Commit 88e7ce39 authored by Marjolaine Le Bon's avatar Marjolaine Le Bon
parents 901db129 844e9bf7
Pipeline #10684 passed with stage
in 28 seconds
# Generated by Django 2.2.18 on 2021-02-18 10:45
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('djangoldp_invoice', '0005_auto_20210112_1008'),
]
operations = [
migrations.AlterModelOptions(
name='batch',
options={'default_permissions': ['add', 'change', 'delete', 'view', 'control']},
),
migrations.AlterModelOptions(
name='customerinvoice',
options={'default_permissions': ['add', 'change', 'delete', 'view', 'control']},
),
migrations.AlterModelOptions(
name='freelanceinvoice',
options={'default_permissions': ['add', 'change', 'delete', 'view', 'control']},
),
migrations.AlterModelOptions(
name='task',
options={'default_permissions': ['add', 'change', 'delete', 'view', 'control']},
),
]
......@@ -5,16 +5,11 @@ from decimal import Decimal
from django.conf import settings
from django.db import models
from django.db.models import Sum
from rest_framework.permissions import IsAuthenticated
from djangoldp.models import Model
from djangoldp_project.models import Customer, Project
from djangoldp_invoice.permissions import InvoicePermissions
# TODO : useful?
class Invoice(Model):
class Meta(Model.Meta):
abstract = True
from djangoldp_invoice.views import InvoiceLDPViewSet
class FreelanceInvoice(Model):
......@@ -43,10 +38,11 @@ class FreelanceInvoice(Model):
class Meta(Model.Meta):
container_path = "freelance-invoices/"
rdf_type = "sib:Invoice"
permission_classes = [InvoicePermissions]
permission_classes = [IsAuthenticated]
view_set = InvoiceLDPViewSet
anonymous_perms = []
authenticated_perms = []
owner_perms = []
authenticated_perms = ['inherit', 'view', 'add', 'change']
owner_perms = ['inherit', 'delete', 'control']
def __str__(self):
return '{} ({} / {})'.format(self.freelanceFullname, self.identifier, self.title)
......@@ -87,10 +83,11 @@ class CustomerInvoice(Model):
serializer_fields = ["@id", "identifier", "title", "state", "htAmount", "tvaRate", "invoicingDate",
"tvaAmount", "ttcAmount", "batches", "additionalText", "project", "customer"]
rdf_type = "sib:Invoice"
permission_classes = [InvoicePermissions]
permission_classes = [IsAuthenticated]
view_set = InvoiceLDPViewSet
anonymous_perms = []
authenticated_perms = []
owner_perms = []
authenticated_perms = ['inherit', 'view', 'add', 'change']
owner_perms = ['inherit', 'delete', 'control']
def __str__(self):
return '{} - {} ({})'.format(self.identifier, self.title, self.htAmount())
......@@ -108,7 +105,6 @@ class Batch(Model):
anonymous_perms = ['view']
authenticated_perms = ['inherit', 'add', 'change', 'delete']
owner_perms = ['inherit', 'control']
permission_classes = [InvoicePermissions]
def __str__(self):
return '{} - {} ({} € HT)'.format(self.invoice.title, self.title, self.htAmount())
......@@ -131,7 +127,6 @@ class Task(Model):
anonymous_perms = ['view']
authenticated_perms = ['inherit', 'add', 'change', 'delete']
owner_perms = ['inherit', 'control']
permission_classes = [InvoicePermissions]
def __str__(self):
return '{} - {} ({} € HT)'.format(self.batch.title, self.title, self.htAmount)
from djangoldp.permissions import LDPPermissions
from django.db.models.base import ModelBase
class InvoicePermissions(LDPPermissions):
filter_backends = []
def user_permissions(self, user, obj_or_model, obj=None):
if not user.is_anonymous:
if not isinstance(obj_or_model, ModelBase):
obj = obj_or_model
if obj:
return ['view', 'add', 'change']
return []
import uuid
from djangoldp.serializers import LDListMixin, LDPSerializer
from rest_framework.test import APIRequestFactory, APIClient, APITestCase
from djangoldp_project.models import Project, Member
from djangoldp_invoice.models import Task, Batch, FreelanceInvoice, CustomerInvoice
from djangoldp_invoice.models import CustomerInvoice
from djangoldp_invoice.tests.models import User
......@@ -12,8 +11,6 @@ class TestGET(APITestCase):
def setUp(self):
self.factory = APIRequestFactory()
self.client = APIClient()
LDListMixin.to_representation_cache.reset()
LDPSerializer.to_representation_cache.reset()
def setUpLoggedInUser(self):
self.user = User(email='test@mactest.co.uk', first_name='Test', last_name='Mactest', username='test',
......
import uuid
from djangoldp.serializers import LDListMixin, LDPSerializer
from rest_framework.test import APITestCase, APIClient
from djangoldp_project.models import Project, Member
from djangoldp_invoice.models import Task, Batch, FreelanceInvoice, CustomerInvoice
from djangoldp_invoice.models import Batch, CustomerInvoice
from djangoldp_invoice.tests.models import User
class PermissionsTestCase(APITestCase):
def setUp(self):
self.client = APIClient()
LDListMixin.to_representation_cache.reset()
LDPSerializer.to_representation_cache.reset()
def setUpLoggedInUser(self):
self.user = User(email='test@mactest.co.uk', first_name='Test', last_name='Mactest', username='test',
......@@ -86,7 +83,7 @@ class PermissionsTestCase(APITestCase):
self._get_random_batch(invoice)
response = self.client.get('/customer-invoices/{}/batches/'.format(invoice.pk))
self.assertEqual(response.status_code, 403)
self.assertEqual(response.status_code, 200)
# TODO: https://git.startinblox.com/djangoldp-packages/djangoldp-invoice/issues/11
def test_get_invoice_batches_authenticated(self):
......
from djangoldp.views import LDPViewSet
from rest_framework.response import Response
from rest_framework import status
class InvoiceLDPViewSet(LDPViewSet):
def list(self, request, *args, **kwargs):
'''overridden so that it can only be accessed from a nested field, not globally'''
if not hasattr(self, 'nested_field'):
return Response({}, status=status.HTTP_403_FORBIDDEN)
return super().list(request, *args, **kwargs)
......@@ -10,7 +10,7 @@ license = MIT
[options]
packages = find:
install_requires =
djangoldp>=2
djangoldp>=2.1
djangoldp_project>=2
[semantic_release]
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment