From 29e2ad90b7114c8f485e4deefd78133ed7347e74 Mon Sep 17 00:00:00 2001 From: Horilla Date: Tue, 3 Sep 2024 14:04:20 +0530 Subject: [PATCH] [FIX] HELPDESK: Create ticket type is restricted to reporting managers --- helpdesk/decorators.py | 51 ++++++++++++++++++++++++++++++++++++++++++ helpdesk/forms.py | 10 ++++++--- helpdesk/views.py | 16 ++++++------- 3 files changed, 66 insertions(+), 11 deletions(-) create mode 100644 helpdesk/decorators.py diff --git a/helpdesk/decorators.py b/helpdesk/decorators.py new file mode 100644 index 000000000..74f6ca1e8 --- /dev/null +++ b/helpdesk/decorators.py @@ -0,0 +1,51 @@ +from pyexpat.errors import messages +from django.http import HttpResponseRedirect +from django.shortcuts import render +from base.methods import check_manager +from helpdesk.models import Ticket + + +decorator_with_arguments = ( + lambda decorator: lambda *args, **kwargs: lambda func: decorator( + func, *args, **kwargs + ) +) + + +@decorator_with_arguments +def ticket_owner_can_enter(function, perm: str, model: object, manager_access=False): + from employee.models import Employee, EmployeeWorkInformation + + """ + Only the users with permission, or the owner, or employees manager can enter, + If manager_access:True then all the managers can enter + """ + + def _function(request, *args, **kwargs): + instance_id = kwargs[list(kwargs.keys())[0]] + if model == Employee: + employee = Employee.objects.get(id=instance_id) + else: + try: + employee = model.objects.get(id=instance_id).employee_id + except: + messages.error(request, ("Sorry, something went wrong!")) + return HttpResponseRedirect(request.META.get("HTTP_REFERER", "/")) + can_enter = ( + request.user.employee_get == employee + or request.user.has_perm(perm) + or check_manager(request.user.employee_get, employee) + or ( + EmployeeWorkInformation.objects.filter( + reporting_manager_id__employee_user_id=request.user + ).exists() + if manager_access + else False + ) + or Ticket.objects.filter(assigned_to__in = [request.user.employee_get]) + ) + if can_enter: + return function(request, *args, **kwargs) + return render(request, "no_perm.html") + + return _function diff --git a/helpdesk/forms.py b/helpdesk/forms.py index de584718c..f898e56b9 100644 --- a/helpdesk/forms.py +++ b/helpdesk/forms.py @@ -27,6 +27,7 @@ from django import forms from django.template.loader import render_to_string from base.forms import ModelForm +from base.methods import is_reportingmanager from base.models import Department, JobPosition from employee.forms import MultipleFileField from employee.models import Employee @@ -39,6 +40,7 @@ from helpdesk.models import ( Ticket, TicketType, ) +from horilla import horilla_middlewares class TicketTypeForm(ModelForm): @@ -122,9 +124,11 @@ class TicketForm(ModelForm): self.fields["tags"].choices = list(self.fields["tags"].choices) self.fields["tags"].choices.append(("create_new_tag", "Create new tag")) self.fields["ticket_type"].choices = list(self.fields["ticket_type"].choices) - self.fields["ticket_type"].choices.append( - ("create_new_ticket_type", "Create new ticket type") - ) + request = getattr(horilla_middlewares._thread_locals, "request", None) + if is_reportingmanager(request): + self.fields["ticket_type"].choices.append( + ("create_new_ticket_type", "Create new ticket type") + ) class TicketTagForm(ModelForm): diff --git a/helpdesk/views.py b/helpdesk/views.py index 14d9cfd93..f62b4cdd5 100644 --- a/helpdesk/views.py +++ b/helpdesk/views.py @@ -17,6 +17,7 @@ from base.forms import TagsForm from base.methods import filtersubordinates, get_key_instances, get_pagination, sortby from base.models import Department, JobPosition, Tags from employee.models import Employee +from helpdesk.decorators import ticket_owner_can_enter from helpdesk.filter import FAQCategoryFilter, FAQFilter, TicketFilter, TicketReGroup from helpdesk.forms import ( AttachmentForm, @@ -45,7 +46,6 @@ from horilla.decorators import ( hx_request_required, login_required, manager_can_enter, - owner_can_enter, permission_required, ) from horilla.group_by import group_by_queryset @@ -484,7 +484,7 @@ def ticket_create(request): @login_required @hx_request_required -@owner_can_enter(perm="helpdesk.change_ticket", model=Ticket) +@ticket_owner_can_enter(perm="helpdesk.change_ticket", model=Ticket) def ticket_update(request, ticket_id): """ This function is responsible for updating the Ticket. @@ -543,7 +543,7 @@ def ticket_archive(request, ticket_id): @login_required -@owner_can_enter(perm="helpdesk.change_ticket", model=Ticket) +@ticket_owner_can_enter(perm="helpdesk.change_ticket", model=Ticket) def change_ticket_status(request, ticket_id): """ This function is responsible for changing the Ticket status. @@ -615,7 +615,7 @@ def change_ticket_status(request, ticket_id): @login_required -@owner_can_enter(perm="helpdesk.change_ticket", model=Ticket) +@ticket_owner_can_enter(perm="helpdesk.change_ticket", model=Ticket) def ticket_delete(request, ticket_id): """ This function is responsible for deleting the Ticket. @@ -790,7 +790,7 @@ def ticket_filter(request): @login_required -@owner_can_enter(perm="helpdesk.change_ticket", model=Ticket) +@ticket_owner_can_enter(perm="helpdesk.change_ticket", model=Ticket) def ticket_detail(request, ticket_id, **kwargs): today = datetime.now().date() ticket = Ticket.objects.get(id=ticket_id) @@ -851,7 +851,7 @@ def ticket_detail(request, ticket_id, **kwargs): @login_required -# @owner_can_enter("perms.helpdesk.helpdesk_changeticket", Ticket) +# @ticket_owner_can_enter("perms.helpdesk.helpdesk_changeticket", Ticket) def ticket_update_tag(request): """ method to update the tags of ticket @@ -872,7 +872,7 @@ def ticket_update_tag(request): @login_required @hx_request_required -@owner_can_enter(perm="helpdesk.change_ticket", model=Ticket) +@ticket_owner_can_enter(perm="helpdesk.change_ticket", model=Ticket) def ticket_change_raised_on(request, ticket_id): ticket = Ticket.objects.get(id=ticket_id) form = TicketRaisedOnForm(instance=ticket) @@ -1137,7 +1137,7 @@ def tickets_bulk_archive(request): @login_required -# @owner_can_enter("perms.helpdesk.helpdesk_changeticket", Ticket) +# @ticket_owner_can_enter("perms.helpdesk.helpdesk_changeticket", Ticket) @permission_required("helpdesk.delete_ticket") def tickets_bulk_delete(request): """