mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2025-01-12 11:14:28 +00:00
Suppression de right et utilisation du système django
This commit is contained in:
parent
adb1ccd517
commit
f34b80155d
14 changed files with 139 additions and 224 deletions
|
@ -35,5 +35,5 @@ def can_view(user):
|
|||
A couple (allowed, msg) where allowed is a boolean which is True if
|
||||
viewing is granted and msg is a message (can be None).
|
||||
"""
|
||||
can = user.has_perms(('cableur',))
|
||||
can = user.has_perm('cotisation.view_app_cotisation')
|
||||
return can, None if can else "Vous ne pouvez pas voir cette application."
|
||||
|
|
|
@ -50,7 +50,6 @@ from reversion.models import Version, ContentType
|
|||
from users.models import (
|
||||
User,
|
||||
ServiceUser,
|
||||
Right,
|
||||
School,
|
||||
ListRight,
|
||||
ListShell,
|
||||
|
@ -325,7 +324,6 @@ def stats_models(request):
|
|||
'clubs': [Club.PRETTY_NAME, Club.objects.count()],
|
||||
'serviceuser': [ServiceUser.PRETTY_NAME,
|
||||
ServiceUser.objects.count()],
|
||||
'right': [Right.PRETTY_NAME, Right.objects.count()],
|
||||
'school': [School.PRETTY_NAME, School.objects.count()],
|
||||
'listright': [ListRight.PRETTY_NAME, ListRight.objects.count()],
|
||||
'listshell': [ListShell.PRETTY_NAME, ListShell.objects.count()],
|
||||
|
|
|
@ -130,7 +130,6 @@ MODEL_NAME = {
|
|||
'Adherent' : users.models.Adherent,
|
||||
'Club' : users.models.Club,
|
||||
'ServiceUser' : users.models.ServiceUser,
|
||||
'Right' : users.models.Right,
|
||||
'School' : users.models.School,
|
||||
'ListRight' : users.models.ListRight,
|
||||
'Ban' : users.models.Ban,
|
||||
|
|
|
@ -32,7 +32,7 @@ from django.contrib.auth.models import Group
|
|||
from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
|
||||
from reversion.admin import VersionAdmin
|
||||
|
||||
from .models import User, ServiceUser, School, Right, ListRight, ListShell
|
||||
from .models import User, ServiceUser, School, ListRight, ListShell
|
||||
from .models import Ban, Whitelist, Request, LdapUser, LdapServiceUser
|
||||
from .models import LdapServiceUserGroup, LdapUserGroup
|
||||
from .forms import UserChangeForm, UserCreationForm
|
||||
|
@ -86,7 +86,7 @@ class SchoolAdmin(VersionAdmin):
|
|||
class ListRightAdmin(VersionAdmin):
|
||||
"""Gestion de la liste des droits existants
|
||||
Ne permet pas l'edition du gid (primarykey pour ldap)"""
|
||||
list_display = ('listright',)
|
||||
list_display = ('unix_name',)
|
||||
|
||||
|
||||
class ListShellAdmin(VersionAdmin):
|
||||
|
@ -94,11 +94,6 @@ class ListShellAdmin(VersionAdmin):
|
|||
pass
|
||||
|
||||
|
||||
class RightAdmin(VersionAdmin):
|
||||
"""Gestion de la liste des droits affectés"""
|
||||
pass
|
||||
|
||||
|
||||
class RequestAdmin(admin.ModelAdmin):
|
||||
"""Gestion des request objet, ticket pour lien de reinit mot de passe"""
|
||||
list_display = ('user', 'type', 'created_at', 'expires_at')
|
||||
|
@ -206,7 +201,6 @@ admin.site.register(LdapUserGroup, LdapUserGroupAdmin)
|
|||
admin.site.register(LdapServiceUser, LdapServiceUserAdmin)
|
||||
admin.site.register(LdapServiceUserGroup, LdapServiceUserGroupAdmin)
|
||||
admin.site.register(School, SchoolAdmin)
|
||||
admin.site.register(Right, RightAdmin)
|
||||
admin.site.register(ListRight, ListRightAdmin)
|
||||
admin.site.register(ListShell, ListShellAdmin)
|
||||
admin.site.register(Ban, BanAdmin)
|
||||
|
|
|
@ -40,7 +40,7 @@ from django.core.validators import MinLengthValidator
|
|||
from django.utils import timezone
|
||||
|
||||
from preferences.models import OptionalUser
|
||||
from .models import User, ServiceUser, Right, School, ListRight, Whitelist
|
||||
from .models import User, ServiceUser, School, ListRight, Whitelist
|
||||
from .models import Ban, Adherent, Club
|
||||
from re2o.utils import remove_user_room
|
||||
|
||||
|
@ -426,12 +426,12 @@ class ListRightForm(ModelForm):
|
|||
Ne peremet pas d'editer le gid, car il sert de primary key"""
|
||||
class Meta:
|
||||
model = ListRight
|
||||
fields = ['listright', 'details']
|
||||
fields = ['name', 'unix_name', 'permissions', 'details']
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
