commit permission

nguyentanphatka · nguyentanphatka · commit dff8dc712cec · 2019-12-29T17:50:41.000+07:00
diff --git a/User/admin.py b/User/admin.py
@@ -81,24 +81,35 @@ class UserAdmin(BaseUserAdmin):
     # list_display = ('username', 'password', 'email',  'is_staff')
     list_display = ('username', 'password', 'email', 'date_joined',
                     'is_staff', 'is_superuser', 'is_active',)
-    filter_horizontal = ('groups', 'user_permissions')
+
     list_filter = ('is_staff',)
     fieldsets = (
-        (None, {'fields': ('email', 'password')}),
-        ('Permissions', {'fields': ('is_staff', 'is_superuser', 'is_active', 'groups', 'user_permissions',)}),
+        (None, {'fields': ('first_name', 'email', 'password')}),
+        ('Permissions', {'fields': ('is_staff', 'is_superuser', 'is_active', )}),
     )
     # add_fieldsets is not a standard ModelAdmin attribute. UserAdmin
     # overrides get_fieldsets to use this attribute when creating a user.
     add_fieldsets = (
         (None, {
             'classes': ('wide',),
-            'fields': ('username', 'email', 'password1', 'password2', 'is_staff', 'is_superuser', 'is_active', 'groups',
+            'fields': ('username', 'email', 'password1', 'password2', 'is_staff', 'is_superuser', 'is_active',
                        'user_permissions'),
         }),
     )
+    filter_horizontal = ('user_permissions',)
     search_fields = ('email',)
     ordering = ('email',)
 
+    def get_queryset(self, request):
+        queryset = super().get_queryset(request)
+        if request.user.is_superuser:
+            queryset = User.objects.all()
+        else:
+            try:
+                queryset = User.objects.filter(username=request.user.username)
+            except:
+                queryset = User.objects.none()
+        return queryset
 
 # Register your models Teacher.
 admin.site.register(User, UserAdmin)
diff --git a/User/models.py b/User/models.py
@@ -1,5 +1,5 @@
 from django.db import models
-
+from guardian.shortcuts import assign_perm
 # Create your models here.
 import os
 from uuid import uuid4
@@ -74,9 +74,6 @@ class User(AbstractUser):
     def __str__(self):
         return self.email
 
-    def has_perm(self, perm, obj=None):
-        return self.is_superuser
-    """
     def has_perm(self, perm, obj=None):
         if self.is_superuser:
             return True
@@ -85,18 +82,26 @@ def has_perm(self, perm, obj=None):
                     perm == 'student.delete_student' or perm == 'student.view_student' or \
                     perm == 'student.add_studentimagesdata' or perm == 'student.change_studentimagesdata' or \
                     perm == 'student.delete_studentimagesdata' or perm == 'student.view_studentimagesdata' or \
-                    perm == 'teacher.add_teacher' or perm == 'teacher.change_teacher' or \
-                    perm == 'teacher.delete_teacher' or perm == 'teacher.view_teacher' or \
                     perm == 'course.add_course' or perm == 'course.change_course' or \
                     perm == 'course.delete_course' or perm == 'course.view_course' or \
                     perm == 'course.add_schedule' or perm == 'course.change_schedule' or \
                     perm == 'course.delete_schedule' or perm == 'course.view_schedule' or \
                     perm == 'course.add_scheduleimagesdata' or perm == 'course.change_scheduleimagesdata' or \
                     perm == 'course.delete_scheduleimagesdata' or perm == 'course.view_scheduleimagesdata' or \
                     perm == 'course.add_attendance' or perm == 'course.change_attendance' or \
-                    perm == 'course.delete_attendance' or perm == 'course.view_attendance':
+                    perm == 'course.delete_attendance' or perm == 'course.view_attendance' or \
+                    perm == 'User.add_user' or perm == 'User.change_user' or \
+                    perm == 'User.delete_user' or perm == 'User.view_user' or \
+                    perm == 'teacher.add_teacher' or perm == 'teacher.change_teacher' or \
+                    perm == 'teacher.delete_teacher' or perm == 'teacher.view_teacher':
                 return True
-    """
+        if self.is_student:
+            if perm == 'student.change_student' or perm == 'student.view_student' or \
+                    perm == 'course.add_course' or perm == 'course.change_course' or \
+                    perm == 'course.view_course' or perm == 'course.view_schedule' or \
+                    perm == 'course.view_scheduleimagesdata' or perm == 'course.view_attendance':
+                return True
+
     def has_module_perms(self, app_label):
         """Does the user have permissions to view the app `app_label`?"""
         # Simplest possible answer: Yes, always
diff --git a/course/admin.py b/course/admin.py
@@ -59,6 +59,7 @@
 from import_export.resources import ModelResource
 from student.models import Student
 from student.admin import StudentAdmin
+import json
 
