from django.contrib.auth.mixins import LoginRequiredMixin from mixins.views import AbortSave, ObjectCreate, ObjectDelete, ObjectList, ObjectUpdate from core.forms import AssetGroupForm, AssetRestrictionForm from core.models import AssetGroup, AssetRestriction from core.util import logs log = logs.get_logger(__name__) # Asset Groups class AssetGroupList(LoginRequiredMixin, ObjectList): list_template = "partials/assetgroup-list.html" model = AssetGroup page_title = "List of asset groups for restrictions. Linked to accounts." list_url_name = "assetgroups" list_url_args = ["type"] submit_url_name = "assetgroup_create" class AssetGroupCreate(LoginRequiredMixin, ObjectCreate): model = AssetGroup form_class = AssetGroupForm submit_url_name = "assetgroup_create" class AssetGroupUpdate(LoginRequiredMixin, ObjectUpdate): model = AssetGroup form_class = AssetGroupForm submit_url_name = "assetgroup_update" class AssetGroupDelete(LoginRequiredMixin, ObjectDelete): model = AssetGroup # Asset Restrictions class AssetRestrictionsPermissionMixin: # Check the user has permission to view the asset group # We have a user check on the AssetRestriction, but we need to check the # AssetGroup as well def set_extra_args(self, user): self.extra_permission_args = { "group__user": user, "group__pk": self.kwargs["group"], } class AssetRestrictionList( LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectList ): list_template = "partials/assetrestriction-list.html" model = AssetRestriction page_title = "List of asset restrictions. Linked to asset groups." list_url_name = "assetrestrictions" list_url_args = ["type", "group"] submit_url_name = "assetrestriction_create" submit_url_args = ["type", "group"] class AssetRestrictionCreate( LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectCreate ): model = AssetRestriction form_class = AssetRestrictionForm submit_url_name = "assetrestriction_create" submit_url_args = ["type", "group"] def pre_save_mutate(self, user, obj): try: assetgroup = AssetGroup.objects.get(pk=self.kwargs["group"], user=user) obj.group = assetgroup except AssetGroup.DoesNotExist: log.error(f"Asset Group {self.kwargs['group']} does not exist") raise AbortSave("asset group does not exist or you don't have access") class AssetRestrictionUpdate( LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectUpdate ): model = AssetRestriction form_class = AssetRestrictionForm submit_url_name = "assetrestriction_update" submit_url_args = ["type", "pk", "group"] class AssetRestrictionDelete( LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectDelete ): model = AssetRestriction