From 514f1da29e25238bf0c637f9febb458a52c85a92 Mon Sep 17 00:00:00 2001
From: MJedr <jedrych.marcysia@gmail.com>
Date: Fri, 10 Nov 2023 17:12:01 +0100
Subject: [PATCH] add workflows to admin

---
 backoffice/workflows/admin.py | 60 +++++++++++++++++++++++++++++++++++
 backoffice/workflows/urls.py  |  2 --
 config/urls.py                |  3 ++
 3 files changed, 63 insertions(+), 2 deletions(-)
 create mode 100644 backoffice/workflows/admin.py

diff --git a/backoffice/workflows/admin.py b/backoffice/workflows/admin.py
new file mode 100644
index 00000000..acb264c3
--- /dev/null
+++ b/backoffice/workflows/admin.py
@@ -0,0 +1,60 @@
+from django.contrib import admin
+
+from backoffice.management.permissions import IsAdminOrCuratorUser
+
+from .models import Workflow
+
+
+class WorkflowsAdminSite(admin.AdminSite):
+    """
+    Custom admin site for managing workflows.
+
+    This admin site extends the default Django admin site to include additional
+    functionality for managing workflows. It checks whether the user has the
+    necessary permissions to access the admin site by verifying that they are
+    an active user and either a superuser or a member of the 'curator' group.
+
+    Attributes:
+        None
+
+    Methods:
+        has_permission(request): Checks whether the user has permission to access
+            the admin site.
+    """
+
+    def has_permission(self, request):
+        return request.user.is_active and (
+            request.user.is_superuser or request.user.groups.filter(name="curator").exists()
+        )
+
+
+class WorkflowAdmin(admin.ModelAdmin):
+    """
+    Admin class for Workflow model. Define get, update and delete permissions.
+    """
+
+    def has_view_permission(self, request, obj=None):
+        """
+        Returns True if the user has permission to view the Workflow model.
+        """
+        permission_check = IsAdminOrCuratorUser()
+        return request.user.is_superuser or permission_check.has_permission(request, self)
+
+    def has_change_permission(self, request, obj=None):
+        """
+        Returns True if the user has permission to change the Workflow model.
+        """
+        permission_check = IsAdminOrCuratorUser()
+        return request.user.is_superuser or permission_check.has_permission(request, self)
+
+    def has_delete_permission(self, request, obj=None):
+        """
+        Returns True if the user has permission to delete the Workflow model.
+        """
+        permission_check = IsAdminOrCuratorUser()
+        return request.user.is_superuser or permission_check.has_permission(request, self)
+
+
+admin.site.register(Workflow)
+workflow_admin_site = WorkflowsAdminSite(name="backoffice_admin")
+workflow_admin_site.register(Workflow, WorkflowAdmin)
diff --git a/backoffice/workflows/urls.py b/backoffice/workflows/urls.py
index d2601d4d..da472731 100644
--- a/backoffice/workflows/urls.py
+++ b/backoffice/workflows/urls.py
@@ -1,7 +1,5 @@
-from django.contrib import admin
 from django.urls import include, path
 
 urlpatterns = [
     path("workflows/", include("workflows.urls")),
-    path("admin/", admin.site.urls),
 ]
diff --git a/config/urls.py b/config/urls.py
index 7e9aa8ad..49101d9d 100644
--- a/config/urls.py
+++ b/config/urls.py
@@ -8,7 +8,10 @@
 from drf_spectacular.views import SpectacularAPIView, SpectacularSwaggerView
 from rest_framework.authtoken.views import obtain_auth_token
 
+from backoffice.workflows.admin import workflow_admin_site
+
 urlpatterns = [
+    path("dashboard/", workflow_admin_site.urls),
     path("", TemplateView.as_view(template_name="pages/home.html"), name="home"),
     path("about/", TemplateView.as_view(template_name="pages/about.html"), name="about"),
     # Django Admin, use {% url 'admin:index' %}