phzhik/gault-millau
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'feature/permission' into 'develop'

Browse Source 
Feature/permission

See merge request gm/gm-backend!156
This commit is contained in:
d.kuzmenko 2019-11-25 14:07:00 +00:00
commit 357b3fdaa5
20 changed files with 278 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
apps/account/migrations/0020_role_site.py Normal file
View File

@ -0,0 +1,20 @@
# Generated by Django 2.2.7 on 2019-11-22 08:32
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
('main', '0037_sitesettings_old_id'),
('account', '0019_auto_20191108_0827'),
]
operations = [
migrations.AddField(
model_name='role',
name='site',
field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, to='main.SiteSettings', verbose_name='Site settings'),
),
]

6
apps/account/models.py
View File

@ -46,10 +46,8 @@ class Role(ProjectBaseMixin):
null=False, blank=False)
country = models.ForeignKey(Country, verbose_name=_('Country'),
null=True, blank=True, on_delete=models.SET_NULL)
# is_list = models.BooleanField(verbose_name=_('list'), default=True, null=False)
# is_create = models.BooleanField(verbose_name=_('create'), default=False, null=False)
# is_update = models.BooleanField(verbose_name=_('update'), default=False, null=False)
# is_delete = models.BooleanField(verbose_name=_('delete'), default=False, null=False)
site = models.ForeignKey(SiteSettings, verbose_name=_('Site settings'),
null=True, blank=True, on_delete=models.SET_NULL)
class UserManager(BaseUserManager):

20
apps/comment/migrations/0007_comment_site.py Normal file
View File

@ -0,0 +1,20 @@
# Generated by Django 2.2.7 on 2019-11-25 08:10
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
('main', '0037_sitesettings_old_id'),
('comment', '0006_comment_is_publish'),
]
operations = [
migrations.AddField(
model_name='comment',
name='site',
field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, to='main.SiteSettings', verbose_name='site'),
),
]

3
apps/comment/models.py
View File

@ -35,7 +35,8 @@ class Comment(ProjectBaseMixin):
user = models.ForeignKey('account.User', related_name='comments', on_delete=models.CASCADE, verbose_name=_('User'))
old_id = models.IntegerField(null=True, blank=True, default=None)
is_publish = models.BooleanField(default=False, verbose_name=_('Publish status'))
site = models.ForeignKey('main.SiteSettings', blank=True, null=True,
on_delete=models.SET_NULL, verbose_name=_('site'))
content_type = models.ForeignKey(generic.ContentType, on_delete=models.CASCADE)
object_id = models.PositiveIntegerField()
content_object = generic.GenericForeignKey('content_type', 'object_id')

19
apps/comment/tests.py
View File

@ -8,15 +8,20 @@ from account.models import Role, User, UserRole
from authorization.tests.tests_authorization import get_tokens_for_user
from comment.models import Comment
from utils.tests.tests_permissions import BasePermissionTests
from main.models import SiteSettings
class CommentModeratorPermissionTests(BasePermissionTests):
def setUp(self):
super().setUp()
self.site_ru, created = SiteSettings.objects.get_or_create(
subdomain='ru'
)
self.role = Role.objects.create(
role=2,
country=self.country_ru
site=self.site_ru
)
self.role.save()
@ -33,11 +38,12 @@ class CommentModeratorPermissionTests(BasePermissionTests):
self.content_type = ContentType.objects.get(app_label='location', model='country')
self.user_test = get_tokens_for_user()
self.comment = Comment.objects.create(text='Test comment', mark=1,
user=self.user_test["user"],
object_id=self.country_ru.pk,
content_type_id=self.content_type.id,
country=self.country_ru
site=self.site_ru
)
self.comment.save()
self.url = reverse('back:comment:comment-crud', kwargs={"id": self.comment.id})
@ -50,7 +56,7 @@ class CommentModeratorPermissionTests(BasePermissionTests):
"user": self.user_test["user"].id,
"object_id": self.country_ru.pk,
"content_type": self.content_type.id,
"country_id": self.country_ru.id
"site_id": self.site_ru.id
}
response = self.client.post(self.url, format='json', data=comment)
@ -61,7 +67,7 @@ class CommentModeratorPermissionTests(BasePermissionTests):
"user": self.moderator.id,
"object_id": self.country_ru.id,
"content_type": self.content_type.id,
"country_id": self.country_ru.id
"site_id": self.site_ru.id
}
tokens = User.create_jwt_tokens(self.moderator)
@ -83,8 +89,9 @@ class CommentModeratorPermissionTests(BasePermissionTests):
"text": "test text moderator",
"mark": 1,
"user": self.moderator.id,
"object_id": self.comment.country_id,
"content_type": self.content_type.id
"object_id": self.country_ru.id,
"content_type": self.content_type.id,
'site_id': self.site_ru.id
}
response = self.client.put(self.url, data=data, format='json')

6
apps/comment/views/back.py
View File

@ -8,13 +8,13 @@ class CommentLstView(generics.ListCreateAPIView):
"""Comment list create view."""
serializer_class = serializers.CommentBaseSerializer
queryset = models.Comment.objects.all()
permission_classes = [permissions.IsAuthenticatedOrReadOnly| IsCommentModerator|IsCountryAdmin]
# permission_classes = [permissions.IsAuthenticatedOrReadOnly| IsCommentModerator|IsCountryAdmin]
class CommentRUDView(generics.RetrieveUpdateDestroyAPIView):
"""Comment RUD view."""
serializer_class = serializers.CommentBaseSerializer
queryset = models.Comment.objects.all()
permission_classes = [IsCountryAdmin | IsCommentModerator]
permission_classes = [IsCommentModerator]
# permission_classes = [IsCountryAdmin | IsCommentModerator]
lookup_field = 'id'

52
apps/establishment/tests.py
View File

@ -10,6 +10,8 @@ from translation.models import Language
from account.models import Role, UserRole
from location.models import Country, Address, City, Region
from pytz import timezone as py_tz
from main.models import SiteSettings
from timetable.models import Timetable
class BaseTestCase(APITestCase):
@ -278,13 +280,13 @@ class PlateTests(ChildTestCase):
self.assertEqual(response.status_code, status.HTTP_200_OK)
menu = Menu.objects.create(
category=json.dumps({"en-GB": "Test category"}),
category=json.dumps({"ru-RU": "Test category"}),
establishment=self.establishment
)
currency = Currency.objects.create(name="Test currency")
data = {
'name': json.dumps({"en-GB": "Test plate"}),
'name': json.dumps({"ru-RU": "Test plate"}),
'establishment': self.establishment.id,
'price': 10,
'menu': menu.id,
@ -298,7 +300,7 @@ class PlateTests(ChildTestCase):
self.assertEqual(response.status_code, status.HTTP_200_OK)
update_data = {
'name': json.dumps({"en-GB": "Test new plate"})
'name': json.dumps({"ru-RU": "Test new plate"})
}
response = self.client.patch('/api/back/establishments/plates/1/', data=update_data)
@ -314,7 +316,7 @@ class MenuTests(ChildTestCase):
self.assertEqual(response.status_code, status.HTTP_200_OK)
data = {
'category': json.dumps({"en-GB": "Test category"}),
'category': json.dumps({"ru-RU": "Test category"}),
'establishment': self.establishment.id
}
@ -325,7 +327,7 @@ class MenuTests(ChildTestCase):
self.assertEqual(response.status_code, status.HTTP_200_OK)
update_data = {
'category': json.dumps({"en-GB": "Test new category"})
'category': json.dumps({"ru-RU": "Test new category"})
}
response = self.client.patch('/api/back/establishments/menus/1/', data=update_data)
@ -336,24 +338,56 @@ class MenuTests(ChildTestCase):
class EstablishmentShedulerTests(ChildTestCase):
def test_shedule_CRUD(self):
def setUp(self):
super().setUp()
self.lang, created = Language.objects.get_or_create(
title='Russia',
locale='ru-RU'
)
self.country_ru, created = Country.objects.get_or_create(
name={"en-GB": "Russian"}
)
self.site_ru, created = SiteSettings.objects.get_or_create(
subdomain='ru'
)
role, created = Role.objects.get_or_create(
role=Role.ESTABLISHMENT_MANAGER,
country_id=self.country_ru.id,
site_id=self.site_ru.id
)
user_role, created = UserRole.objects.get_or_create(
user=self.user,
role=role,
establishment_id=self.establishment.id
)
user_role.save()
def test_schedule_CRUD(self):
data = {
'weekday': 1
}
response = self.client.post(f'/api/back/establishments/{self.establishment.id}/schedule/', data=data)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
schedule = response.data
response = self.client.get(f'/api/back/establishments/{self.establishment.id}/schedule/1/')
response = self.client.get(f'/api/back/establishments/{self.establishment.id}/schedule/{schedule["id"]}/')
self.assertEqual(response.status_code, status.HTTP_200_OK)
update_data = {
'weekday': 2
}
response = self.client.patch(f'/api/back/establishments/{self.establishment.id}/schedule/1/', data=update_data)
response = self.client.patch(f'/api/back/establishments/{self.establishment.id}/schedule/{schedule["id"]}/',
data=update_data)
self.assertEqual(response.status_code, status.HTTP_200_OK)
response = self.client.delete(f'/api/back/establishments/{self.establishment.id}/schedule/1/')
response = self.client.delete(f'/api/back/establishments/{self.establishment.id}/schedule/{schedule["id"]}/')
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)

