From 1ef7bd90811d111b66c143a17570575beeced44d Mon Sep 17 00:00:00 2001 From: Andrew Williams Date: Mon, 7 Mar 2011 13:47:30 +0000 Subject: [PATCH] Switch to use Django Permissions for identifying HR permissions, in addition move HR templates --- hr/models.py | 6 ++++ .../templates}/hr/applications/accept.html | 0 .../templates}/hr/applications/add.html | 0 .../hr/applications/add_message.html | 0 .../templates}/hr/applications/add_note.html | 0 .../hr/applications/admin/view_list.html | 0 .../templates}/hr/applications/noadd.html | 0 .../templates}/hr/applications/reject.html | 0 .../templates}/hr/applications/view.html | 2 ++ .../templates}/hr/applications/view_list.html | 0 .../templates}/hr/emails/accepted.txt | 0 .../templates}/hr/emails/accepted_subject.txt | 0 .../templates}/hr/emails/message.txt | 0 .../templates}/hr/emails/message_subject.txt | 0 .../templates}/hr/emails/rejected.txt | 0 .../templates}/hr/emails/rejected_subject.txt | 0 {templates => hr/templates}/hr/index.html | 0 .../templates}/hr/recommendations/add.html | 0 .../hr/recommendations/view_list.html | 0 hr/views.py | 35 ++++++++++--------- 20 files changed, 27 insertions(+), 16 deletions(-) rename {templates => hr/templates}/hr/applications/accept.html (100%) rename {templates => hr/templates}/hr/applications/add.html (100%) rename {templates => hr/templates}/hr/applications/add_message.html (100%) rename {templates => hr/templates}/hr/applications/add_note.html (100%) rename {templates => hr/templates}/hr/applications/admin/view_list.html (100%) rename {templates => hr/templates}/hr/applications/noadd.html (100%) rename {templates => hr/templates}/hr/applications/reject.html (100%) rename {templates => hr/templates}/hr/applications/view.html (99%) rename {templates => hr/templates}/hr/applications/view_list.html (100%) rename {templates => hr/templates}/hr/emails/accepted.txt (100%) rename {templates => hr/templates}/hr/emails/accepted_subject.txt (100%) rename {templates => hr/templates}/hr/emails/message.txt (100%) rename {templates => hr/templates}/hr/emails/message_subject.txt (100%) rename {templates => hr/templates}/hr/emails/rejected.txt (100%) rename {templates => hr/templates}/hr/emails/rejected_subject.txt (100%) rename {templates => hr/templates}/hr/index.html (100%) rename {templates => hr/templates}/hr/recommendations/add.html (100%) rename {templates => hr/templates}/hr/recommendations/view_list.html (100%) diff --git a/hr/models.py b/hr/models.py index eed2bb3..d374897 100644 --- a/hr/models.py +++ b/hr/models.py @@ -117,6 +117,12 @@ class Application(models.Model): def __unicode__(self): return self.character.name + class Meta: + permissions = ( + ("can_accept", "Can accept / reject applications"), + ("can_view_all", "Can view all applications"), + ("can_view_corp", "Can view corp applications"), + ) class Recommendation(models.Model): """ User recommendation for a application """ diff --git a/templates/hr/applications/accept.html b/hr/templates/hr/applications/accept.html similarity index 100% rename from templates/hr/applications/accept.html rename to hr/templates/hr/applications/accept.html diff --git a/templates/hr/applications/add.html b/hr/templates/hr/applications/add.html similarity index 100% rename from templates/hr/applications/add.html rename to hr/templates/hr/applications/add.html diff --git a/templates/hr/applications/add_message.html b/hr/templates/hr/applications/add_message.html similarity index 100% rename from templates/hr/applications/add_message.html rename to hr/templates/hr/applications/add_message.html diff --git a/templates/hr/applications/add_note.html b/hr/templates/hr/applications/add_note.html similarity index 100% rename from templates/hr/applications/add_note.html rename to hr/templates/hr/applications/add_note.html diff --git a/templates/hr/applications/admin/view_list.html