diff --git a/RIGS/management/commands/generateSampleData.py b/RIGS/management/commands/generateSampleData.py index 5263a030..e17e2ff4 100644 --- a/RIGS/management/commands/generateSampleData.py +++ b/RIGS/management/commands/generateSampleData.py @@ -121,8 +121,8 @@ class Command(BaseCommand): self.keyholder_group = Group.objects.create(name='Keyholders') self.finance_group = Group.objects.create(name='Finance') - keyholderPerms = ["add_event", "change_event", "view_event", "add_eventitem", "change_eventitem", "delete_eventitem", "add_organisation", "change_organisation", "view_organisation", "add_person", "change_person", "view_person", "view_profile", "add_venue", "change_venue", "view_venue"] - financePerms = ["change_event", "view_event", "add_eventitem", "change_eventitem", "add_invoice", "change_invoice", "view_invoice", "add_organisation", "change_organisation", "view_organisation", "add_payment", "change_payment", "delete_payment", "add_person", "change_person", "view_person"] + keyholderPerms = ["add_event", "change_event", "view_event", "add_eventitem", "change_eventitem", "delete_eventitem", "add_organisation", "change_organisation", "view_organisation", "add_person", "change_person", "view_person", "view_profile", "add_venue", "change_venue", "view_venue", "add_asset", "change_asset", "delete_asset", "asset_finance"] + financePerms = ["change_event", "view_event", "add_eventitem", "change_eventitem", "add_invoice", "change_invoice", "view_invoice", "add_organisation", "change_organisation", "view_organisation", "add_payment", "change_payment", "delete_payment", "add_person", "change_person", "view_person", "asset_finance", "change_asset"] for permId in keyholderPerms: self.keyholder_group.permissions.add(Permission.objects.get(codename=permId)) diff --git a/assets/migrations/0010_auto_20191011_1322.py b/assets/migrations/0010_auto_20191011_1322.py new file mode 100644 index 00000000..919c8466 --- /dev/null +++ b/assets/migrations/0010_auto_20191011_1322.py @@ -0,0 +1,17 @@ +# Generated by Django 2.0.13 on 2019-10-11 12:22 + +from django.db import migrations + + +class Migration(migrations.Migration): + + dependencies = [ + ('assets', '0009_auto_20191008_2148'), + ] + + operations = [ + migrations.AlterModelOptions( + name='asset', + options={'permissions': (('asset_finance', 'Can see financial data for assets'),)}, + ), + ] diff --git a/assets/models.py b/assets/models.py index adeb2ced..d809f25e 100644 --- a/assets/models.py +++ b/assets/models.py @@ -62,6 +62,11 @@ class Asset(PolymorphicModel): def __str__(self): return str(self.asset_id) + ' - ' + self.description + class Meta: + permissions = ( + ('asset_finance', 'Can see financial data for assets'), + ) + class Connector(models.Model): description = models.CharField(max_length=80) current_rating = models.DecimalField(decimal_places=2, max_digits=10, help_text='Amps') diff --git a/assets/templates/asset_update.html b/assets/templates/asset_update.html index 63a220a7..39291814 100644 --- a/assets/templates/asset_update.html +++ b/assets/templates/asset_update.html @@ -32,9 +32,11 @@
+ {% if perms.asset.asset_financial %}
{% include 'partials/purchasedetails_form.html' %}
+ {% endif %} diff --git a/assets/templates/partials/asset_list_table_body.html b/assets/templates/partials/asset_list_table_body.html index 1eea6a73..17012240 100644 --- a/assets/templates/partials/asset_list_table_body.html +++ b/assets/templates/partials/asset_list_table_body.html @@ -16,10 +16,13 @@ {{ item.category }} {{ item.status }} +
View + {% if perms.assets.change_asset %} Edit Duplicate + {% endif %}
diff --git a/assets/urls.py b/assets/urls.py index 09c12047..d8d87ce1 100644 --- a/assets/urls.py +++ b/assets/urls.py @@ -2,25 +2,26 @@ from django.urls import path, include from rest_framework import routers from assets import views, api +from PyRIGS.decorators import permission_required_with_403 + router = routers.DefaultRouter() router.register(r'api/assets', api.AssetViewSet) urlpatterns = [ - # path('', views.Index.as_view(), name='index'), path('', views.AssetList.as_view(), name='index'), path('asset/list/', views.AssetList.as_view(), name='asset_list'), path('asset//', views.AssetDetail.as_view(), name='asset_detail'), - path('asset/create/', views.AssetCreate.as_view(), name='asset_create'), - path('asset//edit/', views.AssetEdit.as_view(), name='asset_update'), - path('asset//duplicate/', views.AssetDuplicate.as_view(), name='asset_duplicate'), - path('asset/delete/', views.asset_delete, name='ajax_asset_delete'), + path('asset/create/', permission_required_with_403('assets.create_asset')(views.AssetCreate.as_view()), name='asset_create'), + path('asset//edit/', permission_required_with_403('assets.change_asset')(views.AssetEdit.as_view()), name='asset_update'), + path('asset//duplicate/', permission_required_with_403('assets.create_asset')(views.AssetDuplicate.as_view()), name='asset_duplicate'), + path('asset/delete/', permission_required_with_403('assets.delete_asset')(views.asset_delete), name='ajax_asset_delete'), path('asset/search/', views.AssetSearch.as_view(), name='asset_search_json'), path('supplier/list', views.SupplierList.as_view(), name='supplier_list'), path('supplier/', views.SupplierDetail.as_view(), name='supplier_detail'), - path('supplier/create', views.SupplierCreate.as_view(), name='supplier_create'), - path('supplier//edit', views.SupplierUpdate.as_view(), name='supplier_update'), + path('supplier/create', permission_required_with_403('assets.create_supplier')(views.SupplierCreate.as_view()), name='supplier_create'), + path('supplier//edit', permission_required_with_403('assets.edit_supplier')(views.SupplierUpdate.as_view()), name='supplier_update'), path('', include(router.urls)), ]