From d4815df55f110b481d54d1f54f9e839088bffc34 Mon Sep 17 00:00:00 2001 From: klmp200 Date: Mon, 3 Apr 2017 15:00:13 +0200 Subject: [PATCH] Better right counter management --- counter/views.py | 59 +++++++++++++++++++++++++++--------------------- 1 file changed, 33 insertions(+), 26 deletions(-) diff --git a/counter/views.py b/counter/views.py index 80b37f78..e09fa75a 100644 --- a/counter/views.py +++ b/counter/views.py @@ -33,17 +33,26 @@ class IsCounterAdminMixin(View): """ This view is made to protect counter admin section """ - group_id_list = [settings.SITH_GROUP_COUNTER_ADMIN_ID] + edit_group = [settings.SITH_GROUP_COUNTER_ADMIN_ID] + edit_club = [] + def _test_group(self, user): - print(self.group_id_list) - for g in self.group_id_list: + for g in self.edit_group: if user.is_in_group(g): return True return False + def _test_club(self, user): + for c in self.edit_club: + if c.can_be_edited_by(user): + return True + return False + + def dispatch(self, request, *args, **kwargs): res = super(IsCounterAdminMixin, self).dispatch(request, *args, **kwargs) - if not (request.user.is_root or self._test_group(request.user)): + if not (request.user.is_root or self._test_group(request.user) + or self._test_club(request.user)): raise PermissionDenied return res @@ -511,7 +520,7 @@ class CounterAdminTabsMixin(TabedViewMixin): }, ] -class CounterListView(CounterAdminTabsMixin, IsCounterAdminMixin, CanViewMixin, ListView): +class CounterListView(CounterAdminTabsMixin, CanViewMixin, ListView): """ A list view for the admins """ @@ -526,7 +535,7 @@ class CounterEditForm(forms.ModelForm): sellers = make_ajax_field(Counter, 'sellers', 'users', help_text="") products = make_ajax_field(Counter, 'products', 'products', help_text="") -class CounterEditView(CounterAdminTabsMixin, UpdateView, IsCounterAdminMixin): +class CounterEditView(CounterAdminTabsMixin, IsCounterAdminMixin, UpdateView): """ Edit a counter's main informations (for the counter's manager) """ @@ -538,15 +547,13 @@ class CounterEditView(CounterAdminTabsMixin, UpdateView, IsCounterAdminMixin): def dispatch(self, request, *args, **kwargs): obj = self.get_object() - self.group_id_list.append(obj.club.owner_group.id) - for g in obj.club.edit_groups.all(): - self.group_id_list.append(g.id) + self.edit_club.append(obj.club) return super(CounterEditView, self).dispatch(request, *args, **kwargs) def get_success_url(self): return reverse_lazy('counter:admin', kwargs={'counter_id': self.object.id}) -class CounterEditPropView(CounterAdminTabsMixin, IsCounterAdminMixin, CanEditPropMixin, UpdateView): +class CounterEditPropView(CounterAdminTabsMixin, IsCounterAdminMixin, UpdateView): """ Edit a counter's main informations (for the counter's admin) """ @@ -556,7 +563,7 @@ class CounterEditPropView(CounterAdminTabsMixin, IsCounterAdminMixin, CanEditPro template_name = 'core/edit.jinja' current_tab = "counters" -class CounterCreateView(CounterAdminTabsMixin, IsCounterAdminMixin, CanEditMixin, CreateView): +class CounterCreateView(CounterAdminTabsMixin, IsCounterAdminMixin, CreateView): """ Create a counter (for the admins) """ @@ -566,7 +573,7 @@ class CounterCreateView(CounterAdminTabsMixin, IsCounterAdminMixin, CanEditMixin template_name = 'core/create.jinja' current_tab = "counters" -class CounterDeleteView(CounterAdminTabsMixin, IsCounterAdminMixin, CanEditMixin, DeleteView): +class CounterDeleteView(CounterAdminTabsMixin, IsCounterAdminMixin, DeleteView): """ Delete a counter (for the admins) """ @@ -578,7 +585,7 @@ class CounterDeleteView(CounterAdminTabsMixin, IsCounterAdminMixin, CanEditMixin # Product management -class ProductTypeListView(CounterAdminTabsMixin, IsCounterAdminMixin, CanEditPropMixin, ListView): +class ProductTypeListView(CounterAdminTabsMixin, IsCounterAdminMixin, ListView): """ A list view for the admins """ @@ -586,7 +593,7 @@ class ProductTypeListView(CounterAdminTabsMixin, IsCounterAdminMixin, CanEditPro template_name = 'counter/producttype_list.jinja' current_tab = "product_types" -class ProductTypeCreateView(CounterAdminTabsMixin, IsCounterAdminMixin, CanCreateMixin, CreateView): +class ProductTypeCreateView(CounterAdminTabsMixin, IsCounterAdminMixin, CreateView): """ A create view for the admins """ @@ -595,7 +602,7 @@ class ProductTypeCreateView(CounterAdminTabsMixin, IsCounterAdminMixin, CanCreat template_name = 'core/create.jinja' current_tab = "products" -class ProductTypeEditView(CounterAdminTabsMixin, IsCounterAdminMixin, CanEditPropMixin, UpdateView): +class ProductTypeEditView(CounterAdminTabsMixin, IsCounterAdminMixin, UpdateView): """ An edit view for the admins """ @@ -605,7 +612,7 @@ class ProductTypeEditView(CounterAdminTabsMixin, IsCounterAdminMixin, CanEditPro pk_url_kwarg = "type_id" current_tab = "products" -class ProductArchivedListView(CounterAdminTabsMixin, IsCounterAdminMixin, CanEditPropMixin, ListView): +class ProductArchivedListView(CounterAdminTabsMixin, IsCounterAdminMixin, ListView): """ A list view for the admins """ @@ -615,7 +622,7 @@ class ProductArchivedListView(CounterAdminTabsMixin, IsCounterAdminMixin, CanEdi ordering = ['name'] current_tab = "archive" -class ProductListView(CounterAdminTabsMixin, IsCounterAdminMixin, CanEditPropMixin, ListView): +class ProductListView(CounterAdminTabsMixin, IsCounterAdminMixin, ListView): """ A list view for the admins """ @@ -653,7 +660,7 @@ class ProductEditForm(forms.ModelForm): c.save() return ret -class ProductCreateView(CounterAdminTabsMixin, IsCounterAdminMixin, CanCreateMixin, CreateView): +class ProductCreateView(CounterAdminTabsMixin, IsCounterAdminMixin, CreateView): """ A create view for the admins """ @@ -662,7 +669,7 @@ class ProductCreateView(CounterAdminTabsMixin, IsCounterAdminMixin, CanCreateMix template_name = 'core/create.jinja' current_tab = "products" -class ProductEditView(CounterAdminTabsMixin, IsCounterAdminMixin, CanEditPropMixin, UpdateView): +class ProductEditView(CounterAdminTabsMixin, IsCounterAdminMixin, UpdateView): """ An edit view for the admins """ @@ -892,7 +899,7 @@ class CounterActivityView(DetailView): pk_url_kwarg = "counter_id" template_name = 'counter/activity.jinja' -class CounterStatView(DetailView, CanEditMixin): +class CounterStatView(DetailView, IsCounterAdminMixin): """ Show the bar stats """ @@ -954,7 +961,7 @@ class CounterStatView(DetailView, CanEditMixin): return super(CanEditMixin, self).dispatch(request, *args, **kwargs) raise PermissionDenied -class CashSummaryEditView(CanEditPropMixin, CounterAdminTabsMixin, UpdateView): +class CashSummaryEditView(CounterAdminTabsMixin, IsCounterAdminMixin, UpdateView): """Edit cash summaries""" model = CashRegisterSummary template_name = 'counter/cash_register_summary.jinja' @@ -970,7 +977,7 @@ class CashSummaryFormBase(forms.Form): begin_date = forms.DateTimeField(['%Y-%m-%d %H:%M:%S'], label=_("Begin date"), required=False, widget=SelectDateTime) end_date = forms.DateTimeField(['%Y-%m-%d %H:%M:%S'], label=_("End date"), required=False, widget=SelectDateTime) -class CashSummaryListView(CanEditPropMixin, CounterAdminTabsMixin, ListView): +class CashSummaryListView(CounterAdminTabsMixin, IsCounterAdminMixin, ListView): """Display a list of cash summaries""" model = CashRegisterSummary template_name = 'counter/cash_summary_list.jinja' @@ -1007,7 +1014,7 @@ class CashSummaryListView(CanEditPropMixin, CounterAdminTabsMixin, ListView): kwargs['refilling_sums'][c.name] = sum([s.amount for s in refillings.all()]) return kwargs -class InvoiceCallView(CounterAdminTabsMixin, TemplateView): +class InvoiceCallView(CounterAdminTabsMixin, IsCounterAdminMixin, TemplateView): template_name = 'counter/invoices_call.jinja' current_tab = 'invoices_call' @@ -1034,7 +1041,7 @@ class InvoiceCallView(CounterAdminTabsMixin, TemplateView): )).exclude(selling_sum=None).order_by('-selling_sum') return kwargs -class EticketListView(CounterAdminTabsMixin, CanEditPropMixin, ListView): +class EticketListView(CounterAdminTabsMixin, IsCounterAdminMixin, ListView): """ A list view for the admins """ @@ -1052,7 +1059,7 @@ class EticketForm(forms.ModelForm): } product = AutoCompleteSelectField('products', show_help_text=False, label=_("Product"), required=True) -class EticketCreateView(CounterAdminTabsMixin, CanEditPropMixin, CreateView): +class EticketCreateView(CounterAdminTabsMixin, IsCounterAdminMixin, CreateView): """ Create an eticket """ @@ -1061,7 +1068,7 @@ class EticketCreateView(CounterAdminTabsMixin, CanEditPropMixin, CreateView): form_class = EticketForm current_tab = "etickets" -class EticketEditView(CounterAdminTabsMixin, CanEditPropMixin, UpdateView): +class EticketEditView(CounterAdminTabsMixin, IsCounterAdminMixin, UpdateView): """ Edit an eticket """