Merge pull request #66 from openimis/feature/OM-139

Damian Borowiecki · web-flow · commit 1104a2894f8b · 2024-03-07T15:50:34.000+01:00
OM-139 Implement bill/invoice generic hookable user filter
diff --git a/invoice/apps.py b/invoice/apps.py
@@ -1,6 +1,7 @@
 import logging
 
 from django.apps import AppConfig
+from core.utils import ConfigUtilMixin
 
 MODULE_NAME = 'invoice'
 
@@ -10,47 +11,52 @@
     "gql_invoice_create_perms": ["155102"],
     "gql_invoice_update_perms": ["155103"],
     "gql_invoice_delete_perms": ["155104"],
-    "gql_invoice_amend_perms":  ["155109"],
+    "gql_invoice_amend_perms": ["155109"],
 
     "gql_invoice_payment_search_perms": ["155201"],
     "gql_invoice_payment_create_perms": ["155202"],
     "gql_invoice_payment_update_perms": ["155203"],
     "gql_invoice_payment_delete_perms": ["155204"],
     "gql_invoice_payment_refund_perms": ["155206"],
 
-    "gql_invoice_event_search_perms":             ["155301"],
-    "gql_invoice_event_create_perms":             ["155302"],
-    "gql_invoice_event_update_perms":             ["155303"],
-    "gql_invoice_event_delete_perms":             ["155304"],
-    "gql_invoice_event_create_message_perms":     ["155306"],
-    "gql_invoice_event_delete_my_message_perms":  ["155307"],
+    "gql_invoice_event_search_perms": ["155301"],
+    "gql_invoice_event_create_perms": ["155302"],
+    "gql_invoice_event_update_perms": ["155303"],
+    "gql_invoice_event_delete_perms": ["155304"],
+    "gql_invoice_event_create_message_perms": ["155306"],
+    "gql_invoice_event_delete_my_message_perms": ["155307"],
     "gql_invoice_event_delete_all_message_perms": ["155308"],
 
     "gql_bill_search_perms": ["156101"],
     "gql_bill_create_perms": ["156102"],
     "gql_bill_update_perms": ["156103"],
     "gql_bill_delete_perms": ["156104"],
-    "gql_bill_amend_perms":  ["156109"],
+    "gql_bill_amend_perms": ["156109"],
 
     "gql_bill_payment_search_perms": ["156201"],
     "gql_bill_payment_create_perms": ["156202"],
     "gql_bill_payment_update_perms": ["156203"],
     "gql_bill_payment_delete_perms": ["156204"],
     "gql_bill_payment_refund_perms": ["156206"],
 
-    "gql_bill_event_search_perms":             ["156301"],
-    "gql_bill_event_create_perms":             ["156302"],
-    "gql_bill_event_update_perms":             ["156303"],
-    "gql_bill_event_delete_perms":             ["156304"],
-    "gql_bill_event_create_message_perms":     ["156306"],
-    "gql_bill_event_delete_my_message_perms":  ["156307"],
+    "gql_bill_event_search_perms": ["156301"],
+    "gql_bill_event_create_perms": ["156302"],
+    "gql_bill_event_update_perms": ["156303"],
+    "gql_bill_event_delete_perms": ["156304"],
+    "gql_bill_event_create_message_perms": ["156306"],
+    "gql_bill_event_delete_my_message_perms": ["156307"],
     "gql_bill_event_delete_all_message_perms": ["156308"],
+
+    # Functions of type Callable[[QuerySet, User], QuerySet], to be used as custom user filters for bills and invoices
+    # To be specified as "module_name.submodule.function_name"
+    "bill_user_filter_function": None,
+    "invoice_user_filter_function": None,
 }
 
 logger = logging.getLogger(__name__)
 
 
-class InvoiceConfig(AppConfig):
+class InvoiceConfig(AppConfig, ConfigUtilMixin):
     name = MODULE_NAME
 
     default_currency_code = None
@@ -89,12 +95,14 @@ class InvoiceConfig(AppConfig):
     gql_bill_event_delete_my_message_perms = None
     gql_bill_event_delete_all_message_perms = None
 
-    def __load_config(self, cfg):
-        for field in cfg:
-            if hasattr(InvoiceConfig, field):
-                setattr(InvoiceConfig, field, cfg[field])
+    bill_user_filter = None
+    invoice_user_filter = None
 
     def ready(self):
         from core.models import ModuleConfiguration
         cfg = ModuleConfiguration.get_or_default(MODULE_NAME, DEFAULT_CONFIG)
-        self.__load_config(cfg)
+        self._load_config_fields(cfg)
+        if cfg['bill_user_filter_function']:
+            self._load_config_function('bill_user_filter', cfg['bill_user_filter_function'])
+        if cfg['invoice_user_filter_function']:
+            self._load_config_function('invoice_user_filter', cfg['invoice_user_filter_function'])
diff --git a/invoice/gql/bill/query.py b/invoice/gql/bill/query.py
@@ -1,13 +1,7 @@
-import functools
-import logging
-import types
-
 import graphene
-import pandas as pd
 from django.contrib.auth.models import AnonymousUser
 from django.contrib.contenttypes.models import ContentType
 from django.db.models import Q
-from django.http import HttpResponse
 from pandas import DataFrame
 
 from core.gql.export_mixin import ExportableQueryMixin
@@ -26,14 +20,15 @@ def patch_subjects(bills_df: DataFrame):
     bills_df['subject_class'] = 'undefined'
     for subject in subject_df['subject_type'].unique():
         model = ContentType.objects.get(id=subject).model_class()
-        entities_for_model = subject_df[subject_df['subject_type']==subject]['subject_id']
+        entities_for_model = subject_df[subject_df['subject_type'] == subject]['subject_id']
         if model == Policy:
-            subject_names = model.objects\
-                .filter(id__in=entities_for_model)\
+            subject_names = model.objects \
+                .filter(id__in=entities_for_model) \
                 .values('id', 'family__head_insuree__chf_id',
                         'family__head_insuree__last_name', 'family__head_insuree__other_names')
             names = {
-                str(x['id']): F"{x['family__head_insuree__other_names']} {x['family__head_insuree__last_name']} ({x['family__head_insuree__chf_id']})" for x in subject_names
+                str(x['id']): F"{x['family__head_insuree__other_names']} {x['family__head_insuree__last_name']} ({x['family__head_insuree__chf_id']})"
+                for x in subject_names
             }
             updated = bills_df['subject_type'] == subject
             bills_df.loc[updated, 'subject_id'] = bills_df[updated]['subject_id'].apply(lambda x: names[x])
@@ -60,6 +55,7 @@ class BillQueryMixin(ExportableQueryMixin):
     )
 
     def resolve_bill(self, info, **kwargs):
+        BillQueryMixin._check_permissions(info.context.user)
         filters = []
         filters += append_validity_filter(**kwargs)
 
@@ -75,8 +71,11 @@ def resolve_bill(self, info, **kwargs):
         if thirdparty_type:
             filters.append(Q(thirdparty_type__model=thirdparty_type))
 
-        BillQueryMixin._check_permissions(info.context.user)
-        return gql_optimizer.query(Bill.objects.filter(*filters).all(), info)
+        qs = Bill.objects.filter(*filters)
+        if InvoiceConfig.bill_user_filter:
+            qs = InvoiceConfig.bill_user_filter(qs, info.context.user)
+
+        return gql_optimizer.query(qs, info)
 
     @staticmethod
     def _check_permissions(user):
diff --git a/invoice/gql/invoice/query.py b/invoice/gql/invoice/query.py
@@ -21,6 +21,7 @@ class InvoiceQueryMixin:
     )
 
     def resolve_invoice(self, info, **kwargs):
+        InvoiceQueryMixin._check_permissions(info.context.user)
         filters = []
         filters += append_validity_filter(**kwargs)
 
@@ -36,14 +37,14 @@ def resolve_invoice(self, info, **kwargs):
         if thirdparty_type:
             filters.append(Q(thirdparty_type__model=thirdparty_type))
 
-        InvoiceQueryMixin._check_permissions(info.context.user)
-        return gql_optimizer.query(Invoice.objects.filter(*filters).all(), info)
+        qs = Invoice.objects.filter(*filters)
+        if InvoiceConfig.invoice_user_filter:
+            qs = InvoiceConfig.invoice_user_filter(qs, info.context.user)
+
+        return gql_optimizer.query(qs, info)
 
     @staticmethod
     def _check_permissions(user):
         if type(user) is AnonymousUser or not user.id or not user.has_perms(
                 InvoiceConfig.gql_invoice_search_perms):
             raise PermissionError("Unauthorized")
-
-
-
