network_inventory/network_inventory/inventory/decorators.py

from django.http import HttpResponseForbidden
from django.shortcuts import get_object_or_404
from .models import Backup, Computer, Customer, Device, ConnectedDevice, Net


def computer_view_permission(old_fuction):
    def new_function(request, pk, *args, **kwargs):
        computer = get_object_or_404(Computer, pk=pk)
        user = request.user
        if user.has_perm('inventory.view_customer', computer.customer):
            return old_fuction(request, pk)
        else:
            return HttpResponseForbidden(
                "You're not allowed to access this device."
                )
    return new_function


def device_view_permission(old_function):
    def new_function(request, pk, *args, **kwargs):
        device = get_object_or_404(Device, pk=pk)
        user = request.user
        if user.has_perm('inventory.view_customer', device.customer):
            return old_function(request, pk)
        else:
            return HttpResponseForbidden(
                "You're not allowed to access this device."
                )
    return new_function


def connect_device_view_permission(old_function):
    def new_function(request, pk, *args, **kwargs):
        device = get_object_or_404(ConnectedDevice, pk=pk)
        user = request.user
        if user.has_perm('inventory.view_customer', device.customer):
            return old_function(request, pk)
        else:
            return HttpResponseForbidden(
                "You're not allowed to access this device."
                )
    return new_function


def customer_view_permission(old_function):
    def new_function(request, pk, *args, **kwargs):
        customer = Customer.objects.get(pk=pk)
        user = request.user
        if user.has_perm('inventory.view_customer', customer):
            return old_function(request, pk)
        else:
            return HttpResponseForbidden(
                "You're not allowed to access this page."
                )
    return new_function


def net_view_permission(old_fuction):
    def new_function(request, pk, *args, **kwargs):
        net = get_object_or_404(Net, pk=pk)
        user = request.user
        if user.has_perm('inventory.view_customer', net.customer):
            return old_fuction(request, pk)
        else:
            return HttpResponseForbidden(
                "You're not allowed to access this device."
                )
    return new_function


def backup_view_permission(old_fuction):
    def new_function(request, pk, *args, **kwargs):
        backup = get_object_or_404(Backup, pk=pk)
        user = request.user
        if user.has_perm('inventory.view_customer', backup.computer.customer):
            return old_fuction(request, pk)
        else:
            return HttpResponseForbidden(
                "You're not allowed to access this device."
                )
    return new_function
add a decorator to check for PC permissions 2019-06-16 15:00:21 +02:00			`from django.http import HttpResponseForbidden`
use get_object_or_404 in computer_view_permission 2019-08-06 21:41:31 +02:00			`from django.shortcuts import get_object_or_404`
add backup_view_permission decorator 2019-12-29 14:03:31 +01:00			`from .models import Backup, Computer, Customer, Device, ConnectedDevice, Net`
add a decorator to check for PC permissions 2019-06-16 15:00:21 +02:00

			`def computer_view_permission(old_fuction):`
rewrite so that all the views get a pk object 2019-09-03 18:49:44 +02:00			`def new_function(request, pk, args, *kwargs):`
			`computer = get_object_or_404(Computer, pk=pk)`
add a decorator to check for PC permissions 2019-06-16 15:00:21 +02:00			`user = request.user`
remove the customer object from decorators The customer object can be used directly from the other object 2019-12-29 13:32:35 +01:00			`if user.has_perm('inventory.view_customer', computer.customer):`
rewrite so that all the views get a pk object 2019-09-03 18:49:44 +02:00			`return old_fuction(request, pk)`
add a decorator to check for PC permissions 2019-06-16 15:00:21 +02:00			`else:`
			`return HttpResponseForbidden(`
			`"You're not allowed to access this device."`
			`)`
			`return new_function`
add decorators for Device and ConnectedDevice 2019-07-19 16:10:33 +02:00

			`def device_view_permission(old_function):`
rewrite so that all the views get a pk object 2019-09-03 18:49:44 +02:00			`def new_function(request, pk, args, *kwargs):`
			`device = get_object_or_404(Device, pk=pk)`
add decorators for Device and ConnectedDevice 2019-07-19 16:10:33 +02:00			`user = request.user`
remove the customer object from decorators The customer object can be used directly from the other object 2019-12-29 13:32:35 +01:00			`if user.has_perm('inventory.view_customer', device.customer):`
fix a typo 2019-11-30 16:51:22 +01:00			`return old_function(request, pk)`
add decorators for Device and ConnectedDevice 2019-07-19 16:10:33 +02:00			`else:`
			`return HttpResponseForbidden(`
			`"You're not allowed to access this device."`
			`)`
			`return new_function`


			`def connect_device_view_permission(old_function):`
rewrite so that all the views get a pk object 2019-09-03 18:49:44 +02:00			`def new_function(request, pk, args, *kwargs):`
			`device = get_object_or_404(ConnectedDevice, pk=pk)`
add decorators for Device and ConnectedDevice 2019-07-19 16:10:33 +02:00			`user = request.user`
remove the customer object from decorators The customer object can be used directly from the other object 2019-12-29 13:32:35 +01:00			`if user.has_perm('inventory.view_customer', device.customer):`
fix a typo 2019-12-01 22:42:20 +01:00			`return old_function(request, pk)`
add decorators for Device and ConnectedDevice 2019-07-19 16:10:33 +02:00			`else:`
			`return HttpResponseForbidden(`
			`"You're not allowed to access this device."`
			`)`
			`return new_function`
add a decorator to check for the customer_view_permission 2019-11-30 14:14:01 +01:00

			`def customer_view_permission(old_function):`
			`def new_function(request, pk, args, *kwargs):`
			`customer = Customer.objects.get(pk=pk)`
			`user = request.user`
			`if user.has_perm('inventory.view_customer', customer):`
			`return old_function(request, pk)`
			`else:`
			`return HttpResponseForbidden(`
			`"You're not allowed to access this page."`
			`)`
			`return new_function`
implement the net detail view 2019-12-11 17:57:48 +01:00

			`def net_view_permission(old_fuction):`
			`def new_function(request, pk, args, *kwargs):`
			`net = get_object_or_404(Net, pk=pk)`
			`user = request.user`
remove the customer object from decorators The customer object can be used directly from the other object 2019-12-29 13:32:35 +01:00			`if user.has_perm('inventory.view_customer', net.customer):`
			`return old_fuction(request, pk)`
			`else:`
			`return HttpResponseForbidden(`
			`"You're not allowed to access this device."`
			`)`
			`return new_function`
add backup_view_permission decorator 2019-12-29 14:03:31 +01:00

			`def backup_view_permission(old_fuction):`
			`def new_function(request, pk, args, *kwargs):`
			`backup = get_object_or_404(Backup, pk=pk)`
			`user = request.user`
			`if user.has_perm('inventory.view_customer', backup.computer.customer):`
implement the net detail view 2019-12-11 17:57:48 +01:00			`return old_fuction(request, pk)`
			`else:`
			`return HttpResponseForbidden(`
			`"You're not allowed to access this device."`
			`)`
			`return new_function`