add a custom function for view_permissions
This commit is contained in:
parent
2ff96a4976
commit
ffae6e4ac6
|
@ -1,5 +1,6 @@
|
|||
from django.apps import apps
|
||||
from django.http import Http404
|
||||
from django.shortcuts import get_object_or_404
|
||||
from guardian.shortcuts import get_objects_for_user
|
||||
|
||||
from customers.models import Customer
|
||||
|
@ -65,3 +66,14 @@ def get_objects(model_name, user):
|
|||
model = app.models[model_name]
|
||||
return model.objects.filter(customer__in=customers)
|
||||
raise Http404("Model ", model_name, " not found.")
|
||||
|
||||
|
||||
def get_object_with_view_permission(model, user=None, pk=None):
|
||||
requested_object = get_object_or_404(model, id=pk)
|
||||
model_name = model.__name__.lower()
|
||||
permission = "{}s.view_{}".format(model_name, model_name)
|
||||
print(permission)
|
||||
if user.has_perm(permission, requested_object):
|
||||
return requested_object
|
||||
else:
|
||||
raise Http404()
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
from django.contrib.auth.decorators import login_required
|
||||
from django.contrib.auth.mixins import LoginRequiredMixin
|
||||
from django.http.response import Http404
|
||||
from django.http.response import HttpResponse
|
||||
from django.shortcuts import get_object_or_404
|
||||
from django.shortcuts import render
|
||||
from django.template.response import TemplateResponse
|
||||
from django.urls import reverse
|
||||
|
@ -45,15 +43,12 @@ def htmx_create_customer(request):
|
|||
|
||||
@login_required
|
||||
def customer_detail_view(request, pk):
|
||||
customer = get_object_or_404(Customer, pk=pk)
|
||||
|
||||
if request.user.has_perm('view_customer', customer):
|
||||
context = {'customer': customer}
|
||||
return TemplateResponse(request,
|
||||
"customers/customer_details.html",
|
||||
context)
|
||||
else:
|
||||
raise Http404()
|
||||
customer = utils.get_object_with_view_permission(
|
||||
Customer, user=request.user, pk=pk)
|
||||
context = {'customer': customer}
|
||||
return TemplateResponse(request,
|
||||
"customers/customer_details.html",
|
||||
context)
|
||||
|
||||
|
||||
class CustomerCreateView(LoginRequiredMixin, CreateView):
|
||||
|
|
Loading…
Reference in New Issue