diff options
Diffstat (limited to '')
-rw-r--r-- | ctrack/organisations/templates/organisations/person_list.html | 39 | ||||
-rw-r--r-- | ctrack/organisations/tests/test_views.py | 42 | ||||
-rw-r--r-- | ctrack/organisations/urls.py | 4 | ||||
-rw-r--r-- | ctrack/organisations/views.py | 14 |
4 files changed, 90 insertions, 9 deletions
diff --git a/ctrack/organisations/templates/organisations/person_list.html b/ctrack/organisations/templates/organisations/person_list.html new file mode 100644 index 0000000..2e9d333 --- /dev/null +++ b/ctrack/organisations/templates/organisations/person_list.html @@ -0,0 +1,39 @@ +{% extends "base.html" %} + +{% block title %} + People +{% endblock %} + +{% block content %} + + <div class="container mt-3"> + <div class="row"> + <div class="col-md-12 pl-0 my-2"> + <div class="row"> + <div class="col-12"> + <h4>People <span class="float-right align-bottom"><a href="{% url "organisations:create" %}"><button type="button" class="btn btn-primary">Create new...</button></a></span></h4> + </div> + </div> + <div class="row"> + <div class="col-md-12 border bg-light my-2"> + <table class="table compact cell-border"> + <thead> + <tr> + <th>Person</th> + <th>Organisation</th> + </tr> + </thead> + {% for p in object_list %} + <tr> + <td><a href="#">{{ p.first_name }} {{ p.last_name }}</a></td> + <td>{{ p.organisation.name }}</td> + </tr> + {% endfor %} + </table> + </div> + </div> + </div> + </div> + </div> + +{% endblock content %} diff --git a/ctrack/organisations/tests/test_views.py b/ctrack/organisations/tests/test_views.py index 7f9da0a..84116de 100644 --- a/ctrack/organisations/tests/test_views.py +++ b/ctrack/organisations/tests/test_views.py @@ -2,9 +2,12 @@ import pytest from django.contrib.auth import get_user_model from django.contrib.auth.models import Group, Permission from django.test import RequestFactory +from django.urls import reverse -from ctrack.organisations.tests.factories import OrganisationFactory -from ctrack.organisations.views import IncidentReportCreateView +from ctrack.caf.tests.factories import PersonFactory +from ctrack.organisations.models import Mode, Submode +from ctrack.organisations.tests.factories import OrganisationFactory, RoleFactory +from ctrack.organisations.views import IncidentReportCreateView, OrganisationDetailView from ..views import OrganisationListView @@ -61,3 +64,38 @@ def test_incident_report_create_view(stakeholder_user): request.user = stakeholder_user response = IncidentReportCreateView.as_view()(request, org.slug) assert response.status_code == 200 + + +def test_only_member_of_cct_user_group_can_view_a_single_person( + stakeholder_user, org_with_people, client +): + role = RoleFactory.create() + submode = Submode.objects.create( + descriptor="Light Rail", mode=Mode.objects.create(descriptor="Rail") + ) + PersonFactory.create( + role=role, + predecessor=None, + organisation__submode=submode, + organisation=org_with_people, + ) + PersonFactory.create( + role=role, + predecessor=None, + organisation__submode=submode, + organisation=org_with_people, + ) + group = Group.objects.create(name="cct_user") + + stakeholder_user.groups.add(group) + + person_list_permission = Permission.objects.get(name="Can view person") + group.permissions.add(person_list_permission) + + client.force_login(stakeholder_user) + + response = client.get(reverse("organisations:people")) + + # They get this permisson via the cct_user group + assert stakeholder_user.has_perm("organisations.view_person") + assert response.status_code == 200 diff --git a/ctrack/organisations/urls.py b/ctrack/organisations/urls.py index 5ccfca0..95967c6 100644 --- a/ctrack/organisations/urls.py +++ b/ctrack/organisations/urls.py @@ -5,11 +5,13 @@ from ctrack.organisations.views import ( OrganisationCreate, OrganisationDetailView, OrganisationListView, + PersonListView, ) app_name = "organisations" urlpatterns = [ + path("people/", view=PersonListView.as_view(), name="people"), path("<slug:slug>/", view=OrganisationDetailView.as_view(), name="detail"), path( "<slug:slug>/create-incident-report/", @@ -17,6 +19,6 @@ urlpatterns = [ name="create_incident_report", ), path("", view=OrganisationListView.as_view(), name="list"), - path("create", view=OrganisationCreate.as_view(), name="create") + path("create", view=OrganisationCreate.as_view(), name="create"), # path("create", view=OrganisationCreate.as_view(), name="create") ] diff --git a/ctrack/organisations/views.py b/ctrack/organisations/views.py index 30ce5a0..d918c71 100644 --- a/ctrack/organisations/views.py +++ b/ctrack/organisations/views.py @@ -1,17 +1,19 @@ from typing import Any, Dict -from django.contrib.auth.mixins import ( - LoginRequiredMixin, - PermissionRequiredMixin, - UserPassesTestMixin, -) +from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin from django.db import transaction from django.http import HttpResponseRedirect from django.urls import reverse, reverse_lazy from django.views.generic import CreateView, DetailView, FormView, ListView from .forms import AddressInlineFormSet, IncidentReportForm, OrganisationCreateForm -from .models import IncidentReport, Organisation +from .models import IncidentReport, Organisation, Person + + +class PersonListView(LoginRequiredMixin, PermissionRequiredMixin, ListView): + model = Person + template_name = "organisations/person_list.html" + permission_required = "organisations.view_person" class OrganisationCreate(LoginRequiredMixin, CreateView): |