From e4d865b1a61f6a72551e70abad78c6c35b9345e7 Mon Sep 17 00:00:00 2001
From: Mitch Riedstra <mitch@riedstra.us>
Date: Wed, 1 Nov 2017 00:10:47 -0400
Subject: Fix user permissions. Hide generate invoice on the summary page if it
 is empty. Hide load delete option from regular users as they don't have
 permission anyway

---
 app/dispatch/views.py | 71 +++++++++++++++++++++++++++++++++++++++------------
 1 file changed, 55 insertions(+), 16 deletions(-)

(limited to 'app/dispatch/views.py')

diff --git a/app/dispatch/views.py b/app/dispatch/views.py
index 95aff28..918cf0d 100644
--- a/app/dispatch/views.py
+++ b/app/dispatch/views.py
@@ -158,11 +158,18 @@ class DriverUpdate(UserPassesTestMixin, UpdateView):
     superuser_fields = ['username', 'first_name', 'last_name', 'email',
                         'is_active', 'is_superuser']
 
-    def get(self, request, *args, **kwargs):
-        if request.user.is_superuser:
+    def set_fields(self, user):
+        if user.is_superuser:
             self.fields = self.superuser_fields
         else:
             self.fields = self.default_fields
+
+    def post(self, request, *args, **kwargs):
+        self.set_fields(request.user)
+        return super(DriverUpdate, self).post(request)
+
+    def get(self, request, *args, **kwargs):
+        self.set_fields(request.user)
         return super(DriverUpdate, self).get(request)
 
     def get_context_data(self, **kwargs):
@@ -247,16 +254,23 @@ class LoadCreate(CreateView):
     model = Load
     fields = []
 
-    defualt_fields = ['date', 'customer', 'description', 'delivered_to',
+    default_fields = ['date', 'customer', 'description', 'delivered_to',
                       'amount']
     superuser_fields = ['user', 'date', 'customer', 'description',
                         'delivered_to', 'amount']
 
-    def get(self, request):
-        if request.user.is_superuser:
+    def set_fields(self, user):
+        if user.is_superuser:
             self.fields = self.superuser_fields
         else:
             self.fields = self.default_fields
+
+    def post(self, request):
+        self.set_fields(request.user)
+        return super(LoadCreate, self).post(request)
+
+    def get(self, request):
+        self.set_fields(request.user)
         return super(LoadCreate, self).get(request)
 
     def form_valid(self, form):
@@ -289,11 +303,18 @@ class LoadUpdate(FilteredUpdateView):
     superuser_fields = ['user', 'date', 'customer', 'description',
                         'delivered_to', 'amount']
 
-    def get(self, request, pk):
-        if request.user.is_superuser:
+    def set_fields(self, user):
+        if user.is_superuser:
             self.fields = self.superuser_fields
         else:
             self.fields = self.default_fields
+
+    def post(self, request, pk):
+        self.set_fields(request.user)
+        return super(LoadUpdate, self).post(request)
+
+    def get(self, request, pk):
+        self.set_fields(request.user)
         return super(LoadUpdate, self).get(request)
 
     def form_valid(self, form):
@@ -381,14 +402,18 @@ class UserInvoiceNumberUpdate(UserPassesTestMixin, UpdateView):
     default_fields = ['number']
     superuser_fields = ['number', 'user']
 
-    def get(self, request, *args, **kwargs):
-        if request.user.is_superuser:
-            # self.fields.insert(1,'user')
+    def set_fields(self, user):
+        if user.is_superuser:
             self.fields = self.superuser_fields
-            # print('Is superuser\nFields: {}'.format(self.fields))
         else:
             self.fields = self.default_fields
-            # print('Is not superuser\nFields: {}'.format(self.fields))
+
+    def post(self, request, *args, **kwargs):
+        self.set_fields(request.user)
+        return super(UserInvoiceNumberUpdate, self).post(request)
+
+    def get(self, request, *args, **kwargs):
+        self.set_fields(request.user)
         return super(UserInvoiceNumberUpdate, self).get(request)
 
     def test_func(self):
@@ -418,11 +443,18 @@ class IdentityCreate(UserPassesTestMixin, CreateView):
     default_fields = ['name', 'address', 'city', 'state', 'zip_code']
     superuser_fields = ['user', 'name', 'address', 'city', 'state', 'zip_code']
 
-    def get(self, request, *args, **kwargs):
-        if request.user.is_superuser:
+    def set_fields(self, user):
+        if user.is_superuser:
             self.fields = self.superuser_fields
         else:
             self.fields = self.default_fields
+
+    def post(self, request, *args, **kwargs):
+        self.set_fields(request.user)
+        return super(IdentityCreate, self).post(request)
+
+    def get(self, request, *args, **kwargs):
+        self.set_fields(request.user)
         return super(IdentityCreate, self).get(request)
 
     def test_func(self):
@@ -438,11 +470,18 @@ class IdentityUpdate(UserPassesTestMixin, UpdateView):
     default_fields = ['name', 'address', 'city', 'state', 'zip_code']
     superuser_fields = ['user', 'name', 'address', 'city', 'state', 'zip_code']
 
-    def get(self, request, *args, **kwargs):
-        if request.user.is_superuser:
+    def set_fields(self, user):
+        if user.is_superuser:
             self.fields = self.superuser_fields
         else:
             self.fields = self.default_fields
+
+    def post(self, request, *args, **kwargs):
+        self.set_fields(request.user)
+        return super(IdentityUpdate, self).post(request)
+
+    def get(self, request, *args, **kwargs):
+        self.set_fields(request.user)
         return super(IdentityUpdate, self).get(request)
 
     def test_func(self):
-- 
cgit v1.2.3