mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-12-26 08:53:46 +00:00
Reecrit django-field form, et l'utilise pour le champ force sur user
This commit is contained in:
parent
253801065e
commit
b75a65d9ff
4 changed files with 34 additions and 63 deletions
|
@ -9,9 +9,6 @@ class FieldPermissionModelMixin:
|
||||||
FIELD_PERMISSION_GETTER = 'can_change_{name}'
|
FIELD_PERMISSION_GETTER = 'can_change_{name}'
|
||||||
FIELD_PERMISSION_MISSING_DEFAULT = True
|
FIELD_PERMISSION_MISSING_DEFAULT = True
|
||||||
|
|
||||||
class Meta:
|
|
||||||
abstract = True
|
|
||||||
|
|
||||||
def has_perm(self, user, perm):
|
def has_perm(self, user, perm):
|
||||||
return user.has_perm(perm) # Never give 'obj' argument here
|
return user.has_perm(perm) # Never give 'obj' argument here
|
||||||
|
|
||||||
|
@ -66,17 +63,14 @@ class FieldPermissionModel(FieldPermissionModelMixin, models.Model):
|
||||||
|
|
||||||
class FieldPermissionFormMixin:
|
class FieldPermissionFormMixin:
|
||||||
"""
|
"""
|
||||||
ModelForm logic for removing fields when a user is found not to have change permissions.
|
Construit le formulaire et retire les champs interdits
|
||||||
"""
|
"""
|
||||||
def __init__(self, *args, **kwargs):
|
def __init__(self, *args, **kwargs):
|
||||||
user = kwargs.pop('user')
|
user = kwargs.pop('user')
|
||||||
|
|
||||||
super(FieldPermissionFormMixin, self).__init__(*args, **kwargs)
|
super(FieldPermissionFormMixin, self).__init__(*args, **kwargs)
|
||||||
|
for name in self.fields:
|
||||||
model = self.Meta.model
|
if not self.instance.has_field_perm(user, field=name):
|
||||||
model_field_names = [f.name for f in model._meta.get_fields()] # this might be too broad
|
|
||||||
for name in model_field_names:
|
|
||||||
if name in self.fields and not self.instance.has_field_perm(user, field=name):
|
|
||||||
self.remove_unauthorized_field(name)
|
self.remove_unauthorized_field(name)
|
||||||
|
|
||||||
def remove_unauthorized_field(self, name):
|
def remove_unauthorized_field(self, name):
|
||||||
|
|
|
@ -44,6 +44,8 @@ from .models import User, ServiceUser, Right, School, ListRight, Whitelist
|
||||||
from .models import Ban, Adherent, Club
|
from .models import Ban, Adherent, Club
|
||||||
from re2o.utils import remove_user_room
|
from re2o.utils import remove_user_room
|
||||||
|
|
||||||
|
from re2o.field_permissions import FieldPermissionFormMixin
|
||||||
|
|
||||||
NOW = timezone.now()
|
NOW = timezone.now()
|
||||||
|
|
||||||
|
|
||||||
|
@ -253,7 +255,7 @@ class MassArchiveForm(forms.Form):
|
||||||
utilisateurs dont la fin d'accès se situe dans le futur !")
|
utilisateurs dont la fin d'accès se situe dans le futur !")
