Merge branch 'master' into auth_fixes

FIX: Additionally fix datestamp on HTML client emails (#321 )
FIX #321 : Authorisation Success emails dated 'None'
2026-01-21 15:32:14 +00:00 · 2019-12-31 12:34:08 +00:00 · 2019-11-26 20:10:20 +00:00 · 2019-11-26 18:18:49 +00:00
21 changed files with 112 additions and 286 deletions
--- a/PyRIGS/decorators.py
+++ b/PyRIGS/decorators.py
@@ -6,34 +6,6 @@ from django.urls import reverse
 from RIGS import models


-def get_oembed(login_url, request, oembed_view, kwargs):
-    context = {}
-    context['oembed_url'] = "{0}://{1}{2}".format(request.scheme, request.META['HTTP_HOST'], reverse(oembed_view, kwargs=kwargs))
-    context['login_url'] = "{0}?{1}={2}".format(login_url, REDIRECT_FIELD_NAME, request.get_full_path())
-    resp = render(request, 'login_redirect.html', context=context)
-    return resp
-
-
-def has_oembed(oembed_view, login_url=None):
-    if not login_url:
-        from django.conf import settings
-        login_url = settings.LOGIN_URL
-
-    def _dec(view_func):
-        def _checklogin(request, *args, **kwargs):
-            if request.user.is_authenticated:
-                return view_func(request, *args, **kwargs)
-            else:
-                if oembed_view is not None:
-                    return get_oembed(login_url, request, oembed_view, kwargs)
-                else:
-                    return HttpResponseRedirect('%s?%s=%s' % (login_url, REDIRECT_FIELD_NAME, request.get_full_path()))
-        _checklogin.__doc__ = view_func.__doc__
-        _checklogin.__dict__ = view_func.__dict__
-        return _checklogin
-    return _dec
-
-
 def user_passes_test_with_403(test_func, login_url=None, oembed_view=None):
    """
    Decorator for views that checks that the user passes the given test.
@@ -53,7 +25,11 @@ def user_passes_test_with_403(test_func, login_url=None, oembed_view=None):
                return view_func(request, *args, **kwargs)
            elif not request.user.is_authenticated:
                if oembed_view is not None:
-                    return get_oembed(login_url, request, oembed_view, kwargs)
+                    context = {}
+                    context['oembed_url'] = "{0}://{1}{2}".format(request.scheme, request.META['HTTP_HOST'], reverse(oembed_view, kwargs=kwargs))
+                    context['login_url'] = "{0}?{1}={2}".format(login_url, REDIRECT_FIELD_NAME, request.get_full_path())
+                    resp = render(request, 'login_redirect.html', context=context)
+                    return resp
                else:
                    return HttpResponseRedirect('%s?%s=%s' % (login_url, REDIRECT_FIELD_NAME, request.get_full_path()))
            else:
--- a/RIGS/templates/RIGS/password_reset_disable.html
+++ b/RIGS/templates/RIGS/password_reset_disable.html
@@ -1,9 +0,0 @@
-{% extends 'base_rigs.html' %}
-
-{% block title %}Password Reset Disabled{% endblock %}
-
-{% block content %}
-<h1>Password reset is disabled</h1>
-<p> We are very sorry for the inconvenience, but due to a security vulnerability, password reset is currently disabled until the vulnerability can be patched.</p>
-<p> If you are locked out of your account, please contact an administrator and we can manually perform a reset</p>
-{% endblock %}
--- a/RIGS/urls.py
+++ b/RIGS/urls.py
@@ -19,7 +19,7 @@ urlpatterns = [
    url('^user/login/$', views.login, name='login'),
    url('^user/login/embed/$', xframe_options_exempt(views.login_embed), name='login_embed'),

-    url(r'^user/password_reset/$', views.PasswordResetDisabled.as_view()),
+    url(r'^user/password_reset/$', password_reset, {'password_reset_form': forms.PasswordReset}),

    # People
    url(r'^people/$', permission_required_with_403('RIGS.view_person')(views.PersonList.as_view()),
--- a/RIGS/versioning.py
+++ b/RIGS/versioning.py
@@ -168,7 +168,7 @@ class RIGSVersionManager(VersionQuerySet):
        for model in model_array:
            content_types.append(ContentType.objects.get_for_model(model))

