Django_Basic_Manufacturing_3/apps/accounts/models.py

from django.contrib.auth.models import AbstractUser
from django.db import models
from django.db.models.signals import post_migrate
from django.dispatch import receiver


class User(AbstractUser):
    phone = models.CharField(max_length=20, blank=True)
    department = models.CharField(max_length=100, blank=True)
    position = models.CharField(max_length=100, blank=True)
    is_active = models.BooleanField(default=True)
    date_joined = models.DateTimeField(auto_now_add=True)


class Role(models.Model):
    name = models.CharField(max_length=50, unique=True)
    description = models.TextField(blank=True)
    created_at = models.DateTimeField(auto_now_add=True)
    updated_at = models.DateTimeField(auto_now=True)

    def __str__(self):
        return self.name


class UserRole(models.Model):
    user = models.ForeignKey(User, on_delete=models.CASCADE)
    role = models.ForeignKey(Role, on_delete=models.CASCADE)
    assigned_at = models.DateTimeField(auto_now_add=True)
    
    class Meta:
        unique_together = ('user', 'role')


class Permission(models.Model):
    name = models.CharField(max_length=100, unique=True)
    codename = models.CharField(max_length=100, unique=True)
    module = models.CharField(max_length=50)  # e.g., 'inventory', 'sales'
    description = models.TextField(blank=True)


class RolePermission(models.Model):
    role = models.ForeignKey(Role, on_delete=models.CASCADE)
    permission = models.ForeignKey(Permission, on_delete=models.CASCADE)


@receiver(post_migrate)
def create_default_permissions(sender, **kwargs):
    """Create default permissions for all modules"""
    if sender.name == 'apps.accounts':
        # Define default permissions for each module
        default_permissions = [
            # Dashboard permissions
            {'name': 'View Dashboard', 'codename': 'view_dashboard', 'module': 'dashboard', 'description': 'Can view dashboard'},

            # User management permissions
            {'name': 'View User', 'codename': 'view_user', 'module': 'accounts', 'description': 'Can view user list and details'},
            {'name': 'Add User', 'codename': 'add_user', 'module': 'accounts', 'description': 'Can create new users'},
            {'name': 'Change User', 'codename': 'change_user', 'module': 'accounts', 'description': 'Can edit user information'},
            {'name': 'Delete User', 'codename': 'delete_user', 'module': 'accounts', 'description': 'Can delete users'},

            # Role management permissions
            {'name': 'View Role', 'codename': 'view_role', 'module': 'accounts', 'description': 'Can view role list and details'},
            {'name': 'Add Role', 'codename': 'add_role', 'module': 'accounts', 'description': 'Can create new roles'},
            {'name': 'Change Role', 'codename': 'change_role', 'module': 'accounts', 'description': 'Can edit role information'},
            {'name': 'Delete Role', 'codename': 'delete_role', 'module': 'accounts', 'description': 'Can delete roles'},

            # Permission management permissions
            {'name': 'View Permission', 'codename': 'view_permission', 'module': 'accounts', 'description': 'Can view permission list'},
            {'name': 'Add Permission', 'codename': 'add_permission', 'module': 'accounts', 'description': 'Can create new permissions'},
            {'name': 'Change Permission', 'codename': 'change_permission', 'module': 'accounts', 'description': 'Can edit permissions'},
            {'name': 'Delete Permission', 'codename': 'delete_permission', 'module': 'accounts', 'description': 'Can delete permissions'},

            # Inventory permissions
            {'name': 'View Product', 'codename': 'view_product', 'module': 'inventory', 'description': 'Can view product list and details'},
            {'name': 'Add Product', 'codename': 'add_product', 'module': 'inventory', 'description': 'Can create new products'},
            {'name': 'Change Product', 'codename': 'change_product', 'module': 'inventory', 'description': 'Can edit product information'},
            {'name': 'Delete Product', 'codename': 'delete_product', 'module': 'inventory', 'description': 'Can delete products'},

            # Purchasing permissions
            {'name': 'View Purchase Order', 'codename': 'view_purchaseorder', 'module': 'purchasing', 'description': 'Can view purchase orders'},
            {'name': 'Add Purchase Order', 'codename': 'add_purchaseorder', 'module': 'purchasing', 'description': 'Can create purchase orders'},
            {'name': 'Change Purchase Order', 'codename': 'change_purchaseorder', 'module': 'purchasing', 'description': 'Can edit purchase orders'},
            {'name': 'Delete Purchase Order', 'codename': 'delete_purchaseorder', 'module': 'purchasing', 'description': 'Can delete purchase orders'},

            # Sales permissions
            {'name': 'View Sales Order', 'codename': 'view_salesorder', 'module': 'sales', 'description': 'Can view sales orders'},
            {'name': 'Add Sales Order', 'codename': 'add_salesorder', 'module': 'sales', 'description': 'Can create sales orders'},
            {'name': 'Change Sales Order', 'codename': 'change_salesorder', 'module': 'sales', 'description': 'Can edit sales orders'},
            {'name': 'Delete Sales Order', 'codename': 'delete_salesorder', 'module': 'sales', 'description': 'Can delete sales orders'},

            # Manufacturing permissions
            {'name': 'View Manufacturing Order', 'codename': 'view_manufacturingorder', 'module': 'manufacturing', 'description': 'Can view manufacturing orders'},
            {'name': 'Add Manufacturing Order', 'codename': 'add_manufacturingorder', 'module': 'manufacturing', 'description': 'Can create manufacturing orders'},
            {'name': 'Change Manufacturing Order', 'codename': 'change_manufacturingorder', 'module': 'manufacturing', 'description': 'Can edit manufacturing orders'},
            {'name': 'Delete Manufacturing Order', 'codename': 'delete_manufacturingorder', 'module': 'manufacturing', 'description': 'Can delete manufacturing orders'},

            # Reports permissions
            {'name': 'View Report', 'codename': 'view_report', 'module': 'reports', 'description': 'Can view reports'},
            {'name': 'Add Report', 'codename': 'add_report', 'module': 'reports', 'description': 'Can create reports'},
            {'name': 'Change Report', 'codename': 'change_report', 'module': 'reports', 'description': 'Can edit reports'},
            {'name': 'Delete Report', 'codename': 'delete_report', 'module': 'reports', 'description': 'Can delete reports'},

            # Database management permissions
            {'name': 'View Database', 'codename': 'view_database', 'module': 'database_management', 'description': 'Can view database management'},
            {'name': 'Add Database', 'codename': 'add_database', 'module': 'database_management', 'description': 'Can create database entries'},
            {'name': 'Change Database', 'codename': 'change_database', 'module': 'database_management', 'description': 'Can edit database entries'},
            {'name': 'Delete Database', 'codename': 'delete_database', 'module': 'database_management', 'description': 'Can delete database entries'},
        ]

        # Create permissions if they don't exist
        for perm_data in default_permissions:
            Permission.objects.get_or_create(
                codename=perm_data['codename'],
                defaults=perm_data
            )
    
    class Meta:
        unique_together = ('role', 'permission')