Add permission for viewing "all" employees
previously we showed all if user had "edit" perm
This commit is contained in:
parent
1ceb1e4434
commit
f1fd003dca
|
@ -83,6 +83,7 @@ class EmployeeView(MasterView):
|
|||
def configure_grid(self, g):
|
||||
super(EmployeeView, self).configure_grid(g)
|
||||
route_prefix = self.get_route_prefix()
|
||||
use_buefy = self.get_use_buefy()
|
||||
|
||||
# phone
|
||||
g.set_joiner('phone', lambda q: q.outerjoin(model.EmployeePhoneNumber, sa.and_(
|
||||
|
@ -114,21 +115,23 @@ class EmployeeView(MasterView):
|
|||
g.hide_column('username')
|
||||
|
||||
# id
|
||||
if self.request.has_perm('{}.edit'.format(route_prefix)):
|
||||
if self.has_perm('edit'):
|
||||
g.set_link('id')
|
||||
else:
|
||||
g.hide_column('id')
|
||||
g.remove('id')
|
||||
del g.filters['id']
|
||||
|
||||
# status
|
||||
if self.request.has_perm('{}.edit'.format(route_prefix)):
|
||||
if self.has_perm('view_all'):
|
||||
g.set_enum('status', self.enum.EMPLOYEE_STATUS)
|
||||
g.filters['status'].default_active = True
|
||||
g.filters['status'].default_verb = 'equal'
|
||||
# TODO: why must we set unicode string value here?
|
||||
g.filters['status'].default_value = six.text_type(self.enum.EMPLOYEE_STATUS_CURRENT)
|
||||
if use_buefy:
|
||||
g.filters['status'].default_value = six.text_type(self.enum.EMPLOYEE_STATUS_CURRENT)
|
||||
else:
|
||||
g.filters['status'].default_value = self.enum.EMPLOYEE_STATUS_CURRENT
|
||||
else:
|
||||
g.hide_column('status')
|
||||
g.remove('status')
|
||||
del g.filters['status']
|
||||
|
||||
g.filters['first_name'].default_active = True
|
||||
|
@ -151,7 +154,7 @@ class EmployeeView(MasterView):
|
|||
|
||||
def query(self, session):
|
||||
q = session.query(model.Employee).join(model.Person)
|
||||
if not self.request.has_perm('employees.edit'):
|
||||
if not self.has_perm('view_all'):
|
||||
q = q.filter(model.Employee.status == self.enum.EMPLOYEE_STATUS_CURRENT)
|
||||
return q
|
||||
|
||||
|
@ -310,6 +313,21 @@ class EmployeeView(MasterView):
|
|||
(model.EmployeeDepartment, 'employee_uuid'),
|
||||
]
|
||||
|
||||
@classmethod
|
||||
def defaults(cls, config):
|
||||
cls._defaults(config)
|
||||
cls._employee_defaults(config)
|
||||
|
||||
@classmethod
|
||||
def _employee_defaults(cls, config):
|
||||
permission_prefix = cls.get_permission_prefix()
|
||||
model_title_plural = cls.get_model_title_plural()
|
||||
|
||||
# view *all* employees
|
||||
config.add_tailbone_permission(permission_prefix,
|
||||
'{}.view_all'.format(permission_prefix),
|
||||
"View *all* (not just current) {}".format(model_title_plural))
|
||||
|
||||
|
||||
def includeme(config):
|
||||
EmployeeView.defaults(config)
|
||||
|
|
Loading…
Reference in a new issue