aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--ctrack/caf/views.py67
-rw-r--r--ctrack/core/utils.py29
-rw-r--r--ctrack/organisations/views.py6
3 files changed, 74 insertions, 28 deletions
diff --git a/ctrack/caf/views.py b/ctrack/caf/views.py
index 0cee746..7345319 100644
--- a/ctrack/caf/views.py
+++ b/ctrack/caf/views.py
@@ -1,22 +1,27 @@
-from django.contrib.auth.decorators import login_required
-from django.contrib.auth.mixins import LoginRequiredMixin
+from django.contrib.auth.decorators import login_required, permission_required
+from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin
from django.http import HttpResponseRedirect
from django.shortcuts import render
-from django.urls import reverse_lazy, reverse
-from django.views.generic import ListView, DetailView, FormView
+from django.urls import reverse, reverse_lazy
+from django.views.generic import DetailView, FormView, ListView
from ctrack.assessments.models import CAFAssessmentOutcomeScore
-from ctrack.caf.forms import ApplicableSystemCreateFromOrgForm, ApplicableSystemCreateFromCafForm
-from ctrack.caf.models import ApplicableSystem, CAF
+from ctrack.caf.forms import (
+ ApplicableSystemCreateFromCafForm,
+ ApplicableSystemCreateFromOrgForm,
+)
+from ctrack.caf.models import CAF, ApplicableSystem
from ctrack.organisations.models import Organisation
-class ListCAF(LoginRequiredMixin, ListView):
+class ListCAF(LoginRequiredMixin, PermissionRequiredMixin, ListView):
model = CAF
+ permission_required = "caf.view_caf"
# Let's write a traditional function view!
@login_required()
+@permission_required("caf.view_caf")
def caf_detail_view(request, pk):
caf = CAF.objects.get(pk=pk)
# get any assessments that have been done on this caf
@@ -29,19 +34,20 @@ def caf_detail_view(request, pk):
lst_scores.append(CAFAssessmentOutcomeScore.objects.filter(caf_assessment=ass))
_scrs.append(lst_scores)
context = {
- 'object': caf,
- 'assessments_and_scores': _scrs,
- 'organisation': ApplicableSystem.objects.filter(caf=caf).first().organisation,
- 'systems': caf.applicable_systems.all()
+ "object": caf,
+ "assessments_and_scores": _scrs,
+ "organisation": ApplicableSystem.objects.filter(caf=caf).first().organisation,
+ "systems": caf.applicable_systems.all(),
}
- return render(request, 'caf/caf_detail.html', context)
+ return render(request, "caf/caf_detail.html", context)
-class ListApplicableSystem(LoginRequiredMixin, ListView):
+class ListApplicableSystem(LoginRequiredMixin, PermissionRequiredMixin, ListView):
model = ApplicableSystem
# apparently you can pass a list of model objects to a template if you name it
# here - otherwise you need to provide a QuerySet
template_name = "caf/applicablesystem_list.html"
+ permission_required = "caf.view_caf"
def get_queryset(self):
ess = ApplicableSystem.objects.all().order_by("organisation__name")
@@ -52,34 +58,45 @@ class ListApplicableSystem(LoginRequiredMixin, ListView):
return context
-class ApplicableSystemDetail(LoginRequiredMixin, DetailView):
+class ApplicableSystemDetail(LoginRequiredMixin, PermissionRequiredMixin, DetailView):
model = ApplicableSystem
template_name = "caf/applicablesystem_detail.html"
+ permission_required = "caf.view_applicablesystem"
@login_required
+@permission_required("caf.add_applicablesystem")
def applicable_system_create_from_caf(request, caf_id):
org_id = CAF.objects.get(pk=caf_id).organisation().id
caf = CAF.objects.get(id=caf_id)
- if request.method=="POST":
- form = ApplicableSystemCreateFromCafForm(request.POST, caf_id=caf_id, org_id=org_id)
+ if request.method == "POST":
+ form = ApplicableSystemCreateFromCafForm(
+ request.POST, caf_id=caf_id, org_id=org_id
+ )
if form.is_valid():
ApplicableSystem.objects.create(
name=form.cleaned_data["name"],
description=form.cleaned_data["description"],
caf=form.cleaned_data["caf"],
- organisation=form.cleaned_data["organisation"]
+ organisation=form.cleaned_data["organisation"],
)
return HttpResponseRedirect(reverse("caf:detail", args=[caf_id]))
else:
form = ApplicableSystemCreateFromCafForm(caf_id=caf_id, org_id=org_id)
- return render(request, "caf/applicable_system_create_from_caf.html", {"form": form, "caf": caf})
+ return render(
+ request,
