From 8b2189dacad374b39478a1452a9a72d186a1b840 Mon Sep 17 00:00:00 2001 From: Oliver Walters Date: Tue, 6 Oct 2020 09:27:22 +1100 Subject: [PATCH] Add global context 'roles' - Access via template e.g. {% if roles.part.view %} - Always True if the user is a superuser --- InvenTree/InvenTree/context.py | 33 +++++++++++++++++++++++++++++++++ InvenTree/InvenTree/settings.py | 1 + 2 files changed, 34 insertions(+) diff --git a/InvenTree/InvenTree/context.py b/InvenTree/InvenTree/context.py index 7de41eef15..71aee5c2c5 100644 --- a/InvenTree/InvenTree/context.py +++ b/InvenTree/InvenTree/context.py @@ -17,3 +17,36 @@ def status_codes(request): 'BuildStatus': BuildStatus, 'StockStatus': StockStatus, } + + +def user_roles(request): + """ + Return a map of the current roles assigned to the user. + + Roles are denoted by their simple names, and then the permission type. + + Permissions can be access as follows: + + - roles.part.view + - roles.build.delete + + Each value will return a boolean True / False + """ + + user = request.user + + roles = {} + + for group in user.groups.all(): + for rule in group.rule_sets.all(): + roles[rule.name] = { + 'view': rule.can_view or user.is_superuser, + 'add': rule.can_add or user.is_superuser, + 'change': rule.can_change or user.is_superuser, + 'delete': rule.can_delete or user.is_superuser, + } + + print("Roles:") + print(roles) + + return {'roles': roles} diff --git a/InvenTree/InvenTree/settings.py b/InvenTree/InvenTree/settings.py index 75f6f58993..c6f8b40069 100644 --- a/InvenTree/InvenTree/settings.py +++ b/InvenTree/InvenTree/settings.py @@ -210,6 +210,7 @@ TEMPLATES = [ 'django.contrib.auth.context_processors.auth', 'django.contrib.messages.context_processors.messages', 'InvenTree.context.status_codes', + 'InvenTree.context.user_roles', ], }, },