From 1721c9592520122446f0040e90641dcbcf94c5f5 Mon Sep 17 00:00:00 2001 From: Klafyvel Date: Fri, 2 Mar 2018 00:23:41 +0100 Subject: [PATCH] =?UTF-8?q?Gestion=20des=20admins=20d'=C3=A9cole?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- users/templates/users/school.html | 29 +++++++++++++++++-------- users/urls.py | 12 +++++++++++ users/views.py | 35 +++++++++++++++++++++++++++++-- 3 files changed, 65 insertions(+), 11 deletions(-) diff --git a/users/templates/users/school.html b/users/templates/users/school.html index a39b58e..0c65b40 100644 --- a/users/templates/users/school.html +++ b/users/templates/users/school.html @@ -7,6 +7,7 @@ Éditer +{% if manager_right in perms %}

Membres

@@ -17,18 +18,28 @@ {% for member in members %} - - - - + + + + + + {% endfor %}
{{member.last_name}}{{member.first_name}}{{member.username}} - - - Supprimer - -
{{member.last_name}}{{member.first_name}}{{member.username}} + {% if member in manager_group.user_set.all %} + + + Enlever le privilège Administrateur + + {% else %} + + + Promouvoir administrateur + + {% endif %} +
+{% endif %}

Contenus

diff --git a/users/urls.py b/users/urls.py index e4b147c..415e64a 100644 --- a/users/urls.py +++ b/users/urls.py @@ -10,6 +10,8 @@ from .views import ( PasswordChange, Profile, School, + promote_user, + degrade_user ) app_name = 'users' @@ -54,6 +56,16 @@ urlpatterns = [ School.as_view(), name='school' ), + path( + 'school//degrade/', + degrade_user, + name='degrade-user' + ), + path( + 'school//promote/', + promote_user, + name='promote-user' + ), path( 'school//edit', EditSchool.as_view(), diff --git a/users/views.py b/users/views.py index 02adf52..121c219 100644 --- a/users/views.py +++ b/users/views.py @@ -1,11 +1,12 @@ from django.contrib.auth.models import User, Group from django.contrib.auth.mixins import PermissionRequiredMixin, LoginRequiredMixin from django.views.generic import CreateView, UpdateView, DeleteView, DetailView -from django.contrib.auth.views import LoginView, LogoutView, PasswordChangeView +from django.contrib.auth.views import LoginView, LogoutView, PasswordChangeView, login_required from django.contrib.auth.hashers import make_password from django.contrib.messages.views import SuccessMessageMixin +from django.contrib import messages from django.urls import reverse, reverse_lazy -from django.shortcuts import get_object_or_404 +from django.shortcuts import get_object_or_404, redirect from .models import UserProfile, SchoolProfile from content.models import Content @@ -140,6 +141,8 @@ class School(LoginRequiredMixin, PermissionRequiredMixin, DetailView): context['contents'] = Content.objects.filter(school_owner=self.object.school) context['school'] = True context['members'] = User.objects.filter(userprofile__school=self.object.school) + context['manager_right'] = 'auth.manage_' + str(self.object.pk) + context['manager_group'],_ = Group.objects.get_or_create(name=str(self.object.pk)+'_admins') return context def has_permission(self): @@ -167,3 +170,31 @@ class PasswordChange(SuccessMessageMixin, PasswordChangeView): 'title' : "Changer le mot de passe", 'validate' : "Changer", } + + +@login_required +def promote_user(request, school_pk, user_pk): + school = get_object_or_404(Group, pk=school_pk) + user = get_object_or_404(User, pk=user_pk) + if request.user.has_perm('manage_'+str(school.pk)): + admins,_ = Group.objects.get_or_create(name=str(school.pk)+'_admins') + user.groups.add(admins) + user.save() + messages.success(request, user.username + ' a été ajouté aux administrateurs de ' + school.name) + return redirect(reverse('users:school', kwargs={'pk':school.pk})) + messages.error(request, "Vous n'aves pas ce droit.") + return redirect('home') + + +@login_required +def degrade_user(request, school_pk, user_pk): + school = get_object_or_404(Group, pk=school_pk) + user = get_object_or_404(User, pk=user_pk) + if request.user.has_perm('manage_'+str(school.pk)): + admins,_ = Group.objects.get_or_create(name=str(school.pk)+'_admins') + user.groups.remove(admins) + user.save() + messages.success(request, user.username + ' a été enlevé des administrateurs de ' + school.name) + return redirect(reverse('users:school', kwargs={'pk':school.pk})) + messages.error(request, "Vous n'aves pas ce droit.") + return redirect('home')