From 4e3176e8100bc3eb189617c25705ceb27a06c57c Mon Sep 17 00:00:00 2001 From: luke Date: Wed, 28 Feb 2018 18:25:55 +1100 Subject: [PATCH 01/23] modified: user_permissions.py modified: views.py --- user_permissions.py | 115 ++++++++++++++++++++++++-------------------- views.py | 20 -------- 2 files changed, 62 insertions(+), 73 deletions(-) diff --git a/user_permissions.py b/user_permissions.py index 4ac0a75a6..d99397c68 100644 --- a/user_permissions.py +++ b/user_permissions.py @@ -2,70 +2,79 @@ This python script will return the user's permission level for ANY given permission """ import json +from .models import * +from django.db.models import Max +from django.http import HttpResponseRedirect +from django.urls import reverse -def return_user_permission_level(request, group_id,permission_section): + +def return_user_permission_level(request, group_id,permission_field): """ :param request: - :param group_id: - :param permission_section: + :param group_id: limits data to a certain group - Null if no group + :param permission_field: which permission field we will be looking at. The available list is; + permission_set_id + permission_set_name + administration_assign_users_to_groups + administration_create_groups + administration_create_permission_sets + administration_create_users + assign_campus_to_customer + associate_project_and_tasks + customer + invoice + invoice_product + opportunity + organisation + organisation_campus + project + quote + requirement + requirement_link + task + documents + contact_history + project_history + task_history + :param min_permission_level: tells us what is the minimum level the user has to be, if they do not meet this requirement + then the system will formward them onto the permission denied page. Default is 1 (read only) :return: """ #Default NO PERMISSION user_permission_level = 0 - #Get the cookie - user_permissions = json.loads(request.session['NearBeach_Permissions']) - - for row in user_permissions: - #Check to see if we are dealing with the correct group - if row['fields']['groups'][0] == group_id: - #Obtain the permission level for this group depending on the permission section - permission_value = row['fields']['permission_set'][permission_section_to_number(permission_section)] - - #If permission_value > user_permission_value, update the later with the former - if permission_value > user_permission_level: - user_permission_level = permission_value - elif group_id == None: - """ - There is no group associated with this permission. Just navigate through all the permissions - and determine if the user has access. - """ - permission_value = row['fields']['permission_set'][permission_section_to_number(permission_section)] - - # If permission_value > user_permission_value, update the later with the former - if permission_value > user_permission_level: - user_permission_level = permission_value + #Look into the SQL for that particular field and return it. + if request.user.is_superuser == True: + return 4 + """ + TEMP CODE + ~~~~~~~~~ + field='project_id' + results = project.objects.filter(is_deleted="FALSE").values(field).aggregate(Max(field)) + results[field + "__max"] + """ - return user_permission_level + if group_id == None: + #There is no group id. Select the max value :) + user_groups_results = user_groups.objects.filter( + is_deleted="FALSE", + username=request.user, + permission_set__is_deleted="FALSE", + ).aggregate(Max('permission_set__' + permission_field)) + user_permission_level = user_groups_results['permission_set__' + permission_field + '__max'] + else: + #There is a group, lets find all permissions connected with this group :) + group_instance = groups.objects.get(group_id=group_id) + user_groups_results = user_groups.objects.filter( + is_deleted="FALSE", + username=request.user, + permission_set__is_deleted="FALSE", + groups_id=group_instance, + ).aggregate(Max('permission_set__' + permission_field)) + user_permission_level = user_groups_results['permission_set__' + permission_field + '__max'] -def permission_section_to_number(permission_section): - switcher = { - "permission_set_id": 0, - "permission_set_name": 1, - "administration_assign_users_to_groups": 2, - "administration_create_groups": 3, - "administration_create_permission_sets": 4, - "administration_create_users": 5, - "assign_campus_to_customer": 6, - "associate_project_and_tasks": 7, - "customer": 8, - "invoice": 9, - "invoice_product": 10, - "opportunity": 11, - "organisation": 12, - "organisation_campus": 13, - "project": 14, - "quote": 15, - "requirement": 16, - "requirement_link": 17, - "task": 18, - "documents": 19, - "contact_history": 20, - "project_history": 21, - "task_history": 22, - } - return switcher.get(permission_section,0) \ No newline at end of file + return user_permission_level \ No newline at end of file diff --git a/views.py b/views.py index edc384a65..d93659d6e 100755 --- a/views.py +++ b/views.py @@ -1163,19 +1163,6 @@ def login(request): ) submit_user_group.save() - - - - user_groups_results = user_groups.objects.filter( - username=request.user, - is_deleted='FALSE', - ) - request.session['NearBeach_Permissions'] = serializers.serialize( - 'json', - user_groups_results, - use_natural_foreign_keys=True, - use_natural_primary_keys=True - ) request.session['is_superuser'] = request.user.is_superuser return HttpResponseRedirect(reverse('dashboard')) @@ -1282,13 +1269,6 @@ def new_customer(request, organisations_id): if permission < 3: return HttpResponseRedirect(reverse('permission_denied')) - """ - If the user is not logged in, we want to send them to the login page. - This function should be in ALL webpage requests except for login and - the index page - """ - if not request.user.is_authenticated: - return HttpResponseRedirect(reverse('login')) if request.method == 'POST': form = new_customer_form(request.POST) From fabf1fab01f566abbdfa13d2aed9e0f73a9e040e Mon Sep 17 00:00:00 2001 From: Luke Date: Wed, 28 Feb 2018 22:26:44 +1100 Subject: [PATCH 02/23] modified: templates/NearBeach/project_information.html modified: templates/NearBeach/task_information.html modified: user_permissions.py modified: views.py modified: views_administration.py modified: views_customer_information.py modified: views_document_tree.py modified: views_organisation_information.py modified: views_project_information.py modified: views_quotes.py modified: views_requirements.py modified: views_task_information.py --- templates/NearBeach/project_information.html | 3 +- templates/NearBeach/task_information.html | 2 +- user_permissions.py | 71 ++++-- views.py | 251 +++++-------------- views_administration.py | 225 ++++------------- views_customer_information.py | 67 +---- views_document_tree.py | 50 +--- views_organisation_information.py | 46 +--- views_project_information.py | 92 ++----- views_quotes.py | 26 +- views_requirements.py | 112 ++------- views_task_information.py | 91 ++----- 12 files changed, 255 insertions(+), 781 deletions(-) diff --git a/templates/NearBeach/project_information.html b/templates/NearBeach/project_information.html index 2980834aa..a606946ed 100755 --- a/templates/NearBeach/project_information.html +++ b/templates/NearBeach/project_information.html @@ -7,7 +7,6 @@ - diff --git a/templates/NearBeach/task_information.html b/templates/NearBeach/task_information.html index d7fdd0cf5..510328a61 100755 --- a/templates/NearBeach/task_information.html +++ b/templates/NearBeach/task_information.html @@ -33,7 +33,7 @@ running_total(); //Finally set the permissions - set_permissions({{ task_permissions }}); + //set_permissions({{ task_permissions }}); } diff --git a/user_permissions.py b/user_permissions.py index d99397c68..594d4906f 100644 --- a/user_permissions.py +++ b/user_permissions.py @@ -8,11 +8,11 @@ from django.urls import reverse -def return_user_permission_level(request, group_id,permission_field): +def return_user_permission_level(request, group_list,permission_field): """ :param request: - :param group_id: limits data to a certain group - Null if no group + :param groups: limits data to a certain group - Null if no group :param permission_field: which permission field we will be looking at. The available list is; permission_set_id permission_set_name @@ -37,16 +37,30 @@ def return_user_permission_level(request, group_id,permission_field): contact_history project_history task_history + + Please note - if you want to look up more than ONE permission, please include them in [] brackets. For example if + you would like to look up; project, project_history, and documents, then you would use ['project','project_history','documents'] :param min_permission_level: tells us what is the minimum level the user has to be, if they do not meet this requirement then the system will formward them onto the permission denied page. Default is 1 (read only) :return: """ + + #Make sure the permission_field is an array/list + if not isinstance(permission_field, list): + permission_field = [permission_field] + #Default NO PERMISSION - user_permission_level = 0 + user_permission_level = {} #Look into the SQL for that particular field and return it. if request.user.is_superuser == True: - return 4 + #Add 4 to all permissions + for row in permission_field: + user_permission_level[row] = 4 + #Add new_item and administration as 4 + user_permission_level['new_item'] = 4 + user_permission_level['administration'] = 4 + return user_permission_level """ TEMP CODE @@ -56,25 +70,38 @@ def return_user_permission_level(request, group_id,permission_field): results[field + "__max"] """ + for row in permission_field: + if group_list == None: + #There is no groups. Select the max value :) + user_groups_results = user_groups.objects.filter( + is_deleted="FALSE", + username=request.user, + permission_set__is_deleted="FALSE", + ).aggregate(Max('permission_set__' + row)) + user_permission_level[row] = user_groups_results['permission_set__' + row + '__max'] + else: + #There is a group, lets find all permissions connected with this group :) and return the max :) + group_permission = 0 + for group_id in group_list: + group_instance = groups.objects.get(group_id=group_id['groups_id_id']) + + #Grab user's permission for that group + user_groups_results = user_groups.objects.filter( + is_deleted="FALSE", + username=request.user, + permission_set__is_deleted="FALSE", + groups_id=group_instance, + ).aggregate(Max('permission_set__' + row)) + + #Get the max value for the permission + if group_permission < user_groups_results['permission_set__' + row + '__max']: + group_permission = user_groups_results['permission_set__' + row + '__max'] - if group_id == None: - #There is no group id. Select the max value :) - user_groups_results = user_groups.objects.filter( - is_deleted="FALSE", - username=request.user, - permission_set__is_deleted="FALSE", - ).aggregate(Max('permission_set__' + permission_field)) - user_permission_level = user_groups_results['permission_set__' + permission_field + '__max'] - else: - #There is a group, lets find all permissions connected with this group :) - group_instance = groups.objects.get(group_id=group_id) + user_permission_level[row] = group_permission - user_groups_results = user_groups.objects.filter( - is_deleted="FALSE", - username=request.user, - permission_set__is_deleted="FALSE", - groups_id=group_instance, - ).aggregate(Max('permission_set__' + permission_field)) - user_permission_level = user_groups_results['permission_set__' + permission_field + '__max'] + #TEMP CODE FOR NOW! + user_permission_level['new_item'] = 4 + user_permission_level['administration'] = 4 + #END TEMP CODE return user_permission_level \ No newline at end of file diff --git a/views.py b/views.py index d93659d6e..7443e9a9c 100755 --- a/views.py +++ b/views.py @@ -302,17 +302,9 @@ def associated_tasks(request, project_id): @login_required(login_url='login') def campus_information(request, campus_information): - permission = 0 + permission_results = return_user_permission_level(request, None, 'organisation_campus') - if request.session['is_superuser'] == True: - permission = 4 - else: - pp_results = return_user_permission_level(request, None, 'organisation_campus') - - if pp_results > permission: - permission = pp_results - - if permission == 0: + if permission_results['organisation_campus'] == 0: return HttpResponseRedirect(reverse('permission_denied')) # Obtain data (before POST if statement as it is used insude) @@ -385,7 +377,7 @@ def campus_information(request, campus_information): 'add_customers_results': add_customers_results, 'countries_regions_results': countries_regions_results, 'countries_results': countries_results, - 'permission': permission, + 'permission': permission_results['organisation_campus'], } return HttpResponse(t.render(c, request)) @@ -393,17 +385,9 @@ def campus_information(request, campus_information): @login_required(login_url='login') def customers_campus_information(request, customer_campus_id, customer_or_org): - permission = 0 - - if request.session['is_superuser'] == True: - permission = 4 - else: - pp_results = return_user_permission_level(request, None, 'organisation_campus') - - if pp_results > permission: - permission = pp_results + permission_results = return_user_permission_level(request, None, 'organisation_campus') - if permission == 0: + if permission_results['organisation_campus'] == 0: return HttpResponseRedirect(reverse('permission_denied')) """ @@ -454,7 +438,7 @@ def customers_campus_information(request, customer_campus_id, customer_or_org): 'customer_campus_results': customer_campus_results, 'customer_campus_id': customer_campus_id, 'customer_or_org': customer_or_org, - 'permission': permission, + 'permission': permission_results['organisation_campus'], } return HttpResponse(t.render(c, request)) @@ -462,34 +446,12 @@ def customers_campus_information(request, customer_campus_id, customer_or_org): @login_required(login_url='login') def customer_information(request, customer_id): - customer_permissions = 0 - assign_campus_to_customer_permission = 0 - - if request.session['is_superuser'] == True: - customer_permissions = 4 - assign_campus_to_customer_permission = 4 - else: - pp_results = return_user_permission_level(request, None,'customer') - ph_results = return_user_permission_level(request, None,'assign_campus_to_customer') + permission_results = return_user_permission_level(request, None,['assign_campus_to_customer','customer']) - if pp_results > customer_permissions: - customer_permissions = pp_results - - if ph_results > assign_campus_to_customer_permission: - assign_campus_to_customer_permission = ph_results - - if customer_permissions == 0: - # Send them to permission denied!! + if permission_results['customer'] == 0: return HttpResponseRedirect(reverse('permission_denied')) - """ - If the user is not logged in, we want to send them to the login page. - This function should be in ALL webpage requests except for login and - the index page - """ - if not request.user.is_authenticated: - return HttpResponseRedirect(reverse('login')) - if request.method == "POST" and customer_permissions > 1: + if request.method == "POST" and permission_results['customer'] > 1: # Save everything! form = customer_information_form(request.POST, request.FILES) if form.is_valid(): @@ -649,8 +611,8 @@ def customer_information(request, customer_id): 'opportunity_results': opportunity_results, 'PRIVATE_MEDIA_URL': settings.PRIVATE_MEDIA_URL, 'customer_id': customer_id, - 'customer_permissions': customer_permissions, - 'assign_campus_to_customer_permission': assign_campus_to_customer_permission, + 'customer_permissions': permission_results['customer'], + 'assign_campus_to_customer_permission': permission_results['assign_campus_to_customer'], 'quote_results':quote_results, } @@ -1191,9 +1153,9 @@ def logout(request): @login_required(login_url='login') def new_campus(request, organisations_id): - permission = return_user_permission_level(request, None, 'organisation_campus') + permission_results = return_user_permission_level(request, None, 'organisation_campus') - if permission < 3: + if permission_results['organisation_campus'] < 3: return HttpResponseRedirect(reverse('permission_denied')) """ @@ -1265,9 +1227,9 @@ def new_campus(request, organisations_id): @login_required(login_url='login') def new_customer(request, organisations_id): - permission = return_user_permission_level(request, None, 'customer') + permission_results = return_user_permission_level(request, None, 'customer') - if permission < 3: + if permission_results['customer'] < 3: return HttpResponseRedirect(reverse('permission_denied')) if request.method == 'POST': @@ -1315,9 +1277,9 @@ def new_customer(request, organisations_id): @login_required(login_url='login') def new_opportunity(request, location_id,destination): - permission = return_user_permission_level(request, None, 'opportunity') + permission_results = return_user_permission_level(request, None, 'opportunity') - if permission < 3: + if permission_results['opportunity'] < 3: return HttpResponseRedirect(reverse('permission_denied')) # POST or None @@ -1509,9 +1471,9 @@ def new_opportunity(request, location_id,destination): @login_required(login_url='login') def new_organisation(request): - permission = return_user_permission_level(request, None, 'organisation') + permission_results = return_user_permission_level(request, None, 'organisation') - if permission < 3: + if permission_results['organisation'] < 3: return HttpResponseRedirect(reverse('permission_denied')) """ To stop duplicates in the system, the code will quickly check to see if @@ -1578,9 +1540,9 @@ def new_organisation(request): @login_required(login_url='login') def new_project(request, location_id='', destination=''): - permission = return_user_permission_level(request, None, 'project') + permission_results = return_user_permission_level(request, None, 'project') - if permission < 3: + if permission_results['project'] < 3: return HttpResponseRedirect(reverse('permission_denied')) if request.method == "POST": @@ -1768,17 +1730,9 @@ def