2020-01-10 00:01:06 +01:00
|
|
|
from django.http import HttpResponseForbidden
|
|
|
|
from django.shortcuts import get_object_or_404
|
|
|
|
|
|
|
|
from .models import User
|
|
|
|
|
|
|
|
|
|
|
|
def user_view_permission(old_fuction):
|
|
|
|
def new_function(request, pk, *args, **kwargs):
|
|
|
|
inventory_user = get_object_or_404(User, pk=pk)
|
|
|
|
user = request.user
|
2022-03-27 14:50:44 +02:00
|
|
|
if user.has_perm("customers.view_customer", inventory_user.customer):
|
2020-01-10 00:01:06 +01:00
|
|
|
return old_fuction(request, pk)
|
|
|
|
else:
|
|
|
|
return HttpResponseForbidden(
|
|
|
|
"You're not allowed to access this device."
|
2020-08-03 13:41:49 +02:00
|
|
|
)
|
2022-03-27 14:50:44 +02:00
|
|
|
|
2020-01-10 00:01:06 +01:00
|
|
|
return new_function
|