fisk/core/views/assets.py

102 lines
2.8 KiB
Python

from django.contrib.auth.mixins import LoginRequiredMixin
from mixins.views import AbortSave, ObjectCreate, ObjectDelete, ObjectList, ObjectUpdate
from core.forms import AssetGroupForm, AssetRestrictionForm
from core.models import AssetGroup, AssetRestriction
from core.util import logs
log = logs.get_logger(__name__)
# Asset Groups
class AssetGroupList(LoginRequiredMixin, ObjectList):
list_template = "partials/assetgroup-list.html"
model = AssetGroup
page_title = "List of asset groups for restrictions. Linked to accounts."
list_url_name = "assetgroups"
list_url_args = ["type"]
submit_url_name = "assetgroup_create"
class AssetGroupCreate(LoginRequiredMixin, ObjectCreate):
model = AssetGroup
form_class = AssetGroupForm
submit_url_name = "assetgroup_create"
class AssetGroupUpdate(LoginRequiredMixin, ObjectUpdate):
model = AssetGroup
form_class = AssetGroupForm
submit_url_name = "assetgroup_update"
class AssetGroupDelete(LoginRequiredMixin, ObjectDelete):
model = AssetGroup
# Asset Restrictions
class AssetRestrictionsPermissionMixin:
# Check the user has permission to view the asset group
# We have a user check on the AssetRestriction, but we need to check the
# AssetGroup as well
def set_extra_args(self, user):
self.extra_permission_args = {
"group__user": user,
"group__pk": self.kwargs["group"],
}
class AssetRestrictionList(
LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectList
):
list_template = "partials/assetrestriction-list.html"
model = AssetRestriction
page_title = "List of asset restrictions. Linked to asset groups."
list_url_name = "assetrestrictions"
list_url_args = ["type", "group"]
submit_url_name = "assetrestriction_create"
submit_url_args = ["type", "group"]
class AssetRestrictionCreate(
LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectCreate
):
model = AssetRestriction
form_class = AssetRestrictionForm
submit_url_name = "assetrestriction_create"
submit_url_args = ["type", "group"]
def pre_save_mutate(self, user, obj):
try:
assetgroup = AssetGroup.objects.get(pk=self.kwargs["group"], user=user)
obj.group = assetgroup
except AssetGroup.DoesNotExist:
log.error(f"Asset Group {self.kwargs['group']} does not exist")
raise AbortSave("asset group does not exist or you don't have access")
class AssetRestrictionUpdate(
LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectUpdate
):
model = AssetRestriction
form_class = AssetRestrictionForm
submit_url_name = "assetrestriction_update"
submit_url_args = ["type", "pk", "group"]
class AssetRestrictionDelete(
LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectDelete
):
model = AssetRestriction