diff --git a/django_school_management/accounts/views.py b/django_school_management/accounts/views.py index 39a65b19..503ca0e3 100644 --- a/django_school_management/accounts/views.py +++ b/django_school_management/accounts/views.py @@ -25,7 +25,7 @@ from permission_handlers.administrative import ( user_is_admin_or_su, user_is_teacher_or_administrative ) -from permission_handlers.basic import user_is_verified +from permission_handlers.basic import user_is_verified, can_access_dashboard from .services.profile_complete import ProfileCompleteService @@ -65,7 +65,7 @@ def profile_complete(request): @user_passes_test( - user_is_teacher_or_administrative, + can_access_dashboard, login_url='account:profile_complete') def dashboard(request): total_students = Student.objects.count() diff --git a/permission_handlers/basic.py b/permission_handlers/basic.py index fe199aa0..651f6161 100644 --- a/permission_handlers/basic.py +++ b/permission_handlers/basic.py @@ -6,6 +6,9 @@ from django.http import HttpResponse from django.contrib.auth.decorators import login_required +from permission_handlers.role_enums import RoleEnums + + @login_required def permission_error(request): return HttpResponse('You don\'t have right permissio to access this page.') @@ -20,3 +23,11 @@ def user_is_student(user): def user_is_teacher(user): return user_is_verified(user) and user.requested_role == 'teacher' \ if user.is_authenticated else False + +def can_access_dashboard(user): + restricted_roles = [ + RoleEnums.subscriber.value + ] + if user.requested_role in restricted_roles: + return False + return True diff --git a/permission_handlers/role_enums.py b/permission_handlers/role_enums.py new file mode 100644 index 00000000..04002171 --- /dev/null +++ b/permission_handlers/role_enums.py @@ -0,0 +1,10 @@ +from enum import Enum + + +class RoleEnums(Enum): + subscriber = 'subscriber' + student = 'student' + teacher = 'teacher' + editor = 'editor' + academic_officer = 'academic_officer' + admin = 'admin'