add workflows to admin

inspirehep · Nov 13, 2023 · 514f1da · 514f1da
1 parent 1067b0f
commit 514f1da
Show file tree

Hide file tree

Showing 3 changed files with 63 additions and 2 deletions.
diff --git a/backoffice/workflows/admin.py b/backoffice/workflows/admin.py
@@ -0,0 +1,60 @@
+from django.contrib import admin
+
+from backoffice.management.permissions import IsAdminOrCuratorUser
+
+from .models import Workflow
+
+
+class WorkflowsAdminSite(admin.AdminSite):
+    """
+    Custom admin site for managing workflows.
+
+    This admin site extends the default Django admin site to include additional
+    functionality for managing workflows. It checks whether the user has the
+    necessary permissions to access the admin site by verifying that they are
+    an active user and either a superuser or a member of the 'curator' group.
+
+    Attributes:
+        None
+
+    Methods:
+        has_permission(request): Checks whether the user has permission to access
+            the admin site.
+    """
+
+    def has_permission(self, request):
+        return request.user.is_active and (
+            request.user.is_superuser or request.user.groups.filter(name="curator").exists()
+        )
+
+
+class WorkflowAdmin(admin.ModelAdmin):
+    """
+    Admin class for Workflow model. Define get, update and delete permissions.
+    """
+
+    def has_view_permission(self, request, obj=None):
+        """
+        Returns True if the user has permission to view the Workflow model.
+        """
+        permission_check = IsAdminOrCuratorUser()
+        return request.user.is_superuser or permission_check.has_permission(request, self)
+
+    def has_change_permission(self, request, obj=None):
+        """
+        Returns True if the user has permission to change the Workflow model.
+        """
+        permission_check = IsAdminOrCuratorUser()
+        return request.user.is_superuser or permission_check.has_permission(request, self)
+
+    def has_delete_permission(self, request, obj=None):
+        """
+        Returns True if the user has permission to delete the Workflow model.
+        """
+        permission_check = IsAdminOrCuratorUser()
+        return request.user.is_superuser or permission_check.has_permission(request, self)
+
+
+admin.site.register(Workflow)
+workflow_admin_site = WorkflowsAdminSite(name="backoffice_admin")
+workflow_admin_site.register(Workflow, WorkflowAdmin)
diff --git a/backoffice/workflows/urls.py b/backoffice/workflows/urls.py
@@ -1,7 +1,5 @@
-from django.contrib import admin
 from django.urls import include, path
 
 urlpatterns = [
     path("workflows/", include("workflows.urls")),
-    path("admin/", admin.site.urls),
 ]
diff --git a/config/urls.py b/config/urls.py
@@ -8,7 +8,10 @@
 from drf_spectacular.views import SpectacularAPIView, SpectacularSwaggerView
 from rest_framework.authtoken.views import obtain_auth_token
 
+from backoffice.workflows.admin import workflow_admin_site
+
 urlpatterns = [
+    path("dashboard/", workflow_admin_site.urls),
     path("", TemplateView.as_view(template_name="pages/home.html"), name="home"),
     path("about/", TemplateView.as_view(template_name="pages/about.html"), name="about"),
     # Django Admin, use {% url 'admin:index' %}