From 9ddf1db2a3c4d6e658bc88e84adc63b75eb8c257 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=9A=D1=83=D0=BB=D0=B0=D0=BA=D0=BE=D0=B2=20=D0=AE=D1=80?= =?UTF-8?q?=D0=B8=D0=B9?= Date: Thu, 4 Mar 2021 20:45:55 +0300 Subject: [PATCH] Fixed bug with permissions --- access_controller/urls.py | 6 +----- main/views.py | 24 +++++++++++++++--------- 2 files changed, 16 insertions(+), 14 deletions(-) diff --git a/access_controller/urls.py b/access_controller/urls.py index 45d815b..3595e4f 100644 --- a/access_controller/urls.py +++ b/access_controller/urls.py @@ -14,13 +14,9 @@ Including another URLconf 2. Add a URL to urlpatterns: path('blog/', include('blog.urls')) """ from django.contrib import admin -from django.contrib.auth.forms import AuthenticationForm -from django.contrib.auth.views import LoginView from django.contrib.auth import views as auth_views from django.urls import path, include -from access_controller import settings -from access_controller.settings import DEBUG -from main.views import main_page, profile_page, CustomRegistrationView, work_page, work_hand_over, work_become_engineer, AdminPageView +from main.views import work_page, work_hand_over, work_become_engineer, AdminPageView from main.views import main_page, profile_page, CustomRegistrationView, CustomLoginView diff --git a/main/views.py b/main/views.py index 5c5ed12..7486d69 100644 --- a/main/views.py +++ b/main/views.py @@ -27,6 +27,13 @@ from access_controller.settings import ZENDESK_ROLES from zenpy.lib.api_objects import User as ZenpyUser +content_type_temp = ContentType.objects.get_for_model(UserProfile) +permission_temp, created = Permission.objects.get_or_create( + codename='has_control_access', + content_type=content_type_temp, +) + + class CustomRegistrationView(RegistrationView): """ Отображение и логика работы страницы регистрации пользователя @@ -74,13 +81,12 @@ class CustomRegistrationView(RegistrationView): """ Дает разрешение на просмотр страница администратора, если пользователь имеет роль admin """ - - content_type = ContentType.objects.get_for_model(UserProfile) - permission, created = Permission.objects.get_or_create( - codename='has_control_access', - content_type=content_type, - ) if user.userprofile.role == 'admin': + content_type = ContentType.objects.get_for_model(UserProfile) + permission = Permission.objects.get( + codename='has_control_access', + content_type=content_type, + ) user.user_permissions.add(permission) def get_success_url(self, user: User = None) -> success_url: @@ -167,7 +173,7 @@ def main_page(request): return render(request, 'pages/index.html') -class AdminPageView(FormView, LoginRequiredMixin, PermissionRequiredMixin): +class AdminPageView(LoginRequiredMixin, PermissionRequiredMixin, FormView): permission_required = 'main.has_control_access' template_name = 'pages/adm_ruleset.html' form_class = AdminPageUsers @@ -192,7 +198,7 @@ class AdminPageView(FormView, LoginRequiredMixin, PermissionRequiredMixin): [make_light_agent(user) for user in users] @staticmethod - def count_users(users: User) -> int: #.. todolist:: :this func counts users from all zendesk instead of just from a model: + def count_users(users) -> tuple: #.. todolist:: :this func counts users from all zendesk instead of just from a model: """ Функция подсчета количества сотрудников с ролями engineer и light_a """ @@ -204,7 +210,7 @@ class AdminPageView(FormView, LoginRequiredMixin, PermissionRequiredMixin): light_agents += 1 return engineers, light_agents - def get_context_data(self, **kwargs) -> list: + def get_context_data(self, **kwargs) -> dict: """ Функция формирования контента страницы администратора (с проверкой прав доступа) """