diff --git a/care/facility/models/base.py b/care/facility/models/base.py index a8993980c9..6928ca54d1 100644 --- a/care/facility/models/base.py +++ b/care/facility/models/base.py @@ -2,8 +2,9 @@ from care.utils.models.base import BaseModel READ_ONLY_USER_TYPES = [ - User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"], User.TYPE_VALUE_MAP["StateReadOnlyAdmin"], + User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"], + User.TYPE_VALUE_MAP["NurseReadOnly"], User.TYPE_VALUE_MAP["StaffReadOnly"], ] diff --git a/care/facility/models/daily_round.py b/care/facility/models/daily_round.py index 89575f5058..b004baa0cb 100644 --- a/care/facility/models/daily_round.py +++ b/care/facility/models/daily_round.py @@ -12,7 +12,7 @@ COVID_CATEGORY_CHOICES, PatientBaseModel, ) -from care.facility.models.base import covert_choice_dict +from care.facility.models.base import READ_ONLY_USER_TYPES, covert_choice_dict from care.facility.models.bed import AssetBed from care.facility.models.json_schema.daily_round import ( BLOOD_PRESSURE, @@ -499,11 +499,7 @@ def save(self, *args, **kwargs): @staticmethod def has_write_permission(request): if "/analyse" not in request.get_full_path(): - if ( - request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"] - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False return DailyRound.has_read_permission(request) @@ -559,11 +555,7 @@ def has_object_read_permission(self, request): ) def has_object_write_permission(self, request): - if ( - request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"] - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False return ( request.user.is_superuser diff --git a/care/facility/models/mixins/permissions/asset.py b/care/facility/models/mixins/permissions/asset.py index 8affe28606..9b9877606d 100644 --- a/care/facility/models/mixins/permissions/asset.py +++ b/care/facility/models/mixins/permissions/asset.py @@ -1,7 +1,7 @@ from dry_rest_permissions.generics import DRYPermissions +from care.facility.models.base import READ_ONLY_USER_TYPES from care.facility.models.mixins.permissions.base import BasePermissionMixin -from care.users.models import User class IsAssetUser: @@ -30,11 +30,7 @@ def has_object_read_permission(self, request): return True def has_object_write_permission(self, request): - if ( - request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"] - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False return True diff --git a/care/facility/models/mixins/permissions/base.py b/care/facility/models/mixins/permissions/base.py index 1b9056238a..d41648bd15 100644 --- a/care/facility/models/mixins/permissions/base.py +++ b/care/facility/models/mixins/permissions/base.py @@ -1,3 +1,4 @@ +from care.facility.models.base import READ_ONLY_USER_TYPES from care.users.models import User @@ -8,11 +9,7 @@ def has_read_permission(request): @staticmethod def has_write_permission(request): - if ( - request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"] - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False return ( request.user.is_superuser @@ -36,11 +33,7 @@ def has_object_read_permission(self, request): ) def has_object_update_permission(self, request): - if ( - request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"] - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False return (request.user.is_superuser) or ( (hasattr(self, "created_by") and request.user == self.created_by) @@ -57,11 +50,7 @@ def has_object_update_permission(self, request): ) def has_object_destroy_permission(self, request): - if ( - request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"] - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False return request.user.is_superuser or ( hasattr(self, "created_by") and request.user == self.created_by diff --git a/care/facility/models/mixins/permissions/facility.py b/care/facility/models/mixins/permissions/facility.py index edb2b1fab6..a2932ca6b5 100644 --- a/care/facility/models/mixins/permissions/facility.py +++ b/care/facility/models/mixins/permissions/facility.py @@ -1,3 +1,4 @@ +from care.facility.models.base import READ_ONLY_USER_TYPES from care.facility.models.mixins.permissions.base import BasePermissionMixin from care.users.models import User @@ -65,11 +66,7 @@ def has_object_read_permission(self, request): ) def has_object_write_permission(self, request): - if request.user.user_type in ( - User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"], - User.TYPE_VALUE_MAP["StateReadOnlyAdmin"], - User.TYPE_VALUE_MAP["StaffReadOnly"], - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False if request.user.user_type < User.TYPE_VALUE_MAP["Staff"]: # todo Temporary return False @@ -92,11 +89,7 @@ class FacilityRelatedPermissionMixin(BasePermissionMixin): def has_write_permission(request): from care.facility.models.facility import Facility - if ( - request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"] - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False facility = False @@ -129,11 +122,7 @@ def has_object_read_permission(self, request): ) def has_object_write_permission(self, request): - if ( - request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"] - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False return ( super().has_write_permission(request) diff --git a/care/facility/models/mixins/permissions/patient.py b/care/facility/models/mixins/permissions/patient.py index 37abb7007c..e828ecb4cf 100644 --- a/care/facility/models/mixins/permissions/patient.py +++ b/care/facility/models/mixins/permissions/patient.py @@ -1,4 +1,5 @@ from care.facility.models import Facility, User +from care.facility.models.base import READ_ONLY_USER_TYPES from care.facility.models.mixins.permissions.base import BasePermissionMixin @@ -7,11 +8,7 @@ class PatientPermissionMixin(BasePermissionMixin): def has_write_permission(request): if request.user.asset: return False - if request.user.user_type in ( - User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"], - User.TYPE_VALUE_MAP["StateReadOnlyAdmin"], - User.TYPE_VALUE_MAP["StaffReadOnly"], - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False return ( request.user.is_superuser @@ -55,11 +52,7 @@ def has_object_read_permission(self, request): def has_object_write_permission(self, request): if request.user.asset: return False - if request.user.user_type in ( - User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"], - User.TYPE_VALUE_MAP["StateReadOnlyAdmin"], - User.TYPE_VALUE_MAP["StaffReadOnly"], - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False doctor_allowed = False if self.last_consultation: @@ -100,11 +93,7 @@ def has_object_icmr_sample_permission(self, request): def has_object_transfer_permission(self, request): if request.user.asset: return False - if request.user.user_type in ( - User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"], - User.TYPE_VALUE_MAP["StateReadOnlyAdmin"], - User.TYPE_VALUE_MAP["StaffReadOnly"], - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False new_facility = Facility.objects.filter( id=request.data.get("facility", None) @@ -117,11 +106,7 @@ def has_object_transfer_permission(self, request): class PatientRelatedPermissionMixin(BasePermissionMixin): @staticmethod def has_write_permission(request): - if request.user.user_type in ( - User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"], - User.TYPE_VALUE_MAP["StateReadOnlyAdmin"], - User.TYPE_VALUE_MAP["StaffReadOnly"], - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False return ( request.user.is_superuser @@ -154,11 +139,7 @@ def has_object_read_permission(self, request): ) def has_object_update_permission(self, request): - if request.user.user_type in ( - User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"], - User.TYPE_VALUE_MAP["StateReadOnlyAdmin"], - User.TYPE_VALUE_MAP["StaffReadOnly"], - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False return ( request.user.is_superuser diff --git a/care/facility/models/patient_sample.py b/care/facility/models/patient_sample.py index a3a7405521..e967dac530 100644 --- a/care/facility/models/patient_sample.py +++ b/care/facility/models/patient_sample.py @@ -1,6 +1,7 @@ from django.db import models from care.facility.models import FacilityBaseModel, PatientRegistration, reverse_choices +from care.facility.models.base import READ_ONLY_USER_TYPES from care.users.models import User SAMPLE_TYPE_CHOICES = [ @@ -152,11 +153,7 @@ def flow(self): @staticmethod def has_write_permission(request): - if ( - request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"] - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False return ( request.user.is_superuser @@ -190,11 +187,7 @@ def has_object_read_permission(self, request): ) def has_object_update_permission(self, request): - if ( - request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"] - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False if not self.has_object_read_permission(request): return False diff --git a/care/facility/models/prescription_supplier.py b/care/facility/models/prescription_supplier.py index 434bbe67e1..6a5415ff1d 100644 --- a/care/facility/models/prescription_supplier.py +++ b/care/facility/models/prescription_supplier.py @@ -3,6 +3,7 @@ from django.db import models from care.facility.models import FacilityBaseModel +from care.facility.models.base import READ_ONLY_USER_TYPES from care.users.models import User @@ -59,10 +60,6 @@ def has_object_read_permission(self, request): ) def has_object_write_permission(self, request): - if ( - request.user.user_type == User.TYPE_VALUE_MAP["DistrictReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StateReadOnlyAdmin"] - or request.user.user_type == User.TYPE_VALUE_MAP["StaffReadOnly"] - ): + if request.user.user_type in READ_ONLY_USER_TYPES: return False return self.has_object_read_permission(request) diff --git a/care/users/migrations/0009_alter_user_user_type.py b/care/users/migrations/0009_alter_user_user_type.py index b4fc82d886..906f722649 100644 --- a/care/users/migrations/0009_alter_user_user_type.py +++ b/care/users/migrations/0009_alter_user_user_type.py @@ -3,16 +3,6 @@ from django.db import migrations, models -def forwards_func(apps, schema_editor): - user_model = apps.get_model("users", "User") - user_list = [] - for user in user_model.objects.filter(user_type=10): - user.user_type = 12 - user_list.append(user) - - user_model.objects.bulk_update(user_list, ["user_type"]) - - class Migration(migrations.Migration): dependencies = [ ("users", "0008_rename_skill_and_add_new_20230817_1937"), @@ -27,9 +17,10 @@ class Migration(migrations.Migration): (2, "Transportation"), (3, "Pharmacist"), (5, "Volunteer"), - (9, "StaffReadOnly"), - (10, "Staff"), - (12, "Nurse"), + (7, "StaffReadOnly"), + (8, "Staff"), + (9, "NurseReadOnly"), + (10, "Nurse"), (15, "Doctor"), (20, "Reserved"), (21, "WardAdmin"), @@ -43,5 +34,4 @@ class Migration(migrations.Migration): ] ), ), - migrations.RunPython(forwards_func), ] diff --git a/care/users/models.py b/care/users/models.py index 2efa8c0762..ab3dc8d2cc 100644 --- a/care/users/models.py +++ b/care/users/models.py @@ -183,9 +183,10 @@ class User(AbstractUser): "Transportation": 2, "Pharmacist": 3, "Volunteer": 5, - "StaffReadOnly": 9, - "Staff": 10, - "Nurse": 12, + "StaffReadOnly": 7, + "Staff": 8, + "NurseReadOnly": 9, + "Nurse": 10, "Doctor": 15, "Reserved": 20, "WardAdmin": 21,