gitea
/
depot_django
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added missing/incomplete permissions to views

Browse Source
deploy_branch
kikimor 7 months ago
parent 13c4c324fc
commit 75b3adfc71
14 changed files with 103 additions and 153 deletions
Show Stats Download Patch File Download Diff File

19
.idea/workspace.xml
Unescape Escape View File

@ -5,35 +5,20 @@
</component> </component>
<component name="ChangeListManager"> <component name="ChangeListManager">
<list default="true" id="7410a44d-51b9-408b-85ad-4fa46776b372" name="Changes" comment="commit unversioned files ;)"> <list default="true" id="7410a44d-51b9-408b-85ad-4fa46776b372" name="Changes" comment="commit unversioned files ;)">
<change afterPath="$PROJECT_DIR$/accounts/templatetags/permission_tags.py" afterDir="false" />
<change afterPath="$PROJECT_DIR$/templates/common/payment-list.html" afterDir="false" />
<change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" /> <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
<change beforePath="$PROJECT_DIR$/accounts/migrations/0008_populate_permissions.py" beforeDir="false" afterPath="$PROJECT_DIR$/accounts/migrations/0008_populate_permissions.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/accounts/models.py" beforeDir="false" afterPath="$PROJECT_DIR$/accounts/models.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/accounts/views.py" beforeDir="false" afterPath="$PROJECT_DIR$/accounts/views.py" afterDir="false" /> <change beforePath="$PROJECT_DIR$/accounts/views.py" beforeDir="false" afterPath="$PROJECT_DIR$/accounts/views.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/booking/views/client_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/booking/views/client_views.py" afterDir="false" /> <change beforePath="$PROJECT_DIR$/booking/views/client_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/booking/views/client_views.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/booking/views/employee_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/booking/views/employee_views.py" afterDir="false" /> <change beforePath="$PROJECT_DIR$/booking/views/employee_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/booking/views/employee_views.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/common/views/barrier_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/common/views/barrier_views.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/common/views/client_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/common/views/client_views.py" afterDir="false" /> <change beforePath="$PROJECT_DIR$/common/views/client_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/common/views/client_views.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/common/views/employee_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/common/views/employee_views.py" afterDir="false" /> <change beforePath="$PROJECT_DIR$/common/views/employee_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/common/views/employee_views.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/containers/views/barrier_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/containers/views/barrier_views.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/containers/views/client_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/containers/views/client_views.py" afterDir="false" /> <change beforePath="$PROJECT_DIR$/containers/views/client_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/containers/views/client_views.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/containers/views/common.py" beforeDir="false" afterPath="$PROJECT_DIR$/containers/views/common.py" afterDir="false" /> <change beforePath="$PROJECT_DIR$/containers/views/common.py" beforeDir="false" afterPath="$PROJECT_DIR$/containers/views/common.