From 96ad5b30d43086dd11a70934cd4327b36bff251e Mon Sep 17 00:00:00 2001
From: Jens Kleineheismann <heinzel@alpenverein-karlsruhe.de>
Date: Fri, 8 Nov 2019 11:17:25 +0100
Subject: [PATCH] FIX: setup permission check based on group membership. former
 permission check, based on django model permission won't work, because we
 have no model, that would create the permission.

---
 dav_submission/apps.py                                      | 1 +
 .../django_project_config/settings-dav_submission.py        | 3 ++-
 dav_submission/views.py                                     | 6 ++++--
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/dav_submission/apps.py b/dav_submission/apps.py
index 4a87038..f69b138 100644
--- a/dav_submission/apps.py
+++ b/dav_submission/apps.py
@@ -13,6 +13,7 @@ DEFAULT_SETTINGS = (
     DefaultSetting('max_total_size_mib', 100),
     DefaultSetting('metadata_file_name', 'metadata.txt'),
     DefaultSetting('cached_zip_file_name', '.cache.zip'),
+    DefaultSetting('download_group', 'downloaders'),
 )
 
 
diff --git a/dav_submission/django_project_config/settings-dav_submission.py b/dav_submission/django_project_config/settings-dav_submission.py
index 413cf2c..f042c5f 100644
--- a/dav_submission/django_project_config/settings-dav_submission.py
+++ b/dav_submission/django_project_config/settings-dav_submission.py
@@ -8,4 +8,5 @@ from django.conf import settings
 # MAX_FILE_SIZE_MIB = 50
 # MAX_TOTAL_SIZE_MIB = 100
 # METADATA_FILE_NAME = 'metadata.txt'
-# CACHED_ZIP_FILE_NAME = '.cache.zip'
\ No newline at end of file
+# CACHED_ZIP_FILE_NAME = '.cache.zip'
+# DOWNLOAD_GROUP = 'downloaders'
\ No newline at end of file
diff --git a/dav_submission/views.py b/dav_submission/views.py
index 9cbadf4..49f8de4 100644
--- a/dav_submission/views.py
+++ b/dav_submission/views.py
@@ -82,7 +82,8 @@ class ListView(generic.ListView):
 
     @method_decorator(login_required)
     def dispatch(self, request, *args, **kwargs):
-        if not request.user.has_perm('download_submissions'):
+        permission_group = app_config.settings.download_group
+        if not request.user.groups.filter(name=permission_group).exists():
             raise PermissionDenied()
         return super(ListView, self).dispatch(request, *args, **kwargs)
 
@@ -130,7 +131,8 @@ class DownloadView(generic.DetailView):
 
     @method_decorator(login_required)
     def dispatch(self, request, *args, **kwargs):
-        if not request.user.has_perm('download_submissions'):
+        permission_group = app_config.settings.download_group
+        if not request.user.groups.filter(name=permission_group).exists():
             raise PermissionDenied()
         return super(DownloadView, self).dispatch(request, *args, **kwargs)