Modify Patient Access Control; Add Home Facility to List Serializer (#…

…960)
ohcnetwork · Aug 2, 2022 · ab3e690 · ab3e690
1 parent 76481f8
commit ab3e690
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 6 deletions.
diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst
@@ -27,6 +27,25 @@ Using Docker
 .. _`docker`: https://docs.docker.get-started/
 .. _`docker-compose`: https://docs.docker.com/compose
 
+Local Setup
+~~~~~~~~~~~~
+Make sure that Postgres is Installed.
+
+Run `pip install -r local/requirements.txt`
+
+Troubleshooting Local Setup
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+If you're on Mac and you have installed Postgres.app Run:
+`export PATH=$PATH:/Applications/Postgres.app/Contents/Versions/14/bin`
+
+If you're pip install is failing on Pillow Consider installing 
+
+`brew install libjpeg libtiff little-cms2 openjpeg webp`
+
+and then:
+
+`brew install freetype harfbuzz fribidi`
 
 Running the server
 ``````````````````

diff --git a/care/facility/models/mixins/permissions/patient.py b/care/facility/models/mixins/permissions/patient.py
@@ -54,7 +54,8 @@ def has_object_write_permission(self, request):
         return request.user.is_superuser or (
             (hasattr(self, "created_by") and request.user == self.created_by)
             or (doctor_allowed)
-            or (self.facility and request.user in self.facility.users.all())
+            # or (self.facility and request.user in self.facility.users.all())
+            or (self.facility == request.user.home_facility)
             or (
                 request.user.user_type >= User.TYPE_VALUE_MAP["DistrictLabAdmin"]
                 and (

diff --git a/care/users/api/serializers/user.py b/care/users/api/serializers/user.py
@@ -52,6 +52,7 @@ class UserCreateSerializer(SignUpSerializer):
         child=serializers.UUIDField(), required=False, allow_empty=True, write_only=True
     )
     home_facility = ExternalIdSerializerField(queryset=Facility.objects.all())
+
     class Meta:
         model = User
         include = ("facilities",)
@@ -97,7 +98,8 @@ def validate_local_body(self, value):
             and not self.context["created_by"].is_superuser
             and not self.context["created_by"].user_type >= User.TYPE_VALUE_MAP["DistrictAdmin"]
         ):
-            raise serializers.ValidationError("Cannot create for a different local body")
+            raise serializers.ValidationError(
+                "Cannot create for a different local body")
         return value
 
     def validate_district(self, value):
@@ -124,7 +126,8 @@ def validate(self, attrs):
         if self.context["created_by"].user_type in READ_ONLY_USER_TYPES:
             if validated["user_type"] not in READ_ONLY_USER_TYPES:
                 raise exceptions.ValidationError(
-                    {"user_type": ["Read only users can create other read only users only"]}
+                    {"user_type": [
+                        "Read only users can create other read only users only"]}
                 )
         if (
             self.context["created_by"].user_type == User.TYPE_VALUE_MAP["Staff"]
@@ -135,15 +138,17 @@ def validate(self, attrs):
             validated["user_type"] > self.context["created_by"].user_type
             and not self.context["created_by"].is_superuser
         ):
-            raise exceptions.ValidationError({"user_type": ["User cannot create another user with higher permissions"]})
+            raise exceptions.ValidationError(
+                {"user_type": ["User cannot create another user with higher permissions"]})
 
         if (
             not validated.get("ward")
             and not validated.get("local_body")
             and not validated.get("district")
             and not validated.get("state")
         ):
-            raise exceptions.ValidationError({"__all__": ["One of ward, local body, district or state is required"]})
+            raise exceptions.ValidationError(
+                {"__all__": ["One of ward, local body, district or state is required"]})
 
         return validated
 
@@ -193,9 +198,11 @@ class UserSerializer(SignUpSerializer):
     district_object = DistrictSerializer(source="district", read_only=True)
     state_object = StateSerializer(source="state", read_only=True)
     alt_phone_number = PhoneNumberIsPossibleField(required=False, allow_blank=True)
-    home_facility_object = FacilityBareMinimumSerializer(source="home_facility", read_only=True)
+    home_facility_object = FacilityBareMinimumSerializer(
+        source="home_facility", read_only=True)
 
     home_facility = ExternalIdSerializerField(queryset=Facility.objects.all())
+
     class Meta:
         model = User
         fields = (
@@ -279,6 +286,9 @@ class UserListSerializer(serializers.ModelSerializer):
     state_object = StateSerializer(source="state", read_only=True)
     user_type = ChoiceField(choices=User.TYPE_CHOICES, read_only=True)
     created_by = serializers.CharField(source="created_by_user", read_only=True)
+    home_facility_object = FacilityBareMinimumSerializer(
+        source="home_facility", read_only=True)
+    home_facility = ExternalIdSerializerField(queryset=Facility.objects.all())
 
     class Meta:
         model = User
@@ -293,4 +303,6 @@ class Meta:
             "user_type",
             "created_by",
             "last_login",
+            "home_facility_object",
+            "home_facility",
         )