Remove custom logic to protect chuck's person, employee records

2020-09-23 16:40:58 -05:00 · 2020-09-23 16:40:58 -05:00 · 05ac07d2e6
parent 2a34243e33
commit 05ac07d2e6
3 changed files with 2 additions and 92 deletions
--- a/rattail_demo/web/views/init.py
+++ b/rattail_demo/web/views/init.py
@ -18,11 +18,11 @@ def includeme(config):
    config.include('tailbone.views.datasync')
    config.include('rattail_demo.web.views.departments')
    config.include('tailbone.views.email')
-    config.include('rattail_demo.web.views.employees')
+    config.include('tailbone.views.employees')
    config.include('tailbone.views.families')
    config.include('tailbone_corepos.views.members')
    config.include('tailbone.views.messages')
-    config.include('rattail_demo.web.views.people')
+    config.include('tailbone_corepos.views.people')
    config.include('rattail_demo.web.views.products')
    config.include('tailbone.views.reportcodes')
    config.include('tailbone.views.roles')
--- a/rattail_demo/web/views/employees.py
+++ b/rattail_demo/web/views/employees.py
@ -1,44 +0,0 @@
-# -*- coding: utf-8; -*-
-"""
-Employee views
-"""
-
-from tailbone.views import employees as base
-from tailbone.config import protected_usernames
-
-
-class EmployeeView(base.EmployeesView):
-    """
-    Prevent edit/delete for Chuck Norris
-    """
-
-    def __init__(self, request, **kwargs):
-        super(EmployeeView, self).__init__(request, **kwargs)
-        self.protected_usernames = protected_usernames(self.rattail_config)
-
-    def is_employee_protected(self, employee):
-        if self.protected_usernames:
-            for user in employee.person.users:
-                if user.username in self.protected_usernames:
-                    return True
-        return False
-
-    def editable_instance(self, employee):
-        if self.request.is_root:
-            return True
-        return not self.is_employee_protected(employee)
-
-    def deletable_instance(self, employee):
-        if self.request.is_root:
-            return True
-        return not self.is_employee_protected(employee)
-
-
-def includeme(config):
-
-    # autocomplete
-    config.add_route('employees.autocomplete',  '/employees/autocomplete')
-    config.add_view(base.EmployeesAutocomplete, route_name='employees.autocomplete',
-                    renderer='json', permission='employees.list')
-
-    EmployeeView.defaults(config)
--- a/rattail_demo/web/views/people.py
+++ b/rattail_demo/web/views/people.py
@ -1,46 +0,0 @@
-# -*- coding: utf-8; -*-
-"""
-Person views
-"""
-
-from tailbone.views import people as base
-from tailbone_corepos.views import people as corepos_base
-from tailbone.config import protected_usernames
-
-
-class PersonView(corepos_base.PersonView):
-    """
-    Prevent edit/delete for Chuck Norris
-    """
-
-    def __init__(self, request, **kwargs):
-        super(PersonView, self).__init__(request, **kwargs)
-        self.protected_usernames = protected_usernames(self.rattail_config)
-
-    def is_person_protected(self, person):
-        if self.protected_usernames:
-            for user in person.users:
-                if user.username in self.protected_usernames:
-                    return True
-        return False
-
-    def editable_instance(self, person):
-        if self.request.is_root:
-            return True
-        return not self.is_person_protected(person)
-
-    def deletable_instance(self, person):
-        if self.request.is_root:
-            return True
-        return not self.is_person_protected(person)
-
-
-def includeme(config):
-
-    # autocomplete
-    config.add_route('people.autocomplete', '/people/autocomplete')
-    config.add_view(base.PeopleAutocomplete, route_name='people.autocomplete',
-                    renderer='json', permission='people.list')
-
-    PersonView.defaults(config)
-    base.PersonNoteView.defaults(config)