2020-01-10 00:01:06 +01:00
|
|
|
from django.http import HttpResponseForbidden
|
|
|
|
from django.shortcuts import get_object_or_404
|
|
|
|
|
|
|
|
from .models import User
|
|
|
|
|
|
|
|
|
|
|
|
def user_view_permission(old_fuction):
|
|
|
|
def new_function(request, pk, *args, **kwargs):
|
|
|
|
inventory_user = get_object_or_404(User, pk=pk)
|
|
|
|
user = request.user
|
2022-03-27 14:50:44 +02:00
|
|
|
if user.has_perm("customers.view_customer", inventory_user.customer):
|
2020-01-10 00:01:06 +01:00
|
|
|
return old_fuction(request, pk)
|
|
|
|
else:
|
2023-07-10 16:47:01 +02:00
|
|
|
return HttpResponseForbidden("You're not allowed to access this device.")
|
2022-03-27 14:50:44 +02:00
|
|
|
|
2020-01-10 00:01:06 +01:00
|
|
|
return new_function
|