-
-
Save elcolie/bbeb00f41db0c7884cee34c6bccaf5f9 to your computer and use it in GitHub Desktop.
Business Permission Model and ModelManager
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import logging | |
import typing | |
from dirtyfields import DirtyFieldsMixin | |
from django.conf import settings | |
from django.contrib.auth.models import Permission | |
from django.db import models | |
from django.utils.translation import ugettext_lazy as _ | |
from djchoices import DjangoChoices, ChoiceItem | |
from poinkbackend.apps.commons.models import AbstractTimestamp | |
from poinkbackend.apps.roles.models import Role | |
logger = logging.getLogger('django') | |
class BusinessPermissionManager(models.Manager): | |
def __add_perms(self, role: Role, type_name: ChoiceItem, | |
description: str, codenames: typing.List[str]): | |
"""General function""" | |
instance = CompanyPermission.objects.create( | |
name=type_name, | |
description=description, | |
role=role, | |
) | |
perms = Permission.objects.filter(codename__in=codenames) | |
for perm in perms: | |
role.group.permissions.add(perm) | |
return instance | |
# TODO: Get more requirements | |
def __analytic(self, role: Role = None): | |
""" | |
Unknown yet the project is on going. Buddha help me! | |
:param role: | |
:return: | |
""" | |
instance = CompanyPermission.objects.create( | |
name=CompanyPermission.PermissionType.analytic, | |
description=_(f'Can see analytic'), | |
role=role, | |
) | |
# No model. Just simply return the instance | |
return instance | |
def __support(self, role: Role = None): | |
return self.__add_perms( | |
role, | |
CompanyPermission.PermissionType.support, | |
_(f'Can chat to user and see user profile'), # Unable to put into base.py because of translation | |
settings.COMPANY_PERMISSIONS.get('support'), | |
) | |
def __reward(self, role: Role = None): | |
return self.__add_perms( | |
role, | |
CompanyPermission.PermissionType.manage_reward, | |
_(f"Add , edit , remove reward this setting will display reward list in customer's app"), | |
settings.COMPANY_PERMISSIONS.get('reward'), | |
) | |
def __redeem(self, role: Role = None): | |
return self.__add_perms( | |
role, | |
CompanyPermission.PermissionType.redeem_reward, | |
_(f'Redeem reward from customer'), | |
settings.COMPANY_PERMISSIONS.get('redeem'), | |
) | |
def __revise_reward(self, role: Role = None): | |
return self.__add_perms( | |
role, | |
CompanyPermission.PermissionType.revise_reward, | |
_(f'Revise customer reward'), | |
settings.COMPANY_PERMISSIONS.get('revise_reward'), | |
) | |
def __give_poink(self, role: Role = None): | |
return self.__add_perms( | |
role, | |
CompanyPermission.PermissionType.give_poink, | |
_(f'Give poink to customer'), | |
settings.COMPANY_PERMISSIONS.get('give_poink'), | |
) | |
def __revise_customer_poink(self, role: Role = None): | |
return self.__add_perms( | |
role, | |
CompanyPermission.PermissionType.revise_poink, | |
_(f'Revise customer poink'), | |
settings.COMPANY_PERMISSIONS.get('revise_customer_poink'), | |
) | |
def __news(self, role: Role = None): | |
return self.__add_perms( | |
role, | |
CompanyPermission.PermissionType.post_news, | |
_(f'add / edit / remove news '), | |
settings.COMPANY_PERMISSIONS.get('news'), | |
) | |
def __team(self, role: Role = None): | |
return self.__add_perms( | |
role, | |
CompanyPermission.PermissionType.team, | |
_(f"add / edit / remove team member based on role level's hierarchy"), | |
settings.COMPANY_PERMISSIONS.get('team'), | |
) | |
def __role(self, role: Role = None): | |
return self.__add_perms( | |
role, | |
CompanyPermission.PermissionType.role, | |
_(f"assign role to team member"), | |
settings.COMPANY_PERMISSIONS.get('role'), | |
) | |
def __feedback(self, role: Role = None): | |
return self.__add_perms( | |
role, | |
CompanyPermission.PermissionType.feedback, | |
_(f"add /edit / remove feedback"), | |
settings.COMPANY_PERMISSIONS.get('feedback'), | |
) | |
""" | |
Start methods | |
""" | |
def add_support(self, role: Role = None): | |
self.__support(role=role) | |
def add_front(self, role: Role = None): | |
self.__redeem(role=role) | |
self.__give_poink(role=role) | |
def add_manager(self, role: Role = None): | |
self.__redeem(role=role) | |
self.__revise_customer_poink(role=role) | |
self.__give_poink(role=role) | |
self.__revise_reward(role=role) | |
self.__team(role=role) | |
def add_admin(self, role: Role = None): | |
self.__analytic(role=role) | |
self.__support(role=role) | |
self.__reward(role=role) | |
self.__redeem(role=role) | |
self.__revise_reward(role=role) | |
self.__give_poink(role=role) | |
self.__revise_customer_poink(role=role) | |
self.__news(role=role) | |
self.__team(role=role) | |
self.__role(role=role) | |
self.__feedback(role=role) | |
class CompanyPermission(DirtyFieldsMixin, models.Model): | |
class PermissionType(DjangoChoices): | |
""" | |
LHS is Permission name | |
RHS is Description | |
""" | |
analytic = ChoiceItem(_(f'Analytic Permission')) | |
support = ChoiceItem(_(f'Support Permission')) | |
manage_reward = ChoiceItem(_(f'Manage Reward Permission')) | |
redeem_reward = ChoiceItem(_(f'Redeem Reward Permission')) | |
revise_reward = ChoiceItem(_(f'Revise Reward Permission')) | |
manage_poink = ChoiceItem(_(f'Manage Poink Permission')) | |
give_poink = ChoiceItem(_(f'Give Poink Permission')) | |
revise_poink = ChoiceItem(_(f'Revise Poink Permission')) | |
post_news = ChoiceItem(_(f'Post News Permission')) | |
team = ChoiceItem(_(f'Team Permission')) | |
role = ChoiceItem(_(f'Role Permission')) | |
feedback = ChoiceItem(_(f'Feedback Permission')) | |
name = models.CharField(max_length=100, choices=PermissionType.choices) | |
description = models.TextField(null=True, blank=True) | |
is_active = models.BooleanField(default=True) | |
role = models.ForeignKey(Role, related_name='permissions', on_delete=models.CASCADE) | |
objects = BusinessPermissionManager() | |
def __str__(self): | |
return f'{self.name}-{self.role}' | |
""" | |
If instance got dirty at field is_active | |
""" | |
# TODO: Refactor and move to ModelManager layer | |
def __support(self): | |
""" | |
Add/Revoke Django permission on Support Group/Role | |
:return: | |
""" | |
if self.name == CompanyPermission.PermissionType.support and 'is_active' in self.get_dirty_fields().keys(): | |
logger.info(f'CompanyPermission id: {self.id} {self.name} changed to {self.is_active}') | |
if self.is_active: | |
# Add permission | |
perms = Permission.objects.filter(codename='view_userprofile').first() | |
self.role.group.permissions.add(perms) | |
else: | |
# Revoke permission | |
perms = Permission.objects.filter(codename='view_userprofile').first() | |
self.role.group.permissions.remove(perms) | |
# TODO: Add another Roles | |
def save(self, force_insert=False, force_update=False, using=None, | |
update_fields=None): | |
self.__support() | |
instance = super().save(force_insert=False, force_update=False, using=None, | |
update_fields=None) | |
return instance |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment