From 9fec5d58b2381a55731f0fae91a9a7fc473bbd44 Mon Sep 17 00:00:00 2001 From: Andrea Lepori Date: Thu, 19 Aug 2021 10:42:10 +0200 Subject: RO documents for non primary groups --- client/views.py | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) (limited to 'client/views.py') diff --git a/client/views.py b/client/views.py index 4b8b11d..841b254 100644 --- a/client/views.py +++ b/client/views.py @@ -1,17 +1,16 @@ -from random import randint +from django.template.loader import get_template from client.models import GroupSettings, UserCode, Keys, DocumentType, Document, PersonalData, KeyVal, MedicalData from django.db.models import Q from django.http import HttpResponseRedirect, FileResponse from django.contrib.auth.decorators import login_required - from django.shortcuts import render -from django.template.loader import get_template from io import BytesIO import pdfkit from subprocess import check_output from datetime import datetime import pytz +from random import randint def index(request): context = {} @@ -39,16 +38,18 @@ def index(request): context = {"user_code": user_code} else: # get user group - groups = request.user.groups.values_list('name', flat=True) - group = groups[0] - - # get group settings - settings = GroupSettings.objects.filter(group__name=group) + groups = request.user.groups.all() + + # check if any group has enabled RO documents + if request.user.is_staff or len(groups.filter(name="capi")) == 0: + # if user is staff then not needed + gr = [] + elif request.user.has_perm("client.staff"): + gr = GroupSettings.objects.filter(group__in=groups).filter(view_documents=True).filter(~Q(group=groups[0])) + else: + gr = GroupSettings.objects.filter(group__in=groups).filter(view_documents=True) - # check if settings exists and user is in group capi - if len(settings) != 0 and "capi" in groups: - # set settings value - group_view = settings[0].view_documents + group_view = len(gr) != 0 # user action if request.method == "POST": -- cgit v1.2.1