diff --git a/horilla/decorators.py b/horilla/decorators.py
index 5a7e80f5b..58de6be21 100755
--- a/horilla/decorators.py
+++ b/horilla/decorators.py
@@ -57,15 +57,14 @@ def any_permission_required(function, perms):
def _function(request, *args, **kwargs):
if any(request.user.has_perm(perm) for perm in perms):
return function(request, *args, **kwargs)
-
else:
- messages.info(request, "You dont have permission.")
+ messages.info(request, "You don’t have permission.")
previous_url = request.META.get("HTTP_REFERER", "/")
- key = "HTTP_HX_REQUEST"
- if key in request.META.keys():
+ if request.META.get("HTTP_HX_REQUEST"):
return render(request, "decorator_404.html")
- script = f''
- return HttpResponse(script)
+ return HttpResponse(
+ f''
+ )
return _function
diff --git a/onboarding/models.py b/onboarding/models.py
index 6a715f7d8..480a81b21 100644
--- a/onboarding/models.py
+++ b/onboarding/models.py
@@ -103,6 +103,14 @@ class OnboardingTask(HorillaModel):
verbose_name_plural = _("Onboarding Tasks")
+class OnboardingCandidate(Candidate):
+ class Meta:
+ proxy = True
+ verbose_name = _("Onboarding Candidate")
+ verbose_name_plural = _("Onboarding Candidates")
+ app_label = "onboarding"
+
+
class CandidateStage(HorillaModel):
"""
CandidateStage model
diff --git a/onboarding/sidebar.py b/onboarding/sidebar.py
index 0389ef398..5c4d1de73 100644
--- a/onboarding/sidebar.py
+++ b/onboarding/sidebar.py
@@ -41,11 +41,11 @@ def onboarding_view_accessibility(
request, _submenu: dict = {}, user_perms: PermWrapper = [], *args, **kwargs
) -> bool:
return is_taskmanager(request.user) or request.user.has_perm(
- "onboarding.view_onboarding"
+ "onboarding.view_onboardingstage"
)
def candidates_view_accessibility(
request, _submenu: dict = {}, user_perms: PermWrapper = [], *args, **kwargs
) -> bool:
- return request.user.has_perm("recruitment.view_candidate")
+ return request.user.has_perm("onboarding.view_onboardingcandidate")
diff --git a/onboarding/views.py b/onboarding/views.py
index 9a52125f8..ee8e6926b 100644
--- a/onboarding/views.py
+++ b/onboarding/views.py
@@ -421,14 +421,14 @@ def candidate_update(request, obj_id):
@login_required
-@permission_required("recruitment.delete_candidate")
+@permission_required("onboarding.delete_onboardingcandidate")
def candidate_delete(request, obj_id):
"""
function used to delete hired candidates .
Parameters:
request (HttpRequest): The HTTP request object.
- obj_id : recruitment id
+ obj_id : candidate id
Returns:
GET : return candidate view
@@ -520,7 +520,7 @@ def paginator_qry(qryset, page_number):
@login_required
-@permission_required(perm="recruitment.view_candidate")
+@permission_required(perm="onboarding.view_onboardingcandidate")
def candidates_view(request):
"""
function used to view hired candidates .
@@ -581,7 +581,7 @@ def hired_candidate_view(request):
@login_required
@hx_request_required
-@permission_required(perm="recruitment.view_candidate")
+@permission_required(perm="onboarding.view_onboardingcandidate")
def candidate_filter(request):
"""
function used to filter hired candidates .
@@ -780,7 +780,7 @@ def onboarding_query_grouper(request, queryset):
@login_required
-@all_manager_can_enter("onboarding.view_candidatestage")
+@all_manager_can_enter("onboarding.view_onboardingstage")
def onboarding_view(request):
"""
function used to view onboarding main view.