prefix = kwargs.pop('prefix', self.Meta.model.__name__)
|
||||
super(ListRightForm, self).__init__(*args, prefix=prefix, **kwargs)
|
||||
self.fields['listright'].label = 'Nom du droit/groupe'
|
||||
self.fields['unix_name'].label = 'Nom du droit/groupe'
|
||||
|
||||
|
||||
class NewListRightForm(ListRightForm):
|
||||
|
@ -457,9 +457,9 @@ class DelListRightForm(Form):
|
|||
instances = kwargs.pop('instances', None)
|
||||
super(DelListRightForm, self).__init__(*args, **kwargs)
|
||||
if instances:
|
||||
self.fields['listrights'].queryset = instances
|
||||
self.fields['unix_name'].queryset = instances
|
||||
else:
|
||||
self.fields['listrights'].queryset = ListRight.objects.all()
|
||||
self.fields['unix_name'].queryset = ListRight.objects.all()
|
||||
|
||||
|
||||
class DelSchoolForm(Form):
|
||||
|
@ -479,32 +479,6 @@ class DelSchoolForm(Form):
|
|||
self.fields['schools'].queryset = School.objects.all()
|
||||
|
||||
|
||||
class RightForm(ModelForm):
|
||||
"""Assignation d'un droit à un user"""
|
||||
def __init__(self, *args, **kwargs):
|
||||
prefix = kwargs.pop('prefix', self.Meta.model.__name__)
|
||||
super(RightForm, self).__init__(*args, prefix=prefix, **kwargs)
|
||||
self.fields['right'].label = 'Droit'
|
||||
self.fields['right'].empty_label = "Choisir un nouveau droit"
|
||||
|
||||
class Meta:
|
||||
model = Right
|
||||
fields = ['right']
|
||||
|
||||
|
||||
class DelRightForm(Form):
|
||||
"""Suppression d'un droit d'un user"""
|
||||
rights = forms.ModelMultipleChoiceField(
|
||||
queryset=Right.objects.select_related('user'),
|
||||
widget=forms.CheckboxSelectMultiple
|
||||
)
|
||||
|
||||
def __init__(self, right, *args, **kwargs):
|
||||
super(DelRightForm, self).__init__(*args, **kwargs)
|
||||
self.fields['rights'].queryset = Right.objects.select_related('user')\
|
||||
.select_related('right').filter(right=right)
|
||||
|
||||
|
||||
class BanForm(ModelForm):
|
||||
"""Creation, edition d'un objet bannissement"""
|
||||
def __init__(self, *args, **kwargs):
|
||||
|
|
45
users/migrations/0062_auto_20171231_0056.py
Normal file
45
users/migrations/0062_auto_20171231_0056.py
Normal file
|
@ -0,0 +1,45 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
# Generated by Django 1.10.7 on 2017-12-30 23:56
|
||||
from __future__ import unicode_literals
|
||||
|
||||
from django.db import migrations, models
|
||||
import django.db.models.deletion
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('auth', '0008_alter_user_username_max_length'),
|
||||
('users', '0061_auto_20171230_2033'),
|
||||
]
|
||||
|
||||
def create_groups(apps, schema_editor):
|
||||
group = apps.get_model("auth", "Group")
|
||||
listrights = apps.get_model("users", "ListRight")
|
||||
db_alias = schema_editor.connection.alias
|
||||
for gr in listrights.objects.using(db_alias).all():
|
||||
grp = group()
|
||||
grp.name=gr.unix_name
|
||||
grp.save()
|
||||
gr.group_ptr=grp
|
||||
gr.save()
|
||||
|
||||
def delete_groups(apps, schema_editor):
|
||||
group = apps.get_model("auth", "Group")
|
||||
db_alias = schema_editor.connection.alias
|
||||
group.objects.using(db_alias).all().delete()
|
||||
|
||||
operations = [
|
||||
migrations.RenameField(
|
||||
model_name='listright',
|
||||
old_name='listright',
|
||||
new_name='unix_name',
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='listright',
|
||||
name='group_ptr',
|
||||
field=models.OneToOneField(blank=True, null=True, auto_created=True, on_delete=django.db.models.deletion.CASCADE, serialize=False, to='auth.Group'),
|
||||
preserve_default=False,
|
||||
),
|
||||
migrations.RunPython(create_groups, delete_groups),
|
||||
]
|
29
users/migrations/0063_auto_20171231_0140.py
Normal file
29
users/migrations/0063_auto_20171231_0140.py
Normal file
|
@ -0,0 +1,29 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
# Generated by Django 1.10.7 on 2017-12-31 00:40
|
||||
from __future__ import unicode_literals
|
||||
|
||||
from django.db import migrations, models
|
||||
import django.db.models.deletion
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('users', '0062_auto_20171231_0056'),
|
||||
]
|
||||
|
||||