|
||||||
|
|
||||||
|
|
||||||
class AdherentForm(ModelForm):
|
class AdherentForm(FieldPermissionFormMixin, ModelForm):
|
||||||
"""Formulaire de base d'edition d'un user. Formulaire de base, utilisé
|
"""Formulaire de base d'edition d'un user. Formulaire de base, utilisé
|
||||||
pour l'edition de self par self ou un cableur. On formate les champs
|
pour l'edition de self par self ou un cableur. On formate les champs
|
||||||
avec des label plus jolis"""
|
avec des label plus jolis"""
|
||||||
|
@ -278,6 +280,7 @@ class AdherentForm(ModelForm):
|
||||||
'school',
|
'school',
|
||||||
'comment',
|
'comment',
|
||||||
'room',
|
'room',
|
||||||
|
'shell',
|
||||||
'telephone',
|
'telephone',
|
||||||
]
|
]
|
||||||
|
|
||||||
|
@ -306,7 +309,7 @@ class AdherentForm(ModelForm):
|
||||||
return
|
return
|
||||||
|
|
||||||
|
|
||||||
class ClubForm(ModelForm):
|
class ClubForm(FieldPermissionFormMixin, ModelForm):
|
||||||
"""Formulaire de base d'edition d'un user. Formulaire de base, utilisé
|
"""Formulaire de base d'edition d'un user. Formulaire de base, utilisé
|
||||||
pour l'edition de self par self ou un cableur. On formate les champs
|
pour l'edition de self par self ou un cableur. On formate les champs
|
||||||
avec des label plus jolis"""
|
avec des label plus jolis"""
|
||||||
|
@ -330,6 +333,7 @@ class ClubForm(ModelForm):
|
||||||
'comment',
|
'comment',
|
||||||
'room',
|
'room',
|
||||||
'telephone',
|
'telephone',
|
||||||
|
'shell',
|
||||||
]
|
]
|
||||||
|
|
||||||
def clean_telephone(self):
|
def clean_telephone(self):
|
||||||
|
@ -344,41 +348,6 @@ class ClubForm(ModelForm):
|
||||||
return telephone
|
return telephone
|
||||||
|
|
||||||
|
|
||||||
class FullAdherentForm(AdherentForm):
|
|
||||||
"""Edition complète d'un user. Utilisé par admin,
|
|
||||||
permet d'editer normalement la chambre, ou le shell
|
|
||||||
Herite de la base"""
|
|
||||||
class Meta(AdherentForm.Meta):
|
|
||||||
fields = [
|
|
||||||
'name',
|
|
||||||
'surname',
|
|
||||||
'pseudo',
|
|
||||||
'email',
|
|
||||||
'school',
|
|
||||||
'comment',
|
|
||||||
'room',
|
|
||||||
'shell',
|
|
||||||
'telephone',
|
|
||||||
]
|
|
||||||
|
|
||||||
|
|
||||||
class FullClubForm(ClubForm):
|
|
||||||
"""Edition complète d'un user. Utilisé par admin,
|
|
||||||
permet d'editer normalement la chambre, ou le shell
|
|
||||||
Herite de la base"""
|
|
||||||
class Meta(ClubForm.Meta):
|
|
||||||
fields = [
|
|
||||||
'surname',
|
|
||||||
'pseudo',
|
|
||||||
'email',
|
|
||||||
'school',
|
|
||||||
'comment',
|
|
||||||
'room',
|
|
||||||
'shell',
|
|
||||||
'telephone',
|
|
||||||
]
|
|
||||||
|
|
||||||
|
|
||||||
class ClubAdminandMembersForm(ModelForm):
|
class ClubAdminandMembersForm(ModelForm):
|
||||||
"""Permet d'éditer la liste des membres et des administrateurs
|
"""Permet d'éditer la liste des membres et des administrateurs
|
||||||
d'un club"""
|
d'un club"""
|
||||||
|
|
|
@ -73,6 +73,7 @@ import ldapdb.models.fields
|
||||||
|
|
||||||
from re2o.settings import RIGHTS_LINK, LDAP, GID_RANGES, UID_RANGES
|
from re2o.settings import RIGHTS_LINK, LDAP, GID_RANGES, UID_RANGES
|
||||||
from re2o.login import hashNT
|
from re2o.login import hashNT
|
||||||
|
from re2o.field_permissions import FieldPermissionModelMixin
|
||||||
|
|
||||||
from cotisations.models import Cotisation, Facture, Paiement, Vente
|
from cotisations.models import Cotisation, Facture, Paiement, Vente
|
||||||
from machines.models import Domain, Interface, Machine, regen
|
from machines.models import Domain, Interface, Machine, regen
|
||||||
|
@ -180,8 +181,7 @@ class UserManager(BaseUserManager):
|
||||||
"""
|
"""
|
||||||
return self._create_user(pseudo, surname, email, password, True)
|
return self._create_user(pseudo, surname, email, password, True)
|
||||||
|
|
||||||
|
class User(FieldPermissionModelMixin, AbstractBaseUser):
|
||||||
class User(AbstractBaseUser):
|
|
||||||
""" Definition de l'utilisateur de base.
|
""" Definition de l'utilisateur de base.
|
||||||
Champs principaux : name, surnname, pseudo, email, room, password
|
Champs principaux : name, surnname, pseudo, email, room, password
|
||||||
Herite du django BaseUser et du système d'auth django"""
|
Herite du django BaseUser et du système d'auth django"""
|
||||||
|
@ -823,6 +823,12 @@ class User(AbstractBaseUser):
|
||||||
def can_change_state(self, user_request, *args, **kwargs):
|
def can_change_state(self, user_request, *args, **kwargs):
|
||||||
return user_request.has_perms(('bureau',)), "Droit bureau requis pour changer l'état"
|
return user_request.has_perms(('bureau',)), "Droit bureau requis pour changer l'état"
|
||||||
|
|
||||||
|
def can_change_shell(self, user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('cableur',)), "Droit requis pour forcer le déménagement"
|
||||||
|
|
||||||
|
def can_change_force(self, user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('cableur',)), "Droit requis pour forcer le déménagement"
|
||||||
|
|
||||||
def can_delete(self, user_request, *args, **kwargs):
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
"""Check if an user can delete an user object.
|
"""Check if an user can delete an user object.
|
||||||
|
|
||||||
|
@ -867,6 +873,11 @@ class User(AbstractBaseUser):
|
||||||
else:
|
else:
|
||||||
return False, u"Vous ne pouvez voir un autre utilisateur que vous même"
|
return False, u"Vous ne pouvez voir un autre utilisateur que vous même"
|
||||||
|
|
||||||
|
field_permissions = {
|
||||||
|
'shell' : can_change_shell,
|
||||||
|
'force' : can_change_force,
|
||||||
|
}
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return self.pseudo
|
return self.pseudo
|
||||||
|
|
||||||
|
|
|
@ -72,9 +72,7 @@ from users.forms import (
|
||||||
DelSchoolForm,
|
DelSchoolForm,
|
||||||
DelListRightForm,
|
DelListRightForm,
|
||||||
NewListRightForm,
|
NewListRightForm,
|
||||||
FullAdherentForm,
|
|
||||||
StateForm,
|
StateForm,
|
||||||
FullClubForm,
|
|
||||||
RightForm,
|
RightForm,
|
||||||
SchoolForm,
|
SchoolForm,
|
||||||
EditServiceUserForm,
|
EditServiceUserForm,
|
||||||
|
@ -184,25 +182,24 @@ def edit_club_admin_members(request, club_instance, clubid):
|
||||||
return form({'userform': club}, 'users/user.html', request)
|
return form({'userform': club}, 'users/user.html', request)
|
||||||
|
|
||||||
|
|
||||||
def select_user_edit_form(request, user):
|
|
||||||
"""Fonction de choix du bon formulaire, en fonction de:
|
|
||||||
- droit
|
|
||||||
- type d'object
|
|
||||||
"""
|
|
||||||
if user.is_class_adherent:
|
|
||||||
user = AdherentForm(request.POST or None, instance=user.adherent)
|
|
||||||
elif user.is_class_club:
|
|
||||||
user = ClubForm(request.POST or None, instance=user.club)
|
|
||||||
return user
|
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@can_edit(User)
|
@can_edit(User)
|
||||||
def edit_info(request, user, userid):
|
def edit_info(request, user, userid):
|
||||||
""" Edite un utilisateur à partir de son id,
|
""" Edite un utilisateur à partir de son id,
|
||||||
si l'id est différent de request.user, vérifie la
|
si l'id est différent de request.user, vérifie la
|
||||||
possession du droit cableur """
|
possession du droit cableur """
|
||||||
user = select_user_edit_form(request, user)
|
if user.is_class_adherent:
|
||||||
|
user = AdherentForm(
|
||||||
|
request.POST or None,
|
||||||
|
instance=user.adherent,
|
||||||
|
user=request.user
|
||||||
|
)
|
||||||
|
elif user.is_class_club:
|
||||||
|
user = ClubForm(
|
||||||
|
request.POST or None,
|
||||||
|
instance=user.club,
|
||||||
|
user=request.user
|
||||||
|
)
|
||||||
if user.is_valid():
|
if user.is_valid():
|
||||||
with transaction.atomic(), reversion.create_revision():
|
with transaction.atomic(), reversion.create_revision():
|
||||||
user.save()
|
user.save()
|
||||||
|
|
Loading…
Reference in a new issue