added missing/incomplete permissions to views

This commit is contained in:
2025-08-03 11:52:01 +03:00
parent 13c4c324fc
commit 75b3adfc71
14 changed files with 103 additions and 153 deletions
+9 -2
View File
@@ -1,3 +1,4 @@
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
from django.shortcuts import render, redirect
from django.urls import reverse_lazy
from django.utils import timezone
@@ -13,11 +14,14 @@ from preinfo.models import Preinfo
# Create your views here.
class ContainerReceiveView(FormView):
class ContainerReceiveView(LoginRequiredMixin, UserPassesTestMixin, FormView):
template_name = 'container-receive.html'
form_class = ContainerReceiveForm
success_url = reverse_lazy('container_photos')
def test_func(self):
return self.request.user.user_type == 'BS'
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context['show_search'] = True
@@ -179,11 +183,14 @@ class ContainerSearchView(View):
# # return redirect(reverse_lazy('container_search'))
class ContainerExpedition(FormView):
class ContainerExpedition(LoginRequiredMixin, UserPassesTestMixin, FormView):
template_name = 'container-expedition.html'
form_class = ContainerExpeditionForm
success_url = reverse_lazy('barrier_dashboard')
def test_func(self):
return self.request.user.user_type == 'BS'
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context['show_search'] = True
+13 -3
View File
@@ -1,3 +1,4 @@
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
from django.shortcuts import render, redirect
from django.views import View
from django.views.generic import ListView
@@ -7,12 +8,15 @@ from common.utils.utils import get_preinfo_by_number, get_container_by_number, f
from containers.models import Container
class ClientContainersListView(ListView):
class ClientContainersListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
template_name = 'employee/containers-list.html'
model = Container
context_object_name = 'objects'
paginate_by = 20
def test_func(self):
return self.request.user.user_type in ('CA', 'CL')
def get_queryset(self):
queryset = super().get_queryset()
queryset = filter_queryset_by_user(queryset, self.request.user)
@@ -25,12 +29,15 @@ class ClientContainersListView(ListView):
return queryset
class ReportContainersUnpaidListView(ListView):
class ReportContainersUnpaidListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
template_name = 'employee/unpaid-list.html'
model = Container
context_object_name = 'objects'
paginate_by = 20
def test_func(self):
return self.request.user.has_company_perm('can_manage_payment') or self.request.user.user_type == 'CA'
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context['companies'] = CompanyModel.objects.all().order_by('name')
@@ -55,9 +62,12 @@ class ReportContainersUnpaidListView(ListView):
return queryset.order_by('-expedited_on')
class ContainerSearchView(View):
class ContainerSearchView(LoginRequiredMixin, UserPassesTestMixin, View):
template_name = 'barrier/container-search.html' # Single template for all searches
def test_func(self):
return self.request.user.user_type in ('CA', 'CL')
def get(self, request):
search_type = request.GET.get('param') # container_receive or container_expedition
return render(request, self.template_name, {'search_type': search_type})
+2 -2
View File
@@ -1,3 +1,4 @@
from django.contrib.auth.mixins import LoginRequiredMixin
from django.shortcuts import render
from django.views.generic import FormView, ListView
from django.views.generic.base import TemplateView
@@ -77,10 +78,9 @@ from containers.models import Container
# return render(self.request, self.template_name, context)
class ContainerDetails(ListView):
class ContainerDetails(LoginRequiredMixin, ListView):
template_name = 'common/container-details.html'
model = Container
# base_template = 'employee-base.html'
context_object_name = 'objects'
paginate_by = 20
+10 -12
View File
@@ -1,3 +1,4 @@
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
from django.shortcuts import render, redirect
from django.views import View
from django.views.generic import ListView
@@ -7,17 +8,11 @@ from common.utils.utils import get_preinfo_by_number, get_container_by_number
from containers.models import Container
class ContainersListView(ListView):
class ContainersListView(LoginRequiredMixin, ListView):
template_name = 'employee/containers-list.html'
model = Container
context_object_name = 'objects'
paginate_by = 20 # Number of containers per page
# base_template = 'employee-base.html'
# def get_context_data(self, **kwargs):
# context = super().get_context_data(**kwargs)
# context['base_template'] = self.base_template
# return context
paginate_by = 20
def get_queryset(self):
queryset = super().get_queryset()
@@ -30,12 +25,15 @@ class ContainersListView(ListView):
return queryset
class ReportContainersUnpaidListView(ListView):
class ReportContainersUnpaidListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
template_name = 'employee/unpaid-list.html'
model = Container
context_object_name = 'objects'
paginate_by = 20 # Number of payments per page
# base_template = 'employee-base.html'
paginate_by = 20
def test_func(self):
return self.request.user.has_company_perm('can_manage_payments') or self.request.user.is_superuser
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
@@ -62,7 +60,7 @@ class ReportContainersUnpaidListView(ListView):
return queryset.order_by('-expedited_on')
class ContainerSearchView(View):
class ContainerSearchView(LoginRequiredMixin, View):
template_name = 'barrier/container-search.html' # Single template for all searches
def get(self, request):