added missing/incomplete permissions to views
This commit is contained in:
@@ -1,12 +1,16 @@
|
||||
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
|
||||
from django.shortcuts import render
|
||||
from django.views.generic import TemplateView
|
||||
|
||||
from containers.models import Container
|
||||
|
||||
|
||||
class BarrierDashboardView(TemplateView):
|
||||
class BarrierDashboardView(LoginRequiredMixin, UserPassesTestMixin, TemplateView):
|
||||
template_name = 'barrier/barrier-dashboard.html'
|
||||
|
||||
def test_func(self):
|
||||
return self.request.user.user_type == 'BA'
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super().get_context_data(**kwargs)
|
||||
recent_containers = Container.objects.select_related('line', 'booking').order_by('-expedited_on', '-received_on')[:10]
|
||||
|
||||
@@ -87,15 +87,9 @@ class ClientLineListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
|
||||
template_name = 'client/line-list.html'
|
||||
context_object_name = 'objects'
|
||||
paginate_by = 20
|
||||
# base_template = 'client-base.html'
|
||||
|
||||
def test_func(self):
|
||||
return True # self.request.user.has_employee_perm('can_view_preinfo') or self.request.user.user_type == 'CA'
|
||||
|
||||
# def get_context_data(self, **kwargs):
|
||||
# context = super().get_context_data(**kwargs)
|
||||
# context['base_template'] = self.base_template
|
||||
# return context
|
||||
return self.request.user.user_type == 'CA'
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = super().get_queryset()
|
||||
@@ -115,11 +109,10 @@ class ClientLineCreateView(LoginRequiredMixin, UserPassesTestMixin, CreateView):
|
||||
model = LinesModel
|
||||
template_name = 'client/line-create.html'
|
||||
form_class = LineCreateForm
|
||||
|
||||
success_url = reverse_lazy('client-line')
|
||||
|
||||
def test_func(self):
|
||||
return True # self.request.user.has_company_perm('can_create_preinfo') or self.request.user.user_type == 'CA'
|
||||
return self.request.user.user_type == 'CA'
|
||||
|
||||
def get_form(self, form_class=None):
|
||||
form = super().get_form(form_class)
|
||||
@@ -139,7 +132,7 @@ class ClientLineUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView):
|
||||
success_url = reverse_lazy('client-company')
|
||||
|
||||
def test_func(self):
|
||||
return True # self.request.user.ha.s_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA'
|
||||
return self.request.user.user_type == 'CA'
|
||||
|
||||
def get_form(self, form_class=None):
|
||||
form = super().get_form(form_class)
|
||||
|
||||
@@ -10,13 +10,16 @@ from containers.models import Container
|
||||
from preinfo.models import Preinfo
|
||||
|
||||
|
||||
class EmployeeDashboardView(TemplateView):
|
||||
class EmployeeDashboardView(LoginRequiredMixin, UserPassesTestMixin, TemplateView):
|
||||
template_name = 'employee-dashboard-content.html'
|
||||
extra_context = {
|
||||
'title': 'Employee Dashboard',
|
||||
'description': 'This is the depot employee dashboard page.',
|
||||
}
|
||||
|
||||
def test_func(self):
|
||||
return self.request.user.user_type == 'EMP' or self.request.user.is_superuser
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super().get_context_data(**kwargs)
|
||||
containers = Container.objects.filter(expedited=False).count()
|
||||
@@ -30,18 +33,12 @@ class EmployeeDashboardView(TemplateView):
|
||||
|
||||
class EmployeeCompanyListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
|
||||
model = CompanyModel
|
||||
template_name = 'common/../../templates/employee/company-list.html'
|
||||
template_name = 'employee/company-list.html'
|
||||
context_object_name = 'objects'
|
||||
paginate_by = 20
|
||||
# base_template = 'employee-base.html'
|
||||
|
||||
def test_func(self):
|
||||
return True # self.request.user.has_employee_perm('can_view_preinfo') or self.request.user.user_type == 'CA'
|
||||
|
||||
# def get_context_data(self, **kwargs):
|
||||
# context = super().get_context_data(**kwargs)
|
||||
# context['base_template'] = self.base_template
|
||||
# return context
|
||||
return self.request.user.is_superuser
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = super().get_queryset()
|
||||
@@ -61,13 +58,7 @@ class EmployeeCompanyCreateView(LoginRequiredMixin, UserPassesTestMixin, CreateV
|
||||
success_url = reverse_lazy('employee_company')
|
||||
|
||||
def test_func(self):
|
||||
return True # self.request.user.has_company_perm('can_create_preinfo') or self.request.user.user_type == 'CA'
|
||||
|
||||
# def form_valid(self, form):
|
||||
# form.instance.created_by = self.request.user
|
||||
# form.instance.updated_by = self.request.user
|
||||
# return super().form_valid(form)
|
||||
|
||||
return self.request.user.is_superuser
|
||||
|
||||
|
||||
class EmployeeCompanyUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView):
|
||||
@@ -77,11 +68,7 @@ class EmployeeCompanyUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateV
|
||||
success_url = reverse_lazy('employee_company')
|
||||
|
||||
def test_func(self):
|
||||
return True # self.request.user.ha.s_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA'
|
||||
|
||||
# def form_valid(self, form):
|
||||
# form.instance.updated_by = self.request.user
|
||||
# return super().form_valid(form)
|
||||
return self.request.user.is_superuser
|
||||
|
||||
|
||||
class EmployeeLineListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
|
||||
@@ -89,15 +76,9 @@ class EmployeeLineListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
|
||||
template_name = 'employee/line-list.html'
|
||||
context_object_name = 'objects'
|
||||
paginate_by = 20
|
||||
# base_template = 'employee-base.html'
|
||||
|
||||
def test_func(self):
|
||||
return True # self.request.user.has_employee_perm('can_view_preinfo') or self.request.user.user_type == 'CA'
|
||||
|
||||
# def get_context_data(self, **kwargs):
|
||||
# context = super().get_context_data(**kwargs)
|
||||
# context['base_template'] = self.base_template
|
||||
# return context
|
||||
return self.request.user.is_superuser
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = super().get_queryset()
|
||||
@@ -117,13 +98,7 @@ class EmployeeLineCreateView(LoginRequiredMixin, UserPassesTestMixin, CreateView
|
||||
success_url = reverse_lazy('employee_line')
|
||||
|
||||
def test_func(self):
|
||||
return True # self.request.user.has_company_perm('can_create_preinfo') or self.request.user.user_type == 'CA'
|
||||
|
||||
# def form_valid(self, form):
|
||||
# form.instance.created_by = self.request.user
|
||||
# form.instance.updated_by = self.request.user
|
||||
# return super().form_valid(form)
|
||||
|
||||
return self.request.user.is_superuser
|
||||
|
||||
|
||||
class EmployeeLineUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView):
|
||||
@@ -133,8 +108,4 @@ class EmployeeLineUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView
|
||||
success_url = reverse_lazy('employee_line')
|
||||
|
||||
def test_func(self):
|
||||
return True # self.request.user.ha.s_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA'
|
||||
|
||||
# def form_valid(self, form):
|
||||
# form.instance.updated_by = self.request.user
|
||||
# return super().form_valid(form)
|
||||
return self.request.user.is_superuser
|
||||
|
||||
Reference in New Issue
Block a user