-        return self.filter(content_type__in=content_types).select_related("revision").order_by("-revision__date_created")
+        return self.filter(content_type__in=content_types).select_related("revision").order_by("-pk")


 class RIGSVersion(Version):
@@ -206,7 +206,7 @@ class VersionHistory(generic.ListView):
    paginate_by = 25

    def get_queryset(self, **kwargs):
-        return RIGSVersion.objects.get_for_object(self.get_object()).select_related("revision", "revision__user").all().order_by("-revision__date_created")
+        return RIGSVersion.objects.get_for_object(self.get_object()).select_related("revision", "revision__user").all()

    def get_object(self, **kwargs):
        return get_object_or_404(self.kwargs['model'], pk=self.kwargs['pk'])
@@ -225,7 +225,7 @@ class ActivityTable(generic.ListView):

    def get_queryset(self):
        versions = RIGSVersion.objects.get_for_multiple_models([models.Event, models.Venue, models.Person, models.Organisation, models.EventAuthorisation])
-        return versions.order_by("-revision__date_created")
+        return versions


 class ActivityFeed(generic.ListView):
@@ -235,7 +235,7 @@ class ActivityFeed(generic.ListView):

    def get_queryset(self):
        versions = RIGSVersion.objects.get_for_multiple_models([models.Event, models.Venue, models.Person, models.Organisation, models.EventAuthorisation])
-        return versions.order_by("-revision__date_created")
+        return versions

    def get_context_data(self, **kwargs):
        # Call the base implementation first to get a context
--- a/RIGS/views.py
+++ b/RIGS/views.py
@@ -17,7 +17,6 @@ from django.views.decorators.csrf import csrf_exempt


 from RIGS import models, forms
-from assets import models as asset_models
 from functools import reduce

 """
@@ -249,7 +248,6 @@ class SecureAPIRequest(generic.View):
        'organisation': models.Organisation,
        'profile': models.Profile,
        'event': models.Event,
-        'supplier': asset_models.Supplier
    }

    perms = {
@@ -258,7 +256,6 @@ class SecureAPIRequest(generic.View):
        'organisation': 'RIGS.view_organisation',
        'profile': 'RIGS.view_profile',
        'event': None,
-        'supplier': None
    }

    '''
@@ -392,7 +389,3 @@ class ResetApiKey(generic.RedirectView):
        self.request.user.save()

        return reverse_lazy('profile_detail')
-
-
-class PasswordResetDisabled(generic.TemplateView):
-    template_name = "RIGS/password_reset_disable.html"
--- a/assets/filters.py
+++ b/assets/filters.py
@@ -6,4 +6,4 @@ from assets import models
 class AssetFilter(django_filters.FilterSet):
    class Meta:
        model = models.Asset
-        fields = ['asset_id', 'description', 'serial_number', 'category', 'status']
+        fields = ['asset_id', 'description', 'category', 'status']
--- a/assets/forms.py
+++ b/assets/forms.py
@@ -4,11 +4,6 @@ from assets import models


 class AssetForm(forms.ModelForm):
-    related_models = {
-        'asset': models.Asset,
-        'supplier': models.Supplier
-    }
-
    class Meta:
        model = models.Asset
        fields = '__all__'
--- a/assets/migrations/0009_auto_20200103_2215.py
+++ b/assets/migrations/0009_auto_20200103_2215.py
@@ -1,32 +0,0 @@
-# Generated by Django 2.0.13 on 2020-01-03 22:15
-
-from django.db import migrations, models
-import django.db.models.deletion
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('assets', '0008_auto_20191206_2124'),
-    ]
-
-    operations = [
-        migrations.AlterModelOptions(
-            name='assetcategory',
-            options={'ordering': ['name'], 'verbose_name': 'Asset Category', 'verbose_name_plural': 'Asset Categories'},
-        ),
-        migrations.AlterModelOptions(
-            name='assetstatus',
-            options={'ordering': ['name'], 'verbose_name': 'Asset Status', 'verbose_name_plural': 'Asset Statuses'},
-        ),
-        migrations.AddField(
-            model_name='assetstatus',
-            name='display_class',
-            field=models.CharField(blank=True, help_text='HTML class to be appended to alter display of assets with this status, such as in the list.', max_length=80, null=True),
-        ),
-        migrations.AlterField(
-            model_name='asset',
-            name='purchased_from',
-            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='assets', to='assets.Supplier'),
-        ),
-    ]
--- a/assets/models.py
+++ b/assets/models.py
@@ -16,7 +16,6 @@ class AssetCategory(models.Model):
    class Meta:
        verbose_name = 'Asset Category'
        verbose_name_plural = 'Asset Categories'
-        ordering = ['name']

