diff options
Diffstat (limited to 'client')
-rw-r--r-- | client/templates/client/index.html | 2 | ||||
-rw-r--r-- | client/views.py | 25 |
2 files changed, 14 insertions, 13 deletions
diff --git a/client/templates/client/index.html b/client/templates/client/index.html index da65a0d..092fe7f 100644 --- a/client/templates/client/index.html +++ b/client/templates/client/index.html @@ -20,7 +20,7 @@ <div id="modal_capi" class="modal"> <div class="modal-content"> <h4>Attenzione</h4> - <p>Il tuo capo branca verrĂ notificato dell'accesso alla pagina dei documenti.<br> + <p>I capi gruppo interessati verranno notificati dell'accesso alla pagina dei documenti.<br> Sei sicuro di voler continuare? </p> </div> diff --git a/client/views.py b/client/views.py index 4b8b11d..841b254 100644 --- a/client/views.py +++ b/client/views.py @@ -1,17 +1,16 @@ -from random import randint +from django.template.loader import get_template from client.models import GroupSettings, UserCode, Keys, DocumentType, Document, PersonalData, KeyVal, MedicalData from django.db.models import Q from django.http import HttpResponseRedirect, FileResponse from django.contrib.auth.decorators import login_required - from django.shortcuts import render -from django.template.loader import get_template from io import BytesIO import pdfkit from subprocess import check_output from datetime import datetime import pytz +from random import randint def index(request): context = {} @@ -39,16 +38,18 @@ def index(request): context = {"user_code": user_code} else: # get user group - groups = request.user.groups.values_list('name', flat=True) - group = groups[0] - - # get group settings - settings = GroupSettings.objects.filter(group__name=group) + groups = request.user.groups.all() + + # check if any group has enabled RO documents + if request.user.is_staff or len(groups.filter(name="capi")) == 0: + # if user is staff then not needed + gr = [] + elif request.user.has_perm("client.staff"): + gr = GroupSettings.objects.filter(group__in=groups).filter(view_documents=True).filter(~Q(group=groups[0])) + else: + gr = GroupSettings.objects.filter(group__in=groups).filter(view_documents=True) - # check if settings exists and user is in group capi - if len(settings) != 0 and "capi" in groups: - # set settings value - group_view = settings[0].view_documents + group_view = len(gr) != 0 # user action if request.method == "POST": |