nestict/ihrm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[FIX] HELPDESK: Permission fixes in the ticket tab views

Browse Source
This commit is contained in:
Horilla
2025-11-12 10:15:24 +05:30
parent 2fcd768886
commit af0c558f9d
4 changed files with 72 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
helpdesk/cbv/pipeline.py
View File

@@ -1,3 +1,5 @@
from typing import Any
from django.urls import reverse, reverse_lazy
from django.utils.decorators import method_decorator
@@ -223,6 +225,19 @@ class TicketListView(HorillaListView):
action_method = """ticket_action_col"""
header_attrs = {"action": "style='width:200px'"}
def __init__(self, **kwargs: Any) -> None:
super().__init__(**kwargs)
if self.request.GET.get("ticket_tab") == "all_tickets":
if (
self.request.user.has_perm("helpdesk.view_claimrequest")
or self.request.user.has_perm("helpdesk.change_claimrequest")
or self.request.user.has_perm("helpdesk.change_ticket")
or self.request.user.has_perm("helpdesk.delete_ticket")
):
self.action_method = "ticket_action_col"
else:
self.action_method = None
def get_queryset(self):
queryset = super().get_queryset()
if self.request.GET.get("is_active") != "false":

8
helpdesk/templates/cbv/pipeline/pipeline_action_col.html
View File

@@ -1,7 +1,7 @@
{% load static i18n helpdeskfilters %}
<div class="oh-btn-group" style="border:none">
{% if tab != 'my_tickets' %}
{% if perms.helpdesk.change_ticket or perms.helpdesk.change_claimrequest or request.user.employee_get|is_department_manager:ticket %}
{% if perms.helpdesk.change_ticket or perms.helpdesk.change_claimrequest or perms.helpdesk.view_claimrequest or request.user.employee_get|is_department_manager:ticket %}
<button
hx-get = "{% url "view-ticket-claim-request" ticket.id %}"
hx-target="#objectDetailsModalTarget"
@@ -12,7 +12,8 @@
>
<ion-icon name="eye-outline"></ion-icon>
</button>
{% else %}
{% endif %}
{% if tab != 'all_tickets' %}
{% if claim_request or request.user.employee_get in ticket.assigned_to.all %}
<a
href="#"
@@ -41,7 +42,7 @@
{% endif %}
{% endif %}
{% if perms.helpdesk.change_ticket or request.user.employee_get|is_department_manager:ticket %}
{% if request.user.employee_get == ticket.employee_id or perms.helpdesk.change_ticket or request.user.employee_get|is_department_manager:ticket %}
<button
class="oh-btn oh-btn--light-bkg p-3 w-100"
title="{% trans 'Edit' %}"
@@ -87,6 +88,7 @@
<a
href = "{% url 'ticket-delete' ticket.id %}"
class="oh-btn oh-btn--danger-outline oh-btn--light-bkg p-3"
onclick="return confirm('{% trans 'Are you sure you want to delete this Ticket?' %}');"
title="{% trans 'Delete' %}"
>
<ion-icon

98
helpdesk/templates/helpdesk/ticket/ticket_claim_requests.html
View File

@@ -28,11 +28,13 @@
>
{% trans "Employee" %}
</div>
<div
class="oh-sticky-table__th"
>
{% trans "Action" %}
</div>
{% if perms.helpdesk.change_claimrequest or perms.helpdesk.change_ticket %}
<div
class="oh-sticky-table__th"
>
{% trans "Action" %}
</div>
{% endif %}
</div>
</div>
@@ -58,51 +60,53 @@
>
</div>
</div>
<div class="oh-sticky-table__td">
<div class="oh-btn-group">
{% if not req.is_approved and not req.is_rejected %}
<button
class="oh-btn oh-btn--success w-100"
data-toggle="oh-modal-toggle"
data-target="#objectDetailsModal"
hx-get="{% url 'approve-claim-request' req.id %}?approve=True"
hx-target="#objectDetailsModalTarget"
title="Approve request"
>
<ion-icon name="checkmark-outline"></ion-icon>
</button>
{% else %}
<button
class="oh-btn oh-btn--success w-100"
disabled
title="Approve request"
>
<ion-icon name="checkmark-outline"></ion-icon>
</button>
{% endif %}
{% if not req.is_rejected %}
<button
class="oh-btn oh-btn--danger w-100"
titile = "{% trans 'Reject' %}"
data-toggle="oh-modal-toggle"
data-target="#objectDetailsModal"
hx-get="{% url 'approve-claim-request' req.id %}?approve=False"
hx-target="#objectDetailsModalTarget"
>
<ion-icon name="close-outline"></ion-icon>
</button>
{% else %}
<button
class="oh-btn oh-btn--danger w-100"
titile = "{% trans 'Reject' %}"
disabled
{% if perms.helpdesk.change_claimrequest or perms.helpdesk.change_ticket %}
<div class="oh-sticky-table__td">
<div class="oh-btn-group">
{% if not req.is_approved and not req.is_rejected %}
<button
class="oh-btn oh-btn--success w-100"
data-toggle="oh-modal-toggle"
data-target="#objectDetailsModal"
hx-get="{% url 'approve-claim-request' req.id %}?approve=True"
hx-target="#objectDetailsModalTarget"
title="Approve request"
>
<ion-icon name="close-outline"></ion-icon>
</button>
{% endif %}
<ion-icon name="checkmark-outline"></ion-icon>
</button>
{% else %}
<button
class="oh-btn oh-btn--success w-100"
disabled
title="Approve request"
>
<ion-icon name="checkmark-outline"></ion-icon>
</button>
{% endif %}
{% if not req.is_rejected %}
<button
class="oh-btn oh-btn--danger w-100"
titile = "{% trans 'Reject' %}"
data-toggle="oh-modal-toggle"
data-target="#objectDetailsModal"
hx-get="{% url 'approve-claim-request' req.id %}?approve=False"
hx-target="#objectDetailsModalTarget"
>
<ion-icon name="close-outline"></ion-icon>
</button>
{% else %}
<button
class="oh-btn oh-btn--danger w-100"
titile = "{% trans 'Reject' %}"
disabled
>
<ion-icon name="close-outline"></ion-icon>
</button>
{% endif %}
</div>
</div>
</div>
{% endif %}
</div>
{% endfor %}
</div>

1
helpdesk/views.py
View File

@@ -999,6 +999,7 @@ def view_ticket_claim_request(request, ticket_id):
ticket = Ticket.objects.filter(id=ticket_id).first()
if (
request.user.has_perm("helpdesk.change_claimrequest")
or request.user.has_perm("helpdesk.view_claimrequest")
or request.user.has_perm("helpdesk.change_ticket")
or is_department_manager(request, ticket)
):