diff options
| author | Mitch Riedstra <mitch@riedstra.us> | 2017-11-01 00:10:47 -0400 |
|---|---|---|
| committer | Mitch Riedstra <mitch@riedstra.us> | 2017-11-01 00:10:47 -0400 |
| commit | e4d865b1a61f6a72551e70abad78c6c35b9345e7 (patch) | |
| tree | 7173d343aa38586b2ce8e9205e0e6f7fd6cd6564 | |
| parent | b7d282a8ba5f0ed6c773989c96c2182257cc69a5 (diff) | |
| download | dispatch-tracker-e4d865b1a61f6a72551e70abad78c6c35b9345e7.tar.gz dispatch-tracker-e4d865b1a61f6a72551e70abad78c6c35b9345e7.tar.xz | |
Fix user permissions. Hide generate invoice on the summary page if it is empty. Hide load delete option from regular users as they don't have permission anyway
| -rw-r--r-- | README.md | 8 | ||||
| -rw-r--r-- | app/dispatch/templates/dispatch/drivers/summary.html | 3 | ||||
| -rw-r--r-- | app/dispatch/templates/dispatch/loads/detail.html | 4 | ||||
| -rw-r--r-- | app/dispatch/views.py | 71 |
4 files changed, 67 insertions, 19 deletions
@@ -1,18 +1,20 @@ # dispatch-tracker +TODO: + + * Friendly Error pages + + Requirements going forward: - * Users still can't edit their own profiles? * Pagination for the Invoices page * Settings: * `default_bill_to` must be set - * Identity Edit page needs a little bit of work for regular users * Upload Invoice logos on Identity Objects for use in Invoices * Change "user" to Vendor on the "Add Load Page" * Change Name To "Load Pay System" -- we're going to think about it * Freight Invoicing System - * Weekly Total Invoices from the Company(Driver) to software owner * /loads * Give a warning when any loads don't have paperwork attached to them * Make loads without paperwork blue diff --git a/app/dispatch/templates/dispatch/drivers/summary.html b/app/dispatch/templates/dispatch/drivers/summary.html index d849e9d..5da7d3c 100644 --- a/app/dispatch/templates/dispatch/drivers/summary.html +++ b/app/dispatch/templates/dispatch/drivers/summary.html @@ -10,6 +10,8 @@ </div> </div> +<!-- don't show the invoice button if we don't have any loads lol --> +{% if loads_nosplit.all %} <div class="row"> <div class="col s12"> <div class="right-align"> @@ -17,6 +19,7 @@ </div> </div> </div> +{% endif %} {% if not request.user.is_superuser %} <div class="row"> diff --git a/app/dispatch/templates/dispatch/loads/detail.html b/app/dispatch/templates/dispatch/loads/detail.html index 5be54a1..288fdd8 100644 --- a/app/dispatch/templates/dispatch/loads/detail.html +++ b/app/dispatch/templates/dispatch/loads/detail.html @@ -10,11 +10,15 @@ </div> <div class="col s6"> <div class="right-align"> + {% if request.user.is_superuser %} <form action="{% url 'load_delete' object.id %}" id="load_delete" method="POST"> {% csrf_token %} <a class="btn red" href="#" onClick="warn_submit('Are you sure?\nThis cannot be undone!', '#load_delete')">Delete</a> <a class="btn blue" href="{% url 'load_edit' object.id %}">Edit</a> </form> + {% else %} + <a class="btn blue" href="{% url 'load_edit' object.id %}">Edit</a> + {% endif %} </div> </div> </div> diff --git a/app/dispatch/views.py b/app/dispatch/views.py index 95aff28..918cf0d 100644 --- a/app/dispatch/views.py +++ b/app/dispatch/views.py @@ -158,11 +158,18 @@ class DriverUpdate(UserPassesTestMixin, UpdateView): superuser_fields = ['username', 'first_name', 'last_name', 'email', 'is_active', 'is_superuser'] - def get(self, request, *args, **kwargs): - if request.user.is_superuser: + def set_fields(self, user): + if user.is_superuser: self.fields = self.superuser_fields else: self.fields = self.default_fields + + def post(self, request, *args, **kwargs): + self.set_fields(request.user) + return super(DriverUpdate, self).post(request) + + def