From 8fd9c97a038d9d187c356ea73af06e6b33fa5b90 Mon Sep 17 00:00:00 2001 From: Horilla Date: Fri, 19 Apr 2024 20:40:24 +0530 Subject: [PATCH] [UPDT] PMS: User permission updated --- pms/methods.py | 70 +++++++++++++ pms/templates/okr/emp_obj_single.html | 140 ++++++++++++++------------ pms/templates/okr/kr_list.html | 36 ++++--- pms/views.py | 47 +++++++-- 4 files changed, 200 insertions(+), 93 deletions(-) create mode 100644 pms/methods.py diff --git a/pms/methods.py b/pms/methods.py new file mode 100644 index 000000000..68474d692 --- /dev/null +++ b/pms/methods.py @@ -0,0 +1,70 @@ +from pyexpat.errors import messages + +from django.http import HttpResponse +from employee.models import EmployeeWorkInformation +from pms.models import EmployeeObjective, Objective +from django.contrib import messages +from django.shortcuts import render + +decorator_with_arguments = ( + lambda decorator: lambda *args, **kwargs: lambda func: decorator( + func, *args, **kwargs + ) +) + + +@decorator_with_arguments +def pms_manager_can_enter(function, perm): + """ + This method is used to check permission to employee for enter to the function if the employee + do not have permission also checks, has reporting manager or manager of respective objective. + """ + + def _function(request, *args, **kwargs): + user = request.user + employee = user.employee_get + is_manager = EmployeeWorkInformation.objects.filter( + reporting_manager_id=employee + ).exists() + is_objective_manager = Objective.objects.filter(managers=employee).exists() + if user.has_perm(perm) or is_manager or is_objective_manager: + return function(request, *args, **kwargs) + else: + messages.info(request, "You dont have permission.") + previous_url = request.META.get("HTTP_REFERER", "/") + script = f'' + key = "HTTP_HX_REQUEST" + if key in request.META.keys(): + return render(request, "decorator_404.html") + return HttpResponse(script) + + return _function + + +@decorator_with_arguments +def pms_owner_and_manager_can_enter(function, perm): + """ + This method is used to check permission to employee for enter to the function if the employee + do not have permission also checks, has reporting manager or manager of respective objective. + """ + + def _function(request, *args, **kwargs): + user = request.user + employee = user.employee_get + is_manager = EmployeeWorkInformation.objects.filter( + reporting_manager_id=employee + ).exists() + is_objective_owner = EmployeeObjective.objects.filter(employee_id=employee).exists() + is_objective_manager = Objective.objects.filter(managers=employee).exists() + if user.has_perm(perm) or is_manager or is_objective_manager or is_objective_owner: + return function(request, *args, **kwargs) + else: + messages.info(request, "You dont have permission.") + previous_url = request.META.get("HTTP_REFERER", "/") + script = f'' + key = "HTTP_HX_REQUEST" + if key in request.META.keys(): + return render(request, "decorator_404.html") + return HttpResponse(script) + + return _function \ No newline at end of file diff --git a/pms/templates/okr/emp_obj_single.html b/pms/templates/okr/emp_obj_single.html index 7dd1c197a..ebb10b71b 100644 --- a/pms/templates/okr/emp_obj_single.html +++ b/pms/templates/okr/emp_obj_single.html @@ -63,14 +63,20 @@
{% trans "Status" %} - + {% if perms.pms.change_employeeobjective or instance|is_manager:request.user %} + + + {% else %} + {{instance.get_status_display}} + {% endif %} +
@@ -111,62 +117,64 @@ {{instance.end_date}}
-
-
- - - - {% trans "Edit" %} - - {% if instance.archive %} -
- - -
- {% else %} -
- - -
- {% endif %} -
- {% csrf_token %} - -
-
-
- - + {% if perms.pms.change_employeeobjective or perms.pms.delete_employeeobjective or instance|is_manager:request.user %} +
+
+ {% if perms.pms.change_employeeobjective or instance|is_manager:request.user %} + + + {% trans "Edit" %} + + {% endif %} + {% if perms.pms.delete_employeeobjective or instance|is_manager:request.user %} -{% comment %} {% endcomment %} \ No newline at end of file + {% if instance.archive %} +
+ + + +
+ {% else %} +
+ + + +
+ {% endif %} +
+ {% csrf_token %} + +
+ {% endif %} +
+
+ {% endif %} + + \ No newline at end of file diff --git a/pms/templates/okr/kr_list.html b/pms/templates/okr/kr_list.html index 66a10d7c0..0e7517675 100644 --- a/pms/templates/okr/kr_list.html +++ b/pms/templates/okr/kr_list.html @@ -31,7 +31,7 @@
{% trans "Start Date" %}
{% trans "End Date" %}
{% trans "Status" %}
- {% if perms.pms.change_employeeobjective or emp_objective|is_manager:request.user %} + {% if perms.pms.change_employeeobjective %}
{% trans "Actions" %}
{% endif %} @@ -92,21 +92,25 @@
{{kr.start_date}}
{{kr.end_date}}
- + {% if perms.pms.change_employeeobjective or kr.employee_objective_id|is_manager:request.user %} + + {% else %} + {{kr.get_status_display}} + {% endif %}
- {% if perms.pms.change_employeeobjective or emp_objective|is_manager:request.user %} + {% if perms.pms.change_employeeobjective or kr.employee_objective_id|is_manager:request.user %}