def post(self, request, **kwargs):
"""POST request handler for Create operation"""
model = get_model(**kwargs)
form = get_form_instance(**kwargs)(request.POST)
app_title = get_request_params('app_name', **kwargs)
if form.is_valid():
instance = model(**form.cleaned_data)
if instance.is_initial:
instance.initiate_request(request.user, app_title)
else:
instance.assign_task(
get_request_params('pk', **kwargs))
instance.task.initiate()
return HttpResponseRedirect(
reverse('update', args=(
app_title, instance.title, instance.id)))
else:
context = {
'form': form,
'error_message': get_errors(form.errors)
}
return render(request, 'core/create.html', context)
def dispatch(self, request, *args, **kwargs):
"""Overriding dispatch on DeleteView"""
self.model = get_model(**kwargs)
self.success_url = reverse_lazy(
'workflow-detail', args=[get_request_params('app_name', **kwargs)])
return super(DeleteActivity, self).dispatch(request, *args, **kwargs)
def check(self, request, **kwargs):
"""
- Super user can perform all activities
- Requester can view all activities
- Assignee can view all assigned activities
- Assignee can initiate activity operation
- Assignee can update activity details
- Historical activities cannot be updated
- TODO: Entire request can be deleted
*assignee: Users who belong to a Group configured to play
a specific role in the Business Process
"""
model = get_model(**kwargs)
view = self.__class__.__name__
user = request.user
groups = list(user.groups.all())
if self.request.user.is_superuser:
return
def assignee_check():
"""Checks if logged-in user is task assignee"""
return model.objects.filter(task__assignee__in=groups).count() == 0
def check_for_view():
"""Check for view/display operation"""
return model.objects.filter(
Q(task__assignee__in=groups) |
Q(task__request__requester=user)
).count() == 0
def check_for_create():
"""Check for create/initiate operation"""
module = get_request_params('app_name', request, **kwargs)
flow = flow_config(module).FLOW
initial = flow_config(module).INITIAL
identifier = get_request_params(
'pk', request, **kwargs)
activity = initial if identifier == REQUEST_IDENTIFIER \
else Task.objects.get(id=identifier).activity_ref
return flow[activity]['role'] not in [
group.name for group in groups]
def check_for_update():
"""Check for update/revise operation"""
return any([
assignee_check(),
not self.task.can_revise_activity if hasattr(
self, 'task') else False
])
return render(
request, 'core/denied.html') if {
'ViewActivity': check_for_view,
'CreateActivity': check_for_create,
'UpdateActivity': check_for_update,
}.get(view)() else None
def dispatch(self, request, *args, **kwargs):
"""Overriding dispatch on DeleteView"""
self.model = get_model(**kwargs)
self.success_url = reverse_lazy(
'workflow-detail', args=[get_request_params(
'app_name', **kwargs)])
return super(DeleteActivity, self).dispatch(
request, *args, **kwargs)
def check(self, request, **kwargs):
"""
- Super user can perform all activities
- Requester can view all activities
- Assignee can view all assigned activities
- Assignee can initiate activity operation
- Assignee can update activity details
- Historical activities cannot be updated
- TODO: Entire request can be deleted
*assignee: Users who belong to a Group configured to play
a specific role in the Business Process
"""
model = get_model(**kwargs)
view = self.__class__.__name__
user = request.user
groups = list(user.groups.all())
if self.request.user.is_superuser:
return
def assignee_check():
"""Checks if logged-in user is task assignee"""
return model.objects.filter(task__assignee__in=groups).count() == 0
def check_for_view():
"""Check for view/display operation"""
return model.objects.filter(
Q(task__assignee__in=groups)
| Q(task__request__requester=user)).count() == 0
def check_for_create():
"""Check for create/initiate operation"""
module = get_request_params('app_name', request, **kwargs)
flow = flow_config(module).FLOW
initial = flow_config(module).INITIAL
identifier = get_request_params('pk', request, **kwargs)
activity = initial if identifier == REQUEST_IDENTIFIER \
else Task.objects.get(id=identifier).activity_ref
return flow[activity]['role'] not in [
group.name for group in groups
]
def check_for_update():
"""Check for update/revise operation"""
return any([
assignee_check(), not self.task.can_revise_activity if hasattr(
self, 'task') else False
])
return render(request, 'core/denied.html') if {
'ViewActivity': check_for_view,
'CreateActivity': check_for_create,
'UpdateActivity': check_for_update,
}.get(view)() else None
def post(self, request, **kwargs):
"""POST request handler for Create operation"""
model = get_model(**kwargs)
form = get_form_instance(**kwargs)(request.POST)
app_title = get_request_params('app_name', **kwargs)
if form.is_valid():
instance = model(**form.cleaned_data)
if instance.is_initial:
instance.initiate_request(request.user, app_title)
else:
instance.assign_task(get_request_params('pk', **kwargs))
instance.task.initiate()
return HttpResponseRedirect(
reverse('update',
args=(app_title, instance.title, instance.id)))
else:
context = {'form': form, 'error_message': get_errors(form.errors)}
return render(request, 'core/create.html', context)
def dispatch(self, request, *args, **kwargs):
"""Overriding dispatch on DetailView"""
self.model = get_model(**kwargs)
denied = self.check(request, **kwargs)
return denied if denied else super(ViewActivity, self).dispatch(
request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
"""Overriding dispatch on DetailView"""
self.model = get_model(**kwargs)
denied = self.check(request, **kwargs)
return denied if denied else super(ViewActivity, self).dispatch(
request, *args, **kwargs)
