From 1085f5f99688463ff010e374256cf3f66110b01a Mon Sep 17 00:00:00 2001
From: Tom Teichler <tom.teichler@teckids.org>
Date: Thu, 10 Mar 2022 22:51:19 +0100
Subject: [PATCH] Add rules
---
aleksis/apps/tezor/rules.py | 76 +++++++++++++++++++++++++++++++++++++
aleksis/apps/tezor/views.py | 20 +++++-----
2 files changed, 86 insertions(+), 10 deletions(-)
create mode 100644 aleksis/apps/tezor/rules.py
diff --git a/aleksis/apps/tezor/rules.py b/aleksis/apps/tezor/rules.py
new file mode 100644
index 0000000..ebf8fd7
--- /dev/null
+++ b/aleksis/apps/tezor/rules.py
@@ -0,0 +1,76 @@
+import rules
+
+from .models.base import Client
+from .models.invoice import Invoice, InvoiceGroup
+
+# View clients
+view_clients_predicate = has_person & (
+ has_global_perm("tezor.view_client") | has_any_object("tezor.view_client", Client)
+)
+rules.add_perm("tezor.view_clients_rule", view_clients_predicate)
+
+# Edit clients
+edit_clients_predicate = has_person & (
+ has_global_perm("tezor.edit_client") | has_any_object("tezor.edit_client", Client)
+)
+rules.add_perm("tezor.edit_clients_rule", edit_clients_predicate)
+
+# Create clients
+create_clients_predicate = has_person & (
+ has_global_perm("tezor.create_client") | has_any_object("tezor.create_client", Client)
+)
+rules.add_perm("tezor.create_clients_rule", create_clients_predicate)
+
+# Delete clients
+delete_clients_predicate = has_person & (
+ has_global_perm("tezor.delete_client") | has_any_object("tezor.delete_client", Client)
+)
+rules.add_perm("tezor.delete_clients_rule", delete_clients_predicate)
+
+# View invoice groups
+view_invoice_groups_predicate = has_person & (
+ has_global_perm("tezor.view_invoice_group") | has_any_object("tezor.view_invoice_group", InvoiceGroup)
+)
+rules.add_perm("tezor.view_invoice_groups_rule", view_invoice_groups_predicate)
+
+# Edit invoice groups
+edit_invoice_groups_predicate = has_person & (
+ has_global_perm("tezor.edit_invoice_group") | has_any_object("tezor.edit_invoice_group", InvoiceGroup)
+)
+rules.add_perm("tezor.edit_invoice_groups_rule", edit_invoice_groups_predicate)
+
+# Create invoice groups
+create_invoice_groups_predicate = has_person & (
+ has_global_perm("tezor.create_invoice_group") | has_any_object("tezor.create_invoice_group", InvoiceGroup)
+)
+rules.add_perm("tezor.create_invoice_groups_rule", create_invoice_groups_predicate)
+
+# Delete invoice groups
+delete_invoice_groups_predicate = has_person & (
+ has_global_perm("tezor.delete_invoice_group") | has_any_object("tezor.delete_invoice_group", InvoiceGroup)
+)
+rules.add_perm("tezor.delete_invoice_groups_rule", delete_invoice_groups_predicate)
+
+# View invoices
+view_invoices_predicate = has_person & (
+ has_global_perm("tezor.view_invoice") | has_any_object("tezor.view_invoice", Invoice)
+)
+rules.add_perm("tezor.view_invoices_rule", view_invoices_predicate)
+
+# Edit invoices
+edit_invoices_predicate = has_person & (
+ has_global_perm("tezor.edit_invoice") | has_any_object("tezor.edit_invoice", Invoice)
+)
+rules.add_perm("tezor.edit_invoices_rule", edit_invoices_predicate)
+
+# Create invoices
+create_invoices_predicate = has_person & (
+ has_global_perm("tezor.create_invoice") | has_any_object("tezor.create_invoice", Invoice)
+)
+rules.add_perm("tezor.create_invoices_rule", create_invoices_predicate)
+
+# Delete invoices
+delete_invoices_predicate = has_person & (
+ has_global_perm("tezor.delete_invoice") | has_any_object("tezor.delete_invoice", Invoice)
+)
+rules.add_perm("tezor.delete_invoices_rule", delete_invoices_predicate)
diff --git a/aleksis/apps/tezor/views.py b/aleksis/apps/tezor/views.py
index 2793960..6e2d34c 100644
--- a/aleksis/apps/tezor/views.py
+++ b/aleksis/apps/tezor/views.py
@@ -37,7 +37,7 @@ class ClientListView(PermissionRequiredMixin, SingleTableView):
model = Client
table_class = ClientsTable
- permission_required = "tezor.view_clients"
+ permission_required = "tezor.view_clients_rule"
template_name = "tezor/client/list.html"
@@ -47,7 +47,7 @@ class ClientCreateView(PermissionRequiredMixin, AdvancedCreateView):
model = Client
form_class = EditClientForm
- permission_required = "tezor.add_clients"
+ permission_required = "tezor.create_clients_rule"
template_name = "tezor/client/create.html"
success_url = reverse_lazy("clients")
success_message = _("The client has been created.")
@@ -59,7 +59,7 @@ class ClientEditView(PermissionRequiredMixin, AdvancedEditView):
model = Client
form_class = EditClientForm
- permission_required = "tezor.edit_clients"
+ permission_required = "tezor.edit_clients_rule"
template_name = "tezor/client/edit.html"
success_url = reverse_lazy("clients")
success_message = _("The client has been saved.")
@@ -69,7 +69,7 @@ class ClientDeleteView(PermissionRequiredMixin, AdvancedDeleteView):
"""Delete view for client."""
model = Client
- permission_required = "tezor.delete_client"
+ permission_required = "tezor.delete_clients_rule"
template_name = "core/pages/delete.html"
success_url = reverse_lazy("clients")
success_message = _("The client has been deleted.")
@@ -78,7 +78,7 @@ class ClientDeleteView(PermissionRequiredMixin, AdvancedDeleteView):
class ClientDetailView(PermissionRequiredMixin, DetailView):
model = Client
- permission_required = "tezor.view_client"
+ permission_required = "tezor.view_clients_rule"
template_name = "tezor/client/full.html"
def get_context_data(self, object):
@@ -94,7 +94,7 @@ class ClientDetailView(PermissionRequiredMixin, DetailView):
class InvoiceGroupDetailView(PermissionRequiredMixin, DetailView):
model = InvoiceGroup
- permission_required = "tezor.view_invoice_group"
+ permission_required = "tezor.view_invoice_groups_rule"
template_name = "tezor/invoice_group/full.html"
def get_context_data(self, object):
@@ -114,7 +114,7 @@ class InvoiceGroupCreateView(PermissionRequiredMixin, AdvancedCreateView):
model = InvoiceGroup
form_class = EditInvoiceGroupForm
- permission_required = "tezor.add_invoice_groups"
+ permission_required = "tezor.create_invoice_groups_rule"
template_name = "tezor/invoice_group/create.html"
success_url = reverse_lazy("clients")
success_message = _("The invoice_group has been created.")
@@ -132,7 +132,7 @@ class InvoiceGroupEditView(PermissionRequiredMixin, AdvancedEditView):
model = InvoiceGroup
form_class = EditInvoiceGroupForm
- permission_required = "tezor.edit_invoice_groups"
+ permission_required = "tezor.edit_invoice_groups_rule"
template_name = "tezor/invoice_group/edit.html"
success_url = reverse_lazy("invoice_groups")
success_message = _("The invoice_group has been saved.")
@@ -142,7 +142,7 @@ class InvoiceGroupDeleteView(PermissionRequiredMixin, AdvancedDeleteView):
"""Delete view for invoice_group."""
model = InvoiceGroup
- permission_required = "tezor.delete_invoice_group"
+ permission_required = "tezor.delete_invoice_groups_rule"
template_name = "core/pages/delete.html"
success_url = reverse_lazy("invoice_groups")
success_message = _("The invoice_group has been deleted.")
@@ -151,5 +151,5 @@ class InvoiceGroupDeleteView(PermissionRequiredMixin, AdvancedDeleteView):
class InvoiceDetailView(PermissionRequiredMixin, DetailView):
model = Invoice
- permission_required = "tezor.view_invoice"
+ permission_required = "tezor.view_invoices_rule"
template_name = "tezor/invoice/full.html"
--
GitLab