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/containers/views/employee_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/containers/views/employee_views.py" afterDir="false" /> <change beforePath="$PROJECT_DIR$/containers/views/employee_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/containers/views/employee_views.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/payments/urls.py" beforeDir="false" afterPath="$PROJECT_DIR$/payments/urls.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/payments/views.py" beforeDir="false" afterPath="$PROJECT_DIR$/payments/views.py" afterDir="false" /> <change beforePath="$PROJECT_DIR$/payments/views.py" beforeDir="false" afterPath="$PROJECT_DIR$/payments/views.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/preinfo/views/client_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/preinfo/views/client_views.py" afterDir="false" /> <change beforePath="$PROJECT_DIR$/preinfo/views/client_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/preinfo/views/client_views.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/preinfo/views/employee_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/preinfo/views/employee_views.py" afterDir="false" /> <change beforePath="$PROJECT_DIR$/preinfo/views/employee_views.py" beforeDir="false" afterPath="$PROJECT_DIR$/preinfo/views/employee_views.py" afterDir="false" />
<change beforePath="$PROJECT_DIR$/readme.md" beforeDir="false" afterPath="$PROJECT_DIR$/readme.md" afterDir="false" />
<change beforePath="$PROJECT_DIR$/templates/client-sidebar.html" beforeDir="false" afterPath="$PROJECT_DIR$/templates/client-sidebar.html" afterDir="false" />
<change beforePath="$PROJECT_DIR$/templates/client/booking-list.html" beforeDir="false" afterPath="$PROJECT_DIR$/templates/client/booking-list.html" afterDir="false" />
<change beforePath="$PROJECT_DIR$/templates/client/preinfo-list.html" beforeDir="false" afterPath="$PROJECT_DIR$/templates/client/preinfo-list.html" afterDir="false" />
<change beforePath="$PROJECT_DIR$/templates/common/container-details.html" beforeDir="false" afterPath="$PROJECT_DIR$/templates/common/container-details.html" afterDir="false" />
<change beforePath="$PROJECT_DIR$/templates/employee-sidebar.html" beforeDir="false" afterPath="$PROJECT_DIR$/templates/employee-sidebar.html" afterDir="false" />
<change beforePath="$PROJECT_DIR$/templates/employee/booking-list.html" beforeDir="false" afterPath="$PROJECT_DIR$/templates/employee/booking-list.html" afterDir="false" />
<change beforePath="$PROJECT_DIR$/templates/employee/containers-list.html" beforeDir="false" afterPath="$PROJECT_DIR$/templates/employee/containers-list.html" afterDir="false" />
<change beforePath="$PROJECT_DIR$/templates/employee/payment-create.html" beforeDir="false" afterPath="$PROJECT_DIR$/templates/employee/payment-create.html" afterDir="false" />
<change beforePath="$PROJECT_DIR$/templates/employee/payment-list.html" beforeDir="false" afterPath="$PROJECT_DIR$/templates/employee/unpaid-list.html" afterDir="false" />
<change beforePath="$PROJECT_DIR$/templates/employee/preinfo-list.html" beforeDir="false" afterPath="$PROJECT_DIR$/templates/employee/preinfo-list.html" afterDir="false" />
<change beforePath="$PROJECT_DIR$/web_depot.tar" beforeDir="false" afterPath="$PROJECT_DIR$/web_depot.tar" afterDir="false" />
</list> </list>
<option name="SHOW_DIALOG" value="false" /> <option name="SHOW_DIALOG" value="false" />
<option name="HIGHLIGHT_CONFLICTS" value="true" /> <option name="HIGHLIGHT_CONFLICTS" value="true" />

54
accounts/views.py
Unescape Escape View File

@ -12,7 +12,7 @@ from accounts.forms import LoginForm, RegisterForm, UserChangePasswordForm, User
from accounts.models import DepotUser from accounts.models import DepotUser
from django.contrib.auth.decorators import login_required, user_passes_test from django.contrib.auth.decorators import login_required, user_passes_test
from django.contrib.auth.mixins import AccessMixin, LoginRequiredMixin from django.contrib.auth.mixins import AccessMixin, LoginRequiredMixin, UserPassesTestMixin
# Create your views here. # Create your views here.
@ -28,27 +28,21 @@ class DepotLoginView(LoginView):
def is_company_admin(user): def is_company_admin(user):
return user.is_authenticated and user.is_company_admin return user.is_authenticated and user.is_company_admin
@method_decorator(login_required, name='dispatch')
class RegisterView(AccessMixin, FormView): class RegisterView(LoginRequiredMixin, UserPassesTestMixin, FormView):
template_name = 'registration/register.html' template_name = 'registration/register.html'
form_class = RegisterForm form_class = RegisterForm
# model = get_user_model()
success_url = reverse_lazy('dashboard') success_url = reverse_lazy('dashboard')
def dispatch(self, request, *args, **kwargs): def test_func(self):
user: DepotUser = request.user user = self.request.user
return user.is_superuser or user.user_type == DepotUser.UserType.COMPANY_ADMIN
if not (user.is_superuser or user.user_type == DepotUser.UserType.COMPANY_ADMIN):
return self.handle_no_permission()
return super().dispatch(request, *args, **kwargs)
def form_valid(self, form): def form_valid(self, form):
# Create user from form data
user = form.save(commit=False) user = form.save(commit=False)
user_type = form.cleaned_data['user_type'] user_type = form.cleaned_data['user_type']
user.save() user.save()
# Clear irrelevant permissions based on user type
if user_type == DepotUser.UserType.CLIENT: if user_type == DepotUser.UserType.CLIENT:
user.employee_permissions.clear() user.employee_permissions.clear()
user.company_permissions.set(form.cleaned_data['company_permissions']) user.company_permissions.set(form.cleaned_data['company_permissions'])
@ -90,17 +84,15 @@ class RegisterView(AccessMixin, FormView):
return form return form
class UserListView(ListView): class UserListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
template_name = 'registration/user-list.html' template_name = 'registration/user-list.html'
model = get_user_model() model = get_user_model()
context_object_name = 'objects' context_object_name = 'objects'
paginate_by = 20 # Number of containers per page paginate_by = 20
# base_template = 'employee-base.html'
# def get_context_data(self, **kwargs): def test_func(self):
# context = super().get_context_data(**kwargs) user = self.request.user
# context['base_template'] = self.base_template return user.is_superuser or user.user_type == DepotUser.UserType.COMPANY_ADMIN
# return context
def get_queryset(self): def get_queryset(self):
queryset = super().get_queryset() queryset = super().get_queryset()
@ -111,7 +103,6 @@ class UserListView(ListView):
if data_filter != 'all': if data_filter != 'all':
queryset = queryset.filter(is_active=True) queryset = queryset.filter(is_active=True)
# Filter users based on permissions
if user.is_superuser: if user.is_superuser:
return queryset.all() return queryset.all()
elif user.user_type == DepotUser.UserType.COMPANY_ADMIN: elif user.user_type == DepotUser.UserType.COMPANY_ADMIN:
@ -119,18 +110,15 @@ class UserListView(ListView):
else: else:
return queryset.none() return queryset.none()
class UserUpdateView(UpdateView): class UserUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView):
template_name = 'registration/register.html' template_name = 'registration/register.html'
form_class = UserEditForm form_class = UserEditForm
model = get_user_model() model = get_user_model()
success_url = reverse_lazy('user_list') success_url = reverse_lazy('user_list')
def dispatch(self, request, *args, **kwargs): def test_func(self):
user: DepotUser = request.user user = self.request.user
return user.is_superuser or user.user_type == DepotUser.UserType.COMPANY_ADMIN
if not (user.is_superuser or user.user_type == DepotUser.UserType.COMPANY_ADMIN):
return self.handle_no_permission()
return super().dispatch(request, *args, **kwargs)
def form_valid(self, form): def form_valid(self, form):
user = form.save(commit=False) user = form.save(commit=False)
@ -175,14 +163,16 @@ class UserUpdateView(UpdateView):
return form return form
class UserActiveView(LoginRequiredMixin, View): class UserActiveView(LoginRequiredMixin, UserPassesTestMixin, View):
success_url = reverse_lazy('user_list') success_url = reverse_lazy('user_list')
def test_func(self):
user = self.request.user
return user.is_superuser or user.user_type == DepotUser.UserType.COMPANY_ADMIN
def post(self, request, pk, *args, **kwargs): def post(self, request, pk, *args, **kwargs):
user = request.user user = request.user
if not (user.is_superuser or getattr(user, 'user_type', None) == DepotUser.UserType.COMPANY_ADMIN):
return HttpResponseForbidden("You do not have permission to perform this action.")
target_user = get_object_or_404(get_user_model(), pk=pk) target_user = get_object_or_404(get_user_model(), pk=pk)
if target_user == user: if target_user == user:
return HttpResponseForbidden("You cannot change your own active status.") return HttpResponseForbidden("You cannot change your own active status.")
@ -192,7 +182,7 @@ class UserActiveView(LoginRequiredMixin, View):
return JsonResponse({'success': True, 'is_active': target_user.is_active}) return JsonResponse({'success': True, 'is_active': target_user.is_active})
class CustomPasswordChangeView(PasswordChangeView): class CustomPasswordChangeView(LoginRequiredMixin, PasswordChangeView):
template_name = 'registration/change_password.html' template_name = 'registration/change_password.html'
def get_success_url(self): def get_success_url(self):

10
booking/views/client_views.py
Unescape Escape View File

@ -13,16 +13,10 @@ class ClientBookingView(LoginRequiredMixin, UserPassesTestMixin, ListView):
template_name = 'client/booking-list.html' template_name = 'client/booking-list.html'
paginate_by = 20 paginate_by = 20
context_object_name = 'objects' context_object_name = 'objects'
# base_template = 'client-base.html'
def test_func(self): def test_func(self):
return self.request.user.has_company_perm('can_view_booking') or self.request.user.user_type == 'CA' return self.request.user.has_company_perm('can_view_booking') or self.request.user.user_type == 'CA'
# def get_context_data(self, **kwargs):
# context = super().get_context_data(**kwargs)
# context['base_template'] = self.base_template
# return context
def get_queryset(self): def get_queryset(self):
queryset = super().get_queryset() queryset = super().get_queryset()
user = self.request.user user = self.request.user
@ -50,7 +44,7 @@ class CreateBookingView(LoginRequiredMixin, UserPassesTestMixin, LineFilterFormM
return super().form_valid(form) return super().form_valid(form)
def test_func(self): def test_func(self):
return True # self.request.user.has_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA' self.request.user.has_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA'
class ClientBookingUpdateView(LoginRequiredMixin, UserPassesTestMixin, LineFilterFormMixin, CreateView): class ClientBookingUpdateView(LoginRequiredMixin, UserPassesTestMixin, LineFilterFormMixin, CreateView):
@ -65,4 +59,4 @@ class ClientBookingUpdateView(LoginRequiredMixin, UserPassesTestMixin, LineFilte
return super().form_valid(form) return super().form_valid(form)
def test_func(self): def test_func(self):
return True # self.request.user.has_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA' return self.request.user.has_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA'

13
booking/views/employee_views.py
Unescape Escape View File

@ -1,19 +1,18 @@
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
from django.views.generic import ListView from django.views.generic import ListView
from booking.models import Booking from booking.models import Booking
class BookingListView(ListView): class BookingListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
template_name = 'employee/booking-list.html' template_name = 'employee/booking-list.html'
model = Booking model = Booking
context_object_name = 'objects' context_object_name = 'objects'
paginate_by = 20 # Number of containers per page paginate_by = 20
# base_template = 'employee-base.html'
# def get_context_data(self, **kwargs): def test_func(self):
# context = super().get_context_data(**kwargs) user = self.request.user
# context['base_template'] = self.base_template return self.request.user.user_type == 'EMP' or user.is_superuser
# return context
def get_queryset(self): def get_queryset(self):
queryset = super().get_queryset() queryset = super().get_queryset()

6
common/views/barrier_views.py
Unescape Escape View File

@ -1,12 +1,16 @@
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
from django.shortcuts import render from django.shortcuts import render
from django.views.generic import TemplateView from django.views.generic import TemplateView
from containers.models import Container from containers.models import Container
class BarrierDashboardView(TemplateView): class BarrierDashboardView(LoginRequiredMixin, UserPassesTestMixin, TemplateView):
template_name = 'barrier/barrier-dashboard.html' template_name = 'barrier/barrier-dashboard.html'
def test_func(self):
return self.request.user.user_type == 'BA'
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs) context = super().get_context_data(**kwargs)
recent_containers = Container.objects.select_related('line', 'booking').order_by('-expedited_on', '-received_on')[:10] recent_containers = Container.objects.select_related('line', 'booking').order_by('-expedited_on', '-received_on')[:10]

13
common/views/client_views.py
Unescape Escape View File

@ -87,15 +87,9 @@ class ClientLineListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
template_name = 'client/line-list.html' template_name = 'client/line-list.html'
context_object_name = 'objects' context_object_name = 'objects'
paginate_by = 20 paginate_by = 20
# base_template = 'client-base.html'
def test_func(self): def test_func(self):
return True # self.request.user.has_employee_perm('can_view_preinfo') or self.request.user.user_type == 'CA' return self.request.user.user_type == 'CA'
# def get_context_data(self, **kwargs):
# context = super().get_context_data(**kwargs)
# context['base_template'] = self.base_template
# return context
def get_queryset(self): def get_queryset(self):
queryset = super().get_queryset() queryset = super().get_queryset()
@ -115,11 +109,10 @@ class ClientLineCreateView(LoginRequiredMixin, UserPassesTestMixin, CreateView):
model = LinesModel model = LinesModel
template_name = 'client/line-create.html' template_name = 'client/line-create.html'
form_class = LineCreateForm form_class = LineCreateForm
success_url = reverse_lazy('client-line') success_url = reverse_lazy('client-line')
def test_func(self): def test_func(self):
return True # self.request.user.has_company_perm('can_create_preinfo') or self.request.user.user_type == 'CA' return self.request.user.user_type == 'CA'
def get_form(self, form_class=None): def get_form(self, form_class=None):
form = super().get_form(form_class) form = super().get_form(form_class)
@ -139,7 +132,7 @@ class ClientLineUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView):
success_url = reverse_lazy('client-company') success_url = reverse_lazy('client-company')
def test_func(self): def test_func(self):
return True # self.request.user.ha.s_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA' return self.request.user.user_type == 'CA'
def get_form(self, form_class=None): def get_form(self, form_class=None):
form = super().get_form(form_class) form = super().get_form(form_class)

