From 0b5d42c77a1c8615175d07b0e78f7c0e194368f5 Mon Sep 17 00:00:00 2001 From: Horilla Date: Thu, 9 Jan 2025 10:30:13 +0530 Subject: [PATCH] [UPDT] PMS: Anonymous feedback CRUD permissions updated --- pms/templates/feedback/feedback_list.html | 86 +++++------------------ pms/templatetags/pmsfilters.py | 12 +++- pms/views.py | 52 +++++++++----- 3 files changed, 63 insertions(+), 87 deletions(-) diff --git a/pms/templates/feedback/feedback_list.html b/pms/templates/feedback/feedback_list.html index 33a23d0dd..6f9cb82f9 100644 --- a/pms/templates/feedback/feedback_list.html +++ b/pms/templates/feedback/feedback_list.html @@ -1,5 +1,5 @@ {% load i18n %} -{% load basefilters %} +{% load basefilters pmsfilters %} {% load mathfilters %} {% load static %} {% if messages %} @@ -560,9 +560,9 @@
{% for feedback in anonymous_feedback %} - {% if request.GET.archive == "true" %} - {% if feedback.archive %} -
+
@@ -596,7 +596,12 @@
- + {% if perms.pms.change_anonymousfeedback or request.user|is_anonymous_feedback_owner:feedback %} + +
{% if feedback.archive == True %}
+ {% else %} + + + {% endif %} {% if perms.pms.delete_feedback %}
{% csrf_token %} @@ -615,71 +628,10 @@
{% endif %} +
- {% endif %} - {% else %} - {% if feedback.archive == False %} -
-
- -
- -
-
-
- {{feedback.feedback_subject}} -
-
- {% trans "Based on" %} : - {% if feedback.based_on == "employee" %} - {{feedback.employee_id}} - {% elif feedback.based_on == "department" %} - {{feedback.department_id}} - {% elif feedback.based_on == "job_position" %} - {{feedback.job_position_id}} - {% else %} - {{feedback.get_based_on_display}} - {% endif %} -
-
- {{feedback.created_at}} -
-
-
- -
- {% if feedback.archive == True %} - -
- {% if perms.pms.delete_feedback %} -
- {% csrf_token %} - -
- {% endif %} -
-
-
- {% endif %} - {% endif %} - {% endfor%}
diff --git a/pms/templatetags/pmsfilters.py b/pms/templatetags/pmsfilters.py index 5a8209a68..967ab3a66 100644 --- a/pms/templatetags/pmsfilters.py +++ b/pms/templatetags/pmsfilters.py @@ -17,7 +17,7 @@ Filters: from django.template.defaultfilters import register from employee.models import Employee, EmployeeWorkInformation -from pms.models import EmployeeObjective, Feedback, Objective +from pms.models import AnonymousFeedback, EmployeeObjective, Feedback, Objective @register.filter(name="replace") @@ -114,3 +114,13 @@ def is_feedback_answer(feedback, user): elif Feedback.objects.filter(id=feedback.id, subordinate_id=employee).exists(): return True return False + + +@register.filter(name="is_anonymous_feedback_owner") +def is_anonymous_feedback_owner(user, feedback): + """ + This method will return true, if the user is owner of the feedback + """ + if str(user.id) == feedback.anonymous_feedback_id: + return True + return False diff --git a/pms/views.py b/pms/views.py index 97e098aa7..d06dfb4ac 100644 --- a/pms/views.py +++ b/pms/views.py @@ -3011,17 +3011,24 @@ def edit_anonymous_feedback(request, obj_id): Renders the 'anonymous/anonymous_feedback_form.html' template with the feedback form pre-filled with existing data. """ feedback = AnonymousFeedback.objects.get(id=obj_id) - form = AnonymousFeedbackForm(instance=feedback) - anonymous_id = request.user.id - if request.method == "POST": - form = AnonymousFeedbackForm(request.POST, instance=feedback) - if form.is_valid(): - feedback = form.save(commit=False) - feedback.anonymous_feedback_id = anonymous_id - feedback.save() - return HttpResponse("") - context = {"form": form, "create": False} - return render(request, "anonymous/anonymous_feedback_form.html", context) + # checking feedback owner + if str(request.user.id) == feedback.anonymous_feedback_id or request.user.has_perm( + "pms.change_anonymousfeedback" + ): + form = AnonymousFeedbackForm(instance=feedback) + anonymous_id = request.user.id + if request.method == "POST": + form = AnonymousFeedbackForm(request.POST, instance=feedback) + if form.is_valid(): + feedback = form.save(commit=False) + feedback.anonymous_feedback_id = anonymous_id + feedback.save() + return HttpResponse("") + context = {"form": form, "create": False} + return render(request, "anonymous/anonymous_feedback_form.html", context) + else: + messages.info(request, _("You are don't have permissions.")) + return HttpResponse("") @login_required @@ -3033,14 +3040,21 @@ def archive_anonymous_feedback(request, obj_id): """ feedback = AnonymousFeedback.objects.get(id=obj_id) - if feedback.archive: - feedback.archive = False - feedback.save() - messages.info(request, _("Feedback un-archived successfully!.")) - elif not feedback.archive: - feedback.archive = True - feedback.save() - messages.info(request, _("Feedback archived successfully!.")) + # checking feedback owner + if str(request.user.id) == feedback.anonymous_feedback_id or request.user.has_perm( + "pms.anonymousfeedback" + ): + if feedback.archive: + feedback.archive = False + feedback.save() + messages.info(request, _("Feedback un-archived successfully!.")) + elif not feedback.archive: + feedback.archive = True + feedback.save() + messages.info(request, _("Feedback archived successfully!.")) + + else: + messages.info(request, _("You are don't have permissions.")) return redirect(feedback_list_view)