class UpdateView(PermissionMixin, WorkflowTemplateResponseMixin, FormsView): form_classes = { # 'form': None, # the form for BaseWFObj should named as form } permission_classes = settings.perform_import( settings.DEFAULT_EDIT_WF_PERMISSION_CLASSES) wf_code = None model = None base_template_name = 'form.html' def get_success_url(self): return reverse('wf_detail', args=(self.object.pinstance.pk, )) def get_context_data(self, **kwargs): kwargs = super().get_context_data(**kwargs) kwargs.update(user_wf_info_as_dict(self.object, self.request.user)) return kwargs def forms_valid(self, **forms): form = forms.pop('form') self.object = form.update_process(self.request) # TODO refactor for form in forms.values(): form.save() return HttpResponseRedirect(self.get_success_url()) def dispatch(self, request, wf_object, *args, **kwargs): self.object = wf_object self.wf_code = wf_object.pinstance.process.code self.check_all_permissions(request, wf_object) return super().dispatch(request, *args, **kwargs)
class DetailView(PermissionMixin, WorkflowTemplateResponseMixin, ContextMixin, View): permission_classes = settings.perform_import( settings.DEFAULT_DETAIL_WF_PERMISSION_CLASSES) base_template_name = 'detail.html' base_print_template_name = 'print.html' def get_base_template_name(self): if self.is_print: return self.base_print_template_name return self.base_template_name def get(self, request, *args, **kwargs): user_wf_info = user_wf_info_as_dict(self.object, request.user) context = self.get_context_data(**user_wf_info) instance = self.object.pinstance if not self.is_print and instance.cur_node.can_edit \ and instance.cur_node.audit_view_type == 'edit' \ and user_wf_info['task'] and instance.cur_node.resolution == 'started': return redirect(reverse('wf_edit', args=[instance.pk])) return self.render_to_response(context) def dispatch(self, request, wf_object, is_print, *args, **kwargs): self.object = wf_object self.is_print = is_print self.wf_code = wf_object.pinstance.process.code self.check_all_permissions(request, wf_object) return super().dispatch(request, *args, **kwargs)
class CreateView(PermissionMixin, WorkflowTemplateResponseMixin, FormsView): form_classes = { # 'form': None, # the form for BaseWFObj should named as form } permission_classes = settings.perform_import( settings.DEFAULT_NEW_WF_PERMISSION_CLASSES) wf_code = None model = None base_template_name = 'form.html' def get_success_url(self): return reverse('wf_detail', args=(self.object.pinstance.pk, )) def get_context_data(self, **kwargs): kwargs = super().get_context_data(**kwargs) kwargs['wf_code'] = self.wf_code kwargs['process'] = get_object_or_404(Process, code=self.wf_code) return kwargs def forms_valid(self, **forms): form = forms.pop('form') self.object = form.save_new_process(self.request, self.wf_code) # TODO refactor, you may update total amount base items for form in forms.values(): form.save() return HttpResponseRedirect(self.get_success_url()) def dispatch(self, request, wf_code, *args, **kwargs): self.wf_code = wf_code process = get_object_or_404(Process, code=wf_code) self.process = process self.check_all_permissions(request, process) return super().dispatch(request, *args, **kwargs)
class PermissionMixin: permission_classes = settings.perform_import( settings.DEFAULT_PERMISSION_CLASSES ) def permission_denied(self, request, message=None): """ If request is not permitted, determine what kind of exception to raise. """ raise PermissionDenied() def get_permissions(self): """ Instantiates and returns the list of permissions that this view requires. """ return [permission() for permission in self.permission_classes] def check_all_permissions(self, request, obj): """ call check_permissions && check_object_permissions """ self.check_permissions(request) self.check_object_permissions(request, obj) def check_permissions(self, request): """ Check if the request should be permitted. Raises an appropriate exception if the request is not permitted. """ for permission in self.get_permissions(): if not permission.has_permission(request, self): self.permission_denied( request, message=getattr(permission, 'message', None) ) def check_object_permissions(self, request, obj): """ Check if the request should be permitted for a given object. Raises an appropriate exception if the request is not permitted. """ for permission in self.get_permissions(): if not permission.has_object_permission(request, self, obj): self.permission_denied( request, message=getattr(permission, 'message', None) )