    name = models.CharField(max_length=80)

@@ -28,12 +27,10 @@ class AssetStatus(models.Model):
    class Meta:
        verbose_name = 'Asset Status'
        verbose_name_plural = 'Asset Statuses'
-        ordering = ['name']

    name = models.CharField(max_length=80)
    should_show = models.BooleanField(
        default=True, help_text="Should this be shown by default in the asset list.")
-    display_class = models.CharField(max_length=80, blank=True, null=True, help_text="HTML class to be appended to alter display of assets with this status, such as in the list.")

    def __str__(self):
        return self.name
@@ -81,7 +78,7 @@ class Asset(models.Model, RevisionMixin):
    category = models.ForeignKey(to=AssetCategory, on_delete=models.CASCADE)
    status = models.ForeignKey(to=AssetStatus, on_delete=models.CASCADE)
    serial_number = models.CharField(max_length=150, blank=True)
-    purchased_from = models.ForeignKey(to=Supplier, on_delete=models.CASCADE, blank=True, null=True, related_name="assets")
+    purchased_from = models.ForeignKey(to=Supplier, on_delete=models.CASCADE, blank=True, null=True)
    date_acquired = models.DateField()
    date_sold = models.DateField(blank=True, null=True)
    purchase_price = models.DecimalField(blank=True, null=True, decimal_places=2, max_digits=10)
--- a/assets/templates/asset_create.html
+++ b/assets/templates/asset_create.html
@@ -3,6 +3,7 @@
 {% load asset_templatetags %}
 {% block title %}Asset {{ object.asset_id }}{% endblock %}

+
 {% block content %}

 <div class="page-header">
--- a/assets/templates/asset_embed.html
+++ b/assets/templates/asset_embed.html
@@ -1,45 +0,0 @@
-{% extends 'base_embed.html' %}
-{% load static from staticfiles %}
-
-{% block content %}
-
-<div class="row">
-    <div class="col-sm-12">
-        <a href="/assets">
-            <span class="source"> TEC Asset Database</span> 
-        </a>
-    </div>
-
-    <div class="col-sm-12">
-        <h3>
-            <a href="{% url 'asset_detail' object.asset_id %}">Asset: {{ object.asset_id }} | {{ object.description }} </a>
-            <small class="label label-default">
-                <strong>Category:</strong>
-                {{ object.category }}
-            </small>
-            &nbsp;
-            <small class="label label-{{ object.status.display_class|default:'default' }}">
-                <strong>Status:</strong>
-                {{ object.status }}
-            </small>
-        </h3>  
-        <br>
-        {% if object.serial_number %}
-            <p>
-            <strong>Serial Number: </strong>
-            {{ object.serial_number }}
-            </p>
-        {% endif %}
-        {% if object.comments %}
-            <p>
-            <strong>Comments: </strong>
-            {{ object.comments|linebreaksbr }}
-            </p>
-        {% endif %}
-            
-        </table>
-    </div>
-</div>
-
-
-{% endblock %}
--- a/assets/templates/asset_list.html
+++ b/assets/templates/asset_list.html
@@ -11,8 +11,8 @@