get(self, request, *args, **kwargs): + self.set_fields(request.user) return super(DriverUpdate, self).get(request) def get_context_data(self, **kwargs): @@ -247,16 +254,23 @@ class LoadCreate(CreateView): model = Load fields = [] - defualt_fields = ['date', 'customer', 'description', 'delivered_to', + default_fields = ['date', 'customer', 'description', 'delivered_to', 'amount'] superuser_fields = ['user', 'date', 'customer', 'description', 'delivered_to', 'amount'] - def get(self, request): - if request.user.is_superuser: + def set_fields(self, user): + if user.is_superuser: self.fields = self.superuser_fields else: self.fields = self.default_fields + + def post(self, request): + self.set_fields(request.user) + return super(LoadCreate, self).post(request) + + def get(self, request): + self.set_fields(request.user) return super(LoadCreate, self).get(request) def form_valid(self, form): @@ -289,11 +303,18 @@ class LoadUpdate(FilteredUpdateView): superuser_fields = ['user', 'date', 'customer', 'description', 'delivered_to', 'amount'] - def get(self, request, pk): - if request.user.is_superuser: + def set_fields(self, user): + if user.is_superuser: self.fields = self.superuser_fields else: self.fields = self.default_fields + + def post(self, request, pk): + self.set_fields(request.user) + return super(LoadUpdate, self).post(request) + + def get(self, request, pk): + self.set_fields(request.user) return super(LoadUpdate, self).get(request) def form_valid(self, form): @@ -381,14 +402,18 @@ class UserInvoiceNumberUpdate(UserPassesTestMixin, UpdateView): default_fields = ['number'] superuser_fields = ['number', 'user'] - def get(self, request, *args, **kwargs): - if request.user.is_superuser: - # self.fields.insert(1,'user') + def set_fields(self, user): + if user.is_superuser: self.fields = self.superuser_fields - # print('Is superuser\nFields: {}'.format(self.fields)) else: self.fields = self.default_fields - # print('Is not superuser\nFields: {}'.format(self.fields)) + + def post(self, request, *args, **kwargs): + self.set_fields(request.user) + return super(UserInvoiceNumberUpdate, self).post(request) + + def get(self, request, *args, **kwargs): + self.set_fields(request.user) return super(UserInvoiceNumberUpdate, self).get(request) def test_func(self): @@ -418,11 +443,18 @@ class IdentityCreate(UserPassesTestMixin, CreateView): default_fields = ['name', 'address', 'city', 'state', 'zip_code'] superuser_fields = ['user', 'name', 'address', 'city', 'state', 'zip_code'] - def get(self, request, *args, **kwargs): - if request.user.is_superuser: + def set_fields(self, user): + if user.is_superuser: self.fields = self.superuser_fields else: self.fields = self.default_fields + + def post(self, request, *args, **kwargs): + self.set_fields(request.user) + return super(IdentityCreate, self).post(request) + + def get(self, request, *args, **kwargs): + self.set_fields(request.user) return super(IdentityCreate, self).get(request) def test_func(self): @@ -438,11 +470,18 @@ class IdentityUpdate(UserPassesTestMixin, UpdateView): default_fields = ['name', 'address', 'city', 'state', 'zip_code'] superuser_fields = ['user', 'name', 'address', 'city', 'state', 'zip_code'] - def get(self, request, *args, **kwargs): - if request.user.is_superuser: + def set_fields(self, user): + if user.is_superuser: self.fields = self.superuser_fields else: self.fields = self.default_fields + + def post(self, request, *args, **kwargs): + self.set_fields(request.user) + return super(IdentityUpdate, self).post(request) + + def get(self, request, *args, **kwargs): + self.set_fields(request.user) return super(IdentityUpdate, self).get(request) def test_func(self): |