def post(self, request, **kwargs): """POST request handler for Create operation""" model = get_model(**kwargs) form = get_form_instance(**kwargs)(request.POST) app_title = get_request_params('app_name', **kwargs) if form.is_valid(): instance = model(**form.cleaned_data) if instance.is_initial: instance.initiate_request(request.user, app_title) else: instance.assign_task( get_request_params('pk', **kwargs)) instance.task.initiate() return HttpResponseRedirect( reverse('update', args=( app_title, instance.title, instance.id))) else: context = { 'form': form, 'error_message': get_errors(form.errors) } return render(request, 'core/create.html', context)
def dispatch(self, request, *args, **kwargs): """Overriding dispatch on DeleteView""" self.model = get_model(**kwargs) self.success_url = reverse_lazy( 'workflow-detail', args=[get_request_params('app_name', **kwargs)]) return super(DeleteActivity, self).dispatch(request, *args, **kwargs)
def check(self, request, **kwargs): """ - Super user can perform all activities - Requester can view all activities - Assignee can view all assigned activities - Assignee can initiate activity operation - Assignee can update activity details - Historical activities cannot be updated - TODO: Entire request can be deleted *assignee: Users who belong to a Group configured to play a specific role in the Business Process """ model = get_model(**kwargs) view = self.__class__.__name__ user = request.user groups = list(user.groups.all()) if self.request.user.is_superuser: return def assignee_check(): """Checks if logged-in user is task assignee""" return model.objects.filter(task__assignee__in=groups).count() == 0 def check_for_view(): """Check for view/display operation""" return model.objects.filter( Q(task__assignee__in=groups) | Q(task__request__requester=user) ).count() == 0 def check_for_create(): """Check for create/initiate operation""" module = get_request_params('app_name', request, **kwargs) flow = flow_config(module).FLOW initial = flow_config(module).INITIAL identifier = get_request_params( 'pk', request, **kwargs) activity = initial if identifier == REQUEST_IDENTIFIER \ else Task.objects.get(id=identifier).activity_ref return flow[activity]['role'] not in [ group.name for group in groups] def check_for_update(): """Check for update/revise operation""" return any([ assignee_check(), not self.task.can_revise_activity if hasattr( self, 'task') else False ]) return render( request, 'core/denied.html') if { 'ViewActivity': check_for_view, 'CreateActivity': check_for_create, 'UpdateActivity': check_for_update, }.get(view)() else None
def dispatch(self, request, *args, **kwargs): """Overriding dispatch on DeleteView""" self.model = get_model(**kwargs) self.success_url = reverse_lazy( 'workflow-detail', args=[get_request_params( 'app_name', **kwargs)]) return super(DeleteActivity, self).dispatch( request, *args, **kwargs)
def check(self, request, **kwargs): """ - Super user can perform all activities - Requester can view all activities - Assignee can view all assigned activities - Assignee can initiate activity operation - Assignee can update activity details - Historical activities cannot be updated - TODO: Entire request can be deleted *assignee: Users who belong to a Group configured to play a specific role in the Business Process """ model = get_model(**kwargs) view = self.__class__.__name__ user = request.user groups = list(user.groups.all()) if self.request.user.is_superuser: return def assignee_check(): """Checks if logged-in user is task assignee""" return model.objects.filter(task__assignee__in=groups).count() == 0 def check_for_view(): """Check for view/display operation""" return model.objects.filter( Q(task__assignee__in=groups) | Q(task__request__requester=user)).count() == 0 def check_for_create(): """Check for create/initiate operation""" module = get_request_params('app_name', request, **kwargs) flow = flow_config(module).FLOW initial = flow_config(module).INITIAL identifier = get_request_params('pk', request, **kwargs) activity = initial if identifier == REQUEST_IDENTIFIER \ else Task.objects.get(id=identifier).activity_ref return flow[activity]['role'] not in [ group.name for group in groups ] def check_for_update(): """Check for update/revise operation""" return any([ assignee_check(), not self.task.can_revise_activity if hasattr( self, 'task') else False ]) return render(request, 'core/denied.html') if { 'ViewActivity': check_for_view, 'CreateActivity': check_for_create, 'UpdateActivity': check_for_update, }.get(view)() else None
def post(self, request, **kwargs): """POST request handler for Create operation""" model = get_model(**kwargs) form = get_form_instance(**kwargs)(request.POST) app_title = get_request_params('app_name', **kwargs) if form.is_valid(): instance = model(**form.cleaned_data) if instance.is_initial: instance.initiate_request(request.user, app_title) else: instance.assign_task(get_request_params('pk', **kwargs)) instance.task.initiate() return HttpResponseRedirect( reverse('update', args=(app_title, instance.title, instance.id))) else: context = {'form': form, 'error_message': get_errors(form.errors)} return render(request, 'core/create.html', context)
def dispatch(self, request, *args, **kwargs): """Overriding dispatch on DetailView""" self.model = get_model(**kwargs) denied = self.check(request, **kwargs) return denied if denied else super(ViewActivity, self).dispatch( request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): """Overriding dispatch on DetailView""" self.model = get_model(**kwargs) denied = self.check(request, **kwargs) return denied if denied else super(ViewActivity, self).dispatch( request, *args, **kwargs)