 <form id="asset-search-form" method="get" class="form-inline pull-right">
  <div class="input-group pull-right" style="width: auto;">
-    {% render_field form.query|add_class:'form-control' placeholder='Search by Asset ID/Desc/Serial' style="width: 250px"%}
-    <label for="query" class="sr-only">Asset ID/Description/Serial Number:</label>
+    {% render_field form.query|add_class:'form-control' placeholder='Search by Asset ID/Description' style="width: 250px"%}
+    <label for="query" class="sr-only">Asset ID/Description:</label>
    <span class="input-group-btn"><button type="submit" class="btn btn-default">Search</button></span>
  </div>
  <br>
--- a/assets/templates/asset_update.html
+++ b/assets/templates/asset_update.html
@@ -3,6 +3,7 @@
 {% load asset_templatetags %}
 {% block title %}Asset {{ object.asset_id }}{% endblock %}

+
 {% block content %}

 <div class="page-header">
@@ -44,7 +45,7 @@
  </div>
 </form>

-{% if not edit and perms.assets.view_asset %}
+{% if not edit %}
 <div class="col-sm-12 text-right">
    <div>
        <a href="{% url 'asset_history' object.asset_id %}" title="View Revision History">
--- a/assets/templates/partials/asset_list_table_body.html
+++ b/assets/templates/partials/asset_list_table_body.html
@@ -1,6 +1,20 @@
 {% for item in object_list %}
    {#                <li><a href="{% url 'asset_detail' item.pk %}">{{ item.asset_id }} - {{ item.description }}</a></li>#}
-    <!---TODO: When the ability to filter the list is added, remove the colours from the filter - specifically, stop greying out sold/binned stuff if it is being searched for-->    <tr class={{ item.status.display_class|default:"" }}>
+    <!---TODO: When the ability to filter the list is added, remove the colours from the filter - specifically, stop greying out sold/binned stuff if it is being searched for-->    <tr class="
+                {% if item.status.name == 'Broken' %}
+                  danger
+                {% elif item.status.name == 'Scrapped'%}
+                  warning
+                {% elif item.status.name == 'Sold'%}
+                  warning
+                {% elif item.status.name == 'Lost'%}
+                  danger
+                {% elif item.status.name == 'Not Built Yet'%}
+                  info
+                {% elif item.status.name == 'Active'%}
+                  success
+                {% endif %}
+                ">
        <td style="vertical-align: middle;"><a href="{% url 'asset_detail' item.asset_id %}">{{ item.asset_id }}</a></td>
        <td style="vertical-align: middle; text-overflow: ellipsis; white-space: nowrap; overflow: hidden; max-width: 25vw">{{ item.description }}</td>
        <td style="vertical-align: middle;">{{ item.category }}</td>
--- a/assets/templates/partials/purchasedetails_form.html
+++ b/assets/templates/partials/purchasedetails_form.html
@@ -1,22 +1,5 @@
 {% load widget_tweaks %}
 {% load asset_templatetags %}
-{% load static %}
-
-
-{% block css %}
-    <link rel="stylesheet" href="{% static "css/bootstrap-select.min.css" %}"/>
-    <link rel="stylesheet" href="{% static "css/ajax-bootstrap-select.css" %}"/>
-{% endblock %}
-
-{% block preload_js %}
-    <script src="{% static "js/bootstrap-select.js" %}"></script>
-    <script src="{% static "js/ajax-bootstrap-select.js" %}"></script>
-{% endblock %}
-
-{% block js %}
-    <script src="{% static "js/autocompleter.js" %}"></script>
-{% endblock %}
-
 <div class="panel panel-default">
  <div class="panel-heading">
    Purchase Details
@@ -24,12 +7,8 @@
  <div class="panel-body">
    {% if create or edit or duplicate %}
    <div class="form-group">
-      <label for="{{ form.purchased_from.id_for_label }}">Supplier</label>
-      <select id="{{ form.purchased_from.id_for_label }}" name="{{ form.purchased_from.name }}" class="form-control selectpicker" data-live-search="true" data-sourceurl="{% url 'api_secure' model='supplier' %}">
-        {% if object.purchased_from %}
-            <option value="{{form.purchased_from.value}}" selected="selected" data-update_url="{% url 'supplier_update' form.purchased_from.value %}">{{ object.purchased_from }}</option>
-        {% endif %}
-      </select>
+      <label for="{{ form.purchased_from.id_for_label }}">Purchased From</label>
+      {% include 'partials/supplier_picker.html' %}
    </div>

    <div class="form-group">
--- a/assets/templates/partials/supplier_picker.html
+++ b/assets/templates/partials/supplier_picker.html
@@ -0,0 +1,64 @@
+<select name="purchased_from" id="supplier_id" class="selectpicker">
+    {% if object.parent%}
+    <option value="{{object.parent.pk}}" selected>{{object.parent.name}}</option>
+    {% endif %}
+</select>
+
+{% load static %}
+{% block css %}
+    <link rel="stylesheet" href="{% static "css/bootstrap-select.min.css" %}"/>
+    <link rel="stylesheet" href="{% static "css/ajax-bootstrap-select.css" %}"/>
+{% endblock %}
+
+{% block preload_js %}
+    <script src="{% static "js/bootstrap-select.js" %}"></script>
+    <script src="{% static "js/ajax-bootstrap-select.js" %}"></script>
+{% endblock %}
+
+{% block js %}
+{{ js.super }}
+<script>
+$('#supplier_id')
+    .selectpicker({
+        liveSearch: true
+    })
+    .ajaxSelectPicker({
+        ajax: {
+            url: '{% url 'supplier_search_json'%}',
+            type: "get",
+            data: function () {
+                var params = {
+                    {% verbatim %}query: '{{{q}}}'{% endverbatim  %}
+                };
+                return params;
+            }
+        },
+        locale: {
+            emptyTitle: 'Search for supplier...'
+        },
+        preprocessData: function(data){
+            var suppliers = [];
+            if(data.length){
+                var len = data.length;
+                for(var i = 0; i < len; i++){
+                    var curr = data[i];
+                    suppliers.push(
+                        {
+                            'value': curr.id,
+                            'text': curr.name,
+                            'disabled': false
+                        }
+                    );
+                }
+                suppliers.push(
+                {
+                    'value': null,
+                    'text': "(no selection)"
+                });
+            }
+            return suppliers;
+        },
+        preserveSelected: false
+    });
+</script>
+{% endblock js %}
--- a/assets/templates/supplier_detail.html
+++ b/assets/templates/supplier_detail.html
@@ -1,73 +1,6 @@
 {% extends 'base_assets.html' %}
-{% block title %}Supplier | {{ object.name }}{% endblock %}
+{% block title %}Detail{% endblock %}

 {% block content %}
-<div class="row">
-        {% if not request.is_ajax %}
-            <div class="col-sm-12">
-                <h1>Supplier | {{ object.name }}</h1>
-            </div>
-
-            <div class="col-sm-12 text-right">
-                <div class="btn-group btn-page">
-                    <a href="{% url 'supplier_update' object.pk %}" class="btn btn-default"><span
-                        class="glyphicon glyphicon-pencil"></span> Edit</a>
-                </div>
-            </div>
-        {% endif %}
-        <div class="col-sm-6">
-            <div class="panel panel-info">
-                <div class="panel-heading">Supplier Details</div>
-                <div class="panel-body">
-                    <dl class="dl-horizontal">
-                        <dt>Name</dt>
-                        <dd>{{ object.name }}</dd>
-                    </dl>                        
-                </div>
-            </div>
-        </div>
-    </div>
-
-    <div class="row">
-        <div class="col-sm-12">
-            <div class="panel panel-default">
-                <div class="panel-heading">Associated Assets</div>
-                <div class="panel-body">
-                      <table class="table">
-                          <thead>
-                            <tr>
-                              <th>Asset ID</th>
-                              <th>Description</th>
-                              <th>Category</th>
-                              <th>Status</th>
-                              <th class="hidden-xs">Quick Links</th>
-                            </tr>
-                          </thead>
-                          <tbody id="asset_table_body">
-                            {% with object.assets.all as object_list %}
-                                {% include 'partials/asset_list_table_body.html' %}
-                            {% endwith %}
-                          </tbody>
-                       </table>
-                </div>
-            </div>
-        </div>
-    </div>
-
-
-    {% if not request.is_ajax %}
-        <div class="row">
-            <div class="col-sm-12 text-right">
-                <div class="btn-group btn-page">
-                    <a href="{% url 'supplier_update' object.pk %}" class="btn btn-default"><span
-                        class="glyphicon glyphicon-pencil"></span> Edit</a>
-                </div>
-                <div>
-                    <a href="{% url 'supplier_update' object.pk %}" title="View Revision History">
-                        Last edited {{ object.last_edited_at }} by {{ object.last_edited_by.name }}
-                    </a>
-                </div>
-            </div>
-        </div>
-    {% endif %}
+{{ object }}
 {% endblock %}
--- a/assets/templates/supplier_list.html
+++ b/assets/templates/supplier_list.html
@@ -30,8 +30,8 @@
    <tr>
      <td>{{ item.name }}</td>
      <td>
-        <a href="{% url 'supplier_detail' item.pk %}" class="btn btn-default"><i class="glyphicon glyphicon-eye-open"></i> View</a>
        <a href="{% url 'supplier_update' item.pk %}" class="btn btn-default"><i class="glyphicon glyphicon-edit"></i> Edit</a>
+        <a href="{% url 'supplier_history' item.pk %}" class="btn btn-default"><i class="glyphicon glyphicon-time"></i> History</a>
      </td>
    </tr>
    {% endfor %}
--- a/assets/urls.py
+++ b/assets/urls.py
@@ -3,34 +3,24 @@ from django.urls import path
 from assets import views, models
 from RIGS import versioning

-from django.contrib.auth.decorators import login_required
-from django.views.decorators.clickjacking import xframe_options_exempt
-from PyRIGS.decorators import has_oembed, permission_required_with_403
+from PyRIGS.decorators import permission_required_with_403

 urlpatterns = [
    path('', views.AssetList.as_view(), name='asset_index'),
    path('asset/list/', views.AssetList.as_view(), name='asset_list'),
-    # Lazy way to enable the oembed redirect...
-    path('asset/id/<str:pk>/', has_oembed(oembed_view="asset_oembed")(views.AssetDetail.as_view()), name='asset_detail'),
+    path('asset/id/<str:pk>/', views.AssetDetail.as_view(), name='asset_detail'),
    path('asset/create/', permission_required_with_403('assets.add_asset')
         (views.AssetCreate.as_view()), name='asset_create'),
    path('asset/id/<str:pk>/edit/', permission_required_with_403('assets.change_asset')
         (views.AssetEdit.as_view()), name='asset_update'),
    path('asset/id/<str:pk>/duplicate/', permission_required_with_403('assets.add_asset')
         (views.AssetDuplicate.as_view()), name='asset_duplicate'),
-    path('asset/id/<str:pk>/history/', permission_required_with_403('assets.view_asset')(views.AssetVersionHistory.as_view()),
+    path('asset/id/<str:pk>/history/', views.AssetVersionHistory.as_view(),
         name='asset_history', kwargs={'model': models.Asset}),
    path('activity', permission_required_with_403('assets.view_asset')
         (views.ActivityTable.as_view()), name='asset_activity_table'),

    path('asset/search/', views.AssetSearch.as_view(), name='asset_search_json'),
-    path('asset/id/<str:pk>/embed/',
-         xframe_options_exempt(
-                               login_required(login_url='/user/login/embed/')(views.AssetEmbed.as_view())),
-         name='asset_embed'),
-    path('asset/id/<str:pk>/oembed_json/',
-         views.AssetOembed.as_view(),
-         name='asset_oembed'),

    path('supplier/list', views.SupplierList.as_view(), name='supplier_list'),
    path('supplier/<int:pk>', views.SupplierDetail.as_view(), name='supplier_detail'),
--- a/assets/views.py
+++ b/assets/views.py
@@ -1,6 +1,5 @@
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.http import JsonResponse
-from django.http import HttpResponse
 from django.views import generic
 from django.views.decorators.csrf import csrf_exempt
 from django.utils.decorators import method_decorator
@@ -10,8 +9,6 @@ from django.shortcuts import get_object_or_404
 from assets import models, forms
 from RIGS import versioning

