-
- Checks whether the person linked to the user is
- the owner of the primary group of the given person.
- """
- if obj.primary_group:
- return user.person in use_prefetched(obj.primary_group, "owners")
- return False
-
-
def has_person_group_object_perm(perm: str):
"""Predicate builder for permissions on a set of member groups.
@@ -171,55 +94,6 @@ def is_group_member(user: User, obj: Union[Group, Person]) -> bool:
return False
-def has_lesson_group_object_perm(perm: str):
- """Predicate builder for permissions on lesson groups.
-
- Checks whether a user has a permission on any group of a LessonPeriod.
- """
- name = f"has_lesson_group_object_perm:{perm}"
-
- @predicate(name)
- def fn(user: User, obj: LessonPeriod) -> bool:
- if hasattr(obj, "lesson"):
- groups = obj.lesson.groups.all()
- for group in groups:
- if check_object_permission(user, perm, group, checker_obj=obj):
- return True
- return False
-
- return fn
-
-
-def has_personal_note_group_perm(perm: str):
- """Predicate builder for permissions on personal notes.
-
- Checks whether a user has a permission on any group of a person of a PersonalNote.
- """
- name = f"has_personal_note_person_or_group_perm:{perm}"
-
- @predicate(name)
- def fn(user: User, obj) -> bool:
- if hasattr(obj, "person"):
- groups = obj.person.member_of.all()
- for group in groups:
- if check_object_permission(user, perm, group, checker_obj=obj):
- return True
- return False
-
- return fn
-
-
-@predicate
-def is_own_personal_note(user: User, obj) -> bool:
- """Predicate for users referred to in a personal note.
-
- Checks whether the user referred to in a PersonalNote is the active user.
- """
- if hasattr(obj, "person") and obj.person is user.person:
- return True
- return False
-
-
@predicate
def is_parent_group_owner(user: User, obj: Group) -> bool:
"""Predicate which checks whether the user is the owner of any parent group of the group."""
@@ -230,66 +104,6 @@ def is_parent_group_owner(user: User, obj: Group) -> bool:
return False
-@predicate
-def is_personal_note_lesson_teacher(user: User, obj) -> bool:
- """Predicate for teachers of a register object linked to a personal note.
-
- Checks whether the person linked to the user is a teacher
- in the register object linked to the personal note.
- If the register object is a lesson period and has a substitution linked,
- this will **only** check if the person is one of the substitution teachers.
- """
- if hasattr(obj, "register_object"):
- return user.person in obj.register_object.get_teachers().all()
- return False
-
-
-@predicate
-def is_personal_note_lesson_original_teacher(user: User, ob) -> bool:
- """Predicate for teachers of a register object linked to a personal note.
-
- Checks whether the person linked to the user is a teacher
- in the register object linked to the personal note.
- If the register object is a lesson period and has a substitution linked,
- this will **also** check if the person is one of the substitution teachers.
- """
- if hasattr(obj, "register_object"):
- if (
- isinstance(obj.register_object, LessonPeriod)
- and user.person in obj.lesson_period.lesson.teachers.all()
- ):
- return True
-
- return user.person in obj.register_object.get_teachers().all()
- return False
-
-
-@predicate
-def is_personal_note_lesson_parent_group_owner(user: User, obj) -> bool:
- """
- Predicate for parent group owners of a lesson referred to in the lesson of a personal note.
-
- Checks whether the person linked to the user is the owner of
- any parent groups of any groups of the given LessonPeriod lesson of the given PersonalNote.
- If so, also checks whether the person linked to the personal note actually is a member of this
- parent group.
- """
- if hasattr(obj, "register_object"):
- for group in obj.register_object.get_groups().all():
- for parent_group in group.parent_groups.all():
- if user.person in use_prefetched(
- parent_group, "owners"
- ) and obj.person in use_prefetched(parent_group, "members"):
- return True
- return False
-
-
-@predicate
-def is_teacher(user: User, obj: Person) -> bool:
- """Predicate which checks if the provided object is a teacher."""
- return user.person.is_teacher
-
-
@predicate
def is_group_role_assignment_group_owner(user: User, obj: Union[Group, Person]) -> bool:
"""Predicate for group owners of a group role assignment.