def has_permission(self, request, view):
try:
support = Support.get_support_by_user(request.user)
return support.is_admin or support.is_operator or \
(support.is_superadmin and request.method in permissions.SAFE_METHODS)
except Support.DoesNotExist:
return False
def has_object_permission(self, request, view, user):
try:
support = Support.get_support_by_user(request.user)
except Support.DoesNotExist:
return False
return (user.group.support == support
or support.is_admin and user.company == support.company)
def get_all_supports_of_company(user):
support = get_support_by_user(user)
if support.is_superadmin:
return Support.objects.all()
else:
company = Support.get_company_by_user(user)
return Support.objects.filter(company=company)
def get_all_groups_of_company(user):
support = Support.get_support_by_user(user)
company = support.company
if support.is_admin:
groups = UserGroup.objects.filter(support__company=company)
else:
groups = UserGroup.objects.filter(support__company=company, support=support)
return groups
def has_object_permission(self, request, view, group):
company = group.support.company
try:
support = Support.get_support_by_user(request.user)
return (request.method in permissions.SAFE_METHODS and group.support == support) or \
(support.is_admin and support.company == company)
except Support.DoesNotExist:
return False
def has_permission(self, request, view):
try:
support = Support.get_support_by_user(request.user)
if support.is_operator and (request.method
in permissions.SAFE_METHODS):
return True
return support.is_admin
except Support.DoesNotExist:
return False
def has_permission(self, request, view):
try:
support = Support.get_support_by_user(request.user)
except Support.DoesNotExist:
return False
return (request.method in permissions.SAFE_METHODS and support.is_superadmin) or \
(request.method in permissions.SAFE_METHODS and support.is_admin) \
or support.is_booker
def has_permission(self, request, view):
try:
support = Support.get_support_by_user(request.user)
if support.company.time_to_finish_subscription < timezone.now():
raise SubcriptionTimeOutException()
else:
return True
except Support.DoesNotExist:
return False
def create(self, validated_data, company):
user = User(email=validated_data['email'],
username=validated_data['email'],
first_name=validated_data['first_name'],
last_name=validated_data['last_name'])
support = Support(user=user,
role=validated_data['role'],
post=validated_data.get('post', ''),
company=company)
return support
def has_object_permission(self, request, view, obj):
try:
support = Support.get_support_by_user(request.user)
# бухгалтер имеет доступ к подпискам компании
if isinstance(obj, Subscription) and support.is_booker:
return True
if support.is_superadmin and (request.method
in permissions.SAFE_METHODS):
return True
return support.company == obj.company
except Support.DoesNotExist:
return False
def has_object_permission(self, request, view, task):
try:
support = Support.get_support_by_user(request.user)
except Support.DoesNotExist:
return False
group = task.group
if not group:
start_task = get_start_task_by_company(support.company)
if task != start_task:
return False
elif not support.is_admin and not request.method in permissions.SAFE_METHODS:
return False
else:
return True
else:
return (group.support == support
or support.company == group.support.company
and support.is_admin)
def create_agent_start(serializer, request_user):
company = Support.get_company_by_user(request_user)
if company.agents_left < 1:
raise AgentLimitException()
if User.objects.filter(username=serializer.validated_data['login']).exists():
raise LoginAlredyExistException()
try:
user_group = UserGroup.objects.get(id=serializer.validated_data['group_id'])
except UserGroup.DoesNotExist:
raise GroupNotFoundException()
agent = serializer.create(serializer.validated_data, company, user_group)
#TODO отправка смс сообщения с приглашением
user_data = {'login': agent.user.username,
'password': serializer.validated_data['password']}
return user_data
def check_task(task_filled, serializer, user):
support = Support.get_support_by_user(user)
status = serializer.validated_data['status']
if not status in [3, 4]:
raise TaskStatusException()
if status == 3:
task_filled.status = 3
task_filled.checker = support
task_filled.check_dt = timezone.now()
task_filled.executer.purse.balance += serializer.validated_data[
'points']
task_filled.save()
task_filled.executer.purse.save()
else:
task_filled.status = 4
task_filled.checker = support
task_filled.check_dt = timezone.now()
task_filled.comment = serializer.validated_data['comment']
task_filled.task_address.amount += 1
task_filled.task_address.save()
task_filled.save()
def get_support_by_user(user):
try:
support = Support.get_support_by_user(user)
except Support.DoesNotExist:
raise NotFound()
return support
def get_all_promo_of_company(user):
company=Support.get_company_by_user(user)
return Promo.objects.filter(company=company)
def is_support(user):
try:
support = Support.get_support_by_user(user)
except Support.DoesNotExist:
return False
return True
def has_permission(self, request, view):
try:
support = Support.get_support_by_user(request.user)
return support.is_admin
except Support.DoesNotExist:
return False