diff --git a/apps/account/migrations/0026_auto_20191210_1553.py b/apps/account/migrations/0026_auto_20191210_1553.py new file mode 100644 index 00000000..f6186bc4 --- /dev/null +++ b/apps/account/migrations/0026_auto_20191210_1553.py @@ -0,0 +1,18 @@ +# Generated by Django 2.2.7 on 2019-12-10 15:53 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('account', '0025_auto_20191210_0623'), + ] + + operations = [ + migrations.AlterField( + model_name='role', + name='role', + field=models.PositiveIntegerField(choices=[(1, 'Standard user'), (2, 'Comments moderator'), (3, 'Country admin'), (4, 'Content page manager'), (5, 'Establishment manager'), (6, 'Reviewer manager'), (7, 'Restaurant reviewer'), (8, 'Sales man'), (9, 'Winery reviewer'), (10, 'Seller'), (11, 'Liquor reviewer'), (12, 'Product reviewer')], verbose_name='Role'), + ), + ] diff --git a/apps/account/models.py b/apps/account/models.py index 280260df..8ad3dcb0 100644 --- a/apps/account/models.py +++ b/apps/account/models.py @@ -37,7 +37,7 @@ class Role(ProjectBaseMixin): WINERY_REVIEWER = 9 # Establishments subtype "winery" SELLER = 10 LIQUOR_REVIEWER = 11 - + PRODUCT_REVIEWER = 12 ROLE_CHOICES = ( (STANDARD_USER, 'Standard user'), @@ -50,7 +50,8 @@ class Role(ProjectBaseMixin): (SALES_MAN, 'Sales man'), (WINERY_REVIEWER, 'Winery reviewer'), (SELLER, 'Seller'), - (LIQUOR_REVIEWER, 'Liquor reviewer') + (LIQUOR_REVIEWER, 'Liquor reviewer'), + (PRODUCT_REVIEWER, 'Product reviewer'), ) role = models.PositiveIntegerField(verbose_name=_('Role'), choices=ROLE_CHOICES, null=False, blank=False) diff --git a/apps/product/views/back.py b/apps/product/views/back.py index 836f9d36..539898a4 100644 --- a/apps/product/views/back.py +++ b/apps/product/views/back.py @@ -7,7 +7,7 @@ from product import serializers, models from product.views import ProductBaseView from utils.serializers import ImageBaseSerializer from utils.views import CreateDestroyGalleryViewMixin -from utils.permissions import IsLiquorReviewer +from utils.permissions import IsLiquorReviewer, IsProductReviewer class ProductBackOfficeMixinView(ProductBaseView): @@ -92,14 +92,14 @@ class ProductDetailBackOfficeView(ProductBackOfficeMixinView, generics.RetrieveUpdateDestroyAPIView): """Product back-office R/U/D view.""" serializer_class = serializers.ProductBackOfficeDetailSerializer - permission_classes = [IsLiquorReviewer] + permission_classes = [IsLiquorReviewer | IsProductReviewer] class ProductListCreateBackOfficeView(BackOfficeListCreateMixin, ProductBackOfficeMixinView, generics.ListCreateAPIView): """Product back-office list-create view.""" serializer_class = serializers.ProductBackOfficeDetailSerializer - permission_classes = [IsLiquorReviewer] + permission_classes = [IsLiquorReviewer | IsProductReviewer] class ProductTypeListCreateBackOfficeView(BackOfficeListCreateMixin, diff --git a/apps/utils/permissions.py b/apps/utils/permissions.py index 1f30a4c6..e08b25f4 100644 --- a/apps/utils/permissions.py +++ b/apps/utils/permissions.py @@ -441,6 +441,94 @@ class IsWineryReviewer(IsStandardUser): return any(rules) +class IsWineryReviewer(IsStandardUser): + + def has_permission(self, request, view): + rules = [ + super().has_permission(request, view) + ] + + if 'type_id' in request.data and 'address_id' in request.data and request.user: + countries = Address.objects.filter(id=request.data['address_id']) + + est = EstablishmentSubType.objects.filter(establishment_type_id=request.data['type_id']) + if est.exists(): + role = Role.objects.filter(establishment_subtype_id__in=[type.id for type in est], + role=Role.WINERY_REVIEWER, + country_id__in=[country.id for country in countries]) \ + .first() + + rules.append( + UserRole.objects.filter(user=request.user, role=role).exists() + ) + + return any(rules) + + def has_object_permission(self, request, view, obj): + rules = [ + super().has_object_permission(request, view, obj) + ] + + if hasattr(obj, 'type_id') or hasattr(obj, 'establishment_type_id'): + type_id: int + if hasattr(obj, 'type_id'): + type_id = obj.type_id + else: + type_id = obj.establishment_type_id + + est = EstablishmentSubType.objects.filter(establishment_type_id=type_id) + role = Role.objects.filter(role=Role.WINERY_REVIEWER, + establishment_subtype_id__in=[id for type.id in est], + country_id=obj.country_id).first() + + object_id: int + if hasattr(obj, 'object_id'): + object_id = obj.object_id + else: + object_id = obj.establishment_id + + rules = [ + UserRole.objects.filter(user=request.user, role=role, + establishment_id=object_id + ).exists(), + super().has_object_permission(request, view, obj) + ] + return any(rules) + + +class IsProductReviewer(IsStandardUser): + + def has_permission(self, request, view): + rules = [ + super().has_permission(request, view) + ] + + pk_object = None + roles = None + permission = False + + if 'site_id' in request.data: + if request.data['site_id'] is not None: + roles = Role.objects.filter(role=Role.PRODUCT_REVIEWER, + site_id=request.data['site_id']) + + if 'pk' in view.kwargs: + pk_object = view.kwargs['pk'] + + if pk_object is not None: + product = Product.objects.get(pk=pk_object) + if product.site_id is not None: + roles = Role.objects.filter(role=Role.PRODUCT_REVIEWER, + site_id=product.site_id) + + if roles is not None: + permission = UserRole.objects.filter(user=request.user, role__in=[role for role in roles])\ + .exists() + + rules.append(permission) + return any(rules) + + class IsLiquorReviewer(IsStandardUser): def has_permission(self, request, view): rules = [