From bd38a04747e7d4ed4e28dd75ba1b43583d883e65 Mon Sep 17 00:00:00 2001 From: Étienne Loks Date: Tue, 5 Nov 2024 12:12:30 +0100 Subject: ✨ ishtar account sheet MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ishtar_common/views_item.py | 62 +++++++++++++++++++++++++++++---------------- 1 file changed, 40 insertions(+), 22 deletions(-) (limited to 'ishtar_common/views_item.py') diff --git a/ishtar_common/views_item.py b/ishtar_common/views_item.py index 48b83e654..7b10974db 100644 --- a/ishtar_common/views_item.py +++ b/ishtar_common/views_item.py @@ -392,8 +392,12 @@ def show_item(model, name, extra_dct=None, model_for_perms=None, callback=None): if query_own: q = q.filter(query_own).distinct() doc_type = "type" in dct and dct.pop("type") + try: + url = reverse("show-" + name, args=["0", ""]) + except NoReverseMatch: + url = reverse("show-" + name, args=[0]) url_name = ( - "/".join(reverse("show-" + name, args=["0", ""]).split("/")[:-2]) + "/" + "/".join(url.split("/")[:-2]) + "/" ) profile = get_current_profile() sheet_name = name @@ -2203,26 +2207,6 @@ def get_item( ): own = True - query_own = None - if own: - # TODO: verify alt_query_own - """ - if alt_query_own: - query_own = getattr(model, alt_query_own)(q.all()[0]) - else: - query_own = model.get_query_owns(q.all()[0]) - print(query_own) # TODO - get old request to transform them - """ - user_pk = request.user.pk if request else ishtaruser.pk - q = UserObjectPermission.objects.filter( - user_id=user_pk, - permission__codename=f"view_own_{model._meta.model_name}", - content_type=ContentType.objects.get_for_model(model) - ) - query_own = Q( - pk__in=[int(pk) for pk in q.values_list("object_pk", flat=True)] - ) - query_parameters = {} if hasattr(model, "get_query_parameters"): @@ -2329,8 +2313,8 @@ def get_item( request_keys.update(my_extra_request_keys) # manage search on json fields and excluded fields + ishtaruser = request.user.ishtaruser if request else ishtaruser if search_form: - ishtaruser = request.user.ishtaruser if request else ishtaruser available, __, excluded_fields, json_fields = search_form.check_custom_form( ishtaruser ) @@ -2493,6 +2477,40 @@ def get_item( related_name_fields = [query_parameters[k].related_name for k in query_parameters if query_parameters[k].related_name] + # manage own filters + own_key = None + if ishtaruser and ishtaruser.is_ishtaradmin: # admin only... + # force own POV - used by account sheet + for key in ("view_own", "change_own", "delete_own"): + if key in dct_request_items: + own = True + own_key = key + break + query_own = None + if own: + # TODO: verify alt_query_own + """ + if alt_query_own: + query_own = getattr(model, alt_query_own)(q.all()[0]) + else: + query_own = model.get_query_owns(q.all()[0]) + print(query_own) # TODO - get old request to transform them + """ + if own_key: + user_pk = dct_request_items[own_key] + codename = f"{own_key}_{model._meta.model_name}" + else: + user_pk = request.user.pk if request else ishtaruser.pk + codename = f"view_own_{model._meta.model_name}" + q = UserObjectPermission.objects.filter( + user_id=user_pk, + permission__codename=codename, + content_type=ContentType.objects.get_for_model(model) + ) + query_own = Q( + pk__in=[int(pk) for pk in q.values_list("object_pk", flat=True)] + ) + items = None for sub_dct in split_dict(dct): query, exc_query, extras = main_manager( -- cgit v1.2.3