diff options
| author | Étienne Loks <etienne.loks@iggdrasil.net> | 2024-11-05 12:12:30 +0100 |
|---|---|---|
| committer | Étienne Loks <etienne.loks@iggdrasil.net> | 2025-02-19 14:43:49 +0100 |
| commit | bd38a04747e7d4ed4e28dd75ba1b43583d883e65 (patch) | |
| tree | ae43776eaa406850e8123e55318737d4a0d58113 /ishtar_common/views_item.py | |
| parent | ba26387f09de20d9537d075dcea5221fb3532a5a (diff) | |
| download | Ishtar-bd38a04747e7d4ed4e28dd75ba1b43583d883e65.tar.bz2 Ishtar-bd38a04747e7d4ed4e28dd75ba1b43583d883e65.zip | |
✨ ishtar account sheet
Diffstat (limited to 'ishtar_common/views_item.py')
| -rw-r--r-- | ishtar_common/views_item.py | 62 |
1 files changed, 40 insertions, 22 deletions
diff --git a/ishtar_common/views_item.py b/ishtar_common/views_item.py index 48b83e654..7b10974db 100644 --- a/ishtar_common/views_item.py +++ b/ishtar_common/views_item.py @@ -392,8 +392,12 @@ def show_item(model, name, extra_dct=None, model_for_perms=None, callback=None): if query_own: q = q.filter(query_own).distinct() doc_type = "type" in dct and dct.pop("type") + try: + url = reverse("show-" + name, args=["0", ""]) + except NoReverseMatch: + url = reverse("show-" + name, args=[0]) url_name = ( - "/".join(reverse("show-" + name, args=["0", ""]).split("/")[:-2]) + "/" + "/".join(url.split("/")[:-2]) + "/" ) profile = get_current_profile() sheet_name = name @@ -2203,26 +2207,6 @@ def get_item( ): own = True - query_own = None - if own: - # TODO: verify alt_query_own - """ - if alt_query_own: - query_own = getattr(model, alt_query_own)(q.all()[0]) - else: - query_own = model.get_query_owns(q.all()[0]) - print(query_own) # TODO - get old request to transform them - """ - user_pk = request.user.pk if request else ishtaruser.pk - q = UserObjectPermission.objects.filter( - user_id=user_pk, - permission__codename=f"view_own_{model._meta.model_name}", - content_type=ContentType.objects.get_for_model(model) - ) - query_own = Q( - pk__in=[int(pk) for pk in q.values_list("object_pk", flat=True)] - ) - query_parameters = {} if hasattr(model, "get_query_parameters"): @@ -2329,8 +2313,8 @@ def get_item( request_keys.update(my_extra_request_keys) # manage search on json fields and excluded fields + ishtaruser = request.user.ishtaruser if request else ishtaruser if search_form: - ishtaruser = request.user.ishtaruser if request else ishtaruser available, __, excluded_fields, json_fields = search_form.check_custom_form( ishtaruser ) @@ -2493,6 +2477,40 @@ def get_item( related_name_fields = [query_parameters[k].related_name for k in query_parameters if query_parameters[k].related_name] + # manage own filters + own_key = None + if ishtaruser and ishtaruser.is_ishtaradmin: # admin only... + # force own POV - used by account sheet + for key in ("view_own", "change_own", "delete_own"): + if key in dct_request_items: + own = True + own_key = key + break + query_own = None + if own: + # TODO: verify alt_query_own + """ + if alt_query_own: + query_own = getattr(model, alt_query_own)(q.all()[0]) + else: + query_own = model.get_query_owns(q.all()[0]) + print(query_own) # TODO - get old request to transform them + """ + if own_key: + user_pk = dct_request_items[own_key] + codename = f"{own_key}_{model._meta.model_name}" + else: + user_pk = request.user.pk if request else ishtaruser.pk + codename = f"view_own_{model._meta.model_name}" + q = UserObjectPermission.objects.filter( + user_id=user_pk, + permission__codename=codename, + content_type=ContentType.objects.get_for_model(model) + ) + query_own = Q( + pk__in=[int(pk) for pk in q.values_list("object_pk", flat=True)] + ) + items = None for sub_dct in split_dict(dct): query, exc_query, extras = main_manager( |