check for a model in permission and use that in treasury

2025-06-28 12:32:49 +02:00 · 2023-09-28 18:48:57 +02:00
parent d82a1001c4
commit 0f1e4d2e60
3 changed files with 39 additions and 16 deletions
--- a/apps/treasury/views.py
+++ b/apps/treasury/views.py
@ -101,14 +101,7 @@ class InvoiceListView(LoginRequiredMixin, SingleTableView):
        if not request.user.is_authenticated:
            return self.handle_no_permission()

-        sample_invoice = Invoice(
-            id=0,
-            object="",
-            description="",
-            name="",
-            address="",
-        )
-        if not PermissionBackend.check_perm(self.request, "treasury.view_invoice", sample_invoice):
+        if not PermissionBackend.has_model_perm(self.request, Invoice(), "view"):
            raise PermissionDenied(_("You are not able to see the treasury interface."))
        return super().dispatch(request, *args, **kwargs)

@ -278,11 +271,7 @@ class RemittanceListView(LoginRequiredMixin, TemplateView):
        if not request.user.is_authenticated:
            return self.handle_no_permission()

-        sample_remittance = Remittance(
-            remittance_type_id=1,
-            comment="",
-        )
-        if not PermissionBackend.check_perm(self.request, "treasury.add_remittance", sample_remittance):
+        if not PermissionBackend.has_model_perm(self.request, Remittance(), "view"):
            raise PermissionDenied(_("You are not able to see the treasury interface."))
        return super().dispatch(request, *args, **kwargs)

@ -408,7 +397,7 @@ class SogeCreditListView(LoginRequiredMixin, ProtectQuerysetMixin, SingleTableVi
        if not request.user.is_authenticated:
            return self.handle_no_permission()

-        if not super().get_queryset().exists():
+        if not PermissionBackend.has_model_perm(self.request, SogeCredit(), "view"):
            raise PermissionDenied(_("You are not able to see the treasury interface."))
        return super().dispatch(request, *args, **kwargs)