Mirrored_Repos/InvenTree
1
0
Fork 0
mirror of https://github.com/inventree/InvenTree synced 2024-08-30 18:33:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use app label rather than table name for permission lookup

Browse Source 
- For legacy reasons there are some tables that are not named according to their app_label
- Simply use the app_label instead
This commit is contained in:
Oliver Walters 2021-03-02 19:34:56 +11:00
parent f6e982ce81
commit 753483e6c2
2 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
InvenTree/InvenTree/permissions.py
View File

@ -58,8 +58,10 @@ class RolePermission(permissions.BasePermission):
# Extract the model name associated with this request # Extract the model name associated with this request
model = view.serializer_class.Meta.model model = view.serializer_class.Meta.model
# And the specific database table app_label = model._meta.app_label
table = model._meta.db_table model_name = model._meta.model_name
table = f"{app_label}_{model_name}"
except AttributeError: except AttributeError:
# We will assume that if the serializer class does *not* have a Meta, # We will assume that if the serializer class does *not* have a Meta,
# then we don't need a permission # then we don't need a permission

6
InvenTree/users/models.py
View File

@ -66,9 +66,9 @@ class RuleSet(models.Model):
'part_parttesttemplate', 'part_parttesttemplate',
'part_partparametertemplate', 'part_partparametertemplate',
'part_partparameter', 'part_partparameter',
'part_supplierpart',
'part_partrelated', 'part_partrelated',
'part_partstar', 'part_partstar',
'company_supplierpart',
], ],
'stock_location': [ 'stock_location': [
'stock_stocklocation', 'stock_stocklocation',
@ -95,11 +95,11 @@ class RuleSet(models.Model):
], ],
'purchase_order': [ 'purchase_order': [
'company_company', 'company_company',
'part_supplierpart',
'company_supplierpricebreak', 'company_supplierpricebreak',
'order_purchaseorder', 'order_purchaseorder',
'order_purchaseorderattachment', 'order_purchaseorderattachment',
'order_purchaseorderlineitem', 'order_purchaseorderlineitem',
'company_supplierpart',
], ],
'sales_order': [ 'sales_order': [
'company_company', 'company_company',
@ -343,7 +343,7 @@ def update_group_roles(group, debug=False):
content_type = ContentType.objects.get(app_label=app, model=model) content_type = ContentType.objects.get(app_label=app, model=model)
permission = Permission.objects.get(content_type=content_type, codename=perm) permission = Permission.objects.get(content_type=content_type, codename=perm)
except ContentType.DoesNotExist: except ContentType.DoesNotExist:
print(f"Error: Could not find permission matching '{permission_string}'") raise ValueError(f"Error: Could not find permission matching '{permission_string}'")
permission = None permission = None
return permission return permission