added missing/incomplete permissions to views
This commit is contained in:
@@ -1,3 +1,4 @@
|
||||
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
|
||||
from django.shortcuts import render, redirect
|
||||
from django.urls import reverse_lazy
|
||||
from django.utils import timezone
|
||||
@@ -13,11 +14,14 @@ from preinfo.models import Preinfo
|
||||
|
||||
|
||||
# Create your views here.
|
||||
class ContainerReceiveView(FormView):
|
||||
class ContainerReceiveView(LoginRequiredMixin, UserPassesTestMixin, FormView):
|
||||
template_name = 'container-receive.html'
|
||||
form_class = ContainerReceiveForm
|
||||
success_url = reverse_lazy('container_photos')
|
||||
|
||||
def test_func(self):
|
||||
return self.request.user.user_type == 'BS'
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super().get_context_data(**kwargs)
|
||||
context['show_search'] = True
|
||||
@@ -179,11 +183,14 @@ class ContainerSearchView(View):
|
||||
# # return redirect(reverse_lazy('container_search'))
|
||||
|
||||
|
||||
class ContainerExpedition(FormView):
|
||||
class ContainerExpedition(LoginRequiredMixin, UserPassesTestMixin, FormView):
|
||||
template_name = 'container-expedition.html'
|
||||
form_class = ContainerExpeditionForm
|
||||
success_url = reverse_lazy('barrier_dashboard')
|
||||
|
||||
def test_func(self):
|
||||
return self.request.user.user_type == 'BS'
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super().get_context_data(**kwargs)
|
||||
context['show_search'] = True
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
|
||||
from django.shortcuts import render, redirect
|
||||
from django.views import View
|
||||
from django.views.generic import ListView
|
||||
@@ -7,12 +8,15 @@ from common.utils.utils import get_preinfo_by_number, get_container_by_number, f
|
||||
from containers.models import Container
|
||||
|
||||
|
||||
class ClientContainersListView(ListView):
|
||||
class ClientContainersListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
|
||||
template_name = 'employee/containers-list.html'
|
||||
model = Container
|
||||
context_object_name = 'objects'
|
||||
paginate_by = 20
|
||||
|
||||
def test_func(self):
|
||||
return self.request.user.user_type in ('CA', 'CL')
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = super().get_queryset()
|
||||
queryset = filter_queryset_by_user(queryset, self.request.user)
|
||||
@@ -25,12 +29,15 @@ class ClientContainersListView(ListView):
|
||||
return queryset
|
||||
|
||||
|
||||
class ReportContainersUnpaidListView(ListView):
|
||||
class ReportContainersUnpaidListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
|
||||
template_name = 'employee/unpaid-list.html'
|
||||
model = Container
|
||||
context_object_name = 'objects'
|
||||
paginate_by = 20
|
||||
|
||||
def test_func(self):
|
||||
return self.request.user.has_company_perm('can_manage_payment') or self.request.user.user_type == 'CA'
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super().get_context_data(**kwargs)
|
||||
context['companies'] = CompanyModel.objects.all().order_by('name')
|
||||
@@ -55,9 +62,12 @@ class ReportContainersUnpaidListView(ListView):
|
||||
return queryset.order_by('-expedited_on')
|
||||
|
||||
|
||||
class ContainerSearchView(View):
|
||||
class ContainerSearchView(LoginRequiredMixin, UserPassesTestMixin, View):
|
||||
template_name = 'barrier/container-search.html' # Single template for all searches
|
||||
|
||||
def test_func(self):
|
||||
return self.request.user.user_type in ('CA', 'CL')
|
||||
|
||||
def get(self, request):
|
||||
search_type = request.GET.get('param') # container_receive or container_expedition
|
||||
return render(request, self.template_name, {'search_type': search_type})
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
from django.contrib.auth.mixins import LoginRequiredMixin
|
||||
from django.shortcuts import render
|
||||
from django.views.generic import FormView, ListView
|
||||
from django.views.generic.base import TemplateView
|
||||
@@ -77,10 +78,9 @@ from containers.models import Container
|
||||
# return render(self.request, self.template_name, context)
|
||||
|
||||
|
||||
class ContainerDetails(ListView):
|
||||
class ContainerDetails(LoginRequiredMixin, ListView):
|
||||
template_name = 'common/container-details.html'
|
||||
model = Container
|
||||
# base_template = 'employee-base.html'
|
||||
context_object_name = 'objects'
|
||||
paginate_by = 20
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
|
||||
from django.shortcuts import render, redirect
|
||||
from django.views import View
|
||||
from django.views.generic import ListView
|
||||
@@ -7,17 +8,11 @@ from common.utils.utils import get_preinfo_by_number, get_container_by_number
|
||||
from containers.models import Container
|
||||
|
||||
|
||||
class ContainersListView(ListView):
|
||||
class ContainersListView(LoginRequiredMixin, ListView):
|
||||
template_name = 'employee/containers-list.html'
|
||||
model = Container
|
||||
context_object_name = 'objects'
|
||||
paginate_by = 20 # Number of containers per page
|
||||
# base_template = 'employee-base.html'
|
||||
|
||||
# def get_context_data(self, **kwargs):
|
||||
# context = super().get_context_data(**kwargs)
|
||||
# context['base_template'] = self.base_template
|
||||
# return context
|
||||
paginate_by = 20
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = super().get_queryset()
|
||||
@@ -30,12 +25,15 @@ class ContainersListView(ListView):
|
||||
return queryset
|
||||
|
||||
|
||||
class ReportContainersUnpaidListView(ListView):
|
||||
class ReportContainersUnpaidListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
|
||||
template_name = 'employee/unpaid-list.html'
|
||||
model = Container
|
||||
context_object_name = 'objects'
|
||||
paginate_by = 20 # Number of payments per page
|
||||
# base_template = 'employee-base.html'
|
||||
paginate_by = 20
|
||||
|
||||
def test_func(self):
|
||||
return self.request.user.has_company_perm('can_manage_payments') or self.request.user.is_superuser
|
||||
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super().get_context_data(**kwargs)
|
||||
@@ -62,7 +60,7 @@ class ReportContainersUnpaidListView(ListView):
|
||||
return queryset.order_by('-expedited_on')
|
||||
|
||||
|
||||
class ContainerSearchView(View):
|
||||
class ContainerSearchView(LoginRequiredMixin, View):
|
||||
template_name = 'barrier/container-search.html' # Single template for all searches
|
||||
|
||||
def get(self, request):
|
||||
|
||||
Reference in New Issue
Block a user