Merge branch 'asso_users' into 'master'

Asso users See merge request federez/re2o!41
2024-07-04 13:14:06 +00:00 · 2017-11-24 19:43:26 +01:00 · 2017-11-24 19:43:26 +01:00 · 4ee149bd48
parent 0dfc4b54e6 57f74f380a
commit 4ee149bd48
11 changed files with 249 additions and 39 deletions
--- a/preferences/migrations/0024_optionaluser_all_can_create.py
+++ b/preferences/migrations/0024_optionaluser_all_can_create.py
@ -0,0 +1,20 @@
 # -*- coding: utf-8 -*-
 # Generated by Django 1.10.7 on 2017-11-21 04:42
 from __future__ import unicode_literals
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('preferences', '0023_auto_20171015_2033'),
    ]
    operations = [
        migrations.AddField(
            model_name='optionaluser',
            name='all_can_create',
            field=models.BooleanField(default=False, help_text="Tous les users peuvent en créer d'autres"),
        ),
    ]
--- a/preferences/models.py
+++ b/preferences/models.py
@ -42,6 +42,10 @@ class OptionalUser(models.Model):
        default=0
    )
    gpg_fingerprint = models.BooleanField(default=True)
    all_can_create = models.BooleanField(
        default=False,
        help_text="Tous les users peuvent en créer d'autres",
    )
    def clean(self):
        """Creation du mode de paiement par solde"""
--- a/preferences/templates/preferences/display_preferences.html
+++ b/preferences/templates/preferences/display_preferences.html
@ -52,6 +52,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
 	    <td>{{ useroptions.solde_negatif }}</td>
 	    {% endif %}
        </tr>
        <tr>
            <th>Creations d'users par tous</th>
            <td>{{ useroptions.all_can_create }}</td>
        </tr>
    </table>
    <h4>Préférences machines</h4>
    {% if is_bureau %}
--- a/users/forms.py
+++ b/users/forms.py
@ -379,6 +379,18 @@ class FullClubForm(ClubForm):
        ]
 class ClubAdminandMembersForm(ModelForm):
    """Permet d'éditer la liste des membres et des administrateurs
    d'un club"""
    class Meta:
        model = Club
        fields = ['administrators', 'members']
    def __init__(self, *args, **kwargs):
        prefix = kwargs.pop('prefix', self.Meta.model.__name__)
        super(ClubAdminandMembersForm, self).__init__(*args, prefix=prefix, **kwargs)
 class PasswordForm(ModelForm):
    """ Formulaire de changement brut de mot de passe.
    Ne pas utiliser sans traitement"""
--- a/users/migrations/0060_auto_20171120_0317.py
+++ b/users/migrations/0060_auto_20171120_0317.py
@ -0,0 +1,25 @@
 # -*- coding: utf-8 -*-
 # Generated by Django 1.10.7 on 2017-11-20 02:17
 from __future__ import unicode_literals
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('users', '0059_auto_20171025_1854'),
    ]
    operations = [
        migrations.AddField(
            model_name='club',
            name='administrators',
            field=models.ManyToManyField(blank=True, related_name='club_administrator', to='users.Adherent'),
        ),
        migrations.AddField(
            model_name='club',
            name='members',
            field=models.ManyToManyField(blank=True, related_name='club_members', to='users.Adherent'),
        ),
    ]
--- a/users/models.py
+++ b/users/models.py
@ -60,7 +60,10 @@ from django.core.mail import send_mail
 from django.core.urlresolvers import reverse
 from django.db import transaction
 from django.utils import timezone
-from django.contrib.auth.models import AbstractBaseUser, BaseUserManager
+from django.contrib.auth.models import (
    AbstractBaseUser,
    BaseUserManager
 )
 from django.core.validators import RegexValidator
 from reversion import revisions as reversion
@ -755,6 +758,28 @@ class User(AbstractBaseUser):
            num += 1
        return composed_pseudo(num)
    def can_create(user):
        options, _created = OptionalUser.objects.get_or_create()
        if options.all_can_create:
            return True
        else:
            return user.has_perms(('cableur',))
    def can_edit(self, user):
        if self.is_class_club and user.is_class_adherent:
            return self == user or user.has_perms(('cableur',)) or\
                user.adherent in self.club.administrators.all() 
        else:
            return self == user or user.has_perms(('cableur',))
    def can_view(self, user):
        if self.is_class_club and user.is_class_adherent:
            return self == user or user.has_perms(('cableur',)) or\
                user.adherent in self.club.administrators.all() or\
                user.adherent in self.club.members.all()
        else:
            return self == user or user.has_perms(('cableur',))
    def __str__(self):
        return self.pseudo
@ -771,6 +796,7 @@ class Adherent(User):
    pass
 class Club(User):
    PRETTY_NAME = "Clubs"
    room = models.ForeignKey(
@ -779,6 +805,17 @@ class Club(User):
        blank=True,
        null=True
    )
    administrators = models.ManyToManyField(
        blank=True,
        to='users.Adherent',
        related_name='club_administrator'
    )
    members = models.ManyToManyField(
        blank=True,
        to='users.Adherent',
        related_name='club_members'
    )
    pass
--- a/users/templates/users/profil.html
+++ b/users/templates/users/profil.html
@ -141,21 +141,61 @@ with this program; if not, write to the Free Software Foundation, Inc.,
 	    <td>{{ user.shell }}</td>
 	{% endif %}
    </table>
-    <h2>Machines :</h2>
+    {% if user.is_class_club %}
    <a class="btn btn-primary btn-sm" role="button" href="{% url 'users:edit-club-admin-members' user.club.id %}">
        <i class="glyphicon glyphicon-lock"></i>
        Gérer admin et membres
    </a>
    <h3>Administrateurs du club</h3>
    <table class="table table-striped">
        <thead>
            <tr>
                <th>Nom</th>
                <th>Prenom</th>
                <th>Pseudo</th>
            </tr>
        </thead>
        {% for admin in user.club.administrators.all %}
        <tr>
            <td>{{ admin.surname }}</td>
            <td>{{ admin.name }}</td>
 	    <td>{{ admin.pseudo }}</td>
        </tr>
        {% endfor %}
    </table>
    <h3>Membres</h3>
    <table class="table table-striped">
        <thead>
            <tr>
                <th>Nom</th>
                <th>Prenom</th>
                <th>Pseudo</th>
            </tr>
        </thead>
        {% for admin in user.club.members.all %}
        <tr>
            <td>{{ admin.surname }}</td>
            <td>{{ admin.name }}</td>
 	    <td>{{ admin.pseudo }}</td>
        </tr>
        {% endfor %}
    </table>
    {% endif %}
    <h2>Machines</h2>
    <h4><a class="btn btn-primary btn-sm" role="button" href="{% url 'machines:new-machine' user.id %}"><i class="glyphicon glyphicon-phone"></i> Ajouter une machine</a></h4>
    {% if machines_list %}
    {% include "machines/aff_machines.html" with machines_list=machines_list %}
    {% else %}
    <p>Aucune machine</p>
    {% endif %}
-    <h2>Cotisations :</h2>
+    <h2>Cotisations</h2>
    {% if is_cableur %}<h4><a class="btn btn-primary btn-sm" role="button" href="{% url 'cotisations:new-facture' user.id %}"><i class="glyphicon glyphicon-piggy-bank"></i> Ajouter une cotisation</a>  {% if user_solde %}<a class="btn btn-primary btn-sm" role="button" href="{% url 'cotisations:credit-solde' user.id %}"><i class="glyphicon glyphicon-piggy-bank"></i> Modifier le solde</a>{% endif%}</h4>{% endif%}
    {% if facture_list %}
    {% include "cotisations/aff_cotisations.html" with facture_list=facture_list %}
    {% else %}
    <p>Aucune facture</p>
    {% endif %}
-    <h2>Bannissements :</h2>
+    <h2>Bannissements</h2>
    {% if is_bofh %}<h4><a class="btn btn-primary btn-sm" role="button" href="{% url 'users:add-ban' user.id %}"><i class="glyphicon glyphicon-pushpin"></i> Ajouter un bannissement</a></h4>{% endif %}
    {% if ban_list %}
    {% include "users/aff_bans.html" with ban_list=ban_list %}
--- a/users/templates/users/sidebar.html
+++ b/users/templates/users/sidebar.html
@ -25,22 +25,24 @@ with this program; if not, write to the Free Software Foundation, Inc.,
 {% block sidebar %}
-    {% if is_cableur %}
+   {% if is_cableur %}
        <a class="list-group-item list-group-item-success" href="{% url "users:new-user" %}">
            <i class="glyphicon glyphicon-plus"></i>
            Créer un adhérent
        </a>
        <a class="list-group-item list-group-item-success" href="{% url "users:new-club" %}">
            <i class="glyphicon glyphicon-plus"></i>
            Créer un club/association
        </a>
-	<a class="list-group-item list-group-item-info" href="{% url "users:index" %}">
+   {% endif %}
-            <i class="glyphicon glyphicon-list"></i>
+        <a class="list-group-item list-group-item-success" href="{% url "users:new-user" %}">
-            Adherents
+            <i class="glyphicon glyphicon-plus"></i>
            Créer un adhérent
        </a>
 	<a class="list-group-item list-group-item-info" href="{% url "users:index-clubs" %}">
            <i class="glyphicon glyphicon-list"></i>
-            Clubs
+            Clubs et assos
        </a>
    {% if is_cableur %}
 	<a class="list-group-item list-group-item-info" href="{% url "users:index" %}">
            <i class="glyphicon glyphicon-list"></i>
            Adherents
        </a>
 	<a class="list-group-item list-group-item-info" href="{% url "users:index-ban" %}">
            <i class="glyphicon glyphicon-list"></i>
--- a/users/templates/users/user.html
+++ b/users/templates/users/user.html
@ -33,7 +33,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
 <form class="form" method="post">
    {% csrf_token %}
-    {% massive_bootstrap_form userform 'room,school' %}
+    {% massive_bootstrap_form userform 'room,school,administrators,members' %}
    {% bootstrap_button "Créer ou modifier" button_type="submit" icon="star" %}
 </form>
  <br />
--- a/users/urls.py
+++ b/users/urls.py
@ -33,6 +33,11 @@ urlpatterns = [
    url(r'^new_user/$', views.new_user, name='new-user'),
    url(r'^new_club/$', views.new_club, name='new-club'),
    url(r'^edit_info/(?P<userid>[0-9]+)$', views.edit_info, name='edit-info'),
    url(
        r'^edit_club_admin_members/(?P<clubid>[0-9]+)$',
        views.edit_club_admin_members,
        name='edit-club-admin-members'
    ),
    url(r'^state/(?P<userid>[0-9]+)$', views.state, name='state'),
    url(r'^password/(?P<userid>[0-9]+)$', views.password, name='password'),
    url(r'^new_serviceuser/$', views.new_serviceuser, name='new-serviceuser'),
--- a/users/views.py
+++ b/users/views.py
@ -40,7 +40,7 @@ from django.shortcuts import get_object_or_404, render, redirect
 from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger
 from django.contrib import messages
 from django.contrib.auth.decorators import login_required, permission_required
-from django.db.models import ProtectedError
+from django.db.models import ProtectedError, Q
 from django.db import IntegrityError
 from django.utils import timezone
 from django.db import transaction
@ -53,14 +53,40 @@ from rest_framework.renderers import JSONRenderer
 from reversion.models import Version
 from reversion import revisions as reversion
 from users.serializers import MailSerializer
-from users.models import User, Right, Ban, Whitelist, School, ListRight
+from users.models import (
-from users.models import Request, ServiceUser, Adherent, Club
+    User,
-from users.forms import DelRightForm, BanForm, WhitelistForm, DelSchoolForm
+    Right,
-from users.forms import DelListRightForm, NewListRightForm, FullAdherentForm
+    Ban,
-from users.forms import StateForm, FullClubForm
+    Whitelist,
-from users.forms import RightForm, SchoolForm, EditServiceUserForm
+    School,
-from users.forms import ServiceUserForm, ListRightForm, AdherentForm, ClubForm
+    ListRight,
-from users.forms import MassArchiveForm, PassForm, ResetPasswordForm
+    Request,
    ServiceUser,
    Adherent,
    Club
 )
 from users.forms import (
    DelRightForm,
    BanForm,
    WhitelistForm,
    DelSchoolForm,
    DelListRightForm,
    NewListRightForm,
    FullAdherentForm,
    StateForm,
    FullClubForm,
    RightForm,
    SchoolForm,
    EditServiceUserForm,
    ServiceUserForm,
    ListRightForm,
    AdherentForm,
    ClubForm,
    MassArchiveForm,
    PassForm,
    ResetPasswordForm,
    ClubAdminandMembersForm
 )
 from cotisations.models import Facture
 from machines.models import Machine
 from preferences.models import OptionalUser, GeneralOption
@ -85,10 +111,15 @@ def password_change_action(u_form, user, request, req=False):
@login_required
@permission_required('cableur')
 def new_user(request):
    """ Vue de création d'un nouvel utilisateur,
    envoie un mail pour le mot de passe"""
    if not User.can_create(request.user):
        messages.error(request, "Vous ne pouvez pas accéder à ce menu")
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
            ))
    user = AdherentForm(request.POST or None)
    if user.is_valid():
        user = user.save(commit=False)
@ -128,6 +159,37 @@ def new_club(request):
    return form({'userform': club}, 'users/user.html', request)
@login_required
 def edit_club_admin_members(request, clubid):
    """Vue d'edition de la liste des users administrateurs et
    membres d'un club"""
    try:
        club_instance = Club.objects.get(pk=clubid)
    except Club.DoesNotExist:
        messages.error(request, "Club inexistant")
        return redirect(reverse('users:index'))
    if not club_instance.can_edit(request.user):
        messages.error(request, "Vous ne pouvez pas accéder à ce menu")
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
            ))
    club = ClubAdminandMembersForm(request.POST or None, instance=club_instance)
    if club.is_valid():
        with transaction.atomic(), reversion.create_revision():
            club.save()
            reversion.set_user(request.user)
            reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
                field for field in club.changed_data
            ))
        messages.success(request, "Le club a bien été modifié")
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(club_instance.id)}
            ))
    return form({'userform': club}, 'users/user.html', request)
 def select_user_edit_form(request, user):
    """Fonction de choix du bon formulaire, en fonction de:
        - droit
@ -156,9 +218,8 @@ def edit_info(request, userid):
    except User.DoesNotExist:
        messages.error(request, "Utilisateur inexistant")
        return redirect(reverse('users:index'))
-    if not request.user.has_perms(('cableur',)) and user != request.user:
+    if not user.can_edit(request.user):
-        messages.error(request, "Vous ne pouvez pas modifier un autre\
+        messages.error(request, "Vous ne pouvez pas accéder à ce menu")
        user que vous sans droit cableur")
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
@ -221,9 +282,8 @@ def password(request, userid):
    except User.DoesNotExist:
        messages.error(request, "Utilisateur inexistant")
        return redirect(reverse('users'))
-    if not request.user.has_perms(('cableur',)) and user != request.user:
+    if not user.can_edit(request.user):
-        messages.error(request, "Vous ne pouvez pas modifier un\
+        messages.error(request, "Vous ne pouvez pas accéder à ce menu")
        autre user que vous sans droit cableur")
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
@ -664,12 +724,16 @@ def index(request):
@login_required
@permission_required('cableur')
 def index_clubs(request):
    """ Affiche l'ensemble des clubs, need droit cableur """
    options, _created = GeneralOption.objects.get_or_create()
    pagination_number = options.pagination_number
-    clubs_list = Club.objects.select_related('room')
+    if not request.user.has_perms(('cableur',)):
        clubs_list = Club.objects.filter(
            Q(administrators=request.user.adherent) | Q(members=request.user.adherent)
        ).distinct().select_related('room')
    else:
        clubs_list = Club.objects.select_related('room')
    clubs_list = SortTable.sort(
        clubs_list,
        request.GET.get('col'),
@ -795,10 +859,8 @@ def history(request, object_name, object_id):
        except User.DoesNotExist:
            messages.error(request, "Utilisateur inexistant")
            return redirect(reverse('users:index'))
-        if not request.user.has_perms(('cableur',)) and\
+        if not object_instance.can_view(request.user):
-                object_instance != request.user:
+            messages.error(request, "Vous ne pouvez pas afficher ce menu")
            messages.error(request, "Vous ne pouvez pas afficher\
            l'historique d'un autre user que vous sans droit cableur")
            return redirect(reverse(
                'users:profil',
                kwargs={'userid':str(request.user.id)}
@ -889,9 +951,8 @@ def profil(request, userid):
    except User.DoesNotExist:
        messages.error(request, "Utilisateur inexistant")
        return redirect(reverse('users:index'))
-    if not request.user.has_perms(('cableur',)) and users != request.user:
+    if not users.can_view(request.user):
-        messages.error(request, "Vous ne pouvez pas afficher un autre user\
+        messages.error(request, "Vous ne pouvez pas accéder à ce menu")
        que vous sans droit cableur")
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}