From e472022c91bef5efd2462d6a301f698e96ebed15 Mon Sep 17 00:00:00 2001
From: Jon <jonathon.lockwood@networkedweb.com>
Date: Sat, 17 Aug 2024 15:16:34 +0930
Subject: [PATCH] feat(development): Add function to filter permissions to
 those used by centurion

ref: #244 #164
---
 app/access/forms/team.py                      | 42 ++---------------
 app/access/functions/permissions.py           | 45 +++++++++++++++++++
 .../centurion_erp/development/models.md       |  2 +
 3 files changed, 51 insertions(+), 38 deletions(-)
 create mode 100644 app/access/functions/permissions.py

diff --git a/app/access/forms/team.py b/app/access/forms/team.py
index 336688aa..9ba53d07 100644
--- a/app/access/forms/team.py
+++ b/app/access/forms/team.py
@@ -1,13 +1,13 @@
 from django import forms
-from django.contrib.auth.models import Permission
 from django.db.models import Q
 from django.forms import inlineformset_factory
 
-from app import settings
-
 from .team_users import TeamUsersForm, TeamUsers
 
 from access.models import Team
+from access.functions import permissions
+
+from app import settings
 
 from core.forms.common import CommonModelForm
 
@@ -66,38 +66,4 @@ class TeamForm(CommonModelForm):
 
         self.fields['permissions'].widget.attrs = {'style': "height: 200px;"}
 
-        apps = [
-            'access',
-            'assistance',
-            'config_management',
-            'core',
-            'django_celery_results',
-            'itam',
-            'settings',
-        ]
-
-        exclude_models = [
-            'appsettings',
-            'chordcounter',
-            'groupresult',
-            'organization'
-            'settings',
-            'usersettings',
-        ]
-
-        exclude_permissions = [
-            'add_organization',
-            'add_taskresult',
-            'change_organization',
-            'change_taskresult',
-            'delete_organization',
-            'delete_taskresult',
-        ]
-
-        self.fields['permissions'].queryset = Permission.objects.filter(
-            content_type__app_label__in=apps,
-        ).exclude(
-            content_type__model__in=exclude_models
-        ).exclude(
-            codename__in = exclude_permissions
-        )
+        self.fields['permissions'].queryset = permissions.permission_queryset()
diff --git a/app/access/functions/permissions.py b/app/access/functions/permissions.py
new file mode 100644
index 00000000..4753b680
--- /dev/null
+++ b/app/access/functions/permissions.py
@@ -0,0 +1,45 @@
+from django.contrib.auth.models import Permission
+
+def permission_queryset():
+    """Filter Permissions to those used within the application
+
+    Returns:
+        list: Filtered queryset that only contains the used permissions
+    """
+
+    apps = [
+        'access',
+        'assistance',
+        'config_management',
+        'core',
+        'django_celery_results',
+        'itam',
+        'itim',
+        'settings',
+    ]
+
+    exclude_models = [
+        'appsettings',
+        'chordcounter',
+        'groupresult',
+        'organization'
+        'settings',
+        'usersettings',
+    ]
+
+    exclude_permissions = [
+        'add_organization',
+        'add_taskresult',
+        'change_organization',
+        'change_taskresult',
+        'delete_organization',
+        'delete_taskresult',
+    ]
+
+    return Permission.objects.filter(
+            content_type__app_label__in=apps,
+        ).exclude(
+            content_type__model__in=exclude_models
+        ).exclude(
+            codename__in = exclude_permissions
+        )
\ No newline at end of file
diff --git a/docs/projects/centurion_erp/development/models.md b/docs/projects/centurion_erp/development/models.md
index 92963650..9b08df64 100644
--- a/docs/projects/centurion_erp/development/models.md
+++ b/docs/projects/centurion_erp/development/models.md
@@ -42,6 +42,8 @@ All models must meet the following requirements:
 
     - `verbose_name_plural`
 
+- If creating a new model, function `access.functions.permissions.permission_queryset()` has been updated to display the models permission(s)
+
 
 ## History