62 lines
2.1 KiB
Python
62 lines
2.1 KiB
Python
from django.contrib.auth.models import Permission
|
|
from django.contrib.contenttypes.models import ContentType
|
|
from booking.models import Event, Reservation, MarketSlot, Square
|
|
from product.models import Product, EventProduct
|
|
from servicedesk.models import ServiceTicket
|
|
from django.contrib.auth import get_user_model
|
|
|
|
import logging
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
def assign_permissions_based_on_role(user):
|
|
role_perms = {
|
|
"cityClerk": {
|
|
"view": [Event, Reservation, MarketSlot, get_user_model(), Product, EventProduct, ServiceTicket],
|
|
"add": [Reservation, get_user_model()],
|
|
"change": [Reservation, get_user_model()],
|
|
# "delete": [Reservation],
|
|
},
|
|
"squareManager": {
|
|
"view": [Event, MarketSlot, Square, Product, EventProduct],
|
|
"add": [Event, MarketSlot, Square, Product, EventProduct],
|
|
"change": [Event, MarketSlot, Square, Product, EventProduct],
|
|
},
|
|
# "admin": {
|
|
# "view": [Event, Reservation, get_user_model()],
|
|
# "add": [Event, Reservation],
|
|
# "change": [Event, Reservation],
|
|
# "delete": [Event, Reservation],
|
|
# },
|
|
# etc.
|
|
"admin": "all", # Mark this role specially
|
|
}
|
|
|
|
if not user.role:
|
|
logger.info("User has no role set")
|
|
return
|
|
|
|
if user.role == "admin":
|
|
user.is_staff = True
|
|
user.is_superuser = True
|
|
# user.save()
|
|
return
|
|
|
|
# Reset in case role changed away from admin
|
|
user.is_superuser = False
|
|
|
|
|
|
perms_for_role = role_perms.get(user.role, {})
|
|
|
|
|
|
for action, models in perms_for_role.items():
|
|
for model in models:
|
|
content_type = ContentType.objects.get_for_model(model)
|
|
codename = f"{action}_{model._meta.model_name}"
|
|
try:
|
|
permission = Permission.objects.get(codename=codename, content_type=content_type)
|
|
user.user_permissions.add(permission)
|
|
except Permission.DoesNotExist:
|
|
# You may log this
|
|
pass
|
|
# user.save() |