2020-01-07 21:59:12 +01:00
|
|
|
from django.http import HttpResponseForbidden
|
|
|
|
|
|
|
|
from .models import Customer
|
|
|
|
|
|
|
|
|
|
|
|
def customer_view_permission(old_function):
|
|
|
|
def new_function(request, pk, *args, **kwargs):
|
|
|
|
customer = Customer.objects.get(pk=pk)
|
|
|
|
user = request.user
|
2022-03-27 14:50:44 +02:00
|
|
|
if user.has_perm("customers.view_customer", customer):
|
2020-01-07 21:59:12 +01:00
|
|
|
return old_function(request, pk)
|
|
|
|
else:
|
2023-07-10 16:47:01 +02:00
|
|
|
return HttpResponseForbidden("You're not allowed to access this page.")
|
2022-03-27 14:50:44 +02:00
|
|
|
|
2020-01-07 21:59:12 +01:00
|
|
|
return new_function
|