@@ -794,7 +794,7 @@ def onboarding_view(request):
filter_obj = RecruitmentFilter(request.GET)
# is active filteration not providing on pipeline
recruitments = filter_obj.qs
- if not request.user.has_perm("onboarding.view_candidatestage"):
+ if not request.user.has_perm("onboarding.view_onboardingstage"):
recruitments = recruitments.filter(
is_active=True, recruitment_managers__in=[request.user.employee_get]
) | recruitments.filter(
@@ -841,7 +841,7 @@ def onboarding_view(request):
@login_required
-@all_manager_can_enter("onboarding.view_candidatestage")
+@all_manager_can_enter("onboarding.view_onboardingstage")
def kanban_view(request):
# filter_obj = RecruitmentFilter(request.GET)
# # is active filteration not providing on pipeline
@@ -849,7 +849,7 @@ def kanban_view(request):
filter_obj = RecruitmentFilter(request.GET)
# is active filteration not providing on pipeline
recruitments = filter_obj.qs
- if not request.user.has_perm("onboarding.view_candidatestage"):
+ if not request.user.has_perm("onboarding.view_onboardingstage"):
recruitments = recruitments.filter(
is_active=True, recruitment_managers__in=[request.user.employee_get]
) | recruitments.filter(
diff --git a/recruitment/decorators.py b/recruitment/decorators.py
index e75f8171c..fc56bf642 100644
--- a/recruitment/decorators.py
+++ b/recruitment/decorators.py
@@ -58,49 +58,46 @@ def decorator_with_arguments(decorator):
@decorator_with_arguments
-def manager_can_enter(function, perm):
+def manager_can_enter(function, perm=None, perms=None):
"""
- Decorator that checks if the user has the specified permission or is a manager.
+ Decorator that checks if the user has the specified permission(s) or is a manager.
Args:
- perm (str): The permission to check.
+ perm (str): A single permission string.
+ perms (list): A list of permission strings.
Returns:
- function: The decorated function.
-
- Raises:
- None
-
+ function: The decorated view.
"""
def _function(request, *args, **kwargs):
- """
- Inner function that performs the permission and manager check.
-
- Args:
- request (HttpRequest): The request object.
- *args: Variable length argument list.
- **kwargs: Arbitrary keyword arguments.
-
- Returns:
- HttpResponse: The response from the decorated function.
-
- """
user = request.user
employee = Employee.objects.filter(employee_user_id=user).first()
+
is_manager = (
Stage.objects.filter(stage_managers=employee).exists()
or Recruitment.objects.filter(recruitment_managers=employee).exists()
)
- if user.has_perm(perm) or is_manager:
+
+ # Combine perm and perms into one list to check
+ all_perms = []
+ if perm:
+ all_perms.append(perm)
+ if perms:
+ all_perms.extend(perms)
+
+ has_required_perm = any(user.has_perm(p) for p in all_perms)
+
+ if has_required_perm or is_manager:
return function(request, *args, **kwargs)
- messages.info(request, "You dont have permission.")
+
+ messages.info(request, "You don't have permission.")
previous_url = request.META.get("HTTP_REFERER", "/")
- script = f''
- key = "HTTP_HX_REQUEST"
- if key in request.META.keys():
+
+ if request.META.get("HTTP_HX_REQUEST"):
return render(request, "decorator_404.html")
- return HttpResponse(script)
+
+ return HttpResponse(f'')
return _function
diff --git a/recruitment/views/views.py b/recruitment/views/views.py
index c93e759a8..9fda82f68 100644
--- a/recruitment/views/views.py
+++ b/recruitment/views/views.py
@@ -56,6 +56,7 @@ from employee.models import Employee, EmployeeWorkInformation
from employee.views import get_content_type
from horilla import settings
from horilla.decorators import (
+ any_permission_required,
hx_request_required,
logger,
login_required,
@@ -1318,7 +1319,9 @@ def stage_title_update(request, stage_id):
@login_required
-@permission_required(perm="recruitment.add_candidate")
+@any_permission_required(
+ perms=["recruitment.add_candidate", "onboarding.add_onboardingcandidate"]
+)
def candidate(request):
"""
This method used to create candidate
@@ -1639,7 +1642,9 @@ def candidate_view_individual(request, cand_id, **kwargs):
@login_required
-@manager_can_enter(perm="recruitment.change_candidate")
+@manager_can_enter(
+ perms=["recruitment.change_candidate", "onboarding.change_onboardingcandidate"]
+)
def candidate_update(request, cand_id, **kwargs):
"""
Used to update or change the candidate