diff --git a/computers/forms.py b/computers/forms.py index 887a7ff..c793074 100644 --- a/computers/forms.py +++ b/computers/forms.py @@ -11,6 +11,9 @@ from computers.models import ComputerSoftwareRelation from computers.models import Raid from customers.models import Customer +from customers.models import Location + +from users.models import User class ComputerCreateForm(forms.ModelForm): @@ -27,16 +30,31 @@ class ComputerCreateForm(forms.ModelForm): we can use to assign to the field. """ super(ComputerCreateForm, self).__init__(*args, **kwargs) - if not user.is_superuser: - self.fields['customer'].queryset = ( - utils.get_all_objects_for_allowed_customers( - Customer, user=user)) + customers = utils.objects_for_allowed_customers(Customer, + user=user) + self.fields['customer'].queryset = customers class ComputerUpdateForm(forms.ModelForm): """ Basic form class to use crispies HTML5 forms. """ + + def __init__(self, request, *args, **kwargs): + super(ComputerUpdateForm, self).__init__(*args, **kwargs) + customers = utils.objects_for_allowed_customers(Customer, + user=request.user) + locations = utils.objects_for_allowed_customers(Location, + user=request.user) + hosts = utils.objects_for_allowed_customers(Computer, + user=request.user) + users = utils.objects_for_allowed_customers(User, + user=request.user) + self.fields['customer'].queryset = customers + self.fields['location'].queryset = locations + self.fields['host'].queryset = hosts + self.fields['user'].queryset = users + class Meta: model = Computer fields = '__all__' diff --git a/computers/tests/test_computer_form.py b/computers/tests/test_computer_form.py index 243f42d..0ec5993 100644 --- a/computers/tests/test_computer_form.py +++ b/computers/tests/test_computer_form.py @@ -1,6 +1,8 @@ import pytest from mixer.backend.django import mixer +from django.http import HttpRequest + from computers import forms pytestmark = pytest.mark.django_db @@ -27,17 +29,19 @@ def test_computer_create_form(create_admin_user): def test_computer_update_form(create_admin_user): fixture = create_admin_user() - form = forms.ComputerUpdateForm(data={}) + request = HttpRequest() + request.user = fixture['admin'] + form = forms.ComputerUpdateForm(request, data={}) assert form.is_valid() is False, ( "Should be false because no data was given") data = {"name": "pharma-pc1", "customer": 20356} - form = forms.ComputerUpdateForm(data=data) + form = forms.ComputerUpdateForm(request, data=data) assert form.is_valid() is False, ( "Should be false because the customer doesn't exist.") data = {"name": "pharma-pc1", "customer": fixture['customer'].id} - form = forms.ComputerUpdateForm(data=data) + form = forms.ComputerUpdateForm(request, data=data) assert form.is_valid() is True, ("Should be valid with the given data.") diff --git a/computers/views.py b/computers/views.py index 37fcccb..1aadf6f 100644 --- a/computers/views.py +++ b/computers/views.py @@ -92,8 +92,8 @@ class ComputersFilterView(LoginRequiredMixin, SingleTableMixin, FilterView): filterset_class = ComputerFilter def get_queryset(self): - return utils.get_all_objects_for_allowed_customers(Computer, - self.request.user) + return utils.objects_for_allowed_customers(Computer, + self.request.user) class ComputerCreateFromCustomerView(LoginRequiredMixin, CreateView): @@ -135,12 +135,12 @@ def computer_update_view(request, pk): user=request.user, pk=pk) if request.method == 'POST': - form = ComputerUpdateForm(request.POST, instance=computer) + form = ComputerUpdateForm(request, request.POST, instance=computer) if form.is_valid(): computer = form.save() return redirect(computer) else: - form = ComputerUpdateForm(instance=computer) + form = ComputerUpdateForm(request, instance=computer) return TemplateResponse(request, template_name, {'form': form}) diff --git a/core/tests/test_get_all_objects_for_allowed_customers.py b/core/tests/test_get_all_objects_for_allowed_customers.py index 1cbcefb..a6c3d8b 100644 --- a/core/tests/test_get_all_objects_for_allowed_customers.py +++ b/core/tests/test_get_all_objects_for_allowed_customers.py @@ -10,21 +10,21 @@ from devices.models import Device pytestmark = pytest.mark.django_db -def test_get_all_objects_for_allowed_customers(create_admin_user): +def test_objects_for_allowed_customers(create_admin_user): fixture = create_admin_user() customer = fixture['customer'] admin = fixture['admin'] - objects = utils.get_all_objects_for_allowed_customers( + objects = utils.objects_for_allowed_customers( Customer, user=admin) assert objects[0] == customer -def test_get_all_objects_for_allowed_customers_device(create_admin_user): +def test_objects_for_allowed_customers_device(create_admin_user): fixture = create_admin_user() customer = fixture['customer'] admin = fixture['admin'] device = mixer.blend(Device, customer=customer) - objects = utils.get_all_objects_for_allowed_customers( + objects = utils.objects_for_allowed_customers( Device, user=admin) assert objects[0] == device @@ -33,7 +33,7 @@ def test_get_all_objects_for_unallowed_customers(create_admin_user): fixture = create_admin_user() customer = mixer.blend(Customer) admin = fixture['admin'] - objects = utils.get_all_objects_for_allowed_customers( + objects = utils.objects_for_allowed_customers( Customer, user=admin) assert customer not in objects @@ -43,6 +43,6 @@ def test_get_all_objects_for_unallowed_customers_device(create_admin_user): customer = mixer.blend(Customer) admin = fixture['admin'] device = mixer.blend(Device, customer=customer) - objects = utils.get_all_objects_for_allowed_customers( + objects = utils.objects_for_allowed_customers( Device, user=admin) assert device not in objects diff --git a/core/utils.py b/core/utils.py index fb845ea..76ffac8 100644 --- a/core/utils.py +++ b/core/utils.py @@ -52,7 +52,7 @@ def get_object_with_view_permission(model, user=None, pk=None): raise Http404() -def get_all_objects_for_allowed_customers(model, user=None): +def objects_for_allowed_customers(model, user=None): customers = _get_customers(user) if model.__name__ == 'Customer': return customers diff --git a/customers/views.py b/customers/views.py index 037f3ea..fbd44da 100644 --- a/customers/views.py +++ b/customers/views.py @@ -16,7 +16,7 @@ from .tables import CustomersTable @login_required def customers_table_view(request): - customers = utils.get_all_objects_for_allowed_customers( + customers = utils.objects_for_allowed_customers( Customer, request.user) table = CustomersTable(customers) RequestConfig(request).configure(table) diff --git a/devices/forms.py b/devices/forms.py index 53e6d8b..57040e4 100644 --- a/devices/forms.py +++ b/devices/forms.py @@ -3,11 +3,14 @@ import floppyforms.__future__ as forms from core import utils from customers.models import Customer +from customers.models import Location from devices.models import Device from devices.models import DeviceInNet from devices.models import Warranty +from users.models import User + class DeviceCreateForm(forms.ModelForm): class Meta: @@ -23,16 +26,28 @@ class DeviceCreateForm(forms.ModelForm): we can use to assign to the field. """ super(DeviceCreateForm, self).__init__(*args, **kwargs) - if not user.is_superuser: - self.fields['customer'].queryset = ( - utils.get_all_objects_for_allowed_customers( - Customer, user=user)) + self.fields['customer'].queryset = ( + utils.objects_for_allowed_customers( + Customer, user=user)) class DeviceUpdateForm(forms.ModelForm): """ Basic form class to use crispies HTML5 forms. """ + + def __init__(self, request, *args, **kwargs): + super(DeviceUpdateForm, self).