Add asset groups and restrictions

2023-02-10 14:33:17 +00:00
parent 7938bffc8d
commit f81d632df3
7 changed files with 230 additions and 32 deletions
--- a/core/views/assets.py
+++ b/core/views/assets.py
@@ -1,12 +1,14 @@
 from django.contrib.auth.mixins import LoginRequiredMixin

-from core.forms import AssetGroupForm
-from core.models import AssetGroup
+from core.forms import AssetGroupForm, AssetRestrictionForm
+from core.models import AssetGroup, AssetRestriction
 from core.util import logs
-from core.views import ObjectCreate, ObjectDelete, ObjectList, ObjectUpdate
+from core.views import AbortSave, ObjectCreate, ObjectDelete, ObjectList, ObjectUpdate

 log = logs.get_logger(__name__)

+# Asset Groups
+

 class AssetGroupList(LoginRequiredMixin, ObjectList):
    list_template = "partials/assetgroup-list.html"
@@ -35,3 +37,65 @@ class AssetGroupUpdate(LoginRequiredMixin, ObjectUpdate):

 class AssetGroupDelete(LoginRequiredMixin, ObjectDelete):
    model = AssetGroup
+
+
+# Asset Restrictions
+
+
+class AssetRestrictionsPermissionMixin:
+    # Check the user has permission to view the asset group
+    # We have a user check on the AssetRestriction, but we need to check the
+    # AssetGroup as well
+    def set_extra_args(self, user):
+        self.extra_permission_args = {
+            "group__user": user,
+            "group__pk": self.kwargs["group"],
+        }
+
+
+class AssetRestrictionList(
+    LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectList
+):
+    list_template = "partials/assetrestriction-list.html"
+    model = AssetRestriction
+    page_title = "List of asset restrictions. Linked to asset groups."
+
+    list_url_name = "assetrestrictions"
+    list_url_args = ["type", "group"]
+
+    submit_url_name = "assetrestriction_create"
+    submit_url_args = ["type", "group"]
+
+
+class AssetRestrictionCreate(
+    LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectCreate
+):
+    model = AssetRestriction
+    form_class = AssetRestrictionForm
+
+    submit_url_name = "assetrestriction_create"
+    submit_url_args = ["type", "group"]
+
+    def pre_save_mutate(self, user, obj):
+        try:
+            assetgroup = AssetGroup.objects.get(pk=self.kwargs["group"], user=user)
+            obj.group = assetgroup
+        except AssetGroup.DoesNotExist:
+            log.error(f"Asset Group {self.kwargs['group']} does not exist")
+            raise AbortSave("asset group does not exist or you don't have access")
+
+
+class AssetRestrictionUpdate(
+    LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectUpdate
+):
+    model = AssetRestriction
+    form_class = AssetRestrictionForm
+
+    submit_url_name = "assetrestriction_update"
+    submit_url_args = ["type", "pk", "group"]
+
+
+class AssetRestrictionDelete(
+    LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectDelete
+):
+    model = AssetRestriction