6
apps/location/tests.py
View File

@ -25,12 +25,12 @@ class BaseTestCase(APITestCase):
{'access_token': tokens.get('access_token'),
'refresh_token': tokens.get('refresh_token')})
self.lang = Language.objects.get(
self.lang, created = Language.objects.get_or_create(
title='Russia',
locale='ru-RU'
)
self.country_ru = Country.objects.get(
self.country_ru, created = Country.objects.get_or_create(
name={"en-GB": "Russian"}
)
@ -72,7 +72,7 @@ class CountryTests(BaseTestCase):
self.assertEqual(response.status_code, status.HTTP_200_OK)
update_data = {
'name': json.dumps({"en-GB": "Test new country"})
'name': json.dumps({"ru-RU": "Test new country"})
}
response = self.client.patch(f'/api/back/location/countries/{response_data["id"]}/', data=update_data)

20
apps/news/migrations/0036_news_site.py Normal file
View File

@ -0,0 +1,20 @@
# Generated by Django 2.2.7 on 2019-11-22 09:12
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
('main', '0037_sitesettings_old_id'),
('news', '0035_news_views_count'),
]
operations = [
migrations.AddField(
model_name='news',
name='site',
field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, to='main.SiteSettings', verbose_name='site settings'),
),
]

3
apps/news/models.py
View File

@ -204,7 +204,8 @@ class News(GalleryModelMixin, BaseAttributes, TranslatedFieldsMixin, HasTagsMixi
banner = models.ForeignKey('news.NewsBanner', blank=True, null=True,
on_delete=models.SET_NULL,
verbose_name=_('banner'))
site = models.ForeignKey('main.SiteSettings', blank=True, null=True,
on_delete=models.SET_NULL, verbose_name=_('site settings'))
objects = NewsQuerySet.as_manager()
class Meta:

6
apps/news/serializers.py
View File

@ -5,6 +5,7 @@ from rest_framework.fields import SerializerMethodField
from account.serializers.common import UserBaseSerializer
from gallery.models import Image
from main.models import SiteSettings
from location import models as location_models
from location.serializers import CountrySimpleSerializer, AddressBaseSerializer
from news import models
@ -80,7 +81,6 @@ class NewsBaseSerializer(ProjectModelSerializer):
'news_type',
'tags',
'slug',
'in_favorites',
'view_counter',
)
@ -184,6 +184,9 @@ class NewsBackOfficeDetailSerializer(NewsBackOfficeBaseSerializer,
country_id = serializers.PrimaryKeyRelatedField(
source='country', write_only=True,
queryset=location_models.Country.objects.all())
site_id = serializers.PrimaryKeyRelatedField(
source='site', write_only=True,
queryset=SiteSettings.objects.all())
template_display = serializers.CharField(source='get_template_display',
read_only=True)
@ -195,6 +198,7 @@ class NewsBackOfficeDetailSerializer(NewsBackOfficeBaseSerializer,
'description',
'news_type_id',
'country_id',
'site_id',
'template',
'template_display',
)

