Merge pull request #316 in RMS/api-main-service from red-develop to RMSv2

* commit '7bc59974':
  added environment for statung cors, fixed current user
  code refactor on class rms at decorators

app/applicationlayer/management/application/views.py

@@ -25,6 +25,8 @@ class ApplicationViewSet(viewsets.ModelViewSet):
     ordering_fields = '__all__'
     search_fields = ('name', 'code')
 
+    
+    @decorators.rms.application_crate
     @transaction.atomic
     def create(self, request, *args, **kwargs):
 
@@ -79,6 +81,7 @@ class ApplicationViewSet(viewsets.ModelViewSet):
 
         return Response(status=status.HTTP_204_NO_CONTENT)
 
+    @decorators.rms.application_crate
     @transaction.atomic
     def update(self, request, *args, **kwargs):
 

app/applicationlayer/management/company/views.py

@@ -79,6 +79,7 @@ class CompanyViewSet(viewsets.ModelViewSet):
 
         return Response(status=status.HTTP_204_NO_CONTENT)
 
+    @decorators.rms.company_crate
     @transaction.atomic
     def update(self, request, *args, **kwargs):
 

app/applicationlayer/management/module/views.py

@@ -33,6 +33,7 @@ class ModuleViewSet(viewsets.ModelViewSet):
         'code', 'component', 'sort_id'
     )
 
+    @decorators.rms.module_crate
     @transaction.atomic
     def create(self, request, *args, **kwargs):
 
@@ -84,7 +85,7 @@ class ModuleViewSet(viewsets.ModelViewSet):
         serializer = self.get_serializer(queryset, many=True)
         return Response(serializer.data)
 
-
+    @decorators.rms.application_crate
     @transaction.atomic
     def update(self, request, *args, **kwargs):
         partial = kwargs.pop('partial', False)

app/applicationlayer/management/user/serializers.py

@@ -115,17 +115,23 @@ class UserManagementRetreiveSerializer(serializers.ModelSerializer):
         if user.user_type.upper() == enums.UserTypeEnum.USER.value:
             app = user.application.exclude(id=1)
         else:
+            rms = models.Application.objects.filter(id=1)
             app = user.application.all()
+            app = app.union(app, rms)
         list_app = []
 
-        for data in app:
-            mod = data.modules.all()
+        for data in app.order_by('id'):
+            if data.id != 1:
+                mod = data.modules.all()
             if user.user_type.upper() != enums.UserTypeEnum.USER.value:
                 if user.user_type.upper() != enums.UserTypeEnum.USER.value:
                     user_module = models.Module.objects.filter(
                         name__icontains="user"
                     )
-                    mod = mod.union(mod, user_module)
+                    if data.id != 1:
+                        mod = mod.union(mod, user_module)
+                    else:
+                        mod = user_module
             mod = mod.order_by("parent", "sort_id")
 
             mod = ModuleSerializer(data=mod, many=True)

app/helper/decorators.py

@@ -51,22 +51,11 @@ class rms:
     def user_type(self):
         return rms.user(self).user_type
 
-    # @staticmethod
-    # def user_delete(function):
-    #     @wraps(function)
-    #     def wrapper(self, request, *args, **kwargs):
-            
-    #         return function(self, request, *args, **kwargs)
-    #     return wrapper
-
-    @staticmethod
-    def admin_permission(function):
-        @wraps(function)
-        def wrapper(self, request, *args, **kwargs):
-            if rms.user_type(self) == rms.enums_user:
-                raise ParseError(access_error)
-            return function(self, request, *args, **kwargs)
-        return wrapper
+    def superuser_create(self):
+        if rms.user_type(self) != rms.enums_super:
+            raise ParseError(rms.access_error)
+        else:
+            return True
 
     @staticmethod
     def user_create(function):
@@ -102,7 +91,8 @@ class rms:
                     rms.access_error
                 )
             elif rms.user_type(self) == rms.enums_department:
-                if request.user.department.code != rms.user(self).department.code:
+                instance = self.get_object()
+                if rms.user(self).department.code != instance.department.code:
                     raise ParseError(
                         rms.department_error
                     )
@@ -122,10 +112,7 @@ class rms:
     def company_crate(function):
         @wraps(function)
         def wrapper(self, request, *args, **kwargs):
-            if rms.user_type(self) != rms.enums_super:
-                raise ParseError(
-                    rms.access_error
-                )
+            rms.superuser_create(self)
             return function(self, request, *args, **kwargs)
         return wrapper
 
@@ -133,16 +120,7 @@ class rms:
     def department_crate(function):
         @wraps(function)
         def wrapper(self, request, *args, **kwargs):
-            # if rms.user_type(self) == rms.enums_super:
-            #     pass
-            # elif rms.user_type(self) != rms.enums_super or rms.user_type(self) != rms.enums_company:
-            #     raise ParseError(
-            #         rms.access_error
-            #     )
-            if rms.user_type(self) != rms.enums_super:
-                raise ParseError(
-                    rms.access_error
-                )
+            rms.superuser_create(self)
             return function(self, request, *args, **kwargs)
         return wrapper
 
