From e01805090a4d94da139231a0e70aec63cd29d5f0 Mon Sep 17 00:00:00 2001 From: fjrodriguez Date: Wed, 1 Feb 2023 09:21:52 -0600 Subject: [PATCH] segunda con sistemas --- Clientes/views.py | 24 +++++++++++++----------- Sistemas/permissions.py | 12 +++++++++++- Sistemas/views.py | 2 +- 3 files changed, 25 insertions(+), 13 deletions(-) diff --git a/Clientes/views.py b/Clientes/views.py index 97f0157..9c90adb 100644 --- a/Clientes/views.py +++ b/Clientes/views.py @@ -26,6 +26,8 @@ from rest_framework.response import Response from rest_framework.permissions import IsAuthenticated from rest_framework import status +from Sistemas.permissions import ItsAdminToken + #EXCEL from openpyxl import Workbook from openpyxl.styles import Alignment, Border, Font, PatternFill, Side @@ -229,10 +231,9 @@ def timbres_cliente(request, RFC): mes = request.GET.get('mes', None) year = request.GET.get('year',None) - + if year is None or year=='': - - today= datetime.date.today() + today= datetime.date.today() year =today.year search = request.GET.get('search',None) @@ -390,26 +391,27 @@ def PACS_Retrive_RFCS(request): #-------------------------------------------- class check_RFC(APIView): - permission_classes = (IsAuthenticated,) + permission_classes = (ItsAdminToken,IsAuthenticated,) def get(self,request): rfc = request.GET.get('RFC', None) try: + if rfc is None or len(rfc)==0: + return Response({'Error': 'RFC parameter cannot be empty', 'isError': True}) + cliente, created = Clientes.objects.get_or_create(RFC=rfc) serializer = ClienteSerializer(cliente) - - if created: + if created: cliente.Activo=True cliente.save() if not serializer.is_valid: - return Response(serializer.errors,status=400) - + return Response({'Error':f'{serializer.errors}','isError':True},status=200) return Response(serializer.data) except Exception as E: return Response({'Error':f'check_RFC:{E} RFC:{rfc}','isError':True}) class add_timbre2(APIView): - permission_classes = (IsAuthenticated,) + permission_classes = (ItsAdminToken,IsAuthenticated,) def get(self,request): uuid= request.GET.get('uuid', None) rfcc= request.GET.get('rfcc', None) @@ -436,7 +438,7 @@ class add_timbre2(APIView): return Response({'Error':f'{e}'}) class saldo_funct2(APIView): - permission_classes =(IsAuthenticated,) + permission_classes =(ItsAdminToken,IsAuthenticated,) def get(self, request): timbres = request.GET.get('num',None) try: @@ -450,7 +452,7 @@ class saldo_funct2(APIView): return Response(content) class check_host(APIView): - permission_classes = (IsAuthenticated,) + permission_classes = (ItsAdminToken,IsAuthenticated,) def post(self,request, format=None): data = request.data diff --git a/Sistemas/permissions.py b/Sistemas/permissions.py index 7a2e60e..303d579 100644 --- a/Sistemas/permissions.py +++ b/Sistemas/permissions.py @@ -1,4 +1,14 @@ from rest_framework.permissions import BasePermission + + class HasAuthorizationHeader(BasePermission): def has_permission(self, request, view): - return 'Authorization' in request.headers \ No newline at end of file + return 'Authorization' in request.headers + +class ItsAdminToken(BasePermission): + def has_permission(self,request,view): + return request.user.is_superuser + +class ItsAdminGroup(BasePermission): + def has_permission(self, request, view): + return request.user.groups.filter(name= 'admin_soft') \ No newline at end of file diff --git a/Sistemas/views.py b/Sistemas/views.py index ee7b2a6..1b2fa6d 100644 --- a/Sistemas/views.py +++ b/Sistemas/views.py @@ -56,7 +56,7 @@ class SistemasXCliente_ListView(UserPassesTestMixin,LoginRequiredMixin, ListView model = sistemas_por_cliente paginate_by = 5 template_name = 'Sistemas/Xclientes/lista.html' - def test_func(self): + def test_func(self): res = self.request.user.groups.filter(name= 'admin_soft') if not res: messages.error(self.request, f'Lo sentimos. La página que buscas no está disponible, no cuentas con los permisos.')