-import simplejson
-

@method_decorator(csrf_exempt, name='dispatch')
 class AssetList(LoginRequiredMixin, generic.ListView):
@@ -42,7 +39,7 @@ class AssetList(LoginRequiredMixin, generic.ListView):
            queryset = self.model.objects.all()
        elif len(query_string) >= 3:
            queryset = self.model.objects.filter(
-                Q(asset_id__exact=query_string) | Q(description__icontains=query_string) | Q(serial_number__exact=query_string))
+                Q(asset_id__exact=query_string) | Q(description__icontains=query_string))
        else:
            queryset = self.model.objects.filter(Q(asset_id__exact=query_string))

@@ -152,28 +149,6 @@ class AssetDuplicate(DuplicateMixin, AssetIDUrlMixin, AssetCreate):
        return context


-class AssetOembed(generic.View):
-    model = models.Asset
-
-    def get(self, request, pk=None):
-        embed_url = reverse('asset_embed', args=[pk])
-        full_url = "{0}://{1}{2}".format(request.scheme, request.META['HTTP_HOST'], embed_url)
-
-        data = {
-            'html': '<iframe src="{0}" frameborder="0" width="100%" height="250"></iframe>'.format(full_url),
-            'version': '1.0',
-            'type': 'rich',
-            'height': '250'
-        }
-
-        json = simplejson.JSONEncoderForHTML().encode(data)
-        return HttpResponse(json, content_type="application/json")
-
-
-class AssetEmbed(AssetDetail):
-    template_name = 'asset_embed.html'
-
-
 class SupplierList(generic.ListView):
    model = models.Supplier
    template_name = 'supplier_list.html'
@@ -238,9 +213,8 @@ class SupplierVersionHistory(versioning.VersionHistory):
    template_name = "asset_version_history.html"


+# TODO: Reduce SQL queries
 class AssetVersionHistory(versioning.VersionHistory):
-    template_name = "asset_version_history.html"
-
    def get_object(self, **kwargs):
        return get_object_or_404(models.Asset, asset_id=self.kwargs['pk'])

--- a/templates/base_assets.html
+++ b/templates/base_assets.html
@@ -1,16 +1,11 @@
 {% extends 'base.html' %}
-
-{% block extrahead %}
-<meta name="google" content="notranslate">
-{% endblock %}
-
 {% block titleheader %}
    <a class="nav navbar-brand navbar-left" href="/"><i class="glyphicon glyphicon-circle-arrow-left" style="vertical-align: middle !important;"></i> RIGS</a>
    <a class="nav navbar-brand" href="{% url 'asset_index' %}">Assets</a>
 {% endblock %}

 {% block titleelements %}
-    {# % if perms.assets.view_asset % #}
+    {% if perms.assets.view_asset %}
        <li class="dropdown">
            <a href="#" class="dropdown-toggle" data-toggle="dropdown">Assets<b class="caret"></b></a>
            <ul class="dropdown-menu">
@@ -20,19 +15,19 @@
                {% endif %}
            </ul>
        </li>
-    {# % endif % #}
-    {# % if perms.assets.view_supplier % #}
+    {% endif %}
+    {% if perms.assets.view_supplier %}
        <li class="dropdown">
            <a href="#" class="dropdown-toggle" data-toggle="dropdown"> Suppliers<b class="caret"></b></a>
            <ul class="dropdown-menu">
                <li><a href="{% url 'supplier_list' %}"><span class="glyphicon glyphicon-list"></span>
                    List Suppliers</a></li>
-                {% if perms.assets.add_supplier %}
+                {% if perms.assets.add_asset %}
                    <li><a href="{% url 'supplier_create' %}"><span class="glyphicon glyphicon-plus"></span> Create Supplier</a></li>
                {% endif %}
            </ul>
        </li>
-    {# % endif % #}
+    {% endif %}
    {% if perms.assets.view_asset %}
        <li><a href="{% url 'asset_activity_table' %}">Recent Changes</a></li>
    {% endif %}
Author	SHA1	Message	Date
Arona Jones	081a9eadfe	Merge branch 'master' into auth_fixes	2019-12-31 12:34:08 +00:00
FreneticScribbler	8e27dae895	FIX: Additionally fix datestamp on HTML client emails (#321 )	2019-11-26 20:10:20 +00:00
FreneticScribbler	22ef6b8e3a	FIX #321 : Authorisation Success emails dated 'None'	2019-11-26 18:18:49 +00:00