 
 # Register your models here.
@@ -96,6 +97,22 @@ class CourseAdmin(ImportExportModelAdmin):
     date_hierarchy = 'start_day'
     raw_id_fields = ["teacher", ]
 
+    def get_queryset(self, request):
+        queryset = super().get_queryset(request)
+        queryset = queryset.annotate(
+            student_count=Count("students", distinct=True),
+        )
+
+        if request.user.is_superuser:
+            queryset = Course.objects.all().annotate(student_count=Count("students", distinct=True), )
+        else:
+            try:
+                queryset = Course.objects.filter(teacher=request.user.username).annotate(
+                    student_count=Count("students", distinct=True), )
+            except:
+                queryset = Course.objects.none().annotate(student_count=Count("students", distinct=True), )
+        return queryset
+
     def get_readonly_fields(self, request, obj=None):
         if obj:  # editing an existing object
             return self.readonly_fields + ['course_code', ]
@@ -121,13 +138,6 @@ def children_display(self, obj):
 
     children_display.short_description = "Students List"
 
-    def get_queryset(self, request):
-        queryset = super().get_queryset(request)
-        queryset = queryset.annotate(
-            student_count=Count("students", distinct=True),
-        )
-        return queryset
-
     @staticmethod
     def student_count(obj):
         # return obj.students.count()
@@ -306,6 +316,17 @@ class ScheduleAdmin(admin.ModelAdmin):
     list_per_page = 20
     raw_id_fields = ["course", ]
 
+    def get_queryset(self, request):
+        queryset = super().get_queryset(request)
+        if request.user.is_superuser:
+            queryset = Schedule.objects.all()
+        else:
+            try:
+                queryset = Schedule.objects.filter(course__teacher__username=request.user.username)
+            except:
+                queryset = Course.objects.none()
+        return queryset
+
     @staticmethod
     def course_info(obj):
         return obj.course.course_name + " - " + obj.course.course_code + ""
@@ -355,6 +376,17 @@ class AttendanceAdmin(admin.ModelAdmin):
     list_per_page = 20
     raw_id_fields = ["schedule_code", "student"]
 
+    def get_queryset(self, request):
+        queryset = super().get_queryset(request)
+        if request.user.is_superuser:
+            queryset = Attendance.objects.all()
+        else:
+            try:
+                queryset = Attendance.objects.filter(schedule_code__course__teacher__username=request.user.username)
+            except:
+                queryset = Attendance.objects.none()
+        return queryset
+
     # def get_readonly_fields(self, request, obj=None):
     #   if obj:  # editing an existing object
     #       return self.readonly_fields + ('student_info', 'field2')
diff --git a/course/models.py b/course/models.py
@@ -201,8 +201,6 @@ class ScheduleImagesData(models.Model):
     schedule = models.ForeignKey(Schedule, on_delete=models.CASCADE, null=False)
 
