added missing/incomplete permissions to views

This commit is contained in:
2025-08-03 11:52:01 +03:00
parent 13c4c324fc
commit 75b3adfc71
14 changed files with 103 additions and 153 deletions
+5 -1
View File
@@ -1,12 +1,16 @@
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
from django.shortcuts import render
from django.views.generic import TemplateView
from containers.models import Container
class BarrierDashboardView(TemplateView):
class BarrierDashboardView(LoginRequiredMixin, UserPassesTestMixin, TemplateView):
template_name = 'barrier/barrier-dashboard.html'
def test_func(self):
return self.request.user.user_type == 'BA'
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
recent_containers = Container.objects.select_related('line', 'booking').order_by('-expedited_on', '-received_on')[:10]
+3 -10
View File
@@ -87,15 +87,9 @@ class ClientLineListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
template_name = 'client/line-list.html'
context_object_name = 'objects'
paginate_by = 20
# base_template = 'client-base.html'
def test_func(self):
return True # self.request.user.has_employee_perm('can_view_preinfo') or self.request.user.user_type == 'CA'
# def get_context_data(self, **kwargs):
# context = super().get_context_data(**kwargs)
# context['base_template'] = self.base_template
# return context
return self.request.user.user_type == 'CA'
def get_queryset(self):
queryset = super().get_queryset()
@@ -115,11 +109,10 @@ class ClientLineCreateView(LoginRequiredMixin, UserPassesTestMixin, CreateView):
model = LinesModel
template_name = 'client/line-create.html'
form_class = LineCreateForm
success_url = reverse_lazy('client-line')
def test_func(self):
return True # self.request.user.has_company_perm('can_create_preinfo') or self.request.user.user_type == 'CA'
return self.request.user.user_type == 'CA'
def get_form(self, form_class=None):
form = super().get_form(form_class)
@@ -139,7 +132,7 @@ class ClientLineUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView):
success_url = reverse_lazy('client-company')
def test_func(self):
return True # self.request.user.ha.s_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA'
return self.request.user.user_type == 'CA'
def get_form(self, form_class=None):
form = super().get_form(form_class)
+11 -40
View File
@@ -10,13 +10,16 @@ from containers.models import Container
from preinfo.models import Preinfo
class EmployeeDashboardView(TemplateView):
class EmployeeDashboardView(LoginRequiredMixin, UserPassesTestMixin, TemplateView):
template_name = 'employee-dashboard-content.html'
extra_context = {
'title': 'Employee Dashboard',
'description': 'This is the depot employee dashboard page.',
}
def test_func(self):
return self.request.user.user_type == 'EMP' or self.request.user.is_superuser
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
containers = Container.objects.filter(expedited=False).count()
@@ -30,18 +33,12 @@ class EmployeeDashboardView(TemplateView):
class EmployeeCompanyListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
model = CompanyModel
template_name = 'common/../../templates/employee/company-list.html'
template_name = 'employee/company-list.html'
context_object_name = 'objects'
paginate_by = 20
# base_template = 'employee-base.html'
def test_func(self):
return True # self.request.user.has_employee_perm('can_view_preinfo') or self.request.user.user_type == 'CA'
# def get_context_data(self, **kwargs):
# context = super().get_context_data(**kwargs)
# context['base_template'] = self.base_template
# return context
return self.request.user.is_superuser
def get_queryset(self):
queryset = super().get_queryset()
@@ -61,13 +58,7 @@ class EmployeeCompanyCreateView(LoginRequiredMixin, UserPassesTestMixin, CreateV
success_url = reverse_lazy('employee_company')
def test_func(self):
return True # self.request.user.has_company_perm('can_create_preinfo') or self.request.user.user_type == 'CA'
# def form_valid(self, form):
# form.instance.created_by = self.request.user
# form.instance.updated_by = self.request.user
# return super().form_valid(form)
return self.request.user.is_superuser
class EmployeeCompanyUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView):
@@ -77,11 +68,7 @@ class EmployeeCompanyUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateV
success_url = reverse_lazy('employee_company')
def test_func(self):
return True # self.request.user.ha.s_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA'
# def form_valid(self, form):
# form.instance.updated_by = self.request.user
# return super().form_valid(form)
return self.request.user.is_superuser
class EmployeeLineListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
@@ -89,15 +76,9 @@ class EmployeeLineListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
template_name = 'employee/line-list.html'
context_object_name = 'objects'
paginate_by = 20
# base_template = 'employee-base.html'
def test_func(self):
return True # self.request.user.has_employee_perm('can_view_preinfo') or self.request.user.user_type == 'CA'
# def get_context_data(self, **kwargs):
# context = super().get_context_data(**kwargs)
# context['base_template'] = self.base_template
# return context
return self.request.user.is_superuser
def get_queryset(self):
queryset = super().get_queryset()
@@ -117,13 +98,7 @@ class EmployeeLineCreateView(LoginRequiredMixin, UserPassesTestMixin, CreateView
success_url = reverse_lazy('employee_line')
def test_func(self):
return True # self.request.user.has_company_perm('can_create_preinfo') or self.request.user.user_type == 'CA'
# def form_valid(self, form):
# form.instance.created_by = self.request.user
# form.instance.updated_by = self.request.user
# return super().form_valid(form)
return self.request.user.is_superuser
class EmployeeLineUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView):
@@ -133,8 +108,4 @@ class EmployeeLineUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView
success_url = reverse_lazy('employee_line')
def test_func(self):
return True # self.request.user.ha.s_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA'
# def form_valid(self, form):
# form.instance.updated_by = self.request.user
# return super().form_valid(form)
return self.request.user.is_superuser