28
apps/news/tests.py
View File

@ -5,6 +5,7 @@ from rest_framework.test import APITestCase
from rest_framework import status
from datetime import datetime, timedelta
from main.models import SiteSettings
from news.models import NewsType, News
from account.models import User, Role, UserRole
from translation.models import Language
@ -30,18 +31,23 @@ class BaseTestCase(APITestCase):
'refresh_token': tokens.get('refresh_token')})
self.test_news_type = NewsType.objects.create(name="Test news type")
self.lang = Language.objects.create(
self.lang, created = Language.objects.get_or_create(
title='Russia',
locale='ru-RU'
)
self.country_ru = Country.objects.create(
self.country_ru, created = Country.objects.get_or_create(
name={"en-GB": "Russian"}
)
self.site_ru, created = SiteSettings.objects.get_or_create(
subdomain='ru'
)
role = Role.objects.create(
role=Role.CONTENT_PAGE_MANAGER,
country=self.country_ru
site_id=self.site_ru.id
)
role.save()
@ -51,16 +57,18 @@ class BaseTestCase(APITestCase):
)
user_role.save()
self.test_news = News.objects.create(
created_by=self.user, modified_by=self.user,
title={"en-GB": "Test news"},
title={"ru-RU": "Test news"},
news_type=self.test_news_type,
description={"en-GB": "Description test news"},
description={"ru-RU": "Description test news"},
start=datetime.now() + timedelta(hours=-2),
end=datetime.now() + timedelta(hours=2),
state=News.PUBLISHED,
slug='test-news-slug',
country=self.country_ru,
site=self.site_ru
)
@ -70,14 +78,15 @@ class NewsTestCase(BaseTestCase):
def test_news_post(self):
test_news = {
"title": {"en-GB": "Test news POST"},
"title": {"ru-RU": "Test news POST"},
"news_type_id": self.test_news_type.id,
"description": {"en-GB": "Description test news"},
"description": {"ru-RU": "Description test news"},
"start": datetime.now() + timedelta(hours=-2),
"end": datetime.now() + timedelta(hours=2),
"state": News.PUBLISHED,
"slug": 'test-news-slug_post',
"country_id": self.country_ru.id,
"site_id": self.site_ru.id
}
url = reverse("back:news:list-create")
@ -107,11 +116,12 @@ class NewsTestCase(BaseTestCase):
url = reverse('back:news:retrieve-update-destroy', kwargs={'pk': self.test_news.id})
data = {
'id': self.test_news.id,
'description': {"en-GB": "Description test news!"},
'description': {"ru-RU": "Description test news!"},
'slug': self.test_news.slug,
'start': self.test_news.start,
'news_type_id': self.test_news.news_type_id,
'country_id': self.country_ru.id
'country_id': self.country_ru.id,
"site_id": self.site_ru.id
}
response = self.client.put(url, data=data, format='json')

1
apps/news/views.py
View File

@ -84,6 +84,7 @@ class NewsBackOfficeLCView(NewsBackOfficeMixinView,
serializer_class = serializers.NewsBackOfficeBaseSerializer
filter_class = filters.NewsListFilterSet
create_serializers_class = serializers.NewsBackOfficeDetailSerializer
permission_classes = [IsCountryAdmin | IsContentPageManager]
def get_serializer_class(self):

1
apps/partner/serializers/back.py
View File

@ -13,6 +13,7 @@ class BackPartnerSerializer(serializers.ModelSerializer):
'url',
'image',
'establishment',
'establishment_id',
'type',
'starting_date',
'expiry_date',

3
apps/timetable/serialziers.py
View File

@ -20,6 +20,8 @@ class ScheduleRUDSerializer(serializers.ModelSerializer):
dinner_end = serializers.TimeField(required=False)
opening_at = serializers.TimeField(required=False)
closed_at = serializers.TimeField(required=False)
# For permission!!
establishment_id = serializers.ReadOnlyField(source='establishment.id')
class Meta:
"""Meta class."""
@ -34,6 +36,7 @@ class ScheduleRUDSerializer(serializers.ModelSerializer):
'dinner_end',
'opening_at',
'closed_at',
'establishment_id'
]
def validate(self, attrs):

4
apps/utils/models.py
View File

@ -36,10 +36,6 @@ class ProjectBaseMixin(models.Model):
abstract = True
def valid(value):
print("Run")
class TJSONField(JSONField):
"""Overrided JsonField."""

176
apps/utils/permissions.py
View File

@ -100,7 +100,10 @@ class IsStandardUser(IsGuest):
if hasattr(obj, 'user'):
rules = [
obj.user == request.user and obj.user.email_confirmed,
obj.user == request.user
and obj.user.email_confirmed
and request.user.is_authenticated,
super().has_object_permission(request, view, obj)
]
@ -117,31 +120,50 @@ class IsContentPageManager(IsStandardUser):
rules = [
super().has_permission(request, view)
]
# and request.user.email_confirmed,
if hasattr(request, 'user'):
role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
country_id=request.country_id) \
.first() # 'Comments moderator'
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
# and obj.user != request.user,
super().has_permission(request, view)
]
if hasattr(request, 'user'):
if hasattr(request.data, 'site_id'):
role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
site_id=request.data.site_id,) \
.first()
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_permission(request, view)
]
elif hasattr(request.data, 'country_id'):
role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
country_id=request.data.country_id) \
.first()
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_permission(request, view)
]
return any(rules)
def has_object_permission(self, request, view, obj):
# Read permissions are allowed to any request.
if hasattr(obj, 'site_id'):
role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
site_id=obj.site_id) \
.first()
role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
country_id=obj.country_id) \
.first() # 'Comments moderator'
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_object_permission(request, view, obj)
]
elif hasattr(obj, 'country_id'):
role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
country_id=obj.country_id) \
.first()
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_object_permission(request, view, obj)
]
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
# and obj.user != request.user,
super().has_object_permission(request, view, obj)
]
return any(rules)
@ -150,36 +172,55 @@ class IsCountryAdmin(IsStandardUser):
Object-level permission to only allow owners of an object to edit it.
Assumes the model instance has an `owner` attribute.
"""
def has_permission(self, request, view):
rules = [
super().has_permission(request, view)
]
# and request.user.email_confirmed,
if hasattr(request.data, 'user') and hasattr(request.data, 'country_id'):
# Read permissions are allowed to any request.
if hasattr(request.data, 'user'):
if hasattr(request.data, 'site_id'):
# Read permissions are allowed to any request.
role = Role.objects.filter(role=Role.COUNTRY_ADMIN,
site_id=request.data.site_id) \
.first()
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_permission(request, view)
]
elif hasattr(request.data, 'country_id'):
role = Role.objects.filter(role=Role.COUNTRY_ADMIN,
country_id=request.data.country_id) \
.first() # 'Comments moderator'
.first()
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_permission(request, view)
]
]
return any(rules)
def has_object_permission(self, request, view, obj):
# Read permissions are allowed to any request.
role = Role.objects.filter(role=Role.COUNTRY_ADMIN,
country_id=obj.country_id) \
.first() # 'Comments moderator'
if hasattr(obj, 'site_id'):
role = Role.objects.filter(role=Role.COUNTRY_ADMIN,
site_id=obj.site_id) \
.first()
rules = [
super().has_object_permission(request, view, obj)
]
elif hasattr(obj, 'country_id'):
role = Role.objects.filter(role=Role.COUNTRY_ADMIN,
country_id=obj.country_id) \
.first()
rules = [
super().has_object_permission(request, view, obj)
]
rules = [
super().has_object_permission(request, view, obj)
]
# and request.user.email_confirmed,
if hasattr(request, 'user') and request.user.is_authenticated:
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
@ -206,13 +247,12 @@ class IsCommentModerator(IsStandardUser):
super().has_permission(request, view)
]
# and request.user.email_confirmed,
if hasattr(request.data, 'user') and hasattr(request.data, 'country_id'):
if any(rules) and hasattr(request.data, 'site_id'):
# Read permissions are allowed to any request.
role = Role.objects.filter(role=Role.COMMENTS_MODERATOR,
country_id=request.data.country_id) \
.first() # 'Comments moderator'
site_id=request.data.site_id) \
.first()
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
@ -222,16 +262,22 @@ class IsCommentModerator(IsStandardUser):
return any(rules)
def has_object_permission(self, request, view, obj):
# Read permissions are allowed to any request.
role = Role.objects.filter(role=Role.COMMENTS_MODERATOR,
country_id=obj.country_id) \
.first() # 'Comments moderator'
rules = [
UserRole.objects.filter(user=request.user, role=role).exists() and
obj.user != request.user,
super().has_object_permission(request, view, obj)
]
if request.user.is_authenticated:
role = Role.objects.filter(role=Role.COMMENTS_MODERATOR,
site_id=obj.site_id) \
.first() # 'Comments moderator'
rules = [
UserRole.objects.filter(user=request.user, role=role).exists() and
obj.user != request.user,
super().has_object_permission(request, view, obj)
]
return any(rules)
@ -242,30 +288,40 @@ class IsEstablishmentManager(IsStandardUser):
super().has_permission(request, view)
]
# and request.user.email_confirmed,
if hasattr(request.data, 'user') and hasattr(request.data, 'establishment_id'):
role = Role.objects.filter(role=Role.ESTABLISHMENT_MANAGER) \
.first() # 'Comments moderator'
if hasattr(request.data, 'user'):
if hasattr(request.data, 'establishment_id'):
role = Role.objects.filter(role=Role.ESTABLISHMENT_MANAGER) \
.first()
rules = [
UserRole.objects.filter(user=request.user, role=role,
establishment_id=request.data.establishment_id
).exists(),
super().has_permission(request, view)
]
rules = [
UserRole.objects.filter(user=request.user, role=role,
establishment_id=request.data.establishment_id
).exists(),
super().has_permission(request, view)
]
return any(rules)
def has_object_permission(self, request, view, obj):
role = Role.objects.filter(role=Role.ESTABLISHMENT_MANAGER) \
.first() # 'Comments moderator'
rules = [
UserRole.objects.filter(user=request.user, role=role,
establishment_id=obj.establishment_id
).exists(),
super().has_object_permission(request, view, obj)
# special!
super().has_permission(request, view)
# super().has_object_permission(request, view, obj)
]
role = Role.objects.filter(role=Role.ESTABLISHMENT_MANAGER) \
.first()
if hasattr(obj, 'establishment_id'):
rules = [
UserRole.objects.filter(user=request.user, role=role,
establishment_id=obj.establishment_id
).exists(),
# special!
super().has_permission(request, view)
# super().has_object_permission(request, view, obj)
]
return any(rules)
@ -277,13 +333,13 @@ class IsReviewerManager(IsStandardUser):
]
# and request.user.email_confirmed,
if hasattr(request.data, 'user') and hasattr(request.data, 'country_id'):
if hasattr(request.data, 'user') and hasattr(request.data, 'site_id'):
role = Role.objects.filter(role=Role.REVIEWER_MANGER) \
.first() # 'Comments moderator'
.first()
rules = [
UserRole.objects.filter(user=request.user, role=role,
establishment_id=request.data.country_id
establishment_id=request.data.site_id
).exists(),
super().has_permission(request, view)
]

6
apps/utils/tests/tests_permissions.py
View File

@ -5,15 +5,13 @@ from translation.models import Language
class BasePermissionTests(APITestCase):
def setUp(self):
self.lang = Language.objects.get(
self.lang, created = Language.objects.get_or_create(
title='Russia',
locale='ru-RU'
)
self.lang.save()
self.country_ru = Country.objects.get(
self.country_ru, created = Country.objects.get_or_create(
name={"en-GB": "Russian"}
)
self.country_ru.save()

3
apps/utils/tests/tests_translated.py
View File

@ -40,8 +40,7 @@ class TranslateFieldTests(BaseTestCase):
self.news_type = NewsType.objects.create(name="Test news type")
self.news_type.save()
self.country_ru = Country.objects.get(
self.country_ru, created = Country.objects.get_or_create(
name={"en-GB": "Russian"}
)

3
project/settings/local.py
View File

@ -30,7 +30,7 @@ MEDIA_ROOT = os.path.join(PUBLIC_ROOT, MEDIA_LOCATION)
THUMBNAIL_DEBUG = True
# ADDED TRANSFER APP
INSTALLED_APPS.append('transfer.apps.TransferConfig')
# INSTALLED_APPS.append('transfer.apps.TransferConfig')
# DATABASES
DATABASES.update({
@ -93,6 +93,7 @@ ELASTICSEARCH_INDEX_NAMES = {
'search_indexes.documents.establishment': 'local_establishment',
'search_indexes.documents.product': 'local_product',
}
ELASTICSEARCH_DSL_AUTOSYNC = False
TESTING = sys.argv[1:2] == ['test']
if TESTING: