diff options
-rw-r--r-- | ctrack/caf/views.py | 67 | ||||
-rw-r--r-- | ctrack/core/utils.py | 29 | ||||
-rw-r--r-- | ctrack/organisations/views.py | 6 |
3 files changed, 74 insertions, 28 deletions
diff --git a/ctrack/caf/views.py b/ctrack/caf/views.py index 0cee746..7345319 100644 --- a/ctrack/caf/views.py +++ b/ctrack/caf/views.py @@ -1,22 +1,27 @@ -from django.contrib.auth.decorators import login_required -from django.contrib.auth.mixins import LoginRequiredMixin +from django.contrib.auth.decorators import login_required, permission_required +from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin from django.http import HttpResponseRedirect from django.shortcuts import render -from django.urls import reverse_lazy, reverse -from django.views.generic import ListView, DetailView, FormView +from django.urls import reverse, reverse_lazy +from django.views.generic import DetailView, FormView, ListView from ctrack.assessments.models import CAFAssessmentOutcomeScore -from ctrack.caf.forms import ApplicableSystemCreateFromOrgForm, ApplicableSystemCreateFromCafForm -from ctrack.caf.models import ApplicableSystem, CAF +from ctrack.caf.forms import ( + ApplicableSystemCreateFromCafForm, + ApplicableSystemCreateFromOrgForm, +) +from ctrack.caf.models import CAF, ApplicableSystem from ctrack.organisations.models import Organisation -class ListCAF(LoginRequiredMixin, ListView): +class ListCAF(LoginRequiredMixin, PermissionRequiredMixin, ListView): model = CAF + permission_required = "caf.view_caf" # Let's write a traditional function view! @login_required() +@permission_required("caf.view_caf") def caf_detail_view(request, pk): caf = CAF.objects.get(pk=pk) # get any assessments that have been done on this caf @@ -29,19 +34,20 @@ def caf_detail_view(request, pk): lst_scores.append(CAFAssessmentOutcomeScore.objects.filter(caf_assessment=ass)) _scrs.append(lst_scores) context = { - 'object': caf, - 'assessments_and_scores': _scrs, - 'organisation': ApplicableSystem.objects.filter(caf=caf).first().organisation, - 'systems': caf.applicable_systems.all() + "object": caf, + "assessments_and_scores": _scrs, + "organisation": ApplicableSystem.objects.filter(caf=caf).first().organisation, + "systems": caf.applicable_systems.all(), } - return render(request, 'caf/caf_detail.html', context) + return render(request, "caf/caf_detail.html", context) -class ListApplicableSystem(LoginRequiredMixin, ListView): +class ListApplicableSystem(LoginRequiredMixin, PermissionRequiredMixin, ListView): model = ApplicableSystem # apparently you can pass a list of model objects to a template if you name it # here - otherwise you need to provide a QuerySet template_name = "caf/applicablesystem_list.html" + permission_required = "caf.view_caf" def get_queryset(self): ess = ApplicableSystem.objects.all().order_by("organisation__name") @@ -52,34 +58,45 @@ class ListApplicableSystem(LoginRequiredMixin, ListView): return context -class ApplicableSystemDetail(LoginRequiredMixin, DetailView): +class ApplicableSystemDetail(LoginRequiredMixin, PermissionRequiredMixin, DetailView): model = ApplicableSystem template_name = "caf/applicablesystem_detail.html" + permission_required = "caf.view_applicablesystem" @login_required +@permission_required("caf.add_applicablesystem") def applicable_system_create_from_caf(request, caf_id): org_id = CAF.objects.get(pk=caf_id).organisation().id caf = CAF.objects.get(id=caf_id) - if request.method=="POST": - form = ApplicableSystemCreateFromCafForm(request.POST, caf_id=caf_id, org_id=org_id) + if request.method == "POST": + form = ApplicableSystemCreateFromCafForm( + request.POST, caf_id=caf_id, org_id=org_id + ) if form.is_valid(): ApplicableSystem.objects.create( name=form.cleaned_data["name"], description=form.cleaned_data["description"], caf=form.cleaned_data["caf"], - organisation=form.cleaned_data["organisation"] + organisation=form.cleaned_data["organisation"], ) return HttpResponseRedirect(reverse("caf:detail", args=[caf_id])) else: form = ApplicableSystemCreateFromCafForm(caf_id=caf_id, org_id=org_id) - return render(request, "caf/applicable_system_create_from_caf.html", {"form": form, "caf": caf}) + return render( + request, + "caf/applicable_system_create_from_caf.html", + {"form": form, "caf": caf}, + ) -class ApplicableSystemCreateFromOrg(LoginRequiredMixin, FormView): +class ApplicableSystemCreateFromOrg( + LoginRequiredMixin, PermissionRequiredMixin, FormView +): form_class = ApplicableSystemCreateFromOrgForm template_name = "caf/applicable_system_create_from_org.html" + permission_required = "caf.add_applicablesystem" def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) @@ -91,7 +108,7 @@ class ApplicableSystemCreateFromOrg(LoginRequiredMixin, FormView): name=form.cleaned_data["name"], description=form.cleaned_data["description"], organisation=form.cleaned_data["organisation"], - caf=form.cleaned_data["caf"] + caf=form.cleaned_data["caf"], ) return super().form_valid(form) @@ -100,11 +117,11 @@ class ApplicableSystemCreateFromOrg(LoginRequiredMixin, FormView): org = Organisation.objects.get(slug=self.kwargs["slug"]) asses = org.applicablesystem_set.all() org_cafs = {ass.caf for ass in asses} - kwargs['org_id'] = org.id - kwargs['slug'] = org.slug - kwargs['org_name'] = org.name - kwargs['org_cafs'] = list(org_cafs) + kwargs["org_id"] = org.id + kwargs["slug"] = org.slug + kwargs["org_name"] = org.name + kwargs["org_cafs"] = list(org_cafs) return kwargs def get_success_url(self): - return reverse_lazy("organisations:detail", args=[self.kwargs['slug']]) + return reverse_lazy("organisations:detail", args=[self.kwargs["slug"]]) diff --git a/ctrack/core/utils.py b/ctrack/core/utils.py index ef998d0..fb49235 100644 --- a/ctrack/core/utils.py +++ b/ctrack/core/utils.py @@ -2,7 +2,8 @@ import random from random import choice, randint from django.contrib.auth import get_user_model -from django.contrib.auth.models import Group +from django.contrib.auth.models import Group, Permission +from django.db.models import Q from faker import Faker from ctrack.assessments.models import ( @@ -73,6 +74,32 @@ def populate_db(**kwargs): # Groups cct_staff_group = Group.objects.create(name="cct_users") + ctrack_permissions = Permission.objects.filter( + Q(codename__contains="address") + | Q(codename__contains="addresstype") + | Q(codename__contains="mode") + | Q(codename__contains="organisation") + | Q(codename__contains="role") + | Q(codename__contains="submode") + | Q(codename__contains="person") + | Q(codename__contains="applicablesystem") + | Q(codename__contains="caf") + | Q(codename__contains="documentfile") + | Q(codename__contains="filestore") + | Q(codename__contains="grading") + | Q(codename__contains="engagementtype") + | Q(codename__contains="engagementevent") + | Q(codename__contains="cafassessment") + | Q(codename__contains="cafobjective") + | Q(codename__contains="cafprinciple") + | Q(codename__contains="cafcontributingoutcome") + | Q(codename__contains="cafassessmentoutcomescore") + | Q(codename__contains="achievmentlevel") + | Q(codename__contains="igp") + | Q(codename__contains="stakeholder") + | Q(codename__contains="incidentreport") + ) + cct_staff_group.permissions.add(*ctrack_permissions) # Set up some reasonable Modes and SubModes m1 = Mode.objects.create(descriptor="Rail") diff --git a/ctrack/organisations/views.py b/ctrack/organisations/views.py index d918c71..0dfe21d 100644 --- a/ctrack/organisations/views.py +++ b/ctrack/organisations/views.py @@ -16,10 +16,11 @@ class PersonListView(LoginRequiredMixin, PermissionRequiredMixin, ListView): permission_required = "organisations.view_person" -class OrganisationCreate(LoginRequiredMixin, CreateView): +class OrganisationCreate(LoginRequiredMixin, PermissionRequiredMixin, CreateView): model = Organisation template_name = "organisations/org_create_formset.html" form_class = OrganisationCreateForm + permission_required = "organisations.add_organisation" def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) @@ -54,8 +55,9 @@ class OrganisationListView(LoginRequiredMixin, PermissionRequiredMixin, ListView return context -class OrganisationDetailView(LoginRequiredMixin, DetailView): +class OrganisationDetailView(LoginRequiredMixin, PermissionRequiredMixin, DetailView): model = Organisation + permission_required = "organisations.view_organisation" def get_context_data(self, **kwargs: Any) -> Dict[str, Any]: context = super().get_context_data() |