51
common/views/employee_views.py
Unescape Escape View File

@ -10,13 +10,16 @@ from containers.models import Container
from preinfo.models import Preinfo from preinfo.models import Preinfo
class EmployeeDashboardView(TemplateView): class EmployeeDashboardView(LoginRequiredMixin, UserPassesTestMixin, TemplateView):
template_name = 'employee-dashboard-content.html' template_name = 'employee-dashboard-content.html'
extra_context = { extra_context = {
'title': 'Employee Dashboard', 'title': 'Employee Dashboard',
'description': 'This is the depot employee dashboard page.', 'description': 'This is the depot employee dashboard page.',
} }
def test_func(self):
return self.request.user.user_type == 'EMP' or self.request.user.is_superuser
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs) context = super().get_context_data(**kwargs)
containers = Container.objects.filter(expedited=False).count() containers = Container.objects.filter(expedited=False).count()
@ -30,18 +33,12 @@ class EmployeeDashboardView(TemplateView):
class EmployeeCompanyListView(LoginRequiredMixin, UserPassesTestMixin, ListView): class EmployeeCompanyListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
model = CompanyModel model = CompanyModel
template_name = 'common/../../templates/employee/company-list.html' template_name = 'employee/company-list.html'
context_object_name = 'objects' context_object_name = 'objects'
paginate_by = 20 paginate_by = 20
# base_template = 'employee-base.html'
def test_func(self): def test_func(self):
return True # self.request.user.has_employee_perm('can_view_preinfo') or self.request.user.user_type == 'CA' return self.request.user.is_superuser
# def get_context_data(self, **kwargs):
# context = super().get_context_data(**kwargs)
# context['base_template'] = self.base_template
# return context
def get_queryset(self): def get_queryset(self):
queryset = super().get_queryset() queryset = super().get_queryset()
@ -61,13 +58,7 @@ class EmployeeCompanyCreateView(LoginRequiredMixin, UserPassesTestMixin, CreateV
success_url = reverse_lazy('employee_company') success_url = reverse_lazy('employee_company')
def test_func(self): def test_func(self):
return True # self.request.user.has_company_perm('can_create_preinfo') or self.request.user.user_type == 'CA' return self.request.user.is_superuser
# def form_valid(self, form):
# form.instance.created_by = self.request.user
# form.instance.updated_by = self.request.user
# return super().form_valid(form)
class EmployeeCompanyUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView): class EmployeeCompanyUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView):
@ -77,11 +68,7 @@ class EmployeeCompanyUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateV
success_url = reverse_lazy('employee_company') success_url = reverse_lazy('employee_company')
def test_func(self): def test_func(self):
return True # self.request.user.ha.s_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA' return self.request.user.is_superuser
# def form_valid(self, form):
# form.instance.updated_by = self.request.user
# return super().form_valid(form)
class EmployeeLineListView(LoginRequiredMixin, UserPassesTestMixin, ListView): class EmployeeLineListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
@ -89,15 +76,9 @@ class EmployeeLineListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
template_name = 'employee/line-list.html' template_name = 'employee/line-list.html'
context_object_name = 'objects' context_object_name = 'objects'
paginate_by = 20 paginate_by = 20
# base_template = 'employee-base.html'
def test_func(self): def test_func(self):
return True # self.request.user.has_employee_perm('can_view_preinfo') or self.request.user.user_type == 'CA' return self.request.user.is_superuser
# def get_context_data(self, **kwargs):
# context = super().get_context_data(**kwargs)
# context['base_template'] = self.base_template
# return context
def get_queryset(self): def get_queryset(self):
queryset = super().get_queryset() queryset = super().get_queryset()
@ -117,13 +98,7 @@ class EmployeeLineCreateView(LoginRequiredMixin, UserPassesTestMixin, CreateView
success_url = reverse_lazy('employee_line') success_url = reverse_lazy('employee_line')
def test_func(self): def test_func(self):
return True # self.request.user.has_company_perm('can_create_preinfo') or self.request.user.user_type == 'CA' return self.request.user.is_superuser
# def form_valid(self, form):
# form.instance.created_by = self.request.user
# form.instance.updated_by = self.request.user
# return super().form_valid(form)
class EmployeeLineUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView): class EmployeeLineUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView):
@ -133,8 +108,4 @@ class EmployeeLineUpdateView(LoginRequiredMixin, UserPassesTestMixin, UpdateView
success_url = reverse_lazy('employee_line') success_url = reverse_lazy('employee_line')
def test_func(self): def test_func(self):
return True # self.request.user.ha.s_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA' return self.request.user.is_superuser
# def form_valid(self, form):
# form.instance.updated_by = self.request.user
# return super().form_valid(form)