new_project(request, location_id='', destination=''): @login_required(login_url='login') def new_quote(request,destination,primary_key): - quote_permissions = 0 - - if request.session['is_superuser'] == True: - quote_permissions = 4 - else: - pp_results = return_user_permission_level(request, None,'quote') - - if pp_results > quote_permissions: - quote_permissions = pp_results + permission_results = return_user_permission_level(request, None,'quote') - if quote_permissions < 3: + if permission_results['quote'] < 3: return HttpResponseRedirect(reverse('permission_denied')) if request.method == "POST": @@ -1866,18 +1820,9 @@ def new_quote(request,destination,primary_key): @login_required(login_url='login') def new_task(request, location_id='', destination=''): - permission = return_user_permission_level(request, None, 'task') + permission_results = return_user_permission_level(request, None, 'task') - - if request.session['is_superuser'] == True: - permission = 4 - else: - pp_results = return_user_permission_level(request, None,'quote') - - if pp_results > permission: - permission = pp_results - - if permission < 3: + if permission_results['task'] < 3: return HttpResponseRedirect(reverse('permission_denied')) # Define if the page is loading in POST @@ -2083,17 +2028,9 @@ def next_step(request, next_step_id, opportunity_id): @login_required(login_url='login') def opportunity_information(request, opportunity_id): - opportunity_perm = 0 - - if request.session['is_superuser'] == True: - opportunity_perm = 4 - else: - pp_results = return_user_permission_level(request, None,'opportunity') + permission_results = return_user_permission_level(request, None,'opportunity') - if pp_results > opportunity_perm : - opportunity_perm = pp_results - - if opportunity_perm == 0: + if permission_results['opportunity'] == 0: return HttpResponseRedirect(reverse('permission_denied')) @@ -2285,7 +2222,7 @@ def opportunity_information(request, opportunity_id): 'project_results': project_results, 'tasks_results': tasks_results, 'quote_results': quote_results, - 'opportunity_perm': opportunity_perm, + 'opportunity_perm': permission_results['opportunity'], 'timezone': settings.TIME_ZONE, } @@ -2294,34 +2231,13 @@ def opportunity_information(request, opportunity_id): @login_required(login_url='login') def organisation_information(request, organisations_id): - organisation_permissions = 0 - organisation_campus_permissions = 0 - customer_permissions = 0 - - if request.session['is_superuser'] == True: - organisation_permissions = 4 - organisation_campus_permissions = 4 - customer_permissions = 4 - else: - pp_results = return_user_permission_level(request, None,'organisation') - ph_results = return_user_permission_level(request, None,'organisation_campus') - pb_results = return_user_permission_level(request, None,'customer') - - if pp_results > organisation_permissions: - organisation_permissions = pp_results + permission_results = return_user_permission_level(request, None,['organisation','organisation_campus','customer']) - if ph_results > organisation_campus_permissions: - organisation_campus_permissions = ph_results - - if pb_results > customer_permissions: - customer_permissions = pb_results - - if organisation_permissions == 0: - # Send them to permission denied!! + if permission_results['organisation'] == 0: return HttpResponseRedirect(reverse('permission_denied')) # Get the data from the form if the information has been submitted - if request.method == "POST" and organisation_permissions > 1: + if request.method == "POST" and permission_results['organisation'] > 1: form = organisation_information_form(request.POST, request.FILES) if form.is_valid(): current_user = request.user @@ -2418,9 +2334,9 @@ def organisation_information(request, organisations_id): 'opportunity_results': opportunity_results, 'PRIVATE_MEDIA_URL': settings.PRIVATE_MEDIA_URL, 'organisations_id': organisations_id, - 'organisation_permissions': organisation_permissions, - 'organisation_campus_permissions': organisation_campus_permissions, - 'customer_permissions': customer_permissions, + 'organisation_permissions': permission_results['organisations'], + 'organisation_campus_permissions': permission_results['organisation_campus'], + 'customer_permissions': permission_results['customer'], 'quote_results':quote_results, } @@ -2474,44 +2390,26 @@ def private_document(request, document_key): @login_required(login_url='login') def project_information(request, project_id): - """ - The project permissions. The query looks up ALL the groups associated to this project currently and searches - for the user's MAXIMUM user_level_permission. This will determine if the user can edit etc. - If the highest user_level_permission = 0, then the user is redirected to the access denied page. - """ - project_permissions = 0 - project_history_permissions = 0 - - if request.session['is_superuser'] == True: - project_permissions = 4 - project_history_permissions = 4 - else: - project_groups_results = project_groups.objects.filter( - is_deleted="FALSE", - project_id=project.objects.get(project_id=project_id), - ).values('groups_id_id') - - for row in project_groups_results: - pp_results = return_user_permission_level(request, row['groups_id_id'],'project') - ph_results = return_user_permission_level(request, row['groups_id_id'],'project_history') - - if pp_results > project_permissions: - project_permissions = pp_results + #First look at the user's permissions for the project's groups. + project_groups_results = project_groups.objects.filter( + is_deleted="FALSE", + project_id=project.objects.get(project_id=project_id), + ).values('groups_id_id') - if ph_results > project_history_permissions: - project_history_permissions = ph_results + permission_results = return_user_permission_level(request, project_groups_results,['project','project_history']) - if project_permissions == 0: + if permission_results['project'] == 0: # Send them to permission denied!! return HttpResponseRedirect(reverse(permission_denied)) + """ There are two buttons on the project information page. Both will come here. Both will save the data, however only one of them will resolve this project. """ # Get the data from the form if the information has been submitted - if request.method == "POST" and project_permissions >= 2: #Greater than edit :) + if request.method == "POST" and permission_results['project'] >= 2: #Greater than edit :) form = project_information_form(request.POST, request.FILES) if form.is_valid(): # Define the data we will edit @@ -2649,8 +2547,8 @@ def project_information(request, project_id): 'media_url': settings.MEDIA_URL, 'quote_results': quote_results, 'project_id': project_id, - 'project_permissions': project_permissions, - 'project_history_permissions': project_history_permissions, + 'project_permissions': permission_results['project'], + 'project_history_permissions': permission_results['project_history'], 'timezone': settings.TIME_ZONE, } @@ -2659,24 +2557,12 @@ def project_information(request, project_id): @login_required(login_url='login') def quote_information(request, quote_id): - quotes_results = quotes.objects.get(quote_id=quote_id) - - quote_permission = 0 + permission_results = return_user_permission_level(request, None, 'quote') - if request.session['is_superuser'] == True: - quote_permission = 4 - else: - pp_results = return_user_permission_level(request, None,'quote') - print(pp_results) - - if pp_results > quote_permission: - quote_permission = pp_results - - if quote_permission == 0: - # Send them to permission denied!! + if permission_results['quote'] == 0: return HttpResponseRedirect(reverse(permission_denied)) - + quotes_results = quotes.objects.get(quote_id=quote_id) if request.method == "POST": form = quote_information_form(request.POST) @@ -2755,7 +2641,6 @@ def quote_information(request, quote_id): # Load the template t = loader.get_template('NearBeach/quote_information.html') - print(quote_permission) # context c = { @@ -2764,7 +2649,7 @@ def quote_information(request, quote_id): 'quote_id': quote_id, 'quote_or_invoice': quote_or_invoice, 'timezone': settings.TIME_ZONE, - 'quote_permission': quote_permission, + 'quote_permission': permission_results['quote'], } return HttpResponse(t.render(c, request)) @@ -2994,34 +2879,16 @@ def search_projects_tasks(request): @login_required(login_url='login') def task_information(request, task_id): - """ - We need to determine if the user has access to any of the groups that - this task is associated to. We will do a simple count(*) SQL QUERY - that will determine this. - """ - task_permissions = 0 - task_history_permissions = 0 - - if request.session['is_superuser'] == True: - task_permissions = 4 - task_history_permissions = 4 - else: - task_groups_results = tasks_groups.objects.filter( - is_deleted="FALSE", - tasks_id=tasks.objects.get(tasks_id=task_id), - ).values('groups_id_id') - - for row in task_groups_results: - pp_results = return_user_permission_level(request, row['groups_id_id'],'task') - ph_results = return_user_permission_level(request, row['groups_id_id'],'task_history') - - if pp_results > task_permissions: - task_permissions = pp_results + #First look at the user's permissions for the project's groups. + task_groups_results = tasks_groups.objects.filter( + is_deleted="FALSE", + tasks_id=tasks.objects.get(tasks_id=task_id), + ).values('groups_id_id') - if ph_results > task_history_permissions: - task_history_permissions = ph_results + permission_results = return_user_permission_level(request, task_groups_results,['task','task_history']) - if task_permissions == 0: + if permission_results['task'] == 0: + # Send them to permission denied!! return HttpResponseRedirect(reverse(permission_denied)) current_user = request.user @@ -3249,8 +3116,8 @@ def task_information(request, task_id): 'folders_results': serializers.serialize('json', folders_results), 'media_url': settings.MEDIA_URL, 'task_id': task_id, - 'task_permissions': task_permissions, - 'task_history_permissions': task_history_permissions, + 'task_permissions': permission_results['task'], + 'task_history_permissions': permission_results['task_history'], 'quote_results': quote_results, 'task_results': task_results, 'timezone': settings.TIME_ZONE, diff --git a/views_administration.py b/views_administration.py index 7fc57a7cc..f167ce64e 100644 --- a/views_administration.py +++ b/views_administration.py @@ -26,18 +26,9 @@ @login_required(login_url='login') def group_information(request): - perm = 0 + permission_results = return_user_permission_level(request, None, 'administration_create_groups') - if request.session['is_superuser']: - perm = 4 - else: - ph_permission = return_user_permission_level(request, None, 'administration_create_groups') - - #Permission takes the highest from both - if ph_permission > perm: - perm = ph_permission - - if perm == 0: + if permission_results['administration_create_groups'] == 0: return HttpResponseRedirect(reverse('permission_denied')) #Load template @@ -53,26 +44,13 @@ def group_information(request): @login_required(login_url='login') def group_information_add_permission_set(request, group_id): - permission_permission = 0 - - if request.session['is_superuser']: - permission_permission = 4 - else: - ph_permission = return_user_permission_level(request, None, 'administration_create_groups') - pb_permission = return_user_permission_level(request, None, 'administration_create_permission_sets') - - #Permission takes the highest from both - if ph_permission > permission_permission: - permission_permission = ph_permission - - if pb_permission > permission_permission: - permission_permission = pb_permission + permission_results = return_user_permission_level(request, None, ['administration_create_groups','administration_create_permission_sets']) - if permission_permission == 0: + if permission_results['administration_create_groups'] == 0: return HttpResponseRedirect(reverse('permission_denied')) - if request.method == "POST" and permission_permission > 2: + if request.method == "POST" and permission_results['administration_create_groups'] > 2: form = add_permission_set_to_group_form(request.POST) if form.is_valid(): submit_group_permission = group_permissions( @@ -103,17 +81,9 @@ def group_information_add_permission_set(request, group_id): @login_required(login_url='login') def group_information_create(request): - group_permission = 0 + permission_results = return_user_permission_level(request, None, 'administration_create_groups') - if request.session['is_superuser'] == True: - group_permission = 4 - else: - ph_results = return_user_permission_level(request, None, 'administration_create_groups') - - if ph_results > group_permission: - group_permission = ph_results - - if group_permission < 3: + if permission_results['administration_create_groups'] < 3: return HttpResponseRedirect(reverse('permission_denied')) if request.method == "POST": @@ -141,26 +111,11 @@ def group_information_create(request): @login_required(login_url='login') def group_information_edit(request, group_id): - user_permission = 0 - group_permission = 0 - - if request.session['is_superuser'] == True: - user_permission = 4 - group_permission = 4 - else: - pp_results = return_user_permission_level(request, None,'administration_assign_users_to_groups') - ph_results = return_user_permission_level(request, None, 'administration_create_groups') - - if pp_results > user_permission: - user_permission = pp_results - - if ph_results > group_permission: - group_permission = ph_results + permission_results = return_user_permission_level(request, None,['administration_assign_users_to_groups','administration_create_groups']) - if group_permission == 0: + if permission_results['administration_create_groups'] == 0: return HttpResponseRedirect(reverse('permission_denied')) - if request.method == "POST": form = groups_form(request.POST, instance=groups.objects.get(group_id=group_id)) if form.is_valid(): @@ -174,8 +129,8 @@ def group_information_edit(request, group_id): # context c = { 'groups_form': groups_form(instance=groups.objects.get(group_id=group_id)), - 'user_permission': user_permission, - 'group_permission': group_permission, + 'user_permission': permission_results['administration_assign_users_to_groups'], + 'group_permission': permission_results['administration_create_groups'], 'group_id': group_id, } @@ -185,21 +140,13 @@ def group_information_edit(request, group_id): @login_required(login_url='login') def group_information_edit_users(request, group_id): - user_permission = 0 - - if request.session['is_superuser'] == True: - user_permission = 4 - else: - pp_results = return_user_permission_level(request, None,'administration_assign_users_to_groups') - - if pp_results > user_permission: - user_permission = pp_results + permission_results = return_user_permission_level(request, None,'administration_assign_users_to_groups') - if user_permission == 0: + if permission_results['administration_assign_users_to_groups'] == 0: return HttpResponseRedirect(reverse('permission_denied')) - if request.method == "POST" and user_permission > 2: + if request.method == "POST" and permission_results['administration_assign_users_to_groups'] > 2: print(request.POST.get('permission_set')) permission_set_instance=permission_set.objects.get(permission_set_id=request.POST.get('permission_set')) #Get the new user @@ -232,7 +179,7 @@ def group_information_edit_users(request, group_id): c = { 'user_groups_results': user_groups_results, 'user_results': user_results, - 'user_permission': user_permission, + 'user_permission': permission_results['administration_assign_users_to_groups'], 'permission_set_results': permission_set_results, 'group_id': group_id, } @@ -245,17 +192,10 @@ def group_information_edit_users(request, group_id): @login_required(login_url='login') def group_information_list(request): - group_permissions = 0 + permission_results = return_user_permission_level(request, None,'administration_create_groups') - if request.session['is_superuser'] == True: - group_permissions = 4 - else: - pp_results = return_user_permission_level(request, None,'administration_create_groups') - - if pp_results > group_permissions: - group_permissions = pp_results - if group_permissions == 0: + if permission_results['administration_create_group'] == 0: return HttpResponseRedirect(reverse('permission_denied')) group_results = groups.objects.filter( @@ -374,20 +314,13 @@ def list_of_taxes_new(request): @login_required(login_url='login') def new_user(request): - user_permission = 0; + permission_results = return_user_permission_level(request, None, 'administration_create_users') - if request.session['is_superuser'] == True: - user_permission = 4 - else: - pp_results = return_user_permission_level(request, None, 'administration_create_users') - - if pp_results > user_permission: - user_permission = pp_results - - if user_permission < 2: + if permission_results['administration_create_users'] < 2: return HttpResponseRedirect(reverse('permission_denied')) + errors = '' - if request.method == "POST" and user_permission == 4: + if request.method == "POST" and permission_results['administration_create_users'] == 4: form = user_information_form(request.POST) if form.is_valid(): @@ -436,19 +369,9 @@ def new_user(request): @login_required(login_url='login') def permission_set_information(request): - permission_set_permission = 0 - - if request.session['is_superuser'] == True: - permission_set_permission = 4 - else: - pp_results = return_user_permission_level(request, None,'administration_create_permission_sets') - + permission_results = return_user_permission_level(request, None,'administration_create_permission_sets') - if pp_results > permission_set_permission: - permission_set_permission = pp_results - - - if permission_set_permission == 0: + if permission_results['administration_create_permission_sets'] == 0: return HttpResponseRedirect(reverse('permission_denied')) #Load template @@ -464,17 +387,9 @@ def permission_set_information(request): @login_required(login_url='login') def