From bc9a38cd05d4c1221b1137c48b921a8b3aa84095 Mon Sep 17 00:00:00 2001 From: Gabriel Detraz Date: Sun, 31 Dec 2017 17:11:19 +0100 Subject: [PATCH] =?UTF-8?q?Nouveau=20syst=C3=A8me=20de=20gestion=20des=20d?= =?UTF-8?q?roits?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- users/forms.py | 28 ++++++++++++++++++++++-- users/models.py | 4 ++-- users/templates/users/aff_listright.html | 16 ++++++++++++-- users/templates/users/profil.html | 12 ++++++---- users/templates/users/sidebar.html | 2 +- users/urls.py | 2 ++ users/views.py | 27 ++++++++++++++++++++++- 7 files changed, 79 insertions(+), 12 deletions(-) diff --git a/users/forms.py b/users/forms.py index 31331051..ac8e9923 100644 --- a/users/forms.py +++ b/users/forms.py @@ -38,6 +38,7 @@ from django.forms import ModelForm, Form from django.contrib.auth.forms import ReadOnlyPasswordHashField from django.core.validators import MinLengthValidator from django.utils import timezone +from django.contrib.auth.models import Group, Permission from preferences.models import OptionalUser from .models import User, ServiceUser, School, ListRight, Whitelist @@ -409,6 +410,23 @@ class StateForm(ModelForm): super(StateForm, self).__init__(*args, prefix=prefix, **kwargs) +class GroupForm(ModelForm): + """ Gestion des groupes d'un user""" + groups = forms.ModelMultipleChoiceField( + Group.objects.all(), + widget=forms.CheckboxSelectMultiple, + required=False + ) + + class Meta: + model = User + fields = ['groups'] + + def __init__(self, *args, **kwargs): + prefix = kwargs.pop('prefix', self.Meta.model.__name__) + super(GroupForm, self).__init__(*args, prefix=prefix, **kwargs) + + class SchoolForm(ModelForm): """Edition, creation d'un école""" class Meta: @@ -424,6 +442,12 @@ class SchoolForm(ModelForm): class ListRightForm(ModelForm): """Edition, d'un groupe , équivalent à un droit Ne peremet pas d'editer le gid, car il sert de primary key""" + permissions = forms.ModelMultipleChoiceField( + Permission.objects.all(), + widget=forms.CheckboxSelectMultiple, + required=False + ) + class Meta: model = ListRight fields = ['name', 'unix_name', 'permissions', 'details'] @@ -457,9 +481,9 @@ class DelListRightForm(Form): instances = kwargs.pop('instances', None) super(DelListRightForm, self).__init__(*args, **kwargs) if instances: - self.fields['unix_name'].queryset = instances + self.fields['listrights'].queryset = instances else: - self.fields['unix_name'].queryset = ListRight.objects.all() + self.fields['listrights'].queryset = ListRight.objects.all() class DelSchoolForm(Form): diff --git a/users/models.py b/users/models.py index 254c6a26..d3f947b1 100644 --- a/users/models.py +++ b/users/models.py @@ -1153,8 +1153,8 @@ class ListRight(Group): except LdapUserGroup.DoesNotExist: group_ldap = LdapUserGroup(gid=self.gid) group_ldap.name = self.listright - group_ldap.members = [right.user.pseudo for right - in Right.objects.filter(right=self)] + group_ldap.members = [user.pseudo for user + in self.user_set.all()] group_ldap.save() def ldap_del(self): diff --git a/users/templates/users/aff_listright.html b/users/templates/users/aff_listright.html index 2ca41e09..207d07bb 100644 --- a/users/templates/users/aff_listright.html +++ b/users/templates/users/aff_listright.html @@ -38,8 +38,20 @@ with this program; if not, write to the Free Software Foundation, Inc., {{ listright.name }} {{ listright.gid }} - {{ listright.permissions.all }} - {{ listright.user_set.all }} + + + {% for user in listright.user_set.all %}{{user}} | {% endfor %} {{ listright.details }} {% include 'buttons/edit.html' with href='users:edit-listright' id=listright.id %} diff --git a/users/templates/users/profil.html b/users/templates/users/profil.html index 70a0fec8..27d699ac 100644 --- a/users/templates/users/profil.html +++ b/users/templates/users/profil.html @@ -42,7 +42,11 @@ with this program; if not, write to the Free Software Foundation, Inc., Changer le statut - + + + Gérer les groupes + + Historique @@ -117,9 +121,9 @@ with this program; if not, write to the Free Software Foundation, Inc., {% else %} Désactivé {% endif %} - Droits - {% if list_droits %} - {% for droit in list_droits %}{{ droit.right }}{% if list_droits|length != forloop.counter %} - {% endif %} {% endfor %} + Groupes + {% if users.groups.all %} + {{ users.groups.all|join:", "}} {% else %} Aucun {% endif %} diff --git a/users/templates/users/sidebar.html b/users/templates/users/sidebar.html index 03b9efa9..c5cf924a 100644 --- a/users/templates/users/sidebar.html +++ b/users/templates/users/sidebar.html @@ -68,7 +68,7 @@ with this program; if not, write to the Free Software Foundation, Inc., {% can_view_all ListRight %} - Droits + Groupes de droits {% acl_end %} {% can_view_all ServiceUser %} diff --git a/users/urls.py b/users/urls.py index 2fa96133..051b0fb6 100644 --- a/users/urls.py +++ b/users/urls.py @@ -40,7 +40,9 @@ urlpatterns = [ name='edit-club-admin-members' ), url(r'^state/(?P[0-9]+)$', views.state, name='state'), + url(r'^groups/(?P[0-9]+)$', views.groups, name='groups'), url(r'^password/(?P[0-9]+)$', views.password, name='password'), + url(r'^del_group/(?P[0-9]+)/(?P[0-9]+)$', views.del_group, name='del-group'), url(r'^new_serviceuser/$', views.new_serviceuser, name='new-serviceuser'), url( r'^edit_serviceuser/(?P[0-9]+)$', diff --git a/users/views.py b/users/views.py index 7f8363cd..f583bfab 100644 --- a/users/views.py +++ b/users/views.py @@ -80,7 +80,8 @@ from users.forms import ( MassArchiveForm, PassForm, ResetPasswordForm, - ClubAdminandMembersForm + ClubAdminandMembersForm, + GroupForm ) from cotisations.models import Facture from machines.models import Machine @@ -241,6 +242,20 @@ def state(request, user, userid): return form({'userform': state}, 'users/user.html', request) +@login_required +@can_edit(User) +def groups(request, user, userid): + group = GroupForm(request.POST or None, instance=user) + if group.is_valid(): + with transaction.atomic(), reversion.create_revision(): + messages.success(request, "Groupes changés avec succès") + return redirect(reverse( + 'users:profil', + kwargs={'userid':str(userid)} + )) + return form({'userform': group}, 'users/user.html', request) + + @login_required @can_edit(User, 'password') def password(request, user, userid): @@ -253,6 +268,16 @@ def password(request, user, userid): return form({'userform': u_form}, 'users/user.html', request) +@login_required +@can_edit(User) +def del_group(request, user, userid, listrightid): + with transaction.atomic(), reversion.create_revision(): + user.groups.remove(ListRight.objects.get(id=listrightid)) + user.save() + messages.success(request, "Droit supprimé à %s" % user) + return redirect(reverse('users:index-listright')) + + @login_required @can_create(ServiceUser) def new_serviceuser(request):