Skip to content

Commit 3c8871b

Browse files
MySecondLanguageMySecondLanguage
committed
Renamed permssion
1 parent 00d6575 commit 3c8871b

File tree

6 files changed

+86
-44
lines changed

6 files changed

+86
-44
lines changed

nxtbn/cart/admin_query.py

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33

44
from nxtbn.cart.models import Cart
55
from nxtbn.cart.admin_types import CartItemType, CartType
6-
from nxtbn.core.admin_permissions import gql_staff_required
6+
from nxtbn.core.admin_permissions import gql_store_admin_required
77

88

99
class AdminCartQuery(graphene.ObjectType):
@@ -13,18 +13,18 @@ class AdminCartQuery(graphene.ObjectType):
1313

1414
items_in_cart = graphene.List(CartItemType, cart_id=graphene.ID(required=True))
1515

16-
@gql_staff_required
16+
@gql_store_admin_required
1717
def resolve_carts(self, info, **kwargs):
1818
return Cart.objects.all()
1919

20-
@gql_staff_required
20+
@gql_store_admin_required
2121
def resolve_cart_by_user(self, info, user_id):
2222
try:
2323
return Cart.objects.get(user_id=user_id)
2424
except Cart.DoesNotExist:
2525
return None
2626

27-
@gql_staff_required
27+
@gql_store_admin_required
2828
def resolve_items_in_cart(self, info, cart_id):
2929
try:
3030
cart = Cart.objects.get(id=cart_id)

nxtbn/core/admin_permissions.py

Lines changed: 45 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -159,6 +159,16 @@ def wrapper(self, info, *args, **kwargs):
159159

160160
if user.is_anonymous:
161161
raise GraphQLError("Authentication required")
162+
163+
if not user.is_staff:
164+
raise GraphQLError("Permission denied")
165+
166+
if user.is_superuser:
167+
return func(self, info, *args, **kwargs)
168+
169+
if user.is_store_admin:
170+
return func(self, info, *args, **kwargs)
171+
162172

163173
if operation == "query":
164174
return func(self, info, *args, **kwargs)
@@ -176,17 +186,49 @@ def wrapper(self, info, *args, **kwargs):
176186

177187

178188

179-
def gql_staff_required(func): # Used in graphql only
189+
def gql_store_admin_required(func): # Used in graphql only
180190
@functools.wraps(func)
181191
def wrapper(self, info, *args, **kwargs):
182192
user = info.context.user
183193

184194
if user.is_anonymous:
185195
raise GraphQLError("Authentication required")
196+
197+
if not user.is_staff:
198+
raise GraphQLError("Permission denied")
199+
200+
if user.is_superuser:
201+
return func(self, info, *args, **kwargs)
186202

187-
if not user.is_staff: # Check if the user is a staff member
188-
raise GraphQLError("Permission denied") # Block access if the user is not staff
203+
if user.is_store_admin:
204+
return func(self, info, *args, **kwargs)
189205

190206
return func(self, info, *args, **kwargs) # Call the actual resolver
191207

208+
return wrapper
209+
210+
211+
def gql_store_staff_required(func): # Used in graphql only
212+
@functools.wraps(func)
213+
def wrapper(self, info, *args, **kwargs):
214+
user = info.context.user
215+
216+
if user.is_anonymous:
217+
raise GraphQLError("Authentication required")
218+
219+
if not user.is_staff:
220+
raise GraphQLError("Permission denied")
221+
222+
if user.is_superuser:
223+
return func(self, info, *args, **kwargs)
224+
225+
if user.is_store_admin:
226+
return func(self, info, *args, **kwargs)
227+
228+
if user.is_store_staff:
229+
return func(self, info, *args, **kwargs)
230+
else:
231+
raise GraphQLError("Permission denied")
232+
233+
192234
return wrapper

nxtbn/core/admin_queries.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
from graphql import GraphQLError
44

55
from nxtbn.core import CurrencyTypes
6-
from nxtbn.core.admin_permissions import gql_staff_required
6+
from nxtbn.core.admin_permissions import gql_store_admin_required
77
from nxtbn.core.admin_types import AdminCurrencyTypesEnum, CurrencyExchangeType
88
from nxtbn.core.models import CurrencyExchange
99
from graphene_django.filter import DjangoFilterConnectionField
@@ -14,7 +14,7 @@ class AdminCoreQuery(graphene.ObjectType):
1414
currency_exchange = graphene.Field(CurrencyExchangeType, id=graphene.ID(required=True))
1515
allowed_currency_list = graphene.List(AdminCurrencyTypesEnum)
1616

17-
@gql_staff_required
17+
@gql_store_admin_required
1818
def resolve_currency_exchanges(self, info, **kwargs):
1919
return CurrencyExchange.objects.all()
2020

@@ -24,7 +24,7 @@ def resolve_currency_exchange(self, info, id):
2424
except CurrencyExchange.DoesNotExist:
2525
return None
2626

27-
@gql_staff_required
27+
@gql_store_admin_required
2828
def resolve_allowed_currency_list(self, info):
2929
allowed_currency_list = settings.ALLOWED_CURRENCIES
3030

nxtbn/order/admin_queries.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
import graphene
22
from graphene_django.filter import DjangoFilterConnectionField
33

4-
from nxtbn.core.admin_permissions import gql_staff_required
4+
from nxtbn.core.admin_permissions import gql_store_admin_required
55
from nxtbn.order.admin_types import OrderType
66
from nxtbn.order.models import Address, Order
77
from nxtbn.users import UserRole
@@ -13,11 +13,11 @@ class AdminOrderQuery(graphene.ObjectType):
1313

1414

1515

16-
@gql_staff_required
16+
@gql_store_admin_required
1717
def resolve_orders(self, info, **kwargs):
1818
return Order.objects.all()
1919

20-
@gql_staff_required
20+
@gql_store_admin_required
2121
def resolve_order(self, info, id):
2222
try:
2323
order = Order.objects.get(id=id)

nxtbn/product/admin_queries.py

Lines changed: 20 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
import graphene
44

55
from graphene_django.filter import DjangoFilterConnectionField
6-
from nxtbn.core.admin_permissions import gql_staff_required
6+
from nxtbn.core.admin_permissions import gql_store_admin_required
77
from nxtbn.product.admin_types import CategoryTranslationType, CategoryType, CollectionTranslationType, CollectionType, ProductGraphType, ProductTagTranslationType, ProductTagType, ProductTranslationType, ProductVariantAdminType, SupplierType
88
from nxtbn.product.models import Category, CategoryTranslation, Collection, CollectionTranslation, Product, ProductTag, ProductTagTranslation, ProductTranslation, Supplier
99
from nxtbn.users import UserRole
@@ -42,114 +42,114 @@ class ProductQuery(graphene.ObjectType):
4242
tags_translations = DjangoFilterConnectionField(ProductTagTranslationType)
4343

4444

45-
@gql_staff_required
45+
@gql_store_admin_required
4646
def resolve_product(root, info, id):
4747

4848
try:
4949
return Product.objects.get(pk=id)
5050
except Product.DoesNotExist:
5151
return None
5252

53-
@gql_staff_required
53+
@gql_store_admin_required
5454
def resolve_products(root, info, **kwargs):
5555
return Product.objects.all()
5656

5757

58-
@gql_staff_required
58+
@gql_store_admin_required
5959
def resolve_collection(root, info, id):
6060

6161
try:
6262
return Collection.objects.get(pk=id)
6363
except Collection.DoesNotExist:
6464
return None
6565

66-
@gql_staff_required
66+
@gql_store_admin_required
6767
def resolve_collections(root, info, **kwargs):
6868
return Collection.objects.all()
6969

70-
@gql_staff_required
70+
@gql_store_admin_required
7171
def resolve_producttag(root, info, id):
7272

7373
try:
7474
return ProductTag.objects.get(pk=id)
7575
except ProductTag.DoesNotExist:
7676
return None
7777

78-
@gql_staff_required
78+
@gql_store_admin_required
7979
def resolve_producttags(root, info, **kwargs):
8080
return ProductTag.objects.all()
8181

8282

83-
@gql_staff_required
83+
@gql_store_admin_required
8484
def resolve_supplier(root, info, id):
8585

8686
try:
8787
return Supplier.objects.get(pk=id)
8888
except Supplier.DoesNotExist:
8989
return None
9090

91-
@gql_staff_required
91+
@gql_store_admin_required
9292
def resolve_suppliers(root, info, **kwargs):
9393
return Product.objects.all()
9494

95-
@gql_staff_required
95+
@gql_store_admin_required
9696
def resolve_product_variants(root, info, **kwargs):
9797
return Product.objects.all()
9898

99-
@gql_staff_required
99+
@gql_store_admin_required
100100
def resolve_category(root, info, id):
101101

102102
try:
103103
return Category.objects.get(pk=id)
104104
except Category.DoesNotExist:
105105
return None
106106

107-
@gql_staff_required
107+
@gql_store_admin_required
108108
def resolve_categories(root, info, **kwargs):
109109
return Category.objects.all()
110110

111111
# All translations
112-
@gql_staff_required
112+
@gql_store_admin_required
113113
def resolve_category_translation(root, info, base_category_id, lang_code):
114114
try:
115115
return CategoryTranslation.objects.get(category_id=base_category_id, language_code=lang_code)
116116
except CategoryTranslation.DoesNotExist:
117117
return None
118-
@gql_staff_required
118+
@gql_store_admin_required
119119
def resolve_category_translations(root, info, **kwargs):
120120
return CategoryTranslation.objects.all()
121121

122-
@gql_staff_required
122+
@gql_store_admin_required
123123
def resolve_collection_translation(root, info, base_collection_id, lang_code):
124124
try:
125125
return CollectionTranslation.objects.get(collection_id=base_collection_id, language_code=lang_code)
126126
except CollectionTranslation.DoesNotExist:
127127
return None
128128

129-
@gql_staff_required
129+
@gql_store_admin_required
130130
def resolve_collection_translations(root, info, **kwargs):
131131
return CollectionTranslation.objects.all()
132132

133-
@gql_staff_required
133+
@gql_store_admin_required
134134
def resolve_tags_translation(root, info, base_tag_id, lang_code):
135135
try:
136136
return ProductTagTranslation.objects.get(tag_id=base_tag_id, language_code=lang_code)
137137
except ProductTagTranslation.DoesNotExist:
138138
return None
139139

140-
@gql_staff_required
140+
@gql_store_admin_required
141141
def resolve_tags_translations(root, info, **kwargs):
142142
return ProductTagTranslation.objects.all()
143143

144144

145-
@gql_staff_required
145+
@gql_store_admin_required
146146
def resolve_product_translation(root, info, base_product_id, lang_code):
147147
try:
148148
return ProductTranslation.objects.get(product_id=base_product_id, language_code=lang_code)
149149
except ProductTranslation.DoesNotExist:
150150
return None
151151

152-
@gql_staff_required
152+
@gql_store_admin_required
153153
def resolve_product_translations(root, info, **kwargs):
154154
return ProductTranslation.objects.all()
155155

nxtbn/warehouse/admin_queries.py

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22

33
import graphene
44

5-
from nxtbn.core.admin_permissions import gql_staff_required
5+
from nxtbn.core.admin_permissions import gql_store_admin_required
66
from nxtbn.warehouse.admin_types import StockReservationType, StockTransferItemType, StockTransferType, StockType, WarehouseType
77
from nxtbn.warehouse.models import Stock, StockReservation, StockTransfer, StockTransferItem, Warehouse
88
from graphene_django.filter import DjangoFilterConnectionField
@@ -22,55 +22,55 @@ class WarehouseQuery(graphene.ObjectType):
2222
stock_transfer = graphene.Field(StockTransferType, id=graphene.ID(required=True))
2323
stock_transfer_item = graphene.Field(StockTransferItemType, id=graphene.ID(required=True))
2424

25-
@gql_staff_required
25+
@gql_store_admin_required
2626
def resolve_warehouses(root, info, **kwargs):
2727
return Warehouse.objects.all()
2828

29-
@gql_staff_required
29+
@gql_store_admin_required
3030
def resolve_stocks(root, info, **kwargs):
3131
return Stock.objects.all()
3232

33-
@gql_staff_required
33+
@gql_store_admin_required
3434
def resolve_stock_reservations(root, info, **kwargs):
3535
return StockReservation.objects.all()
3636

37-
@gql_staff_required
37+
@gql_store_admin_required
3838
def resolve_stock_transfers(root, info, **kwargs):
3939
return StockTransfer.objects.all()
4040

41-
@gql_staff_required
41+
@gql_store_admin_required
4242
def resolve_stock_transfer_items(root, info, **kwargs):
4343
return StockTransferItem.objects.all()
4444

45-
@gql_staff_required
45+
@gql_store_admin_required
4646
def resolve_warehouse(root, info, id):
4747
try:
4848
return Warehouse.objects.get(pk=id)
4949
except Warehouse.DoesNotExist:
5050
return None
5151

52-
@gql_staff_required
52+
@gql_store_admin_required
5353
def resolve_stock(root, info, id):
5454
try:
5555
return Stock.objects.get(pk=id)
5656
except Stock.DoesNotExist:
5757
return None
5858

59-
@gql_staff_required
59+
@gql_store_admin_required
6060
def resolve_stock_reservation(root, info, id):
6161
try:
6262
return StockReservation.objects.get(pk=id)
6363
except StockReservation.DoesNotExist:
6464
return None
6565

66-
@gql_staff_required
66+
@gql_store_admin_required
6767
def resolve_stock_transfer(root, info, id):
6868
try:
6969
return StockTransfer.objects.get(pk=id)
7070
except StockTransfer.DoesNotExist:
7171
return None
7272

73-
@gql_staff_required
73+
@gql_store_admin_required
7474
def resolve_stock_transfer_item(root, info, id):
7575
try:
7676
return StockTransferItem.objects.get(pk=id)

0 commit comments

Comments
 (0)