11
containers/views/barrier_views.py
Unescape Escape View File

@ -1,3 +1,4 @@
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
from django.shortcuts import render, redirect from django.shortcuts import render, redirect
from django.urls import reverse_lazy from django.urls import reverse_lazy
from django.utils import timezone from django.utils import timezone
@ -13,11 +14,14 @@ from preinfo.models import Preinfo
# Create your views here. # Create your views here.
class ContainerReceiveView(FormView): class ContainerReceiveView(LoginRequiredMixin, UserPassesTestMixin, FormView):
template_name = 'container-receive.html' template_name = 'container-receive.html'
form_class = ContainerReceiveForm form_class = ContainerReceiveForm
success_url = reverse_lazy('container_photos') success_url = reverse_lazy('container_photos')
def test_func(self):
return self.request.user.user_type == 'BS'
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs) context = super().get_context_data(**kwargs)
context['show_search'] = True context['show_search'] = True
@ -179,11 +183,14 @@ class ContainerSearchView(View):
# # return redirect(reverse_lazy('container_search')) # # return redirect(reverse_lazy('container_search'))
class ContainerExpedition(FormView): class ContainerExpedition(LoginRequiredMixin, UserPassesTestMixin, FormView):
template_name = 'container-expedition.html' template_name = 'container-expedition.html'
form_class = ContainerExpeditionForm form_class = ContainerExpeditionForm
success_url = reverse_lazy('barrier_dashboard') success_url = reverse_lazy('barrier_dashboard')
def test_func(self):
return self.request.user.user_type == 'BS'
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs) context = super().get_context_data(**kwargs)
context['show_search'] = True context['show_search'] = True

16
containers/views/client_views.py
Unescape Escape View File

@ -1,3 +1,4 @@
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
from django.shortcuts import render, redirect from django.shortcuts import render, redirect
from django.views import View from django.views import View
from django.views.generic import ListView from django.views.generic import ListView
@ -7,12 +8,15 @@ from common.utils.utils import get_preinfo_by_number, get_container_by_number, f
from containers.models import Container from containers.models import Container
class ClientContainersListView(ListView): class ClientContainersListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
template_name = 'employee/containers-list.html' template_name = 'employee/containers-list.html'
model = Container model = Container
context_object_name = 'objects' context_object_name = 'objects'
paginate_by = 20 paginate_by = 20
def test_func(self):
return self.request.user.user_type in ('CA', 'CL')
def get_queryset(self): def get_queryset(self):
queryset = super().get_queryset() queryset = super().get_queryset()
queryset = filter_queryset_by_user(queryset, self.request.user) queryset = filter_queryset_by_user(queryset, self.request.user)
@ -25,12 +29,15 @@ class ClientContainersListView(ListView):
return queryset return queryset
class ReportContainersUnpaidListView(ListView): class ReportContainersUnpaidListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
template_name = 'employee/unpaid-list.html' template_name = 'employee/unpaid-list.html'
model = Container model = Container
context_object_name = 'objects' context_object_name = 'objects'
paginate_by = 20 paginate_by = 20
def test_func(self):
return self.request.user.has_company_perm('can_manage_payment') or self.request.user.user_type == 'CA'
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs) context = super().get_context_data(**kwargs)
context['companies'] = CompanyModel.objects.all().order_by('name') context['companies'] = CompanyModel.objects.all().order_by('name')
@ -55,9 +62,12 @@ class ReportContainersUnpaidListView(ListView):
return queryset.order_by('-expedited_on') return queryset.order_by('-expedited_on')
class ContainerSearchView(View): class ContainerSearchView(LoginRequiredMixin, UserPassesTestMixin, View):
template_name = 'barrier/container-search.html' # Single template for all searches template_name = 'barrier/container-search.html' # Single template for all searches
def test_func(self):
return self.request.user.user_type in ('CA', 'CL')
def get(self, request): def get(self, request):
search_type = request.GET.get('param') # container_receive or container_expedition search_type = request.GET.get('param') # container_receive or container_expedition
return render(request, self.template_name, {'search_type': search_type}) return render(request, self.template_name, {'search_type': search_type})

4
containers/views/common.py
Unescape Escape View File

@ -1,3 +1,4 @@
from django.contrib.auth.mixins import LoginRequiredMixin
from django.shortcuts import render from django.shortcuts import render
from django.views.generic import FormView, ListView from django.views.generic import FormView, ListView
from django.views.generic.base import TemplateView from django.views.generic.base import TemplateView
@ -77,10 +78,9 @@ from containers.models import Container
# return render(self.request, self.template_name, context) # return render(self.request, self.template_name, context)
class ContainerDetails(ListView): class ContainerDetails(LoginRequiredMixin, ListView):
template_name = 'common/container-details.html' template_name = 'common/container-details.html'
model = Container model = Container
# base_template = 'employee-base.html'
context_object_name = 'objects' context_object_name = 'objects'
paginate_by = 20 paginate_by = 20

22
containers/views/employee_views.py
Unescape Escape View File

@ -1,3 +1,4 @@
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
from django.shortcuts import render, redirect from django.shortcuts import render, redirect
from django.views import View from django.views import View
from django.views.generic import ListView from django.views.generic import ListView
@ -7,17 +8,11 @@ from common.utils.utils import get_preinfo_by_number, get_container_by_number
from containers.models import Container from containers.models import Container
class ContainersListView(ListView): class ContainersListView(LoginRequiredMixin, ListView):
template_name = 'employee/containers-list.html' template_name = 'employee/containers-list.html'
model = Container model = Container
context_object_name = 'objects' context_object_name = 'objects'
paginate_by = 20 # Number of containers per page paginate_by = 20
# base_template = 'employee-base.html'
# def get_context_data(self, **kwargs):
# context = super().get_context_data(**kwargs)
# context['base_template'] = self.base_template
# return context
def get_queryset(self): def get_queryset(self):
queryset = super().get_queryset() queryset = super().get_queryset()
@ -30,12 +25,15 @@ class ContainersListView(ListView):
return queryset return queryset
class ReportContainersUnpaidListView(ListView): class ReportContainersUnpaidListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
template_name = 'employee/unpaid-list.html' template_name = 'employee/unpaid-list.html'
model = Container model = Container
context_object_name = 'objects' context_object_name = 'objects'
paginate_by = 20 # Number of payments per page paginate_by = 20
# base_template = 'employee-base.html'
def test_func(self):
return self.request.user.has_company_perm('can_manage_payments') or self.request.user.is_superuser
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs) context = super().get_context_data(**kwargs)
@ -62,7 +60,7 @@ class ReportContainersUnpaidListView(ListView):
return queryset.order_by('-expedited_on') return queryset.order_by('-expedited_on')
class ContainerSearchView(View): class ContainerSearchView(LoginRequiredMixin, View):
template_name = 'barrier/container-search.html' # Single template for all searches template_name = 'barrier/container-search.html' # Single template for all searches
def get(self, request): def get(self, request):

17
payments/views.py
Unescape Escape View File

@ -1,5 +1,6 @@
from datetime import datetime from datetime import datetime
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
from django.db.models import Sum from django.db.models import Sum
from django.shortcuts import render from django.shortcuts import render
from django.urls import reverse_lazy from django.urls import reverse_lazy
@ -22,12 +23,15 @@ from django.http import FileResponse, HttpResponse, response
from reportlab.pdfgen import canvas from reportlab.pdfgen import canvas
# Create your views here. # Create your views here.
class PaymentCreateView(CreateView): class PaymentCreateView(LoginRequiredMixin, UserPassesTestMixin, CreateView):
model = Payment model = Payment
form_class = PaymentCreateForm form_class = PaymentCreateForm
template_name = 'employee/payment-create.html' template_name = 'employee/payment-create.html'
success_url = reverse_lazy('not_paid') success_url = reverse_lazy('not_paid')
def test_func(self):
return self.request.user.has_employee_perm('can_manage_payments') or self.request.user.is_superuser
def form_valid(self, form): def form_valid(self, form):
last_payment = Payment.objects.order_by('-invoice_number').first() last_payment = Payment.objects.order_by('-invoice_number').first()
@ -109,12 +113,19 @@ class PaymentCreateView(CreateView):
return form return form
class PaymentListView(ListView): class PaymentListView(LoginRequiredMixin, UserPassesTestMixin, ListView):
model = Payment model = Payment
template_name = 'common/payment-list.html' template_name = 'common/payment-list.html'
context_object_name = 'objects' context_object_name = 'objects'
paginate_by = 20 paginate_by = 20
def test_func(self):
return (self.request.user.is_superuser or
self.request.user.user_type == 'CA' or
self.request.user.has_employee_perm('can_view_payments') or
self.request.user.has_company_perm('can_view_payment')
)
def get_queryset(self): def get_queryset(self):
queryset = super().get_queryset() queryset = super().get_queryset()
user = self.request.user user = self.request.user
@ -128,7 +139,7 @@ class PaymentListView(ListView):
return queryset return queryset
def some_view(request): def some_view(request): # test create pdf invoice
buffer = io.BytesIO() buffer = io.BytesIO()
doc = SimpleDocTemplate(buffer, pagesize=A4) doc = SimpleDocTemplate(buffer, pagesize=A4)
story = [] story = []

12
preinfo/views/client_views.py
Unescape Escape View File

@ -25,16 +25,10 @@ class ClientPreinfoView(LoginRequiredMixin, UserPassesTestMixin, ListView):
# CRUDListView template # CRUDListView template
context_object_name = 'objects' context_object_name = 'objects'
# base_template = 'client-base.html'
def test_func(self): def test_func(self):
return self.request.user.has_company_perm('can_view_preinfo') or self.request.user.user_type == 'CA' return self.request.user.has_company_perm('can_view_preinfo') or self.request.user.user_type == 'CA'
# def get_context_data(self, **kwargs):
# context = super().get_context_data(**kwargs)
# context['base_template'] = self.base_template
# return context
def get_queryset(self): def get_queryset(self):
queryset = super().get_queryset() queryset = super().get_queryset()
user = self.request.user user = self.request.user
@ -60,7 +54,7 @@ class ClientPreinfoCreateView(LoginRequiredMixin, UserPassesTestMixin, LineFilte
success_url = reverse_lazy('client_preinfo') success_url = reverse_lazy('client_preinfo')
def test_func(self): def test_func(self):
return True # self.request.user.has_company_perm('can_create_preinfo') or self.request.user.user_type == 'CA' return self.request.user.has_company_perm('can_manage_preinfo') or self.request.user.user_type == 'CA'
def form_valid(self, form): def form_valid(self, form):
form.instance.created_by = self.request.user form.instance.created_by = self.request.user
@ -76,7 +70,7 @@ class ClientPreinfoUpdateView(LoginRequiredMixin, UserPassesTestMixin, LineFilte
success_url = reverse_lazy('client_preinfo') success_url = reverse_lazy('client_preinfo')
def test_func(self): def test_func(self):
return True # self.request.user.ha.s_company_perm('can_edit_preinfo') or self.request.user.user_type == 'CA' return self.request.user.has_company_perm('can_manage_preinfo') or self.request.user.user_type == 'CA'
def form_valid(self, form): def form_valid(self, form):
form.instance.updated_by = self.request.user form.instance.updated_by = self.request.user
@ -95,7 +89,7 @@ def check_preinfo(request):
return JsonResponse({'found': False}) return JsonResponse({'found': False})
class PreinfoSearchView(View): class PreinfoSearchView(LoginRequiredMixin, View):
template_name = 'container-search.html' template_name = 'container-search.html'
def get(self, request): def get(self, request):

8
preinfo/views/employee_views.py
Unescape Escape View File

@ -9,15 +9,9 @@ class EmployeePreinfoView(LoginRequiredMixin, UserPassesTestMixin, ListView):
context_object_name = 'objects' context_object_name = 'objects'
paginate_by = 20 paginate_by = 20
form_class = PreinfoEditForm form_class = PreinfoEditForm
# base_template = 'employee-base.html'
def test_func(self): def test_func(self):
return True # self.request.user.has_employee_perm('can_view_preinfo') or self.request.user.user_type == 'CA' return self.request.user.user_type in ('EM', 'CA')
# def get_context_data(self, **kwargs):
# context = super().get_context_data(**kwargs)
# context['base_template'] = self.base_template
# return context
def get_queryset(self): def get_queryset(self):
queryset = super().get_queryset() queryset = super().get_queryset()

Write Preview
Loading…
Cancel
Save