Cleanup employees view per new supplements

also add permission for "view employee secrets" (where applicable)

tailbone/views/employees.py

@@ -154,10 +154,11 @@ class EmployeeView(MasterView):
         g.set_link('last_name')
 
     def query(self, session):
-        q = session.query(model.Employee).join(model.Person)
+        query = super(EmployeeView, self).query(session)
+        query = query.join(model.Person)
         if not self.has_perm('view_all'):
-            q = q.filter(model.Employee.status == self.enum.EMPLOYEE_STATUS_CURRENT)
-        return q
+            query = query.filter(model.Employee.status == self.enum.EMPLOYEE_STATUS_CURRENT)
+        return query
 
     def grid_render_username(self, employee, field):
         person = employee.person if employee else None
@@ -327,6 +328,7 @@ class EmployeeView(MasterView):
     @classmethod
     def _employee_defaults(cls, config):
         permission_prefix = cls.get_permission_prefix()
+        model_title = cls.get_model_title()
         model_title_plural = cls.get_model_title_plural()
 
         # view *all* employees
@@ -334,6 +336,11 @@ class EmployeeView(MasterView):
                                        '{}.view_all'.format(permission_prefix),
                                        "View *all* (not just current) {}".format(model_title_plural))
 
+        # view employee "secrets"
+        config.add_tailbone_permission(permission_prefix,
+                                       '{}.view_secrets'.format(permission_prefix),
+                                       "View \"secrets\" for {} (e.g. login ID, passcode)".format(model_title))
+
 
 def defaults(config, **kwargs):
     base = globals()

tailbone/views/master.py

@@ -5124,4 +5124,8 @@ class ViewSupplement(object):
 
     @classmethod
     def defaults(cls, config):
+        cls._defaults(config)
+
+    @classmethod
+    def _defaults(cls, config):
         config.add_tailbone_view_supplement(cls.route_prefix, cls)