Added is_technician field in customuser

equipment_tracker/accounts/migrations/0002_customuser_is_technician.py

@@ -0,0 +1,18 @@
+# Generated by Django 4.2.7 on 2023-11-13 10:22
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='customuser',
+            name='is_technician',
+            field=models.BooleanField(default=False),
+        ),
+    ]

equipment_tracker/accounts/models.py

@@ -37,6 +37,7 @@ class CustomUser(AbstractUser):
     # Password inherited from base user class
     # is_admin inherited from base user class
     is_active = models.BooleanField(default=False)
+    is_technician = models.BooleanField(default=False)
     avatar = models.ImageField(upload_to=_get_upload_to, null=True)
 
     @property
@@ -65,11 +66,11 @@ def create_superuser(sender, **kwargs):
             print('Created admin account')
             superuser.save()
 
-        username = 'usertest1'
+        username = 'test-user-technician'
         email = os.getenv('DJANGO_ADMIN_EMAIL')
         password = os.getenv('DJANGO_ADMIN_PASSWORD')
         first_name = 'Test'
-        last_name = 'User'
+        last_name = 'Technician'
 
         if not User.objects.filter(username=username).exists():
             # Create the superuser with is_active set to False
@@ -78,5 +79,5 @@ def create_superuser(sender, **kwargs):
 
             # Activate the user
             user.is_active = True
-            print('Created debug user account')
+            print('Created debug technician account')
             user.save()

equipment_tracker/accounts/permissions.py

@@ -0,0 +1,11 @@
+from rest_framework.permissions import BasePermission
+
+
+class IsTechnician(BasePermission):
+    message = "You must be a technician to perform this action."
+
+    def has_permission(self, request, view):
+        return request.user.is_authenticated and request.user.is_technician
+
+    def has_object_permission(self, request, view, obj):
+        return request.user.is_authenticated and request.user.is_technician

equipment_tracker/equipments/views.py

@@ -3,13 +3,14 @@ from rest_framework import viewsets, generics
 from .models import Equipment, EquipmentInstance
 from . import serializers
 from config.settings import DEBUG
+from accounts.permissions import IsTechnician
 
 # -- Equipment Viewsets
 
 
 class EquipmentViewSet(viewsets.ModelViewSet):
     if (not DEBUG):
-        permission_classes = [IsAuthenticated]
+        permission_classes = [IsAuthenticated, IsTechnician]
     serializer_class = serializers.EquipmentSerializer
     queryset = Equipment.objects.all().order_by('-date_added')
 
@@ -18,7 +19,7 @@ class EquipmentViewSet(viewsets.ModelViewSet):
 
 class EquipmentsLogsViewSet(generics.ListAPIView):
     if (not DEBUG):
-        permission_classes = [IsAuthenticated]
+        permission_classes = [IsAuthenticated, IsTechnician]
     serializer_class = serializers.EquipmentLogsSerializer
     queryset = Equipment.history.all().order_by('-history_date')
 
@@ -27,7 +28,7 @@ class EquipmentsLogsViewSet(generics.ListAPIView):
 
 class EquipmentLogViewSet(viewsets.ReadOnlyModelViewSet):
     if (not DEBUG):
-        permission_classes = [IsAuthenticated]
+        permission_classes = [IsAuthenticated, IsTechnician]
     serializer_class = serializers.EquipmentLogSerializer
 
     def get_queryset(self):
@@ -39,7 +40,7 @@ class EquipmentLogViewSet(viewsets.ReadOnlyModelViewSet):
 
 class LastUpdatedEquipmentViewSet(generics.ListAPIView):
     if (not DEBUG):
-        permission_classes = [IsAuthenticated]
+        permission_classes = [IsAuthenticated, IsTechnician]
     serializer_class = serializers.EquipmentSerializer
     queryset = Equipment.objects.all().order_by('-date_added')
 
@@ -51,7 +52,7 @@ class LastUpdatedEquipmentViewSet(generics.ListAPIView):
 
 class EquipmentInstanceViewSet(viewsets.ModelViewSet):
     if (not DEBUG):
-        permission_classes = [IsAuthenticated]
+        permission_classes = [IsAuthenticated, IsTechnician]
     serializer_class = serializers.EquipmentInstanceSerializer
     queryset = EquipmentInstance.objects.all().order_by('-date_added')
 
@@ -60,7 +61,7 @@ class EquipmentInstanceViewSet(viewsets.ModelViewSet):
 
 class EquipmentInstancesLogsViewSet(generics.ListAPIView):
     if (not DEBUG):
-        permission_classes = [IsAuthenticated]
+        permission_classes = [IsAuthenticated, IsTechnician]
     serializer_class = serializers.EquipmentInstanceLogsSerializer
     queryset = EquipmentInstance.history.all().order_by('-history_date')
 
@@ -69,7 +70,7 @@ class EquipmentInstancesLogsViewSet(generics.ListAPIView):
 
 class EquipmentInstanceLogViewSet(viewsets.ReadOnlyModelViewSet):
     if (not DEBUG):
-        permission_classes = [IsAuthenticated]
+        permission_classes = [IsAuthenticated, IsTechnician]
     serializer_class = serializers.EquipmentInstanceLogSerializer
 
     def get_queryset(self):
@@ -81,7 +82,7 @@ class EquipmentInstanceLogViewSet(viewsets.ReadOnlyModelViewSet):
 
 class LastUpdatedEquipmentInstanceViewSet(generics.ListAPIView):
     if (not DEBUG):
-        permission_classes = [IsAuthenticated]
+        permission_classes = [IsAuthenticated, IsTechnician]
     serializer_class = serializers.EquipmentInstanceSerializer
     queryset = EquipmentInstance.objects.all().order_by('-date_added')