init

2025-10-02 00:54:34 +02:00
commit 84b34c9615
200 changed files with 42048 additions and 0 deletions
--- a/backend/account/utils.py
+++ b/backend/account/utils.py
@@ -0,0 +1,62 @@
+from django.contrib.auth.models import Permission
+from django.contrib.contenttypes.models import ContentType
+from booking.models import Event, Reservation, MarketSlot, Square
+from product.models import Product, EventProduct
+from servicedesk.models import ServiceTicket
+from django.contrib.auth import get_user_model
+
+import logging
+
+logger = logging.getLogger(__name__)
+
+def assign_permissions_based_on_role(user):
+    role_perms = {
+        "cityClerk": {
+            "view": [Event, Reservation, MarketSlot, get_user_model(), Product, EventProduct, ServiceTicket],
+            "add": [Reservation, get_user_model()],
+            "change": [Reservation, get_user_model()],
+            # "delete": [Reservation],
+        },
+        "squareManager": {
+            "view": [Event, MarketSlot, Square, Product, EventProduct],
+            "add": [Event, MarketSlot, Square, Product, EventProduct],
+            "change": [Event, MarketSlot, Square, Product, EventProduct],
+        },
+        # "admin": {
+        #     "view": [Event,  Reservation,  get_user_model()],
+        #     "add": [Event,  Reservation],
+        #     "change": [Event,  Reservation],
+        #     "delete": [Event,  Reservation],
+        # },
+        # etc.
+            "admin": "all",  # Mark this role specially
+    }
+
+    if not user.role:
+        logger.info("User has no role set")
+        return
+
+    if user.role == "admin":
+        user.is_staff = True
+        user.is_superuser = True
+        # user.save()
+        return
+
+    # Reset in case role changed away from admin
+    user.is_superuser = False
+    
+    
+    perms_for_role = role_perms.get(user.role, {})
+
+
+    for action, models in perms_for_role.items():
+        for model in models:
+            content_type = ContentType.objects.get_for_model(model)
+            codename = f"{action}_{model._meta.model_name}"
+            try:
+                permission = Permission.objects.get(codename=codename, content_type=content_type)
+                user.user_permissions.add(permission)
+            except Permission.DoesNotExist:
+                # You may log this
+                pass
+    # user.save()