Merge pull request #303 from usnistgov/7.3.0.dev

7.3.0.dev

Author: rptmat57

.pre-commit-config.yaml

@@ -1,9 +1,9 @@
 repos:
   - repo: https://github.com/psf/black-pre-commit-mirror
-    rev: 25.1.0
+    rev: 25.12.0
     hooks:
       - id: black
-        language_version: python3.11
+        language_version: python3.13
 
   - repo: https://github.com/djlint/djLint
     rev: v1.36.4

Dockerfile

@@ -1,4 +1,4 @@
-FROM python:3.11
+FROM python:3.13
 
 RUN apt-get update && apt-get upgrade -y
 RUN apt-get install -y less vim

Dockerfile.splash_pad

@@ -1,4 +1,4 @@
-FROM python:3.11
+FROM python:3.13
 
 RUN apt-get update && apt-get upgrade -y && apt-get install -y systemctl rsync vim less
 

NEMO/actions.py

@@ -1,31 +1,35 @@
+import json
+from collections.abc import Mapping
+from typing import Sequence
+
 from django.contrib import admin, messages
 from django.db.models import Max
 from django.urls import reverse
 from django.utils.safestring import mark_safe
 
 from NEMO.mixins import BillableItemMixin
-from NEMO.models import Area, Configuration, Interlock, InterlockCard, Tool, User
+from NEMO.models import Area, Configuration, Interlock, InterlockCard, Tool, ToolUsageQuestions, User
 from NEMO.typing import QuerySetType
-from NEMO.utilities import export_format_datetime, new_model_copy
+from NEMO.utilities import export_format_datetime, get_django_default_perm, new_model_copy
 from NEMO.views.access_requests import access_csv_export
 from NEMO.views.adjustment_requests import adjustments_csv_export
 
 
-@admin.action(description="Disable selected cards")
+@admin.action(description="Disable selected cards", permissions=["change"])
 def disable_selected_cards(model_admin, request, queryset: QuerySetType[InterlockCard]):
     for interlock_card in queryset:
         interlock_card.enabled = False
         interlock_card.save(update_fields=["enabled"])
 
 
-@admin.action(description="Enable selected cards")
+@admin.action(description="Enable selected cards", permissions=["change"])
 def enable_selected_cards(model_admin, request, queryset: QuerySetType[InterlockCard]):
     for interlock_card in queryset:
         interlock_card.enabled = True
         interlock_card.save(update_fields=["enabled"])
 
 
-@admin.action(description="Lock selected interlocks")
+@admin.action(description="Lock selected interlocks", permissions=["change"])
 def lock_selected_interlocks(model_admin, request, queryset):
     for interlock in queryset:
         try:
@@ -38,7 +42,7 @@ def lock_selected_interlocks(model_admin, request, queryset):
             messages.error(request, f"{interlock} could not be locked due to the following error: {str(error)}")
 
 
-@admin.action(description="Unlock selected interlocks")
+@admin.action(description="Unlock selected interlocks", permissions=["change"])
 def unlock_selected_interlocks(model_admin, request, queryset):
     for interlock in queryset:
         try:
@@ -51,7 +55,7 @@ def unlock_selected_interlocks(model_admin, request, queryset):
             messages.error(request, f"{interlock} could not be unlocked due to the following error: {str(error)}")
 
 
-@admin.action(description="Synchronize selected interlocks with tool usage")
+@admin.action(description="Synchronize selected interlocks with tool usage", permissions=["change"])
 def synchronize_with_tool_usage(model_admin, request, queryset):
     for interlock in queryset:
         # Ignore interlocks with no tool assigned, and ignore interlocks connected to doors
@@ -65,6 +69,8 @@ def synchronize_with_tool_usage(model_admin, request, queryset):
 
 @admin.action(description="Create next interlock")
 def create_next_interlock(model_admin, request, queryset):
+    if not has_perm(request, queryset, "add") or not has_perm(request, queryset, "change"):
+        model_admin.message_user(request, "You do not have permission to run this action.", level=messages.ERROR)
     for interlock in queryset:
         new_interlock = Interlock()
         new_interlock.card = interlock.card
@@ -74,7 +80,7 @@ def create_next_interlock(model_admin, request, queryset):
         new_interlock.save()
 
 
-@admin.action(description="Generate CSV status report for selected interlocks")
+@admin.action(description="Generate CSV status report for selected interlocks", permissions=["view"])
 def csv_interlock_status_report(model_admin, request, queryset: QuerySetType[Interlock]):
     from NEMO.interlocks import get_interlock_report
 
@@ -85,6 +91,8 @@ def csv_interlock_status_report(model_admin, request, queryset: QuerySetType[Int
 
 @admin.action(description="Duplicate selected tool configuration")
 def duplicate_tool_configuration(model_admin, request, queryset):
+    if not has_perm(request, queryset, "add") or not has_perm(request, queryset, "change"):
+        model_admin.message_user(request, "You do not have permission to run this action.", level=messages.ERROR)
     for tool in queryset:
         original_name = tool.name
         new_name = "Copy of " + tool.name
@@ -135,28 +143,30 @@ def duplicate_tool_configuration(model_admin, request, queryset):
             )
 
 
-@admin.action(description="Rebuild area tree")
+@admin.action(description="Rebuild area tree", permissions=["change"])
 def rebuild_area_tree(model_admin, request, queryset):
     Area.objects.rebuild()
 
 
-@admin.action(description="Export selected adjustment requests in CSV")
+@admin.action(description="Export selected adjustment requests in CSV", permissions=["view"])
 def adjustment_requests_export_csv(modeladmin, request, queryset):
     return adjustments_csv_export(queryset.all())
 
 
-@admin.action(description="Mark selected adjustment requests as applied")
+@admin.action(description="Mark selected adjustment requests as applied", permissions=["change"])
 def adjustment_requests_mark_as_applied(modeladmin, request, queryset):
     return queryset.update(applied=True, applied_by=request.user)
 
 
-@admin.action(description="Export selected access requests in CSV")
+@admin.action(description="Export selected access requests in CSV", permissions=["view"])
 def access_requests_export_csv(modeladmin, request, queryset):
     return access_csv_export(queryset.all())
 
 
 @admin.action(description="Duplicate selected configuration")
 def duplicate_configuration(model_admin, request, queryset: QuerySetType[Configuration]):
+    if not has_perm(request, queryset, "add") or not has_perm(request, queryset, "change"):
+        model_admin.message_user(request, "You do not have permission to run this action.", level=messages.ERROR)
     for configuration in queryset:
         original_name = configuration.name
         new_name = "Copy of " + configuration.name
@@ -188,8 +198,58 @@ def duplicate_configuration(model_admin, request, queryset: QuerySetType[Configu
             )
 
 
-@admin.action(description="Waive selected charges")
+@admin.action(description="Duplicate selected tool usage questions")
+def duplicate_tool_usage_questions(model_admin, request, queryset: QuerySetType[ToolUsageQuestions]):
+    if not has_perm(request, queryset, "add") or not has_perm(request, queryset, "change"):
+        model_admin.message_user(request, "You do not have permission to run this action.", level=messages.ERROR)
+    for tool_usage_question in queryset:
+        try:
+            old_tools = tool_usage_question.only_for_tools.all()
+            old_projects = tool_usage_question.only_for_projects.all()
+            old_users = tool_usage_question.only_for_users.all()
+            old_groups = tool_usage_question.only_for_groups.all()
+            new_tool_usage_question = new_model_copy(tool_usage_question)
+            new_tool_usage_question.display_order = tool_usage_question.display_order + 1
+
+            def walk(x):
+                if isinstance(x, Mapping):
+                    x = dict(x)
+                    if "name" in x and isinstance(x["name"], str):
+                        x["name"] += f"_{new_tool_usage_question.display_order}"
+                    for k, v in x.items():
+                        x[k] = walk(v)
+                    return x
+                elif isinstance(x, Sequence) and not isinstance(x, str):
+                    return [walk(i) for i in x]
+                return x
+
+            new_tool_usage_question.questions = json.dumps(walk(json.loads(tool_usage_question.questions)), indent=4)
+
+            new_tool_usage_question.full_clean()
+            new_tool_usage_question.save()
+            new_tool_usage_question.only_for_tools.set(old_tools)
+            new_tool_usage_question.only_for_projects.set(old_projects)
+            new_tool_usage_question.only_for_users.set(old_users)
+            new_tool_usage_question.only_for_groups.set(old_groups)
+            messages.success(
+                request,
+                mark_safe(
+                    f'A duplicate of {str(tool_usage_question)} has been made as <a href="{reverse("admin:NEMO_toolusagequestions_change", args=[new_tool_usage_question.id])}">{str(new_tool_usage_question)}</a>'
+                ),
+            )
+        except Exception as error:
+            messages.error(
+                request,
+                f"{str(tool_usage_question)} could not be duplicated because of the following error: {str(error)}",
+            )
+
+
+@admin.action(description="Waive selected charges", permissions=["change"])
 def waive_selected_charges(model_admin, request, queryset: QuerySetType[BillableItemMixin]):
     for charge in queryset:
         charge.waive(request.user)
         messages.success(request, f"{model_admin.model.__name__} #{charge.id} has been successfully waived")
+
+
+def has_perm(request, qs, action) -> bool:
+    return request.user.has_perm(get_django_default_perm(qs.model, action))