domain views has_permissions updated

2025-08-03 00:12:16 +02:00 · 2023-11-22 10:48:13 -05:00 · 2023-11-22 10:48:13 -05:00 · 1efb7d23f3
commit 1efb7d23f3
parent 6da9fdab2a
2 changed files with 39 additions and 0 deletions
--- a/src/registrar/views/domain.py
+++ b/src/registrar/views/domain.py
@ -152,6 +152,28 @@ class DomainView(DomainBaseView):
        context["security_email"] = security_email
        return context

+    def in_editable_state(self, pk):
+        """Override in_editable_state from DomainPermission
+        Allow detail page to be editable"""
+
+        requested_domain = None
+        if Domain.objects.filter(id=pk).exists():
+            requested_domain = Domain.objects.get(id=pk)
+
+        # if domain is editable return true
+        if requested_domain:
+            return True
+        return False
+
+    def _get_domain(self, request):
+        """
+        override get_domain for this view so that domain overview
+        always resets the cache for the domain object
+        """
+        self.session = request.session
+        self.object = self.get_object()
+        self._update_session_with_domain()
+

 class DomainOrgNameAddressView(DomainFormBaseView):
    """Organization name and mailing address view"""
--- a/src/registrar/views/utility/mixins.py
+++ b/src/registrar/views/utility/mixins.py
@ -3,6 +3,7 @@
 from django.contrib.auth.mixins import PermissionRequiredMixin

 from registrar.models import (
+    Domain,
    DomainApplication,
    DomainInvitation,
    DomainInformation,
@ -52,9 +53,25 @@ class DomainPermission(PermissionsLoginMixin):
        if not UserDomainRole.objects.filter(user=self.request.user, domain__id=pk).exists():
            return False

+        # test if domain in editable state
+        if not self.in_editable_state(pk):
+            return False
+
        # if we need to check more about the nature of role, do it here.
        return True

+    def in_editable_state(self, pk):
+        """Is the domain in an editable state"""
+
+        requested_domain = None
+        if Domain.objects.filter(id=pk).exists():
+            requested_domain = Domain.objects.get(id=pk)
+
+        # if domain is editable return true
+        if requested_domain and requested_domain.is_editable():
+            return True
+        return False
+
    def can_access_other_user_domains(self, pk):
        """Checks to see if an authorized user (staff or superuser)
        can access a domain that they did not create or was invited to.