changed ticket + filter view perms

change view perms so users can only see their own tickets changed default signup to user, rather than admin
2024-04-28 23:24:03 +01:00 · 2024-04-28 23:24:03 +01:00 · 53239fa9ac
commit 53239fa9ac
parent bf4a50d6be
3 changed files with 29 additions and 4 deletions
--- a/apps/api/views.py
+++ b/apps/api/views.py
@ -47,7 +47,11 @@ class TicketListApiView(generics.ListAPIView):
    pagination_class = TicketPaginiation
    serializer_class = TicketSerializer

+<<<<<<< Updated upstream
    queryset = Ticket.objects.all()
+=======
+    # queryset = Ticket.objects.all()
+>>>>>>> Stashed changes

    filter_backends = [filters.SearchFilter, rest_filters.DjangoFilterBackend, filters.OrderingFilter]
    filterset_fields = ["uuid", "priority", "tags", "author", "author__department"]
@ -55,12 +59,25 @@ class TicketListApiView(generics.ListAPIView):
    ordering_fields = ["create_timestamp", "edit_timestamp"]

    def get_queryset(self):
+<<<<<<< Updated upstream
        strict_tags = self.request.query_params.get("strict-tags")
        if not strict_tags:
            return self.queryset

        tag_uuids = self.request.query_params.getlist("tags", [])
        queryset = self.queryset
+=======
+        if self.request.user.is_superuser:
+            queryset=Ticket.objects.all()
+        else:
+            queryset = Ticket.objects.filter(author=self.request.user)
+
+        strict_tags = self.request.query_params.get("strict-tags")
+        if not strict_tags:
+            return queryset
+
+        tag_uuids = self.request.query_params.getlist("tags", [])
+>>>>>>> Stashed changes

        log.debug("tag uuids %s", tag_uuids)

@ -77,7 +94,15 @@ class FilterCountListApiView(generics.ListAPIView):
    permission_classes = [permissions.IsAuthenticated]

    def get(self, request):
+<<<<<<< Updated upstream
        self._tickets = Ticket.objects.all()
+=======
+        if self.request.user.is_superuser:
+            self._tickets = Ticket.objects.all()
+        else:
+            self._tickets = Ticket.objects.filter(author=self.request.user)
+        
+>>>>>>> Stashed changes
        data = {"tickets": self._tickets.count()}

        self._fill_data(TicketPriority, data, "priority")
--- a/apps/authentication/views.py
+++ b/apps/authentication/views.py
@ -39,9 +39,9 @@ def register_user(request):
            user = form.save(commit=False)

            # Develepment, give all new users admin
-            user.is_staff = True
-            user.is_superuser = True
-            user.save()
+            # user.is_staff = True
+            # user.is_superuser = True
+            # user.save()

            email = form.cleaned_data.get("email")
            raw_password = form.cleaned_data.get("password1")
--- a/apps/templates/home/tickets.html
+++ b/apps/templates/home/tickets.html
@ -350,7 +350,7 @@

    <div id="ticketModal" class="modal fade" aria-hidden="true">
        <div class="modal-dialog">
-            <form method="post">
+            <form method="post" action="/tickets/new/">

                {% csrf_token %}