@@ -150,10 +128,15 @@ class rms:
     def application_crate(function):
         @wraps(function)
         def wrapper(self, request, *args, **kwargs):
-            if rms.user_type(self) != rms.enums_super:
-                raise ParseError(
-                    rms.access_error
-                )
+            rms.superuser_create(self)
+            return function(self, request, *args, **kwargs)
+        return wrapper
+
+    @staticmethod
+    def module_crate(function):
+        @wraps(function)
+        def wrapper(self, request, *args, **kwargs):
+            rms.superuser_create(self)
             return function(self, request, *args, **kwargs)
         return wrapper
 

config/settings/base.py

@@ -128,7 +128,7 @@ STATIC_ROOT = os.path.join(BASE_DIR, "static")
 MEDIA_ROOT = os.path.join(BASE_DIR, 'media')
 MEDIA_URL = '/media/'
 
-CORS_ORIGIN_ALLOW_ALL = True
+# CORS_ORIGIN_ALLOW_ALL = True
 
 REST_SESSION_LOGIN = True
 

config/settings/dev.py

@@ -4,6 +4,7 @@ import configparser
 DEBUG = True
 
 ALLOWED_HOSTS = ['*']
+# CORS_ORIGIN_ALLOW_ALL = True
 
 config = configparser.ConfigParser()
 config_file = os.path.join('./', 'env.ini')
@@ -52,3 +53,5 @@ VENDOR_REJECT_MESSAGE = config['NOTIFICATION_EMAIL']['VENDOR_REJECT_MESSAGE']
 CATCH_EMAIL = config['DEV']['CATCH_EMAIL']
 
 CR_FRONT_LINK = config['DEV']['CR_LINK']
+
+CORS_ORIGIN_ALLOW_ALL = True

config/settings/local.py

@@ -50,3 +50,5 @@ VENDOR_REJECT_MESSAGE = config['NOTIFICATION_EMAIL']['VENDOR_REJECT_MESSAGE']
 CATCH_EMAIL = config['LOCAL']['CATCH_EMAIL']
 
 CR_FRONT_LINK = config['LOCAL']['CR_LINK']
+
+CORS_ORIGIN_ALLOW_ALL = True
\ No newline at end of file

config/settings/production.py

@@ -4,6 +4,7 @@ import configparser
 DEBUG = False
 
 ALLOWED_HOSTS = ['*']
+CORS_ORIGIN_ALLOW_ALL = True
 
 config = configparser.ConfigParser()
 config_file = os.path.join('./', 'env.ini')
@@ -52,3 +53,4 @@ VENDOR_REJECT_MESSAGE = config['NOTIFICATION_EMAIL']['VENDOR_REJECT_MESSAGE']
 CATCH_EMAIL = config['PRODUCTION']['CATCH_EMAIL']
 
 CR_FRONT_LINK = config['PRODUCTION']['CR_LINK']
+CORS_ORIGIN_ALLOW_ALL = config['PRODUCTION']['CORS_ORIGIN_ALLOW_ALL']

config/settings/staging.py

@@ -52,3 +52,4 @@ VENDOR_REJECT_MESSAGE = config['NOTIFICATION_EMAIL']['VENDOR_REJECT_MESSAGE']
 CATCH_EMAIL = config['STAGING']['CATCH_EMAIL']
 
 CR_FRONT_LINK = config['STAGING']['CR_LINK']
+CORS_ORIGIN_ALLOW_ALL = config['STAGING']['CORS_ORIGIN_ALLOW_ALL']

env.template.ini

@@ -12,6 +12,7 @@ USER_DEFAULT_PASSWORD =
 CATCH_EMAIL = gladys@tirsolutions.com
 CR_LINK = http://stagingrms.oneberrysystem.com/cms/change-request/form/view
 REALTIMESERVER_IP = 127.0.0.1:8000
+CORS_ORIGIN_ALLOW_ALL = False
 
 [UAT]
 DATABASE_ENGINE = django.db.backends.mysql
@@ -27,6 +28,7 @@ USER_DEFAULT_PASSWORD =
 CATCH_EMAIL = gladys@tirsolutions.com
 CR_LINK = http://stagingrms.oneberrysystem.com/cms/change-request/form/view
 REALTIMESERVER_IP = 127.0.0.1:8000
+CORS_ORIGIN_ALLOW_ALL = False
 
 [DEV]
 DATABASE_ENGINE = django.db.backends.mysql
@@ -42,6 +44,7 @@ USER_DEFAULT_PASSWORD =
 CATCH_EMAIL = gladys@tirsolutions.com
 CR_LINK = http://devweb.rmsv2.oneberrysystem.com/cms/change-request/form/view
 REALTIMESERVER_IP = 127.0.0.1:8000
+CORS_ORIGIN_ALLOW_ALL = True
 
 
 [STAGING]
@@ -58,6 +61,7 @@ USER_DEFAULT_PASSWORD = password
 CATCH_EMAIL = gladys@tirsolutions.com
 CR_LINK = http://stagingrms.oneberrysystem.com/cms/change-request/form/view
 REALTIMESERVER_IP = 127.0.0.1:8000
+CORS_ORIGIN_ALLOW_ALL = False
 
 
 [LOCAL]
@@ -74,6 +78,7 @@ USER_DEFAULT_PASSWORD = password
 CATCH_EMAIL = gladys@tirsolutions.com
 CR_LINK = http://localhost:8000/cms/change-request/form/view
 REALTIMESERVER_IP = 127.0.0.1:8000
+CORS_ORIGIN_ALLOW_ALL = True
 
 [SETTINGS]
 CONFIG = config.settings.staging