From df6db3cc562886834c09c40e0e1f1d86bfea7acd Mon Sep 17 00:00:00 2001
From: Lance Edgar <lance@wuttaproject.org>
Date: Sun, 26 Jan 2025 13:17:35 -0600
Subject: [PATCH] fix: add setup hook to auto-create Order Admin role

---
 docs/api/sideshow.web.views.common.rst |   6 ++
 docs/index.rst                         |   1 +
 src/sideshow/web/views/__init__.py     |   8 +-
 src/sideshow/web/views/common.py       | 104 +++++++++++++++++++++++++
 tests/web/views/test_common.py         |  29 +++++++
 5 files changed, 146 insertions(+), 2 deletions(-)
 create mode 100644 docs/api/sideshow.web.views.common.rst
 create mode 100644 src/sideshow/web/views/common.py
 create mode 100644 tests/web/views/test_common.py

diff --git a/docs/api/sideshow.web.views.common.rst b/docs/api/sideshow.web.views.common.rst
new file mode 100644
index 0000000..79ed2d2
--- /dev/null
+++ b/docs/api/sideshow.web.views.common.rst
@@ -0,0 +1,6 @@
+
+``sideshow.web.views.common``
+=============================
+
+.. automodule:: sideshow.web.views.common
+   :members:
diff --git a/docs/index.rst b/docs/index.rst
index 04b7099..0e3c2d5 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -53,6 +53,7 @@ For an online demo see https://demo.wuttaproject.org/
    api/sideshow.web.views
    api/sideshow.web.views.batch
    api/sideshow.web.views.batch.neworder
+   api/sideshow.web.views.common
    api/sideshow.web.views.customers
    api/sideshow.web.views.orders
    api/sideshow.web.views.products
diff --git a/src/sideshow/web/views/__init__.py b/src/sideshow/web/views/__init__.py
index efcf397..13a468c 100644
--- a/src/sideshow/web/views/__init__.py
+++ b/src/sideshow/web/views/__init__.py
@@ -2,7 +2,7 @@
 ################################################################################
 #
 #  Sideshow -- Case/Special Order Tracker
-#  Copyright © 2024 Lance Edgar
+#  Copyright © 2024-2025 Lance Edgar
 #
 #  This file is part of Sideshow.
 #
@@ -24,11 +24,15 @@
 Sideshow Views
 """
 
+from wuttaweb.views import essential
+
 
 def includeme(config):
 
     # core views for wuttaweb
-    config.include('wuttaweb.views.essential')
+    essential.defaults(config, **{
+        'wuttaweb.views.common': 'sideshow.web.views.common',
+    })
 
     # sideshow views
     config.include('sideshow.web.views.customers')
diff --git a/src/sideshow/web/views/common.py b/src/sideshow/web/views/common.py
new file mode 100644
index 0000000..8e19ef7
--- /dev/null
+++ b/src/sideshow/web/views/common.py
@@ -0,0 +1,104 @@
+# -*- coding: utf-8; -*-
+################################################################################
+#
+#  Sideshow -- Case/Special Order Tracker
+#  Copyright © 2024-2025 Lance Edgar
+#
+#  This file is part of Sideshow.
+#
+#  Sideshow is free software: you can redistribute it and/or modify it
+#  under the terms of the GNU General Public License as published by
+#  the Free Software Foundation, either version 3 of the License, or
+#  (at your option) any later version.
+#
+#  Sideshow is distributed in the hope that it will be useful, but
+#  WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with Sideshow.  If not, see <http://www.gnu.org/licenses/>.
+#
+################################################################################
+"""
+Common Views
+"""
+
+from wuttaweb.views import common as base
+
+
+class CommonView(base.CommonView):
+    """
+    Sideshow overrides for common view logic.
+    """
+
+    def setup_enhance_admin_user(self, user):
+        """
+        Adds the "Order Admin" role with all relevant permissions.
+
+        The default logic for creating a new user will create the
+        "Site Admin" role with permissions for app and user account
+        maintenance etc.  Sideshow needs another role for the order
+        maintenance.
+        """
+        model = self.app.model
+        session = self.app.get_session(user)
+        auth = self.app.get_auth_handler()
+
+        admin = model.Role(name="Order Admin")
+        admin.notes = ("this role was auto-created; "
+                       "you can change or remove it as needed.")
+
+        session.add(admin)
+        user.roles.append(admin)
+
+        order_admin_perms = [
+            'local_customers.list',
+            'local_customers.view',
+            'local_products.list',
+            'local_products.view',
+            'neworder_batches.list',
+            'neworder_batches.view',
+            'order_items.add_note',
+            'order_items.change_status',
+            'order_items.list',
+            'order_items.view',
+            'order_items_contact.add_note',
+            'order_items_contact.change_status',
+            'order_items_contact.list',
+            'order_items_contact.process_contact',
+            'order_items_contact.view',
+            'order_items_delivery.add_note',
+            'order_items_delivery.change_status',
+            'order_items_delivery.list',
+            'order_items_delivery.process_delivery',
+            'order_items_delivery.process_restock',
+            'order_items_delivery.view',
+            'order_items_placement.add_note',
+            'order_items_placement.change_status',
+            'order_items_placement.list',
+            'order_items_placement.process_placement',
+            'order_items_placement.view',
+            'order_items_receiving.add_note',
+            'order_items_receiving.change_status',
+            'order_items_receiving.list',
+            'order_items_receiving.process_receiving',
+            'order_items_receiving.process_reorder',
+            'order_items_receiving.view',
+            'orders.configure',
+            'orders.create',
+            'orders.create_unknown_product',
+            'orders.list',
+            'orders.view',
+            'pending_customers.list',
+            'pending_customers.view',
+            'pending_products.list',
+            'pending_products.view',
+        ]
+
+        for perm in order_admin_perms:
+            auth.grant_permission(admin, perm)
+
+
+def includeme(config):
+    base.defaults(config, **{'CommonView': CommonView})
diff --git a/tests/web/views/test_common.py b/tests/web/views/test_common.py
new file mode 100644
index 0000000..f00a314
--- /dev/null
+++ b/tests/web/views/test_common.py
@@ -0,0 +1,29 @@
+# -*- coding: utf-8; -*-
+
+from sideshow.testing import WebTestCase
+from sideshow.web.views import common as mod
+
+
+class TestIncludeme(WebTestCase):
+
+    def test_coverage(self):
+        mod.includeme(self.pyramid_config)
+
+
+class TestCommonView(WebTestCase):
+
+    def make_view(self):
+        return mod.CommonView(self.request)
+
+    def test_setup_enhance_admin_user(self):
+        model = self.app.model
+        view = self.make_view()
+
+        user = model.User(username='barney')
+        self.session.add(user)
+        self.session.flush()
+
+        self.assertEqual(len(user.roles), 0)
+        view.setup_enhance_admin_user(user)
+        self.assertEqual(len(user.roles), 1)
+        self.assertEqual(user.roles[0].name, 'Order Admin')