2020-01-10 00:01:06 +01:00
|
|
|
from django.http import HttpResponseForbidden
|
|
|
|
from django.shortcuts import get_object_or_404
|
|
|
|
|
|
|
|
from .models import Device
|
|
|
|
|
|
|
|
|
|
|
|
def device_view_permission(old_function):
|
|
|
|
def new_function(request, pk, *args, **kwargs):
|
|
|
|
device = get_object_or_404(Device, pk=pk)
|
|
|
|
user = request.user
|
2022-03-27 14:50:44 +02:00
|
|
|
if user.has_perm("customers.view_customer", device.customer):
|
2020-01-10 00:01:06 +01:00
|
|
|
return old_function(request, pk)
|
|
|
|
else:
|
2023-07-10 16:47:01 +02:00
|
|
|
return HttpResponseForbidden("You're not allowed to access this device.")
|
2022-03-27 14:50:44 +02:00
|
|
|
|
2020-01-10 00:01:06 +01:00
|
|
|
return new_function
|