From 801017f316e2f5ffe538416d9ef897de9347fa1a Mon Sep 17 00:00:00 2001 From: Adam Goldsmith Date: Thu, 12 Dec 2024 11:14:44 -0500 Subject: [PATCH] doorcontrol: Add permissions requirements for assigning NFC cards --- .../migrations/0004_alter_door_options.py | 21 +++++++++++++++++++ doorcontrol/models.py | 3 +++ doorcontrol/views.py | 7 +++++-- 3 files changed, 29 insertions(+), 2 deletions(-) create mode 100644 doorcontrol/migrations/0004_alter_door_options.py diff --git a/doorcontrol/migrations/0004_alter_door_options.py b/doorcontrol/migrations/0004_alter_door_options.py new file mode 100644 index 0000000..5060bae --- /dev/null +++ b/doorcontrol/migrations/0004_alter_door_options.py @@ -0,0 +1,21 @@ +# Generated by Django 5.1.4 on 2024-12-12 16:14 + +from django.db import migrations + + +class Migration(migrations.Migration): + dependencies = [ + ( + "doorcontrol", + "0003_attributeschedulerule_name_flagschedulerule_name_and_more", + ), + ] + + operations = [ + migrations.AlterModelOptions( + name="door", + options={ + "permissions": [("assign_nfc_card", "Assign NFC cards to members.")] + }, + ), + ] diff --git a/doorcontrol/models.py b/doorcontrol/models.py index 86180a8..c9a952e 100644 --- a/doorcontrol/models.py +++ b/doorcontrol/models.py @@ -22,6 +22,9 @@ class Door(models.Model): help_text="Membershipworks field that grants members access to this door", ) + class Meta: + permissions = [("assign_nfc_card", "Assign NFC cards to members.")] + def __str__(self): return self.name diff --git a/doorcontrol/views.py b/doorcontrol/views.py index b09d441..805a38b 100644 --- a/doorcontrol/views.py +++ b/doorcontrol/views.py @@ -3,6 +3,7 @@ import itertools from typing import TYPE_CHECKING, Any from django.conf import settings +from django.contrib.auth.decorators import login_required, permission_required from django.contrib.auth.mixins import PermissionRequiredMixin from django.contrib.postgres.aggregates import StringAgg from django.core.exceptions import BadRequest @@ -320,6 +321,8 @@ def update_access_users() -> list[FullUser]: return list(access_client.fetch_all_users__unpaged()) +@login_required +@permission_required("doorcontrol.assign_nfc_card", raise_exception=True) def assign_nfc_card_user_selector(request: HttpRequest): template_name = "doorcontrol/assign_nfc_card_user_selector.dj.html" task_group = "update_access_users" @@ -396,10 +399,10 @@ class AssignNfcCardStatus(BaseModel): ) -class AssignNfcCardView(TemplateView): +class AssignNfcCardView(PermissionRequiredMixin, TemplateView): # for storage in request.session ENROLLMENT_STATUS_SESSION_KEY = "unifi_access_enrollment_status" - + requires_permission = "doorcontrol.assign_nfc_card" template_name = "doorcontrol/assign_nfc_card.dj.html" def get_template_names(self) -> list[str]: