init

2023-05-16 17:14:16 +03:00
commit c17da7eaab
157 changed files with 14503 additions and 0 deletions
--- a/AuthApp/api/api_permissions.py
+++ b/AuthApp/api/api_permissions.py
@@ -0,0 +1,76 @@
+# coding=utf-8
+from rest_framework.permissions import BasePermission
+from rest_framework.exceptions import PermissionDenied
+from tEDataProj.inter import check_user_key_inter
+
+
+class Auth_API_perms(BasePermission):
+    """
+    Allows access only users w full access.
+    """
+
+    def has_permission(self, request, view):
+
+        if not request.user or request.user.is_anonymous or not request.user.is_active:
+            return False
+
+        # auth_data = request.query_params
+        # if not check_user_key_inter(auth_data):
+        #     raise PermissionDenied(code=403)
+
+        user = request.user
+        groups = user.groups.all()
+
+        groups_name_list = groups.values_list('name', flat=True)
+
+        if u'API 1С импорт' in groups_name_list:
+            return False
+
+        if view.basename == u'user':
+            # if view.action in ('get_subordinate_staff',):
+            #     return True
+
+            if view.action in (
+                    'get_sales_department_staff',) and u'Отдел продаж: Начальник отдела продаж' in groups_name_list:
+                return True
+
+            if view.action in ('create',):
+                perm = user.has_perm('AuthApp.UI_managers_create')
+                return perm
+
+            if view.action in ('update', 'partial_update', 'add_communication_item'):
+                perm = user.has_perm('AuthApp.UI_managers_modify')
+                return perm
+
+            if view.action in ('destroy',):
+                perm = user.has_perm('AuthApp.UI_managers_delete')
+                return perm
+
+            if view.action in (
+                    'retrieve', 'list', 'list_by_company_id', 'list_by_office_id', 'get_subordinate_staff',
+                    'get_all_staff'):
+                perm = user.has_perm('AuthApp.UI_managers_retrieve')
+                return perm
+
+            if view.action in ('get_sales_stat_by_productid', 'stat_list'):
+                perm = user.has_perm('AuthApp.UI_managers_all_stat') or user.has_perm('AuthApp.UI_managers_self_stat')
+                return perm
+
+        # if view.basename == u'userprofile':
+        #
+        #     if view.action in ('create',):
+        #         perm = user.has_perm('AuthApp.add_userprofile')
+        #         return perm
+        #
+        #     if view.action in ('update', 'partial_update'):
+        #         perm = user.has_perm('AuthApp.change_userprofile')
+        #         return perm
+        #
+        #     if view.action in ('destroy',):
+        #         perm = user.has_perm('AuthApp.delete_userprofile')
+        #         return perm
+        #
+        #     if view.action in ('retrieve', 'list'):
+        #         return True
+
+        return False