b/hr/templates/hr/applications/admin/view_list.html similarity index 100% rename from templates/hr/applications/admin/view_list.html rename to hr/templates/hr/applications/admin/view_list.html diff --git a/templates/hr/applications/noadd.html b/hr/templates/hr/applications/noadd.html similarity index 100% rename from templates/hr/applications/noadd.html rename to hr/templates/hr/applications/noadd.html diff --git a/templates/hr/applications/reject.html b/hr/templates/hr/applications/reject.html similarity index 100% rename from templates/hr/applications/reject.html rename to hr/templates/hr/applications/reject.html diff --git a/templates/hr/applications/view.html b/hr/templates/hr/applications/view.html similarity index 99% rename from templates/hr/applications/view.html rename to hr/templates/hr/applications/view.html index 735b6ce..1c89dd3 100644 --- a/templates/hr/applications/view.html +++ b/hr/templates/hr/applications/view.html @@ -30,10 +30,12 @@ {% if hrstaff %} Add Staff Note {% if app.status < 2 or app.status = 4 or app.status = 6 %} +{% if perms.hr.can_accept %} Reject Application {% ifequal app.blacklisted 0 %} Accept Application {% endifequal %} +{% endif %} {% ifnotequal app.status 4 %} Mark as In Query {% endifnotequal %} diff --git a/templates/hr/applications/view_list.html b/hr/templates/hr/applications/view_list.html similarity index 100% rename from templates/hr/applications/view_list.html rename to hr/templates/hr/applications/view_list.html diff --git a/templates/hr/emails/accepted.txt b/hr/templates/hr/emails/accepted.txt similarity index 100% rename from templates/hr/emails/accepted.txt rename to hr/templates/hr/emails/accepted.txt diff --git a/templates/hr/emails/accepted_subject.txt b/hr/templates/hr/emails/accepted_subject.txt similarity index 100% rename from templates/hr/emails/accepted_subject.txt rename to hr/templates/hr/emails/accepted_subject.txt diff --git a/templates/hr/emails/message.txt b/hr/templates/hr/emails/message.txt similarity index 100% rename from templates/hr/emails/message.txt rename to hr/templates/hr/emails/message.txt diff --git a/templates/hr/emails/message_subject.txt b/hr/templates/hr/emails/message_subject.txt similarity index 100% rename from templates/hr/emails/message_subject.txt rename to hr/templates/hr/emails/message_subject.txt diff --git a/templates/hr/emails/rejected.txt b/hr/templates/hr/emails/rejected.txt similarity index 100% rename from templates/hr/emails/rejected.txt rename to hr/templates/hr/emails/rejected.txt diff --git a/templates/hr/emails/rejected_subject.txt b/hr/templates/hr/emails/rejected_subject.txt similarity index 100% rename from templates/hr/emails/rejected_subject.txt rename to hr/templates/hr/emails/rejected_subject.txt diff --git a/templates/hr/index.html b/hr/templates/hr/index.html similarity index 100% rename from templates/hr/index.html rename to hr/templates/hr/index.html diff --git a/templates/hr/recommendations/add.html b/hr/templates/hr/recommendations/add.html similarity index 100% rename from templates/hr/recommendations/add.html rename to hr/templates/hr/recommendations/add.html diff --git a/templates/hr/recommendations/view_list.html b/hr/templates/hr/recommendations/view_list.html similarity index 100% rename from templates/hr/recommendations/view_list.html rename to hr/templates/hr/recommendations/view_list.html diff --git a/hr/views.py b/hr/views.py index ee1b1c9..240ce2f 100644 --- a/hr/views.py +++ b/hr/views.py @@ -37,23 +37,22 @@ def send_message(application, message_type, note=None): def check_permissions(user, application=None): """ Check if the user has permissions to view or admin the application """ - hrgroup, created = Group.objects.get_or_create(name=settings.HR_STAFF_GROUP) corplist = EVEPlayerCharacter.objects.filter(eveaccount__user=user,corporation__applications=True) if not application: - if hrgroup in user.groups.all() or user.is_superuser or corplist.filter(director=True).count(): + if user.has_perm('hr.can_view_all') or user.has_perm('hr.can_view_corp') or corplist.filter(director=True).count(): return HR_ADMIN else: - if user.is_superuser: - return HR_ADMIN - elif application.user == user: + if application.user == user: return HR_VIEWONLY + if user.has_perm('hr.can_view_all'): + return HR_ADMIN else: # Give admin access to directors of the corp if application.corporation.id in corplist.filter(director=True).values_list('corporation__id', flat=True): return HR_ADMIN # Give access to none director HR people access - if application.corporation.id in corplist.values_list('corporation__id', flat=True) and hrgroup in user.groups.all(): + if application.corporation.id in corplist.values_list('corporation__id', flat=True) and user.has_perm('hr.can_view_corp'): return HR_ADMIN return HR_NONE @@ -80,15 +79,17 @@ def view_application(request, applicationid): app = get_object_or_404(Application, id=applicationid) - hrlvl = check_permissions(request.user, app) - if hrlvl == 1: + perm = check_permissions(request.user, app) + if perm == HR_VIEWONLY: audit = app.audit_set.filter(event__in=[AUDIT_EVENT_STATUSCHANGE, AUDIT_EVENT_REJECTION, AUDIT_EVENT_ACCEPTED, AUDIT_EVENT_MESSAGE]) - elif hrlvl == 2: + elif perm == HR_ADMIN: hrstaff = True audit = app.audit_set.all() else: return HttpResponseRedirect(reverse('hr.views.index')) + # Respond to Reddit Comment Load + # TODO: Move to reddit app? if installed('reddit') and request.GET.has_key('redditxhr') and request.is_ajax(): posts = [] for acc in app.user.redditaccount_set.all(): @@ -159,14 +160,16 @@ def add_recommendation(request): @login_required def admin_applications(request): - if check_permissions(request.user) < HR_ADMIN: - return HttpResponseRedirect(reverse('hr.views.index')) - # Get the list of viewable applications by the admin corplist = EVEPlayerCharacter.objects.filter(eveaccount__user=request.user).values_list('corporation', flat=True) view_status = [APPLICATION_STATUS_AWAITINGREVIEW, APPLICATION_STATUS_ACCEPTED, APPLICATION_STATUS_QUERY] - apps = Application.objects.filter(corporation__id__in=list(corplist)) + if request.user.has_perm('hr.can_view_all'): + apps = Application.objects.all() + elif request.user.has_perm('hr.can_view_corp'): + apps = Application.objects.filter(corporation__id__in=list(corplist)) + else: + return HttpResponseRedirect(reverse('hr.views.index')) if 'q' in request.GET: query = request.GET['q'] @@ -219,8 +222,8 @@ def add_note(request, applicationid): @login_required def add_message(request, applicationid): """ Send a message to the end user and note it on the application """ - app = get_object_or_404(Application, id=applicationid) + app = get_object_or_404(Application, id=applicationid) if check_permissions(request.user, app): if request.method == 'POST': obj = Audit(application=app, user=request.user, event=AUDIT_EVENT_MESSAGE) @@ -240,7 +243,7 @@ def add_message(request, applicationid): def reject_application(request, applicationid): """ Reject the application and notify the user """ - if check_permissions(request.user) == HR_ADMIN: + if check_permissions(request.user) == HR_ADMIN and request.user.has_perm('hr.can_accept'): if request.method == 'POST': app = Application.objects.get(id=applicationid) if check_permissions(request.user, app) == HR_ADMIN: @@ -262,7 +265,7 @@ def reject_application(request, applicationid): def accept_application(request, applicationid): """ Accept the application and notify the user """ - if check_permissions(request.user) == HR_ADMIN: + if check_permissions(request.user) == HR_ADMIN and request.user.has_perm('hr.can_accept'): if request.method == 'POST': app = Application.objects.get(id=applicationid) if check_permissions(request.user, app) == HR_ADMIN: