diff options
| author | Matthew Lemon <lemon@matthewlemon.com> | 2020-06-01 14:29:10 +0100 |
|---|---|---|
| committer | Matthew Lemon <lemon@matthewlemon.com> | 2020-06-01 14:29:10 +0100 |
| commit | f5cda7311f42b9ec9f4627121421b46b55e8346c (patch) | |
| tree | 07615ffe6af0d1b995b9db436667fb1afc65fd92 /ctrack/caf | |
| parent | 4b1016247bc0b8f1c4d33b5a471b6f65a5b787b4 (diff) | |
added missing persmissions for views
Diffstat (limited to 'ctrack/caf')
| -rw-r--r-- | ctrack/caf/views.py | 67 |
1 files changed, 42 insertions, 25 deletions
diff --git a/ctrack/caf/views.py b/ctrack/caf/views.py index 0cee746..7345319 100644 --- a/ctrack/caf/views.py +++ b/ctrack/caf/views.py @@ -1,22 +1,27 @@ -from django.contrib.auth.decorators import login_required -from django.contrib.auth.mixins import LoginRequiredMixin +from django.contrib.auth.decorators import login_required, permission_required +from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin from django.http import HttpResponseRedirect from django.shortcuts import render -from django.urls import reverse_lazy, reverse -from django.views.generic import ListView, DetailView, FormView +from django.urls import reverse, reverse_lazy +from django.views.generic import DetailView, FormView, ListView from ctrack.assessments.models import CAFAssessmentOutcomeScore -from ctrack.caf.forms import ApplicableSystemCreateFromOrgForm, ApplicableSystemCreateFromCafForm -from ctrack.caf.models import ApplicableSystem, CAF +from ctrack.caf.forms import ( + ApplicableSystemCreateFromCafForm, + ApplicableSystemCreateFromOrgForm, +) +from ctrack.caf.models import CAF, ApplicableSystem from ctrack.organisations.models import Organisation -class ListCAF(LoginRequiredMixin, ListView): +class ListCAF(LoginRequiredMixin, PermissionRequiredMixin, ListView): model = CAF + permission_required = "caf.view_caf" # Let's write a traditional function view! @login_required() +@permission_required("caf.view_caf") def caf_detail_view(request, pk): caf = CAF.objects.get(pk=pk) # get any assessments that have been done on this caf @@ -29,19 +34,20 @@ def caf_detail_view(request, pk): lst_scores.append(CAFAssessmentOutcomeScore.objects.filter(caf_assessment=ass)) _scrs.append(lst_scores) context = { - 'object': caf, - 'assessments_and_scores': _scrs, - 'organisation': ApplicableSystem.objects.filter(caf=caf).first().organisation, - 'systems': caf.applicable_systems.all() + "object": caf, + "assessments_and_scores": _scrs, + "organisation": ApplicableSystem.objects.filter(caf=caf).first().organisation, + "systems": caf.applicable_systems.all(), } - return render(request, 'caf/caf_detail.html', context) + return render(request, "caf/caf_detail.html", context) -class ListApplicableSystem(LoginRequiredMixin, ListView): +class ListApplicableSystem(LoginRequiredMixin, PermissionRequiredMixin, ListView): model = ApplicableSystem # apparently you can pass a list of model objects to a template if you name it # here - otherwise you need to provide a QuerySet template_name = "caf/applicablesystem_list.html" + permission_required = "caf.view_caf" def get_queryset(self): ess = ApplicableSystem.objects.all().order_by("organisation__name") @@ -52,34 +58,45 @@ class ListApplicableSystem(LoginRequiredMixin, ListView): return context -class ApplicableSystemDetail(LoginRequiredMixin, DetailView): +class ApplicableSystemDetail(LoginRequiredMixin, PermissionRequiredMixin, DetailView): model = ApplicableSystem template_name = "caf/applicablesystem_detail.html" + permission_required = "caf.view_applicablesystem" @login_required +@permission_required("caf.add_applicablesystem") def applicable_system_create_from_caf(request, caf_id): org_id = CAF.objects.get(pk=caf_id).organisation().id caf = CAF.objects.get(id=caf_id) - if request.method=="POST": - form = ApplicableSystemCreateFromCafForm(request.POST, caf_id=caf_id, org_id=org_id) + if request.method == "POST": + form = ApplicableSystemCreateFromCafForm( + request.POST, caf_id=caf_id, org_id=org_id + ) if form.is_valid(): ApplicableSystem.objects.create( name=form.cleaned_data["name"], description=form.cleaned_data["description"], caf=form.cleaned_data["caf"], - organisation=form.cleaned_data["organisation"] + organisation=form.cleaned_data["organisation"], ) return HttpResponseRedirect(reverse("caf:detail", args=[caf_id])) else: form = ApplicableSystemCreateFromCafForm(caf_id=caf_id, org_id=org_id) - return render(request, "caf/applicable_system_create_from_caf.html", {"form": form, "caf": caf}) + return render( + request, + "caf/applicable_system_create_from_caf.html", + {"form": form, "caf": caf}, + ) -class ApplicableSystemCreateFromOrg(LoginRequiredMixin, FormView): +class ApplicableSystemCreateFromOrg( + LoginRequiredMixin, PermissionRequiredMixin, FormView +): form_class = ApplicableSystemCreateFromOrgForm template_name = "caf/applicable_system_create_from_org.html" + permission_required = "caf.add_applicablesystem" def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) @@ -91,7 +108,7 @@ class ApplicableSystemCreateFromOrg(LoginRequiredMixin, FormView): name=form.cleaned_data["name"], description=form.cleaned_data["description"], organisation=form.cleaned_data["organisation"], - caf=form.cleaned_data["caf"] + caf=form.cleaned_data["caf"], ) return super().form_valid(form) @@ -100,11 +117,11 @@ class ApplicableSystemCreateFromOrg(LoginRequiredMixin, FormView): org = Organisation.objects.get(slug=self.kwargs["slug"]) asses = org.applicablesystem_set.all() org_cafs = {ass.caf for ass in asses} - kwargs['org_id'] = org.id - kwargs['slug'] = org.slug - kwargs['org_name'] = org.name - kwargs['org_cafs'] = list(org_cafs) + kwargs["org_id"] = org.id + kwargs["slug"] = org.slug + kwargs["org_name"] = org.name + kwargs["org_cafs"] = list(org_cafs) return kwargs def get_success_url(self): - return reverse_lazy("organisations:detail", args=[self.kwargs['slug']]) + return reverse_lazy("organisations:detail", args=[self.kwargs["slug"]]) |