Changed Outlet Admin

Fixed `permissions`
101Loop · Dec 25, 2018 · 2d00b09 · 2d00b09
1 parent 3e27f12
commit 2d00b09
Show file tree

Hide file tree

Showing 2 changed files with 92 additions and 14 deletions.
diff --git a/outlet/admin.py b/outlet/admin.py
@@ -23,12 +23,73 @@ class OutletImageInline(admin.StackedInline):
     fields = ('name', 'image')
 
 
+class OutletProductAdmin(CreateUpdateAdmin):
+    list_display = ('id', 'product_link', 'outlet_link', 'stock')
+    readonly_fields = ('product_link', 'outlet_link')
+    list_filter = ('product', 'outlet')
+
+    def get_changeform_initial_data(self, request):
+        from .models import Outlet
+
+        data = {}
+        if 'outlet__id' in request.GET:
+            outlet = Outlet.objects.get(pk=request.GET['outlet__id'])
+            data['outlet'] = outlet
+        return data
+
+    def product_link(self, obj):
+        from django.urls import reverse
+
+        from django.utils.html import format_html
+
+        url = reverse('admin:%s_%s_change' % ('product', 'product'),
+                      args=(obj.product.id,))
+        return format_html('<a href="{url}">{name}</a>', url=url,
+                           name=obj.product.name)
+    product_link.short_description = "Product"
+
+    def outlet_link(self, obj):
+        from django.urls import reverse
+
+        from django.utils.html import format_html
+
+        url = reverse('admin:%s_%s_change' % ('outlet', 'outlet'),
+                      args=(obj.outlet.id,))
+        return format_html('<a href="{url}">{name}</a>', url=url,
+                           name=obj.outlet.name)
+    outlet_link.short_description = "Outlet"
+
+
 class OutletAdmin(CreateUpdateAdmin):
-    list_display = ('id', 'name', 'city', 'area', 'pincode')
+    list_display = ('id', 'name', 'city', 'area', 'pincode', 'products')
     list_filter = ('city', 'area', 'pincode')
     search_fields = ('name', 'city', 'area', 'unit', 'building', 'pincode')
-    inlines = (OutletManagerInline, OutletProductInline, OutletImageInline)
+    readonly_fields = ('products', )
+    inlines = (OutletManagerInline, OutletImageInline)
+
+    def products(self, obj):
+        from django.urls import reverse
+
+        from django.utils.html import format_html
+
+        count = obj.outletproduct_set.count()
+        if count > 1:
+            url = reverse("admin:outlet_outletproduct_changelist")
+            url = ('<a href="{url}?outlet__id__exact={oid}">Check {op} '
+                   'products</a>'
+                   .format(url=url, op=count, oid=obj.id))
+        elif count == 1:
+            prod = obj.outletproduct_set.first()
+            url = reverse("admin:outlet_outletproduct_change", args=(prod, ))
+            url = '<a href="{url}">Open {prod}</a>'.format(url=url,
+                                                           prod=prod.name)
+        else:
+            url = '0 Products <a href="{}?outlet__id={}">(Add now)</a>'.format(
+                reverse("admin:outlet_outletproduct_add"), obj.id)
+        return format_html(url)
+    products.short_description = "Open Outlet Products"
 
 
 admin.site.register(Outlet, OutletAdmin)
+admin.site.register(OutletProduct, OutletProductAdmin)
 admin.site.register(OutletManager)
diff --git a/outlet/permissions.py b/outlet/permissions.py
@@ -1,4 +1,4 @@
-from rest_framework.permissions import BasePermission
+from rest_framework.permissions import IsAuthenticated
 
 from drf_user.models import User
 
@@ -15,35 +15,52 @@ def is_owner(user: User)->bool:
     return Outlet.objects.filter(created_by=user).count() > 0
 
 
-class IsOwner(BasePermission):
+class IsOutletOwner(IsAuthenticated):
 
     def has_permission(self, request, view)->bool:
-        return super(IsOwner, self).has_permission(request, view) and is_owner(request.user)
+        return super(IsOutletOwner, self).has_permission(request, view) and is_owner(request.user)
 
     def has_object_permission(self, request, view, obj):
         from .models import Outlet
 
+        from order.models import Order
+
+        if isinstance(obj, Order):
+            obj = obj.outlet
+
         if isinstance(obj, Outlet):
             return obj.created_by == request.user
 
 
-class OwnerOrManager(IsOwner):
+class IsManager(IsAuthenticated):
 
     def has_permission(self, request, view):
-        return super(OwnerOrManager, self).has_permission(
-            request=request, view=view) or is_manager(request.user)
+        return (super(IsManager, self).has_permission(request=request,
+                                                      view=view)
+                and is_manager(request.user))
 
     def has_object_permission(self, request, view, obj):
         from .models import Outlet
-        from order.models import Order
 
-        perm = super(OwnerOrManager, self).has_object_permission(request,
-                                                                 view, obj)
+        from order.models import Order
 
         if isinstance(obj, Order):
             obj = obj.outlet
 
         if isinstance(obj, Outlet):
-            return perm or (request.user.id in obj.outletmanager_set
-                            .filter(is_active=True)
-                            .values_list('manager', flat=True))
+            return (request.user.id in obj.outletmanager_set
+                    .filter(is_active=True)
+                    .values_list('manager', flat=True))
+
+
+class OwnerOrManager(IsAuthenticated):
+
+    def has_permission(self, request, view):
+        return (IsOutletOwner().has_permission(request=request, view=view)
+                or IsManager().has_permission(request=request, view=view))
+
+    def has_object_permission(self, request, view, obj):
+        return (IsOutletOwner().has_object_permission(request=request,
+                                                      view=view, obj=obj)
+                or IsOutletOwner().has_object_permission(request=request,
+                                                         view=view, obj=obj))