permission_set_information_create(request): - permission_set_permission = 0 - - if request.session['is_superuser'] == True: - permission_set_permission = 4 - else: - pp_results = return_user_permission_level(request, None, 'administration_create_permission_sets') + permission_results = return_user_permission_level(request, None, 'administration_create_permission_sets') - if pp_results > permission_set_permission: - permission_set_permission = pp_results - - if permission_set_permission < 3: + if permission_results['administration_create_permission_sets'] < 3: return HttpResponseRedirect(reverse('permission_denied')) @@ -560,17 +475,9 @@ def permission_set_information_create(request): @login_required(login_url='login') def permission_set_information_edit(request, permission_set_id): - permission_set_permission = 0 - - if request.session['is_superuser'] == True: - permission_set_permission = 4 - else: - pp_results = return_user_permission_level(request, None, 'administration_create_permission_sets') + permission_results = return_user_permission_level(request, None, 'administration_create_permission_sets') - if pp_results > permission_set_permission: - permission_set_permission = pp_results - - if permission_set_permission < 2: + if permission_results['administration_create_permission_sets'] < 2: return HttpResponseRedirect(reverse('permission_denied')) save_errors = None @@ -635,17 +542,9 @@ def permission_set_information_edit(request, permission_set_id): @login_required(login_url='login') def permission_set_information_list(request): - permission_set_permission = 0 - - if request.session['is_superuser'] == True: - permission_set_permission = 4 - else: - pp_results = return_user_permission_level(request, None, 'administration_create_permission_sets') + permission_results = return_user_permission_level(request, None, 'administration_create_permission_sets') - if pp_results > permission_set_permission: - permission_set_permission = pp_results - - if permission_set_permission == 0: + if permission_results['administration_create_permission_sets'] == 0: return HttpResponseRedirect(reverse('permission_denied')) #Get data @@ -677,20 +576,12 @@ def product_and_service_discontinued(request, product_id): @login_required(login_url='login') def product_and_service_edit(request, product_id): - perm = 0 - - if request.session['is_superuser'] == True: - perm = 4 - else: - pp_results = return_user_permission_level(request, None, 'administration_create_permission_sets') + permission_results = return_user_permission_level(request, None, 'administration_create_permission_sets') - if pp_results > perm: - perm = pp_results - - if perm == 0: + if permission_results['administration_create_permission_sets'] == 0: return HttpResponseRedirect(reverse('permission_denied')) - if request.method == "POST" and perm > 2: + if request.method == "POST" and permission_results['administration_create_permission_sets'] > 2: form = product_and_service_form(request.POST, instance=products_and_services.objects.get(product_id=product_id)) if form.is_valid(): form.save() @@ -716,20 +607,12 @@ def product_and_service_edit(request, product_id): @login_required(login_url='login') def product_and_service_new(request): - perm = 0 - - if request.session['is_superuser'] == True: - perm = 4 - else: - pp_results = return_user_permission_level(request, None, 'administration_create_permission_sets') - - if pp_results > perm: - perm = pp_results + permission_results = return_user_permission_level(request, None, 'administration_create_permission_sets') - if perm < 2: + if permission_results['administration_create_permission_sets'] < 2: return HttpResponseRedirect(reverse('permission_denied')) - if request.method == "POST" and perm > 3: + if request.method == "POST" and permission_results['administration_create_permission_sets'] > 3: form = product_and_service_form(request.POST,) if form.is_valid(): submit_product = products_and_services( @@ -763,17 +646,9 @@ def product_and_service_new(request): @login_required(login_url='login') def product_and_service_search(request): - perm = 0 - - if request.session['is_superuser'] == True: - perm = 4 - else: - pp_results = return_user_permission_level(request, None, 'invoice_product') - - if pp_results > perm: - perm = pp_results + permission_results = return_user_permission_level(request, None, 'invoice_product') - if perm == 0: + if permission_results['invoice_product'] == 0: return HttpResponseRedirect(reverse('permission_denied')) #Get Data @@ -804,17 +679,9 @@ def product_and_service_search(request): @login_required(login_url='login') def search_users(request): - user_permission = 0; + permission_results = return_user_permission_level(request, None, 'administration_create_users') - if request.session['is_superuser'] == True: - user_permission = 4 - else: - pp_results = return_user_permission_level(request, None, 'administration_create_users') - - if pp_results > user_permission: - user_permission = pp_results - - if user_permission == 0: + if permission_results['administration_create_users'] == 0: return HttpResponseRedirect(reverse('permission_denied')) filter_users = '' @@ -851,21 +718,13 @@ def search_users(request): @login_required(login_url='login') def user_information(request, user_id): - user_permission = 0; - - if request.session['is_superuser'] == True: - user_permission = 4 - else: - pp_results = return_user_permission_level(request, None, 'administration_create_users') - - if pp_results > user_permission: - user_permission = pp_results + permission_results = return_user_permission_level(request, None, 'administration_create_users') - if user_permission == 0: + if permission_results['administration_create_users'] == 0: return HttpResponseRedirect(reverse('permission_denied')) errors = '' - if request.method == "POST" and user_permission == 4: + if request.method == "POST" and permission_results['administration_create_users'] == 4: if user_id == "": form = user_information_form(request.POST) else: diff --git a/views_customer_information.py b/views_customer_information.py index f74c526e6..365671405 100644 --- a/views_customer_information.py +++ b/views_customer_information.py @@ -23,23 +23,9 @@ @login_required(login_url='login') def information_customer_contact_history(request, customer_id): - customer_permissions = 0 - contact_history_perm = 0 + permission_results = return_user_permission_level(request, None,['customer','contact_history']) - if request.session['is_superuser'] == True: - customer_permissions = 4 - contact_history_perm = 4 - else: - pp_results = return_user_permission_level(request, None,'customer') - ph_results = return_user_permission_level(request, None, 'contact_history') - - if pp_results > customer_permissions : - customer_permissions = pp_results - - if ph_results == 1: - contact_history_perm = 1 - - if customer_permissions == 0: + if permission_results['customer'] == 0: return HttpResponseRedirect(reverse('permission_denied')) if request.method == "POST": @@ -66,29 +52,6 @@ def information_customer_contact_history(request, customer_id): form.cleaned_data['start_date_meridiems'] ) - """ - document_save = documents( - document_description=filename, - document=file, - change_user=request.user, - ) - document_save.save() - - document_permissions_save = document_permissions( - document_key=document_save, - change_user=request.user, - ) - if project_or_task == "P": - #Project - project_instance = project.objects.get(project_id=location_id) - document_permissions_save.project_id = project_instance - else: - #Task - task_instance = tasks.objects.get(tasks_id=location_id) - document_permissions_save.task_id = task_instance -document_permissions_save.save() -""" - # documents contact_attachment = request.FILES.get('contact_attachment') @@ -147,8 +110,8 @@ def information_customer_contact_history(request, customer_id): 'contact_day': contact_date.day, 'contact_hour': contact_date.hour, 'contact_minute': int(contact_date.minute/5)*5, - 'contact_history_perm': contact_history_perm, - 'customer_permissions': customer_permissions, + 'contact_history_perm': permission_results['contact_history'], + 'customer_permissions': permission_results['customer'], } return HttpResponse(t.render(c, request)) @@ -156,23 +119,9 @@ def information_customer_contact_history(request, customer_id): @login_required(login_url='login') def information_customer_documents_list(request, customer_id, organisations_id=''): - customer_permissions = 0 - document_perm = 0 - - if request.session['is_superuser'] == True: - customer_permissions = 4 - document_perm = 4 - else: - pp_results = return_user_permission_level(request, None,'customer') - ph_results = return_user_permission_level(request, None, 'documents') - - if pp_results > customer_permissions: - customer_permissions = pp_results - - if ph_results == 1: - document_perm = 1 + permission_results = return_user_permission_level(request, None,['customer','documents']) - if customer_permissions == 0: + if permission_results['customer'] == 0: return HttpResponseRedirect(reverse('permission_denied')) @@ -199,8 +148,8 @@ def information_customer_documents_list(request, customer_id, organisations_id=' 'customer_id': customer_id, 'customer_document_results': customer_document_results, 'organisation_document_results': organisation_document_results, - 'customer_permissions': customer_permissions, - 'document_perm': document_perm, + 'customer_permissions': permission_results['customer'], + 'document_perm': permission_results['documents'], } return HttpResponse(t.render(c, request)) diff --git a/views_document_tree.py b/views_document_tree.py index abe708269..8a451ae4f 100644 --- a/views_document_tree.py +++ b/views_document_tree.py @@ -14,26 +14,13 @@ @login_required(login_url='login') def document_tree_create_folder(request, location_id, project_or_task): - general_permission = 0 - document_permission = 0 + permission_results = return_user_permission_level(request, None,['project','documents','task']) - if request.session['is_superuser'] == True: - general_permission = 4 - document_permission = 1 #Boolean value + #Permission for either project or task + if project_or_task == "P": + general_permission = permission_results['project'] else: - if project_or_task == "P": - pp_results = return_user_permission_level(request, None,'project') - else: - pp_results = return_user_permission_level(request, None,'task') - - ph_results = return_user_permission_level(request, None,'documents') - - - if pp_results > general_permission: - general_permission = pp_results - - if ph_results > document_permission: - document_permission = ph_results + general_permission = permission_results['task'] if request.method == "POST": print(request.POST) @@ -85,7 +72,7 @@ def document_tree_create_folder(request, location_id, project_or_task): project_or_task=project_or_task, ), 'general_permission': general_permission, - 'document_permission': document_permissions, + 'document_permission': permission_results['documents'], } return HttpResponse(t.render(c, request)) @@ -227,26 +214,11 @@ def document_tree_upload(request, location_id, project_or_task): def document_tree_upload_documents(request, location_id, project_or_task): - general_permission = 0 - document_permission = 0 - - if request.session['is_superuser'] == True: - general_permission = 4 - document_permission = 1 #Boolean value + permission_results = return_user_permission_level(request, None,['project','task','documents']) + if project_or_task == "P": + general_permission = permission_results['project'] else: - if project_or_task == "P": - pp_results = return_user_permission_level(request, None,'project') - else: - pp_results = return_user_permission_level(request, None,'task') - - ph_results = return_user_permission_level(request, None,'documents') - - - if pp_results > general_permission: - general_permission = pp_results - - if ph_results > document_permission: - document_permission = ph_results + general_permission = permission_results['task'] # Load the template t = loader.get_template('NearBeach/document_tree/document_tree_upload_documents.html') @@ -260,7 +232,7 @@ def document_tree_upload_documents(request, location_id, project_or_task): project_or_task=project_or_task, ), 'general_permission': general_permission, - 'document_permission': document_permission, + 'document_permission': permission_results['documents'], } return HttpResponse(t.render(c, request)) diff --git a/views_organisation_information.py b/views_organisation_information.py index e9992649e..0a8703821 100644 --- a/views_organisation_information.py +++ b/views_organisation_information.py @@ -22,27 +22,13 @@ @login_required(login_url='login') def information_organisation_contact_history(request, organisation_id): - organisation_permissions = 0 - contact_history_permission = 0 + permission_results = return_user_permission_level(request, None,['organisation','contact_history']) - if request.session['is_superuser'] == True: - organisation_permissions = 4 - contact_history_permission = 4 - else: - pp_results = return_user_permission_level(request, None,'organisation') - ph_results = return_user_permission_level(request, None, 'contact_history') - - if pp_results > organisation_permissions: - organisation_permissions = pp_results - - if ph_results > contact_history_permission: - contact_history_permission = ph_results - - if organisation_permissions == 0: + if permission_results['organisation'] == 0: return HttpResponseRedirect(reverse('permission_denied')) # Get the data from the form if the information has been submitted - if request.method == "POST" and organisation_permissions > 1: + if request.method == "POST" and permission_results['organisation'] > 1: print("Request is post") form = information_organisation_contact_history_form(request.POST, request.FILES) if form.is_valid(): @@ -121,8 +107,8 @@ def information_organisation_contact_history(request, organisation_id): c = { 'contact_history_form': information_organisation_contact_history_form(), 'contact_history_results': contact_history_results, - 'organisation_permissions': organisation_permissions, - 'contact_history_permission': contact_history_permission, + 'organisation_permissions': permission_results['organisation'], + 'contact_history_permission': permission_results['contact_history'], 'contact_year': contact_date.year, 'contact_month': contact_date.month, 'contact_day': contact_date.day, @@ -135,23 +121,9 @@ def information_organisation_contact_history(request, organisation_id): @login_required(login_url='login') def information_organisation_documents_list(request, organisation_id): - organisation_permissions = 0 - document_perm = 0 - - if request.session['is_superuser'] == True: - organisation_permissions = 4 - document_perm = 4 - else: - pp_results = return_user_permission_level(request, None,'organisation') - ph_results = return_user_permission_level(request, None, 'documents') - - if pp_results > organisation_permissions: - organisation_permissions = pp_results - - if ph_results == 1: - document_perm = 1 + permission_results = return_user_permission_level(request, None,['organisation','documents']) - if organisation_permissions == 0: + if permission_results['organisation'] == 0: return HttpResponseRedirect(reverse('permission_denied')) #Get data @@ -174,9 +146,9 @@ def information_organisation_documents_list(request, organisation_id): 'organisation_id': organisation_id, 'customer_document_results': customer_document_results, 'organisation_document_results': organisation_document_results, - 'organisation_permissions': organisation_permissions, + 'organisation_permissions': permission_results['organisation'], 'document_permissions': document_permissions, - 'document_perm': document_perm, + 'document_perm': permission_results['documents'], } return HttpResponse(t.render(c, request)) diff --git a/views_project_information.py b/views_project_information.py index 5d320c694..bfa005a84 100644 --- a/views_project_information.py +++ b/views_project_information.py @@ -20,21 +20,12 @@ @login_required(login_url='login') def information_project_assigned_users(request, project_id): - project_permissions = 0 - - if request.session['is_superuser'] == True: - project_permissions = 4 - else: - project_groups_results = project_groups.objects.filter( - is_deleted="FALSE", - project_id=project.objects.get(project_id=project_id), - ).values('groups_id_id') - - for row in project_groups_results: - pp_results = return_user_permission_level(request, row['groups_id_id'],'project') + project_groups_results = project_groups.objects.filter( + is_deleted="FALSE", + project_id=project.objects.get(project_id=project_id), + ).values('groups_id_id') - if pp_results > project_permissions: - project_permissions = pp_results + permission_results = return_user_permission_level(request, project_groups_results,'project') if request.method == "POST": user_results = int(request.POST.get("add_user_select")) @@ -91,7 +82,7 @@ def information_project_assigned_users(request, project_id): 'user_id__first_name', 'user_id__last_name', ).distinct(), - 'project_permissions': project_permissions, + 'project_permissions': permission_results['project'], } return HttpResponse(t.render(c, request)) @@ -118,21 +109,12 @@ def information_project_delete_assigned_users(request, project_id, location_id): @login_required(login_url='login') def information_project_costs(request, project_id): - project_permissions = 0 - - if request.session['is_superuser'] == True: - project_permissions = 4 - else: - project_groups_results = project_groups.objects.filter( - is_deleted="FALSE", - project_id=project.objects.get(project_id=project_id), - ).values('groups_id_id') - - for row in project_groups_results: - pp_results = return_user_permission_level(request, row['groups_id_id'],'project') + project_groups_results = project_groups.objects.filter( + is_deleted="FALSE", + project_id=project.objects.get(project_id=project_id), + ).values('groups_id_id') - if pp_results > project_permissions: - project_permissions = pp_results + permission_results = return_user_permission_level(request, project_groups_results,'project') if request.method == "POST": form = information_project_costs_form(request.POST, request.FILES) @@ -158,7 +140,7 @@ def information_project_costs(request, project_id): c = { 'information_project_costs_form': information_project_costs_form(), 'costs_results': costs_results, - 'project_permissions': project_permissions, + 'project_permissions': permission_results['project'], } return HttpResponse(t.render(c, request)) @@ -166,21 +148,12 @@ def information_project_costs(request, project_id): @login_required(login_url='login') def information_project_customers(request, project_id): - project_permissions = 0 - - if request.session['is_superuser'] == True: - project_permissions = 4 - else: - project_groups_results = project_groups.objects.filter( - is_deleted="FALSE", - project_id=project.objects.get(project_id=project_id), - ).values('groups_id_id') - - for row in project_groups_results: - pp_results = return_user_permission_level(request, row['groups_id_id'],'project') + project_groups_results = project_groups.objects.filter( + is_deleted="FALSE", + project_id=project.objects.get(project_id=project_id), + ).values('groups_id_id') - if pp_results > project_permissions: - project_permissions = pp_results + permission_results = return_user_permission_level(request, project_groups_results,'project') if request.method == "POST": # The user has tried adding a customer @@ -233,7 +206,7 @@ def information_project_customers(request, project_id): 'project_results': project_results, 'new_customers_results': new_customers_results, 'project_customers_results': project_customers_results, - 'project_permissions': project_permissions, + 'project_permissions': permission_results['project'], } return HttpResponse(t.render(c, request)) @@ -243,27 +216,12 @@ def information_project_customers(request, project_id): @login_required(login_url='login') def information_project_history(request, project_id): - project_permissions = 0 - project_history_permissions = 0 - - if request.session['is_superuser'] == True: - project_permissions = 4 - project_history_permissions = 4 - else: - project_groups_results = project_groups.objects.filter( - is_deleted="FALSE", - project_id=project.objects.get(project_id=project_id), - ).values('groups_id_id') - - for row in project_groups_results: - pp_results = return_user_permission_level(request, row['groups_id_id'],'project') - ph_results = return_user_permission_level(request, row['groups_id_id'],'project_history') - - if pp_results > project_permissions: - project_permissions = pp_results + project_groups_results = project_groups.objects.filter( + is_deleted="FALSE", + project_id=project.objects.get(project_id=project_id), + ).values('groups_id_id') - if ph_results > project_history_permissions: - project_history_permissions = ph_results + permission_results = return_user_permission_level(request, project_groups_results,['project','project_history']) if request.method == "POST": form = information_project_history_form(request.POST, request.FILES) @@ -298,8 +256,8 @@ def information_project_history(request, project_id): 'information_project_history_form': information_project_history_form(), 'project_history_results': project_history_results, 'project_id': project_id, - 'project_permissions': project_permissions, - 'project_history_permissions': project_history_permissions, + 'project_permissions': permission_results['project'], + 'project_history_permissions': permission_results['project_history'], } return HttpResponse(t.render(c, request)) diff --git a/views_quotes.py b/views_quotes.py index 60c2fbf43..a1a3c51b2 100644 --- a/views_quotes.py +++ b/views_quotes.py @@ -86,16 +86,7 @@ def list_of_line_items(request, quote_id): def new_line_item(request,quote_id): quotes_results = quotes.objects.get(quote_id=quote_id) - quote_permission = 0 - - if request.session['is_superuser'] == True: - quote_permission = 4 - else: - pp_results = return_user_permission_level(request, None,'quote') - print(pp_results) - - if pp_results > quote_permission: - quote_permission = pp_results + permission_results = return_user_permission_level(request, None,'quote') if request.POST: form = new_line_item_form(request.POST, request.FILES) @@ -171,7 +162,7 @@ def new_line_item(request,quote_id): c = { 'quote_id': quote_id, 'new_line_item_form': new_line_item_form(), - 'quote_permission': quote_permission, + 'quote_permission': permission_results['quote'], } return HttpResponse(t.render(c, request)) @@ -179,16 +170,7 @@ def new_line_item(request,quote_id): @login_required(login_url='login') def responsible_customer(request,quote_id, customer_id=''): - quote_permission = 0 - - if request.session['is_superuser'] == True: - quote_permission = 4 - else: - pp_results = return_user_permission_level(request, None,'quote') - print(pp_results) - - if pp_results > quote_permission: - quote_permission = pp_results + permission_results = return_user_permission_level(request, None,'quote') if request.method == "POST": if customer_id == '': @@ -237,7 +219,7 @@ def responsible_customer(request,quote_id, customer_id=''): 'quote_id': quote_id, 'customer_results': customer_results, 'responsible_customer_results': responsible_customer_results, - 'quote_permission': quote_permission, + 'quote_permission': permission_results['quote'], } diff --git a/views_requirements.py b/views_requirements.py index 9b4a08dd8..4f07060bd 100644 --- a/views_requirements.py +++ b/views_requirements.py @@ -14,20 +14,12 @@ @login_required(login_url='login') def new_requirement(request): - permission = 0; + permission_results = return_user_permission_level(request, None, 'requirement') - if request.session['is_superuser'] == True: - permission = 4 - else: - pp_results = return_user_permission_level(request, None, 'requirement') - - if pp_results > permission: - permission = pp_results - - if permission < 2: + if permission_results['requirement'] < 2: return HttpResponseRedirect(reverse('permission_denied')) - if request.method == "POST" and permission > 2: + if request.method == "POST" and permission_results['requirement'] > 2: form = new_requirement_form(request.POST) if form.is_valid(): requirement_title = form.cleaned_data['requirement_title'] @@ -59,23 +51,9 @@ def new_requirement(request): @login_required(login_url='login') def requirement_information(request, requirement_id): - permission = 0 - requirement_link_permissions = 0 - - if request.session['is_superuser'] == True: - permission = 4 - requirement_link_permissions = 4 - else: - pp_results = return_user_permission_level(request, None, 'requirement') - ph_results = return_user_permission_level(request, None, 'requirement_link') - - if pp_results > permission: - permission = pp_results - - if ph_results > requirement_link_permissions: - requirement_link_permissions = ph_results + permission_results = return_user_permission_level(request, None, ['requirement','requirement_link']) - if permission == 0: + if permission_results['requirement'] == 0: return HttpResponseRedirect(reverse('permission_denied')) #Setup the initial data for the form @@ -93,8 +71,8 @@ def requirement_information(request, requirement_id): c = { 'requirement_id': requirement_id, 'requirement_information_form': requirement_information_form(initial=initial), - 'permission': permission, - 'requirement_link_permissions': requirement_link_permissions, + 'permission': permission_results['requirement'], + 'requirement_link_permissions': permission_results['requirement_link'], } return HttpResponse(t.render(c, request)) @@ -102,20 +80,12 @@ def requirement_information(request, requirement_id): @login_required(login_url='login') def requirement_item_edit(request, requirement_item_id): - permission = 0; + permission_results = return_user_permission_level(request, None, 'requirement') - if request.session['is_superuser'] == True: - permission = 4 - else: - pp_results = return_user_permission_level(request, None, 'requirement') - - if pp_results > permission: - permission = pp_results - - if permission == 0: + if permission_results['requirement'] == 0: return HttpResponseRedirect(reverse('permission_denied')) - if request.method == "POST" and permission > 1: + if request.method == "POST" and permission_results['requirement'] > 1: form = requirement_items_form(request.POST) if form.is_valid(): # Save the data @@ -147,7 +117,7 @@ def requirement_item_edit(request, requirement_item_id): c = { 'requirement_item_id': requirement_item_id, 'requirement_items_form': requirement_items_form(initial=initial), - 'permission': permission, + 'permission': permission_results['requirement'], } return HttpResponse(t.render(c, request)) @@ -156,17 +126,9 @@ def requirement_item_edit(request, requirement_item_id): @login_required(login_url='login') def requirement_items_list(request, requirement_id): - permission = 0; - - if request.session['is_superuser'] == True: - permission = 4 - else: - pp_results = return_user_permission_level(request, None, 'requirement') - - if pp_results > permission: - permission = pp_results + permission_results = return_user_permission_level(request, None, 'requirement') - if permission == 0: + if permission_results['requirement'] == 0: return HttpResponseRedirect(reverse('permission_denied')) requirement_items_results = requirement_item.objects.filter(requirement_id=requirement_id) @@ -186,17 +148,9 @@ def requirement_items_list(request, requirement_id): @login_required(login_url='login') def requirement_items_new(request, requirement_id): - permission = 0; + permission_results = return_user_permission_level(request, None, 'requirement') - if request.session['is_superuser'] == True: - permission = 4 - else: - pp_results = return_user_permission_level(request, None, 'requirement') - - if pp_results > permission: - permission = pp_results - - if permission < 2: + if permission_results['requirement'] < 2: return HttpResponseRedirect(reverse('permission_denied')) if request.method == "POST": @@ -240,17 +194,9 @@ def requirement_items_new(request, requirement_id): @login_required(login_url='login') def requirement_items_new_link(request, requirement_item_id, location_id= '', destination=''): - permission = 0; - - if request.session['is_superuser'] == True: - permission = 4 - else: - pp_results = return_user_permission_level(request, None, 'requirement_link') - - if pp_results > permission: - permission = pp_results + permission_results = return_user_permission_level(request, None, 'requirement_link') - if permission == 0: + if permission_results['requirement_link'] == 0: return HttpResponseRedirect(reverse('permission_denied')) if request.method == "POST": @@ -359,17 +305,9 @@ def requirement_items_new_link(request, requirement_item_id, location_id= '', de @login_required(login_url='login') def requirement_links_list(request, requirement_id): - permission = 0; + permission_results = return_user_permission_level(request, None, 'requirement') - if request.session['is_superuser'] == True: - permission = 4 - else: - pp_results = return_user_permission_level(request, None, 'requirement') - - if pp_results > permission: - permission = pp_results - - if permission == 0: + if permission_results['requirement'] == 0: return HttpResponseRedirect(reverse('permission_denied')) links_results = requirement_links.objects.filter( @@ -400,17 +338,9 @@ def requirement_links_list(request, requirement_id): @login_required(login_url='login') def requirement_new_link(request, requirement_id, location_id='', destination=''): - permission = 0; - - if request.session['is_superuser'] == True: - permission = 4 - else: - pp_results = return_user_permission_level(request, None, 'requirement_link') - - if pp_results > permission: - permission = pp_results + permission_results = return_user_permission_level(request, None, 'requirement_link') - if permission < 2: + if permission_results['requirement_link'] < 2: return HttpResponseRedirect(reverse('permission_denied')) if request.method == "POST": diff --git a/views_task_information.py b/views_task_information.py index 5de928078..2da90a12e 100644 --- a/views_task_information.py +++ b/views_task_information.py @@ -20,21 +20,12 @@ @login_required(login_url='login') def information_task_assigned_users(request, task_id): - task_permissions = 0 - - if request.session['is_superuser'] == True: - task_permissions = 4 - else: - task_groups_results = tasks_groups.objects.filter( - is_deleted="FALSE", - tasks_id=tasks.objects.get(tasks_id=task_id), - ).values('groups_id_id') - - for row in task_groups_results: - pp_results = return_user_permission_level(request, row['groups_id_id'],'task') + task_groups_results = tasks_groups.objects.filter( + is_deleted="FALSE", + tasks_id=tasks.objects.get(tasks_id=task_id), + ).values('groups_id_id') - if pp_results > task_permissions: - task_permissions = pp_results + permission_results = return_user_permission_level(request, task_groups_results,'task') if request.method == "POST": user_results = int(request.POST.get("add_user_select")) @@ -89,7 +80,7 @@ def information_task_assigned_users(request, task_id): 'user_id__first_name', 'user_id__last_name', ).distinct(), - 'task_permissions': task_permissions, + 'task_permissions': permission_results['task'], } return HttpResponse(t.render(c, request)) @@ -114,21 +105,12 @@ def information_task_delete_assigned_users(request, task_id, user_id): @login_required(login_url='login') def information_task_costs(request, task_id): - task_permissions = 0 - - if request.session['is_superuser'] == True: - task_permissions = 4 - else: - task_groups_results = tasks_groups.objects.filter( - is_deleted="FALSE", - tasks_id=tasks.objects.get(tasks_id=task_id), - ).values('groups_id_id') - - for row in task_groups_results: - pp_results = return_user_permission_level(request, row['groups_id_id'],'task') + task_groups_results = tasks_groups.objects.filter( + is_deleted="FALSE", + tasks_id=tasks.objects.get(tasks_id=task_id), + ).values('groups_id_id') - if pp_results > task_permissions: - task_permissions = pp_results + permission_results = return_user_permission_level(request, task_groups_results,'task') # Get the data from the form if request.method == "POST": @@ -158,7 +140,7 @@ def information_task_costs(request, task_id): 'costs_results': costs_results, 'information_task_costs_form': information_task_costs_form(), 'task_id': task_id, - 'task_permissions': task_permissions, + 'task_permissions': permission_results['task'], } return HttpResponse(t.render(c, request)) @@ -166,21 +148,12 @@ def information_task_costs(request, task_id): @login_required(login_url='login') def information_task_customers(request, task_id): - task_permissions = 0 - - if request.session['is_superuser'] == True: - task_permissions = 4 - else: - task_groups_results = tasks_groups.objects.filter( - is_deleted="FALSE", - tasks_id=tasks.objects.get(tasks_id=task_id), - ).values('groups_id_id') - - for row in task_groups_results: - pp_results = return_user_permission_level(request, row['groups_id_id'],'task') + task_groups_results = tasks_groups.objects.filter( + is_deleted="FALSE", + tasks_id=tasks.objects.get(tasks_id=task_id), + ).values('groups_id_id') - if pp_results > task_permissions: - task_permissions = pp_results + permission_results = return_user_permission_level(request, task_groups_results,'task') if request.method == "POST": # The user has tried adding a customer @@ -233,7 +206,7 @@ def information_task_customers(request, task_id): 'task_results': task_results, 'new_customers_results': new_customers_results, 'tasks_customers_results': tasks_customers_results, - 'task_permissions': task_permissions, + 'task_permissions': permission_results['task'], } return HttpResponse(t.render(c, request)) @@ -241,27 +214,13 @@ def information_task_customers(request, task_id): @login_required(login_url='login') def information_task_history(request, task_id): - task_permissions = 0 - task_history_permissions = 0 - - if request.session['is_superuser'] == True: - task_permissions = 4 - task_history_permissions = 4 - else: - task_groups_results = tasks_groups.objects.filter( - is_deleted="FALSE", - tasks_id=tasks.objects.get(tasks_id=task_id), - ).values('groups_id_id') - - for row in task_groups_results: - pp_results = return_user_permission_level(request, row['groups_id_id'],'task') - ph_results = return_user_permission_level(request, row['groups_id_id'],'task_history') + task_groups_results = tasks_groups.objects.filter( + is_deleted="FALSE", + tasks_id=tasks.objects.get(tasks_id=task_id), + ).values('groups_id_id') - if pp_results > task_permissions: - task_permissions = pp_results + permission_results = return_user_permission_level(request, task_groups_results,['task','task_history']) - if ph_results > task_history_permissions: - task_history_permissions = ph_results # Get the data from the form if request.method == "POST": @@ -297,8 +256,8 @@ def information_task_history(request, task_id): c = { 'information_task_history_form': information_task_history_form(), 'task_history_results': task_history_results, - 'task_permissions': task_permissions, - 'task_history_permissions': task_history_permissions, + 'task_permissions': permission_results['task'], + 'task_history_permissions': permission_results['task_history'], } return HttpResponse(t.render(c, request)) From 77747244e4a2858853913a46a9881bd102724235 Mon Sep 17 00:00:00 2001 From: Luke Date: Wed, 28 Feb 2018 23:18:53 +1100 Subject: [PATCH 03/23] modified: templates/NearBeach/template.html modified: user_permissions.py modified: views.py modified: views_requirements.py --- templates/NearBeach/template.html | 44 +++++++++++++------------ user_permissions.py | 38 +++++++++++++++++++--- views.py | 53 +++++++++++++++++++++++++++---- views_requirements.py | 8 +++++ 4 files changed, 113 insertions(+), 30 deletions(-) diff --git a/templates/NearBeach/template.html b/templates/NearBeach/template.html index 5c4527636..f2b795582 100755 --- a/templates/NearBeach/template.html +++ b/templates/NearBeach/template.html @@ -42,16 +42,18 @@