Nebucatnetzer
/
network_inventory
mirror of https://github.com/Nebucatnetzer/network_inventory.git
1
0
Fork 0
Code Issues Releases Wiki Activity

add a custom function for view_permissions

This commit is contained in:
Andreas Zweili 2021-12-23 19:28:47 +01:00
parent 2ff96a4976
commit ffae6e4ac6
2 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
core/utils.py
View File

@ -1,5 +1,6 @@
from django.apps import apps
from django.http import Http404
from django.shortcuts import get_object_or_404
from guardian.shortcuts import get_objects_for_user
from customers.models import Customer
@ -65,3 +66,14 @@ def get_objects(model_name, user):
model = app.models[model_name]
return model.objects.filter(customer__in=customers)
raise Http404("Model ", model_name, " not found.")
def get_object_with_view_permission(model, user=None, pk=None):
requested_object = get_object_or_404(model, id=pk)
model_name = model.__name__.lower()
permission = "{}s.view_{}".format(model_name, model_name)
print(permission)
if user.has_perm(permission, requested_object):
return requested_object
else:
raise Http404()

17
customers/views.py
View File

@ -1,8 +1,6 @@
from django.contrib.auth.decorators import login_required
from django.contrib.auth.mixins import LoginRequiredMixin
from django.http.response import Http404
from django.http.response import HttpResponse
from django.shortcuts import get_object_or_404
from django.shortcuts import render
from django.template.response import TemplateResponse
from django.urls import reverse
@ -45,15 +43,12 @@ def htmx_create_customer(request):
@login_required
def customer_detail_view(request, pk):
customer = get_object_or_404(Customer, pk=pk)
if request.user.has_perm('view_customer', customer):
context = {'customer': customer}
return TemplateResponse(request,
"customers/customer_details.html",
context)
else:
raise Http404()
customer = utils.get_object_with_view_permission(
Customer, user=request.user, pk=pk)
context = {'customer': customer}
return TemplateResponse(request,
"customers/customer_details.html",
context)
class CustomerCreateView(LoginRequiredMixin, CreateView):