Add migrations and selective model view

2025-05-19 19:09:22 +02:00 · 2024-04-03 10:57:05 -06:00 · 2024-04-03 10:57:05 -06:00 · c1ed009a05
commit c1ed009a05
parent a66e873edf
3 changed files with 41 additions and 3 deletions
--- a/src/registrar/admin.py
+++ b/src/registrar/admin.py
@ -765,6 +765,41 @@ class WebsiteAdmin(ListHeaderAdmin):
        "website",
    ]
    search_help_text = "Search by website."
+    
+    def get_model_perms(self, request):
+        """
+        Return empty perms dict thus hiding the model from admin index.
+        """
+        superuser_perm = request.user.has_perm("registrar.full_access_permission")
+        analyst_perm = request.user.has_perm("registrar.analyst_access_permission")
+        if analyst_perm and not superuser_perm:
+            return {}
+        return super().get_model_perms(request)
+
+    def has_change_permission(self, request, obj=None):
+        """
+        Allow analysts to access the change form directly via URL.
+        """
+        superuser_perm = request.user.has_perm("registrar.full_access_permission")
+        analyst_perm = request.user.has_perm("registrar.analyst_access_permission")
+        if analyst_perm and not superuser_perm:
+            return True
+        return super().has_change_permission(request, obj)
+
+    def response_change(self, request, obj):
+        """
+        Override to redirect admins back to the same page after saving.
+        """
+        superuser_perm = request.user.has_perm("registrar.full_access_permission")
+        analyst_perm = request.user.has_perm("registrar.analyst_access_permission")
+
+        # Don't redirect to the website page on save if the user is an analyst.
+        # Rather, just redirect back to the same change page.
+        if analyst_perm and not superuser_perm:
+            opts = obj._meta
+            pk_value = obj._get_pk_val()
+            return HttpResponseRedirect(reverse('admin:%s_%s_change' % (opts.app_label, opts.model_name), args=(pk_value,)))
+        return super().response_change(request, obj)


 class UserDomainRoleAdmin(ListHeaderAdmin):
@ -1439,7 +1474,10 @@ class DomainInformationInline(admin.StackedInline):
    def has_change_permission(self, request, obj=None):
        """Custom has_change_permission override so that we can specify that
        analysts can edit this through this inline, but not through the model normally"""
-        if request.user.has_perm("registrar.analyst_access_permission"):
+
+        superuser_perm = request.user.has_perm("registrar.full_access_permission")
+        analyst_perm = request.user.has_perm("registrar.analyst_access_permission")
+        if analyst_perm and not superuser_perm:
            return True
        return super().has_change_permission(request, obj)