+ "caf/applicable_system_create_from_caf.html",
+ {"form": form, "caf": caf},
+ )
-class ApplicableSystemCreateFromOrg(LoginRequiredMixin, FormView):
+class ApplicableSystemCreateFromOrg(
+ LoginRequiredMixin, PermissionRequiredMixin, FormView
+):
form_class = ApplicableSystemCreateFromOrgForm
template_name = "caf/applicable_system_create_from_org.html"
+ permission_required = "caf.add_applicablesystem"
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
@@ -91,7 +108,7 @@ class ApplicableSystemCreateFromOrg(LoginRequiredMixin, FormView):
name=form.cleaned_data["name"],
description=form.cleaned_data["description"],
organisation=form.cleaned_data["organisation"],
- caf=form.cleaned_data["caf"]
+ caf=form.cleaned_data["caf"],
)
return super().form_valid(form)
@@ -100,11 +117,11 @@ class ApplicableSystemCreateFromOrg(LoginRequiredMixin, FormView):
org = Organisation.objects.get(slug=self.kwargs["slug"])
asses = org.applicablesystem_set.all()
org_cafs = {ass.caf for ass in asses}
- kwargs['org_id'] = org.id
- kwargs['slug'] = org.slug
- kwargs['org_name'] = org.name
- kwargs['org_cafs'] = list(org_cafs)
+ kwargs["org_id"] = org.id
+ kwargs["slug"] = org.slug
+ kwargs["org_name"] = org.name
+ kwargs["org_cafs"] = list(org_cafs)
return kwargs
def get_success_url(self):
- return reverse_lazy("organisations:detail", args=[self.kwargs['slug']])
+ return reverse_lazy("organisations:detail", args=[self.kwargs["slug"]])
diff --git a/ctrack/core/utils.py b/ctrack/core/utils.py
index ef998d0..fb49235 100644
--- a/ctrack/core/utils.py
+++ b/ctrack/core/utils.py
@@ -2,7 +2,8 @@ import random
from random import choice, randint
from django.contrib.auth import get_user_model
-from django.contrib.auth.models import Group
+from django.contrib.auth.models import Group, Permission
+from django.db.models import Q
from faker import Faker
from ctrack.assessments.models import (
@@ -73,6 +74,32 @@ def populate_db(**kwargs):
# Groups
cct_staff_group = Group.objects.create(name="cct_users")
+ ctrack_permissions = Permission.objects.filter(
+ Q(codename__contains="address")
+ | Q(codename__contains="addresstype")
+ | Q(codename__contains="mode")
+ | Q(codename__contains="organisation")
+ | Q(codename__contains="role")
+ | Q(codename__contains="submode")
+ | Q(codename__contains="person")
+ | Q(codename__contains="applicablesystem")
+ | Q(codename__contains="caf")
+ | Q(codename__contains="documentfile")
+ | Q(codename__contains="filestore")
+ | Q(codename__contains="grading")
+ | Q(codename__contains="engagementtype")
+ | Q(codename__contains="engagementevent")
+ | Q(codename__contains="cafassessment")
+ | Q(codename__contains="cafobjective")
+ | Q(codename__contains="cafprinciple")
+ | Q(codename__contains="cafcontributingoutcome")
+ | Q(codename__contains="cafassessmentoutcomescore")
+ | Q(codename__contains="achievmentlevel")
+ | Q(codename__contains="igp")
+ | Q(codename__contains="stakeholder")
+ | Q(codename__contains="incidentreport")
+ )
+ cct_staff_group.permissions.add(*ctrack_permissions)
# Set up some reasonable Modes and SubModes
m1 = Mode.objects.create(descriptor="Rail")
diff --git a/ctrack/organisations/views.py b/ctrack/organisations/views.py
index d918c71..0dfe21d 100644
--- a/ctrack/organisations/views.py
+++ b/ctrack/organisations/views.py
@@ -16,10 +16,11 @@ class PersonListView(LoginRequiredMixin, PermissionRequiredMixin, ListView):
permission_required = "organisations.view_person"
-class OrganisationCreate(LoginRequiredMixin, CreateView):
+class OrganisationCreate(LoginRequiredMixin, PermissionRequiredMixin, CreateView):
model = Organisation
template_name = "organisations/org_create_formset.html"
form_class = OrganisationCreateForm
+ permission_required = "organisations.add_organisation"
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
@@ -54,8 +55,9 @@ class OrganisationListView(LoginRequiredMixin, PermissionRequiredMixin, ListView
return context
-class OrganisationDetailView(LoginRequiredMixin, DetailView):
+class OrganisationDetailView(LoginRequiredMixin, PermissionRequiredMixin, DetailView):
model = Organisation
+ permission_required = "organisations.view_organisation"
def get_context_data(self, **kwargs: Any) -> Dict[str, Any]:
context = super().get_context_data()