Using Aristotle permissions in custom code¶

One of the key features in Aristotle is specific access control to items based on a rich matrix of user groups. To make creating extension easier these are exposed through the code in a number of easy to use ways.

Permissions in `perms.py`¶

aristotle_mdr.perms.user_can_add_status(user, item)[source]¶: Can the user add a status to this item in some RA

aristotle_mdr.perms.user_can_edit(user, item)[source]¶: Can the user edit the item?

aristotle_mdr.perms.user_can_view(user, item)[source]¶: Can the user view the item?

Permissions-based `ConceptManager`¶

All correctly derived concept items should have their default manager set to the aristotle.models.ConceptManager. For more information on how this works see the full documentation on the ConceptManager and ConceptQuerySet.

class aristotle_mdr.models.ConceptManager[source]

The ConceptManager is the default object manager for concept and _concept items, and extends from the django-model-utils InheritanceManager.

It provides access to the ConceptQuerySet to allow for easy permissions-based filtering of ISO 11179 Concept-based items.

Permissions template tags¶

Tags and filters available in aristotle templates¶

A number of convenience tags are available for performing common actions in custom templates.

Include the aristotle template tags in every template that uses them, like so:

{% load aristotle_tags %}

Available tags and filters¶

aristotle_mdr.templatetags.aristotle_tags.can_edit(item, user)[source]

A filter that acts as a wrapper around aristotle_mdr.perms.user_can_edit. Returns true if the user has permission to edit the item, otherwise it returns False. If calling user_can_edit throws an exception it safely returns False.

For example:

{% if myItem|can_edit:request.user %}
  {{ item }}
{% endif %}

aristotle_mdr.templatetags.aristotle_tags.can_view(item, user)[source]

A filter that acts as a wrapper around aristotle_mdr.perms.user_can_view. Returns true if the user has permission to view the item, otherwise it returns False. If calling user_can_view throws an exception it safely returns False.

For example:

{% if myItem|can_view:request.user %}
  {{ item }}
{% endif %}

aristotle_mdr.templatetags.aristotle_tags.can_view_iter(qs, user)[source]

A filter that is a simple wrapper that applies the aristotle_mdr.models.ConceptManager.visible(user) for use in templates. Filtering on a Django Queryset and passing in the current user as the argument returns a list (not a Queryset at this stage) of only the items from the Queryset the user can view.

If calling can_view_iter throws an exception it safely returns an empty list.

For example:

{% for item in myItems|can_view_iter:request.user %}
  {{ item }}
{% endfor %}

There are more template tags available in Aristotle

Using Aristotle permissions in custom code¶

Permissions in perms.py¶

Permissions-based ConceptManager¶

Permissions template tags¶

Tags and filters available in aristotle templates¶

Available tags and filters¶

Permissions in `perms.py`¶

Permissions-based `ConceptManager`¶