fix: added NurseReadOnly user type

ohcnetwork · Sep 10, 2023 · 574db3f · 574db3f
1 parent 456b9c4
commit 574db3f
Show file tree

Hide file tree

Showing 10 changed files with 34 additions and 105 deletions.
diff --git a/care/facility/models/base.py b/care/facility/models/base.py
@@ -2,8 +2,9 @@
 from care.utils.models.base import BaseModel
 
 READ_ONLY_USER_TYPES = [
-    User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"],
     User.TYPE_VALUE_MAP["StateReadOnlyAdmin"],
+    User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"],
+    User.TYPE_VALUE_MAP["NurseReadOnly"],
     User.TYPE_VALUE_MAP["StaffReadOnly"],
 ]
 

diff --git a/care/facility/models/daily_round.py b/care/facility/models/daily_round.py
@@ -12,7 +12,7 @@
     COVID_CATEGORY_CHOICES,
     PatientBaseModel,
 )
-from care.facility.models.base import covert_choice_dict
+from care.facility.models.base import READ_ONLY_USER_TYPES, covert_choice_dict
 from care.facility.models.bed import AssetBed
 from care.facility.models.json_schema.daily_round import (
     BLOOD_PRESSURE,
@@ -499,11 +499,7 @@ def save(self, *args, **kwargs):
     @staticmethod
     def has_write_permission(request):
         if "/analyse" not in request.get_full_path():
-            if (
-                request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"]
-                or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"]
-                or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"]
-            ):
+            if request.user.user_type in READ_ONLY_USER_TYPES:
                 return False
         return DailyRound.has_read_permission(request)
 
@@ -559,11 +555,7 @@ def has_object_read_permission(self, request):
         )
 
     def has_object_write_permission(self, request):
-        if (
-            request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"]
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
         return (
             request.user.is_superuser

diff --git a/care/facility/models/mixins/permissions/asset.py b/care/facility/models/mixins/permissions/asset.py
@@ -1,7 +1,7 @@
 from dry_rest_permissions.generics import DRYPermissions
 
+from care.facility.models.base import READ_ONLY_USER_TYPES
 from care.facility.models.mixins.permissions.base import BasePermissionMixin
-from care.users.models import User
 
 
 class IsAssetUser:
@@ -30,11 +30,7 @@ def has_object_read_permission(self, request):
         return True
 
     def has_object_write_permission(self, request):
-        if (
-            request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"]
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
 
         return True

diff --git a/care/facility/models/mixins/permissions/base.py b/care/facility/models/mixins/permissions/base.py
@@ -1,3 +1,4 @@
+from care.facility.models.base import READ_ONLY_USER_TYPES
 from care.users.models import User
 
 
@@ -8,11 +9,7 @@ def has_read_permission(request):
 
     @staticmethod
     def has_write_permission(request):
-        if (
-            request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"]
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
         return (
             request.user.is_superuser
@@ -36,11 +33,7 @@ def has_object_read_permission(self, request):
         )
 
     def has_object_update_permission(self, request):
-        if (
-            request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"]
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
         return (request.user.is_superuser) or (
             (hasattr(self, "created_by") and request.user == self.created_by)
@@ -57,11 +50,7 @@ def has_object_update_permission(self, request):
         )
 
     def has_object_destroy_permission(self, request):
-        if (
-            request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"]
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
         return request.user.is_superuser or (
             hasattr(self, "created_by") and request.user == self.created_by

diff --git a/care/facility/models/mixins/permissions/facility.py b/care/facility/models/mixins/permissions/facility.py
@@ -1,3 +1,4 @@
+from care.facility.models.base import READ_ONLY_USER_TYPES
 from care.facility.models.mixins.permissions.base import BasePermissionMixin
 from care.users.models import User
 
@@ -65,11 +66,7 @@ def has_object_read_permission(self, request):
         )
 
     def has_object_write_permission(self, request):
-        if request.user.user_type in (
-            User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"],
-            User.TYPE_VALUE_MAP["StateReadOnlyAdmin"],
-            User.TYPE_VALUE_MAP["StaffReadOnly"],
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
         if request.user.user_type < User.TYPE_VALUE_MAP["Staff"]:  # todo Temporary
             return False
@@ -92,11 +89,7 @@ class FacilityRelatedPermissionMixin(BasePermissionMixin):
     def has_write_permission(request):
         from care.facility.models.facility import Facility
 
-        if (
-            request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"]
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
 
         facility = False
@@ -129,11 +122,7 @@ def has_object_read_permission(self, request):
         )
 
     def has_object_write_permission(self, request):
-        if (
-            request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"]
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
         return (
             super().has_write_permission(request)

diff --git a/care/facility/models/mixins/permissions/patient.py b/care/facility/models/mixins/permissions/patient.py
@@ -1,4 +1,5 @@
 from care.facility.models import Facility, User
+from care.facility.models.base import READ_ONLY_USER_TYPES
 from care.facility.models.mixins.permissions.base import BasePermissionMixin
 
 
@@ -7,11 +8,7 @@ class PatientPermissionMixin(BasePermissionMixin):
     def has_write_permission(request):
         if request.user.asset:
             return False
-        if request.user.user_type in (
-            User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"],
-            User.TYPE_VALUE_MAP["StateReadOnlyAdmin"],
-            User.TYPE_VALUE_MAP["StaffReadOnly"],
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
         return (
             request.user.is_superuser
@@ -55,11 +52,7 @@ def has_object_read_permission(self, request):
     def has_object_write_permission(self, request):
         if request.user.asset:
             return False
-        if request.user.user_type in (
-            User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"],
-            User.TYPE_VALUE_MAP["StateReadOnlyAdmin"],
-            User.TYPE_VALUE_MAP["StaffReadOnly"],
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
         doctor_allowed = False
         if self.last_consultation:
@@ -100,11 +93,7 @@ def has_object_icmr_sample_permission(self, request):
     def has_object_transfer_permission(self, request):
         if request.user.asset:
             return False
-        if request.user.user_type in (
-            User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"],
-            User.TYPE_VALUE_MAP["StateReadOnlyAdmin"],
-            User.TYPE_VALUE_MAP["StaffReadOnly"],
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
         new_facility = Facility.objects.filter(
             id=request.data.get("facility", None)
@@ -117,11 +106,7 @@ def has_object_transfer_permission(self, request):
 class PatientRelatedPermissionMixin(BasePermissionMixin):
     @staticmethod
     def has_write_permission(request):
-        if request.user.user_type in (
-            User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"],
-            User.TYPE_VALUE_MAP["StateReadOnlyAdmin"],
-            User.TYPE_VALUE_MAP["StaffReadOnly"],
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
         return (
             request.user.is_superuser
@@ -154,11 +139,7 @@ def has_object_read_permission(self, request):
         )
 
     def has_object_update_permission(self, request):
-        if request.user.user_type in (
-            User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"],
-            User.TYPE_VALUE_MAP["StateReadOnlyAdmin"],
-            User.TYPE_VALUE_MAP["StaffReadOnly"],
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
         return (
             request.user.is_superuser

diff --git a/care/facility/models/patient_sample.py b/care/facility/models/patient_sample.py
@@ -1,6 +1,7 @@
 from django.db import models
 
 from care.facility.models import FacilityBaseModel, PatientRegistration, reverse_choices
+from care.facility.models.base import READ_ONLY_USER_TYPES
 from care.users.models import User
 
 SAMPLE_TYPE_CHOICES = [
@@ -152,11 +153,7 @@ def flow(self):
 
     @staticmethod
     def has_write_permission(request):
-        if (
-            request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"]
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
         return (
             request.user.is_superuser
@@ -190,11 +187,7 @@ def has_object_read_permission(self, request):
         )
 
     def has_object_update_permission(self, request):
-        if (
-            request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"]
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
         if not self.has_object_read_permission(request):
             return False

diff --git a/care/facility/models/prescription_supplier.py b/care/facility/models/prescription_supplier.py
@@ -3,6 +3,7 @@
 from django.db import models
 
 from care.facility.models import FacilityBaseModel
+from care.facility.models.base import READ_ONLY_USER_TYPES
 from care.users.models import User
 
 
@@ -59,10 +60,6 @@ def has_object_read_permission(self, request):
         )
 
     def has_object_write_permission(self, request):
-        if (
-            request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"]
-            or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"]
-        ):
+        if request.user.user_type in READ_ONLY_USER_TYPES:
             return False
         return self.has_object_read_permission(request)
diff --git a/care/users/migrations/0009_alter_user_user_type.py b/care/users/migrations/0009_alter_user_user_type.py
@@ -3,16 +3,6 @@
 from django.db import migrations, models
 
 
-def forwards_func(apps, schema_editor):
-    user_model = apps.get_model("users", "User")
-    user_list = []
-    for user in user_model.objects.filter(user_type=10):
-        user.user_type = 12
-        user_list.append(user)
-
-    user_model.objects.bulk_update(user_list, ["user_type"])
-
-
 class Migration(migrations.Migration):
     dependencies = [
         ("users", "0008_rename_skill_and_add_new_20230817_1937"),
@@ -27,9 +17,10 @@ class Migration(migrations.Migration):
                     (2, "Transportation"),
                     (3, "Pharmacist"),
                     (5, "Volunteer"),
-                    (9, "StaffReadOnly"),
-                    (10, "Staff"),
-                    (12, "Nurse"),
+                    (7, "StaffReadOnly"),
+                    (8, "Staff"),
+                    (9, "NurseReadOnly"),
+                    (10, "Nurse"),
                     (15, "Doctor"),
                     (20, "Reserved"),
                     (21, "WardAdmin"),
@@ -43,5 +34,4 @@ class Migration(migrations.Migration):
                 ]
             ),
         ),
-        migrations.RunPython(forwards_func),
     ]
diff --git a/care/users/models.py b/care/users/models.py
@@ -183,9 +183,10 @@ class User(AbstractUser):
         "Transportation": 2,
         "Pharmacist": 3,
         "Volunteer": 5,
-        "StaffReadOnly": 9,
-        "Staff": 10,
-        "Nurse": 12,
+        "StaffReadOnly": 7,
+        "Staff": 8,
+        "NurseReadOnly": 9,
+        "Nurse": 10,
         "Doctor": 15,
         "Reserved": 20,
         "WardAdmin": 21,