__init__(*args, **kwargs) + customers = utils.objects_for_allowed_customers(Customer, + user=request.user) + locations = utils.objects_for_allowed_customers(Location, + user=request.user) + users = utils.objects_for_allowed_customers(User, + user=request.user) + self.fields['customer'].queryset = customers + self.fields['location'].queryset = locations + self.fields['user'].queryset = users + class Meta: model = Device fields = '__all__' diff --git a/devices/tests/test_device_form.py b/devices/tests/test_device_form.py index 8566948..503c6f8 100644 --- a/devices/tests/test_device_form.py +++ b/devices/tests/test_device_form.py @@ -1,6 +1,8 @@ import pytest from mixer.backend.django import mixer +from django.http import HttpRequest + from devices import forms pytestmark = pytest.mark.django_db @@ -27,19 +29,21 @@ def test_device_create_form(create_admin_user): def test_device_update_form(create_admin_user): fixture = create_admin_user() - form = forms.DeviceUpdateForm(data={}) + request = HttpRequest() + request.user = fixture['admin'] + form = forms.DeviceUpdateForm(request, data={}) assert form.is_valid() is False, ( "Should be false because no data was given") data = {"name": "pharma-device1", "customer": 3} - form = forms.DeviceUpdateForm(data=data) + form = forms.DeviceUpdateForm(request, data=data) assert form.is_valid() is False, ( "Should be false because the customer doesn't exist.") data = {"name": "pharma-device1", "customer": fixture['customer'].id} - form = forms.DeviceUpdateForm(data=data) + form = forms.DeviceUpdateForm(request, data=data) assert form.is_valid() is True, ("Should be valid with the given data.") diff --git a/devices/urls.py b/devices/urls.py index 25e64d8..54ddaa6 100644 --- a/devices/urls.py +++ b/devices/urls.py @@ -14,7 +14,7 @@ urlpatterns = [ views.DeviceCreateFromCustomerView.as_view(), name='device_create'), path('update/device//', - views.DeviceUpdateView.as_view(), + views.device_update_view, name='device_update'), path('delete/device//', views.DeviceDeleteView.as_view(), name='device_delete'), diff --git a/devices/views.py b/devices/views.py index ea509d7..eb9e95b 100644 --- a/devices/views.py +++ b/devices/views.py @@ -1,7 +1,8 @@ from django.contrib.auth.decorators import login_required from django.contrib.auth.mixins import LoginRequiredMixin -from django.shortcuts import get_object_or_404 +from django.shortcuts import get_object_or_404, redirect from django.shortcuts import render +from django.template.response import TemplateResponse from django.urls import reverse from django.views.generic import CreateView from django.views.generic import DetailView @@ -60,7 +61,7 @@ def devices_table_view(request, pk): @login_required def warranties_view(request): table = WarrantiesTable( - utils.get_all_objects_for_allowed_customers(Warranty, request.user)) + utils.objects_for_allowed_customers(Warranty, request.user)) RequestConfig(request).configure(table) return render(request, 'devices/warranties_list.html', @@ -96,13 +97,23 @@ class DeviceCreateFromCustomerView(LoginRequiredMixin, CreateView): } -class DeviceUpdateView(LoginRequiredMixin, UpdateView): - model = Device - form_class = DeviceUpdateForm - template_name = 'devices/device_update.html' - - def get_success_url(self): - return self.request.POST.get('previous_page') +@login_required +def device_update_view(request, pk): + """ + A view to create a customer. + """ + template_name = 'computers/computer_update.html' + device = utils.get_object_with_view_permission(Device, + user=request.user, + pk=pk) + if request.method == 'POST': + form = DeviceUpdateForm(request, request.POST, instance=device) + if form.is_valid(): + device = form.save() + return redirect(device) + else: + form = DeviceUpdateForm(request, instance=device) + return TemplateResponse(request, template_name, {'form': form}) class DeviceDeleteView(LoginRequiredMixin, DeleteView):