From dfcde4fa72a6ddabd28dd7e281c770143ed43ac6 Mon Sep 17 00:00:00 2001 From: Rajandeep98 Date: Thu, 25 Jul 2024 09:04:20 -0700 Subject: [PATCH] SBCQ160 GA role restricted to csr/ga --- api/app/admin/csr.py | 12 +++++++++++- api/version.py | 2 +- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/api/app/admin/csr.py b/api/app/admin/csr.py index 566de7436..10fbe1176 100644 --- a/api/app/admin/csr.py +++ b/api/app/admin/csr.py @@ -12,7 +12,7 @@ See the License for the specific language governing permissions and limitations under the License.''' -from app.models.theq import Citizen, CSR, CitizenState, Period, PeriodState, ServiceReq, SRState, Counter +from app.models.theq import Citizen, CSR, CitizenState, Period, PeriodState, ServiceReq, SRState, Counter, Role from flask import flash, redirect, request from .base import Base from flask_admin.babel import gettext @@ -124,6 +124,11 @@ def validate_model(self): model = self.get_one(identifier) + allowed_ga_edit_roles = ['GA', 'CSR'] + if model and current_user.role.role_code == 'GA' and model.role.role_code not in allowed_ga_edit_roles: + flash(gettext('You are not allowed to edit a '+ model.role.role_code +' role.'), 'error') + return False + if model is None: flash(gettext('Record does not exist.'), 'error') return False @@ -208,6 +213,11 @@ class CSRConfigGA(CSRConfig): 'finance_designate', 'ita2_designate', 'csr_state', 'role', 'office', 'counter') form_edit_rules = ('username', 'office_manager', 'pesticide_designate', 'ita2_designate', 'role', 'office') + form_args = { + 'role': { + 'query_factory': lambda: db.session.query(Role).filter(Role.role_code.in_(['CSR', 'GA'])) + } + } CSRModelView = CSRConfig(CSR, db.session) CSRGAModelView = CSRConfigGA(CSR, db.session, endpoint='csrga') diff --git a/api/version.py b/api/version.py index 735d20d9e..3509bd885 100644 --- a/api/version.py +++ b/api/version.py @@ -1 +1 @@ -__version__ = '1.1.2' \ No newline at end of file +__version__ = '1.1.3' \ No newline at end of file