     def path_and_rename(self, name):
-        # get filename course_code = list(Schedule.objects.filter(schedule_code=self.schedule).values_list(
-        # 'course__course_code', flat=True).distinct())[0]
         course_code, schedule_number_of_day = list(
             Schedule.objects.filter(schedule_code=self.schedule).values_list('course__course_code',
                                                                              'schedule_number_of_day').distinct())[0]
diff --git a/student/admin.py b/student/admin.py
@@ -71,26 +71,27 @@ class StudentAdmin(ImportExportModelAdmin,):
         'first_name': 'Full Name'
     }
     list_display = (
-        'student_code', 'get_full_name', 'email', 'username', 'password',
-        'comment',)
+        'student_code', 'get_full_name', 'email', 'username',)
     readonly_fields = []
     list_filter = ('student_code',)
     search_fields = ('student_code',)
     inlines = (ImageInline,)
     fieldsets = (
         (None, {
-            'fields': ('student_code', 'first_name', 'email', 'student_video_data', 'comment',)
+            'fields': ('student_code', 'password', 'first_name', 'email', 'student_video_data', 'comment',)
         }),
-        ('Options', {
-            'fields': ('username', 'password',),
-            'description': 'option advance',
-            'classes': ('collapse',),
+    )
+
+    add_fieldsets = (
+        (None, {
+            # 'classes': ('wide',),
+            'fields': ('student_code', 'first_name', 'email', 'password1', 'password2',),
         }),
     )
 
     def get_readonly_fields(self, request, obj=None):
         if obj:  # editing an existing object
-            return self.readonly_fields + ['student_code', ]
+            return self.readonly_fields + ['student_code', 'username', 'password']
         return self.readonly_fields
 
     def get_full_name(self, obj):
diff --git a/teacher/admin.py b/teacher/admin.py
@@ -39,25 +39,36 @@ class TeacherAdmin(ImportExportModelAdmin):
     fieldsets = (
         (None, {
             'fields': (
-                'teacher_code', 'first_name', 'email', 'teacher_image',
-                'password', 'is_staff', 'is_active', 'is_superuser', 'groups', 'user_permissions', ),
+                'teacher_code', 'password', 'first_name', 'email', 'teacher_image',
+                ),
         }),
         ('Advance options', {
             'fields': ('date_joined', 'teacher_full_image_show'),
             'description': 'option advance',
-            'classes': ('collapse',),
+            'classes': ('',),
+            # colapse
         }),
     )
     list_filter = (
         ('teacher_code', DropdownFilter),
-        # ('Course', RelatedDropdownFilter)
     )
 
     filter_horizontal = ('groups', 'user_permissions')
 
+    def get_queryset(self, request):
+        queryset = super().get_queryset(request)
+        if request.user.is_superuser:
+            queryset = Teacher.objects.all()
+        else:
+            try:
+                queryset = Teacher.objects.filter(username=request.user.username)
+            except:
+                queryset = Teacher.objects.none()
+        return queryset
+
     def get_readonly_fields(self, request, obj=None):
         if obj:  # editing an existing object
-            return self.readonly_fields + ['teacher_code', ]
+            return self.readonly_fields + ['teacher_code', 'username', 'is_superuser']
         return self.readonly_fields
 
     @staticmethod
diff --git a/teacher/models.py b/teacher/models.py
@@ -1,6 +1,7 @@
 from django.db import models
 from django.contrib.auth.models import AbstractUser
 from User.models import User
+from guardian.shortcuts import assign_perm
 # -*- coding: utf-8 -*-
 
 
@@ -22,6 +23,8 @@ def days_since_creation(self):
 
     class Meta:
         verbose_name_plural = 'Quản lý giáo viên'
+        permissions = (
+        )
 
     def __str__(self):
         return self.first_name + self.last_name
@@ -38,3 +41,6 @@ def save(self, *args, **kwargs):
             self.password = "" + self.teacher_code
         self.set_password(self.password)
         super(Teacher, self).save(*args, **kwargs)
+
+    def __init__(self, *args, **kwargs):
+        super(Teacher, self).__init__(*args, **kwargs)
