added missing/incomplete permissions to views
This commit is contained in:
@@ -10,13 +10,16 @@ from containers.models import Container
|
||||
from preinfo.models import Preinfo
|
||||
|
||||
|
||||
class EmployeeDashboardView(TemplateView):
|
||||
class EmployeeDashboardView(LoginRequiredMixin, UserPassesTestMixin, TemplateView):
|
||||
template_name = 'employee-dashboard-content.html'
|
||||
extra_context = {
|
||||
'title': 'Employee Dashboard',
|
||||
'description': 'This is the depot employee dashboard page.',
|
||||
}
|
||||
|
||||
def test_func(self):
|
||||
return self.request.user.user_type == 'EMP' or self.request.user.is_superuser
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super().get_context_data(**kwargs)
|
||||
containers = Container.objects.filter(expedited=False).count()
|
||||
@@ -30,18 +33,12 @@ class EmployeeDashboardView(TemplateView):
|
||||
|
||||
class EmployeeCompanyListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
|
||||
model = CompanyModel
|
||||
template_name = 'common/../../templates/employee/company-list.html'
|
||||
template_name = 'employee/company-list.html'
|
||||
context_object_name = 'objects'
|
||||
paginate_by = 20
|
||||
# base_template = 'employee-base.html'
|
||||
|
||||
def test_func(self):
|
||||
return True # self.request.user.has_employee_perm('can_view_preinfo') or self.request.user.user_type == 'CA'
|
||||
|
||||
# def get_context_data(self, **kwargs):
|
||||
# context = super().get_context_data(**kwargs)
|
||||
# context['base_template'] = self.base_template
|
||||
# return context
|
||||
return self.request.user.is_superuser
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = super().get_queryset()
|
||||
@@ -61,13 +58,7 @@ class EmployeeCompanyCreateView(LoginRequiredMixin, UserPassesTestMixin, CreateV
|
||||
success_url = reverse_lazy('employee_company')
|
||||
|
||||
def test_func(self):
|
||||
return True # self.request.user.has_company_perm('can_create_preinfo') or self.request.user.user_type == 'CA'
|
||||
|
||||
# def form_valid(self, form):
|
||||
# form.instance.created_by = self.request.user
|
||||
# form.instance.updated_by = self.request.user
|
||||
# return super().form_valid(form)
|
||||
|
||||
return self.request.user.is_superuser
|
||||
|
||||
|
||||
class EmployeeCompanyUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView):
|
||||
@@ -77,11 +68,7 @@ class EmployeeCompanyUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateV
|
||||
success_url = reverse_lazy('employee_company')
|
||||
|
||||
def test_func(self):
|
||||
return True # self.request.user.ha.s_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA'
|
||||
|
||||
# def form_valid(self, form):
|
||||
# form.instance.updated_by = self.request.user
|
||||
# return super().form_valid(form)
|
||||
return self.request.user.is_superuser
|
||||
|
||||
|
||||
class EmployeeLineListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
|
||||
@@ -89,15 +76,9 @@ class EmployeeLineListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
|
||||
template_name = 'employee/line-list.html'
|
||||
context_object_name = 'objects'
|
||||
paginate_by = 20
|
||||
# base_template = 'employee-base.html'
|
||||
|
||||
def test_func(self):
|
||||
return True # self.request.user.has_employee_perm('can_view_preinfo') or self.request.user.user_type == 'CA'
|
||||
|
||||
# def get_context_data(self, **kwargs):
|
||||
# context = super().get_context_data(**kwargs)
|
||||
# context['base_template'] = self.base_template
|
||||
# return context
|
||||
return self.request.user.is_superuser
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = super().get_queryset()
|
||||
@@ -117,13 +98,7 @@ class EmployeeLineCreateView(LoginRequiredMixin, UserPassesTestMixin, CreateView
|
||||
success_url = reverse_lazy('employee_line')
|
||||
|
||||
def test_func(self):
|
||||
return True # self.request.user.has_company_perm('can_create_preinfo') or self.request.user.user_type == 'CA'
|
||||
|
||||
# def form_valid(self, form):
|
||||
# form.instance.created_by = self.request.user
|
||||
# form.instance.updated_by = self.request.user
|
||||
# return super().form_valid(form)
|
||||
|
||||
return self.request.user.is_superuser
|
||||
|
||||
|
||||
class EmployeeLineUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView):
|
||||
@@ -133,8 +108,4 @@ class EmployeeLineUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView
|
||||
success_url = reverse_lazy('employee_line')
|
||||
|
||||
def test_func(self):
|
||||
return True # self.request.user.ha.s_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA'
|
||||
|
||||
# def form_valid(self, form):
|
||||
# form.instance.updated_by = self.request.user
|
||||
# return super().form_valid(form)
|
||||
return self.request.user.is_superuser
|
||||
|
||||
Reference in New Issue
Block a user