fjrodriguez/AS_timbres
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

403 override functionality

Browse Source
This commit is contained in:
fjrodriguez
2022-12-12 12:09:58 -06:00
parent 7250707862
commit bdaba75870
7 changed files with 109 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
Admin/urls.py
View File

@@ -3,11 +3,42 @@ from django.contrib import admin
from django.urls import path,include from django.urls import path,include
from django.conf import settings from django.conf import settings
from django.conf.urls.static import static from django.conf.urls.static import static
from django.shortcuts import render
from django.core.exceptions import PermissionDenied
from django.http import HttpResponse
from django.test import SimpleTestCase, override_settings
def response_error_handler(request, exception=None):
context={}
return render(request, '403.html',context,status=403)
def permission_denied_view(request):
raise PermissionDenied
urlpatterns = [ urlpatterns = [
path('admin/', admin.site.urls), path('admin/', admin.site.urls),
path('accounts/', include('allauth.urls')), path('accounts/', include('allauth.urls')),
path('', include('Clientes.urls')), path('', include('Clientes.urls')),
path('403/', permission_denied_view),
] ]
handler403 = response_error_handler
if settings.DEBUG: #DEV only if settings.DEBUG: #DEV only
urlpatterns += static(settings.STATIC_URL, document_root= settings.STATIC_ROOT) urlpatterns += static(settings.STATIC_URL, document_root= settings.STATIC_ROOT)
urlpatterns += static(settings.MEDIA_URL, document_root= settings.MEDIA_ROOT) urlpatterns += static(settings.MEDIA_URL, document_root= settings.MEDIA_ROOT)
# ROOT_URLCONF must specify the module that contains handler403 = ...
@override_settings(ROOT_URLCONF=__name__)
class CustomErrorHandlerTests(SimpleTestCase):
def test_handler_renders_template_response(self):
response = self.client.get('/403/')
# Make assertions on the response here. For example:
self.assertContains(response, 'Error handler content', status_code=403)

22
Clientes/custom_decorators.py Normal file
View File

@@ -0,0 +1,22 @@
from functools import wraps
from django.contrib import messages
from django.shortcuts import redirect
from django.http import HttpResponse
def Custom_is_staff_function(user):
if user.is_staff:
return True
return False
def is_staff_access(view_to_return="index"):
def decorator(view):
@wraps(view)
def _wrapped_view(request, *args, **kwargs):
if not Custom_is_staff_function(request.user):
messages.error(request, "No es personal del staff autorizado.")
return redirect(view_to_return)
return view(request, *args, **kwargs)
return _wrapped_view
return decorator

1
Clientes/urls.py
View File

@@ -16,7 +16,6 @@ from .views import (
urlpatterns = [ urlpatterns = [
path('', index, name='index'), path('', index, name='index'),
path('add_timbre2/', add_timbre2.as_view(), name='add_timbre2'), path('add_timbre2/', add_timbre2.as_view(), name='add_timbre2'),
path('timbres_cliente/<str:RFC>/', timbres_cliente, name='timbres_cliente'), path('timbres_cliente/<str:RFC>/', timbres_cliente, name='timbres_cliente'),
path('cliente/update/<int:pk>/',ClientesUpdateView.as_view(),name='update_cliente'), path('cliente/update/<int:pk>/',ClientesUpdateView.as_view(),name='update_cliente'),
path('cliente/add/', ClientesCreateView.as_view(), name='add_cliente'), path('cliente/add/', ClientesCreateView.as_view(), name='add_cliente'),

25
Clientes/views.py
View File

@@ -3,6 +3,8 @@ from django.contrib import messages
from django.http import HttpResponse from django.http import HttpResponse
from django.http import JsonResponse from django.http import JsonResponse
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required
from .custom_decorators import is_staff_access
from .models import Clientes,Timbres,saldoModel,ErroresTimbres from .models import Clientes,Timbres,saldoModel,ErroresTimbres
from rest_framework.views import APIView from rest_framework.views import APIView
@@ -134,8 +136,7 @@ def send_timbres_Email(request):
return redirect('index') return redirect('index')
@login_required @login_required
def index(request): def index(request):
clientes_list = Clientes.objects.all() clientes_list = Clientes.objects.all()
mes = request.GET.get('mes', None) mes = request.GET.get('mes', None)
page = request.GET.get('page', 1) page = request.GET.get('page', 1)
@@ -174,8 +175,6 @@ def index(request):
return render(request,'Clientes/index.html',context) return render(request,'Clientes/index.html',context)
def pageFunc(page,qs,per_page): def pageFunc(page,qs,per_page):
paginator = Paginator(qs,per_page) paginator = Paginator(qs,per_page)
try: try:
@@ -188,9 +187,12 @@ def pageFunc(page,qs,per_page):
@login_required @login_required
@is_staff_access()
def timbres_cliente(request, RFC): def timbres_cliente(request, RFC):
lista = Timbres.objects.filter(rfcc=RFC) if request.user.is_staff:
lista = Timbres.objects.filter(rfcc=RFC)
else:
lista = Timbres.objects.filter(rfcc=RFC,modo='Normal')
search = request.GET.get('search',None) search = request.GET.get('search',None)
page = request.GET.get('page', 1) page = request.GET.get('page', 1)
datepicker = request.GET.get('datepicker', None) datepicker = request.GET.get('datepicker', None)
@@ -236,10 +238,13 @@ class ClientesUpdateView(UserPassesTestMixin,LoginRequiredMixin,UpdateView):
success_url='/' success_url='/'
template_name='Clientes/edit_cliente.html' template_name='Clientes/edit_cliente.html'
def test_func(self): def test_func(self):
#self.request.user.groups.all()
return self.request.user.groups.filter(name= 'admin_soft') res = self.request.user.groups.filter(name= 'admin_soft')
if not res:
messages.error(self.request, f'Lo sentimos. La página que buscas no está disponible, no cuentas con los permisos.')
return res
class ClientesCreateView(UserPassesTestMixin,LoginRequiredMixin,CreateView): class ClientesCreateView(UserPassesTestMixin,LoginRequiredMixin,CreateView):
model = Clientes model = Clientes

35
Templates/403.html Normal file
View File

@@ -0,0 +1,35 @@
<!doctype html>
<html lang="en">
<head>
<!-- Required meta tags -->
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<!-- Bootstrap CSS -->
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/css/bootstrap.min.css" integrity="sha384-GJzZqFGwb1QTTN6wy59ffF1BuGJpLSa9DkKMp0DgiMDm4iYMj70gZWKYbI706tWS" crossorigin="anonymous">
<title>Hello, world!</title>
</head>
<body >
<div>
{% include 'partials/messages.html' %}
<img class="rounded mx-auto d-block" src="https://www.lucushost.com/blog/wp-content/uploads/2020/06/error-403-forbidden.png" alt="Forbidden">
<a href="/" class="btn btn-info btn-lg rounded mx-auto d-block mt-3">
<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-arrow-return-left" viewBox="0 0 16 16">
<path fill-rule="evenodd" d="M14.5 1.5a.5.5 0 0 1 .5.5v4.8a2.5 2.5 0 0 1-2.5 2.5H2.707l3.347 3.346a.5.5 0 0 1-.708.708l-4.2-4.2a.5.5 0 0 1 0-.708l4-4a.5.5 0 1 1 .708.708L2.707 8.3H12.5A1.5 1.5 0 0 0 14 6.8V2a.5.5 0 0 1 .5-.5z"/>
</svg>
Regresar al Inicio
</a>
</div>
<!-- Optional JavaScript -->
<!-- jQuery first, then Popper.js, then Bootstrap JS -->
<script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
<script src="https://cdn.jsdelivr.net/npm/popper.js@1.14.6/dist/umd/popper.min.js" integrity="sha384-wHAiFfRlMFy6i5SRaxvfOCifBUQy1xHdJ/yoi7FRNXMRBu5WHdZYu1hA6ZOblgut" crossorigin="anonymous"></script>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/js/bootstrap.min.js" integrity="sha384-B0UglyR+jN6CkvvICOB2joaf5I4l3gm9GU6Hc1og6Ls7i6U/mkkaduKaBhlAXv9k" crossorigin="anonymous"></script>
</body>
</html>

5
Templates/Clientes/index.html
View File

@@ -12,7 +12,6 @@ Timbres disponibles Comercio Digital: {{saldo}}
<table class="table"> <table class="table">
<thead> <thead>
<tr> <tr>
<th scope="col"> <th scope="col">
<input id="table_rfcc" name="rfcc" value="True" type="checkbox" class="form-check-input" > <input id="table_rfcc" name="rfcc" value="True" type="checkbox" class="form-check-input" >
Cliente RFC Cliente RFC
@@ -56,7 +55,6 @@ Timbres disponibles Comercio Digital: {{saldo}}
<th scope="col"> <th scope="col">
<a target="_blank" rel="noopener noreferrer" href="{% url 'export_Excel' %}?mes={{mes}}">Excel Todos los clientes X Mes </a> <a target="_blank" rel="noopener noreferrer" href="{% url 'export_Excel' %}?mes={{mes}}">Excel Todos los clientes X Mes </a>
</th> </th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
@@ -133,8 +131,9 @@ Timbres disponibles Comercio Digital: {{saldo}}
</div> </div>
{% endif %} {% endif %}
</td> </td>
</tr> </tr>
{% endfor %} {% endfor %}
</tbody> </tbody>
</table> </table>
</div> </div>

6
Templates/Clientes/timbres_cliente.html
View File

@@ -17,7 +17,6 @@
</span> </span>
<br><br> <br><br>
<table class="table"> <table class="table">
<thead> <thead>
<tr> <tr>
@@ -34,8 +33,8 @@
Fecha Fecha
</th> </th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
{% for obj in lista %} {% for obj in lista %}
<tr class="{% if obj.modo == 'Normal' %}table-success{% endif %}"> <tr class="{% if obj.modo == 'Normal' %}table-success{% endif %}">
<th scope="row">{{obj.uuid}}</th> <th scope="row">{{obj.uuid}}</th>
@@ -48,6 +47,7 @@
</tbody> </tbody>
</table> </table>
{% endblock content %} {% endblock content %}