added missing/incomplete permissions to views

This commit is contained in:
2025-08-03 11:52:01 +03:00
parent 13c4c324fc
commit 75b3adfc71
14 changed files with 103 additions and 153 deletions
+3 -9
View File
@@ -25,16 +25,10 @@ class ClientPreinfoView(LoginRequiredMixin, UserPassesTestMixin, ListView):
# CRUDListView template
context_object_name = 'objects'
# base_template = 'client-base.html'
def test_func(self):
return self.request.user.has_company_perm('can_view_preinfo') or self.request.user.user_type == 'CA'
# def get_context_data(self, **kwargs):
# context = super().get_context_data(**kwargs)
# context['base_template'] = self.base_template
# return context
def get_queryset(self):
queryset = super().get_queryset()
user = self.request.user
@@ -60,7 +54,7 @@ class ClientPreinfoCreateView(LoginRequiredMixin, UserPassesTestMixin, LineFilte
success_url = reverse_lazy('client_preinfo')
def test_func(self):
return True # self.request.user.has_company_perm('can_create_preinfo') or self.request.user.user_type == 'CA'
return self.request.user.has_company_perm('can_manage_preinfo') or self.request.user.user_type == 'CA'
def form_valid(self, form):
form.instance.created_by = self.request.user
@@ -76,7 +70,7 @@ class ClientPreinfoUpdateView(LoginRequiredMixin, UserPassesTestMixin, LineFilte
success_url = reverse_lazy('client_preinfo')
def test_func(self):
return True # self.request.user.ha.s_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA'
return self.request.user.has_company_perm('can_manage_preinfo') or self.request.user.user_type == 'CA'
def form_valid(self, form):
form.instance.updated_by = self.request.user
@@ -95,7 +89,7 @@ def check_preinfo(request):
return JsonResponse({'found': False})
class PreinfoSearchView(View):
class PreinfoSearchView(LoginRequiredMixin, View):
template_name = 'container-search.html'
def get(self, request):
+1 -7
View File
@@ -9,15 +9,9 @@ class EmployeePreinfoView(LoginRequiredMixin, UserPassesTestMixin, ListView):
context_object_name = 'objects'
paginate_by = 20
form_class = PreinfoEditForm
# base_template = 'employee-base.html'
def test_func(self):
return True # self.request.user.has_employee_perm('can_view_preinfo') or self.request.user.user_type == 'CA'
# def get_context_data(self, **kwargs):
# context = super().get_context_data(**kwargs)
# context['base_template'] = self.base_template
# return context
return self.request.user.user_type in ('EM', 'CA')
def get_queryset(self):
queryset = super().get_queryset()