def transfer_right(apps, schema_editor):
|
||||
rights = apps.get_model("users", "Right")
|
||||
db_alias = schema_editor.connection.alias
|
||||
for rg in rights.objects.using(db_alias).all():
|
||||
group = rg.right
|
||||
u=rg.user
|
||||
u.groups.add(group.group_ptr)
|
||||
u.save()
|
||||
|
||||
def untransfer_right(apps, schema_editor):
|
||||
return
|
||||
|
||||
operations = [
|
||||
migrations.RunPython(transfer_right, untransfer_right),
|
||||
]
|
41
users/migrations/0064_auto_20171231_0150.py
Normal file
41
users/migrations/0064_auto_20171231_0150.py
Normal file
|
@ -0,0 +1,41 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
# Generated by Django 1.10.7 on 2017-12-31 00:50
|
||||
from __future__ import unicode_literals
|
||||
|
||||
from django.db import migrations, models
|
||||
import django.db.models.deletion
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('users', '0063_auto_20171231_0140'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AlterUniqueTogether(
|
||||
name='right',
|
||||
unique_together=set([]),
|
||||
),
|
||||
migrations.RemoveField(
|
||||
model_name='right',
|
||||
name='right',
|
||||
),
|
||||
migrations.RemoveField(
|
||||
model_name='right',
|
||||
name='user',
|
||||
),
|
||||
migrations.DeleteModel(
|
||||
name='Right',
|
||||
),
|
||||
migrations.RemoveField(
|
||||
model_name='listright',
|
||||
name='id',
|
||||
),
|
||||
migrations.AlterField(
|
||||
model_name='listright',
|
||||
name='group_ptr',
|
||||
field=models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='auth.Group'),
|
||||
),
|
||||
|
||||
]
|
129
users/models.py
129
users/models.py
|
@ -63,7 +63,8 @@ from django.utils import timezone
|
|||
from django.contrib.auth.models import (
|
||||
AbstractBaseUser,
|
||||
BaseUserManager,
|
||||
PermissionsMixin
|
||||
PermissionsMixin,
|
||||
Group
|
||||
)
|
||||
from django.core.validators import RegexValidator
|
||||
|
||||
|
@ -128,18 +129,6 @@ def get_fresh_gid():
|
|||
return min(free_gids)
|
||||
|
||||
|
||||
def get_admin_right():
|
||||
""" Renvoie l'instance droit admin. La crée si elle n'existe pas
|
||||
Lui attribue un gid libre"""
|
||||
try:
|
||||
admin_right = ListRight.objects.get(listright="admin")
|
||||
except ListRight.DoesNotExist:
|
||||
admin_right = ListRight(listright="admin")
|
||||
admin_right.gid = get_fresh_gid()
|
||||
admin_right.save()
|
||||
return admin_right
|
||||
|
||||
|
||||
class UserManager(BaseUserManager):
|
||||
"""User manager basique de django"""
|
||||
def _create_user(
|
||||
|
@ -163,9 +152,9 @@ class UserManager(BaseUserManager):
|
|||
)
|
||||
|
||||
user.set_password(password)
|
||||
user.save(using=self._db)
|
||||
if su:
|
||||
user.make_admin()
|
||||
user.is_superuser=True
|
||||
user.save(using=self._db)
|
||||
return user
|
||||
|
||||
def create_user(self, pseudo, surname, email, password=None):
|
||||
|
@ -479,23 +468,6 @@ class User(FieldPermissionModelMixin, AbstractBaseUser, PermissionsMixin):
|
|||
self.assign_ips()
|
||||
self.state = User.STATE_ACTIVE
|
||||
|
||||
def has_module_perms(self, app_label):
|
||||
"""True, a toutes les permissions de module"""
|
||||
return True
|
||||
|
||||
def make_admin(self):
|
||||
""" Make User admin """
|
||||
user_admin_right = Right(user=self, right=get_admin_right())
|
||||
user_admin_right.save()
|
||||
|
||||
def un_admin(self):
|
||||
"""Supprime les droits admin d'un user"""
|
||||
try:
|
||||
user_right = Right.objects.get(user=self, right=get_admin_right())
|
||||
except Right.DoesNotExist:
|
||||
return
|
||||
user_right.delete()
|
||||
|
||||
def ldap_sync(self, base=True, access_refresh=True, mac_refresh=True, group_refresh=False):
|
||||
""" Synchronisation du ldap. Synchronise dans le ldap les attributs de
|
||||
self
|
||||
|
@ -538,8 +510,9 @@ class User(FieldPermissionModelMixin, AbstractBaseUser, PermissionsMixin):
|
|||
machine__user=self
|
||||
).values_list('mac_address', flat=True).distinct()]
|
||||
if group_refresh:
|
||||
for right in Right.objects.filter(user=self):
|
||||
right.right.ldap_sync()
|
||||
for group in self.groups.all():
|
||||
if hasattr(group, 'listright'):
|
||||
group.listright.ldap_sync()
|
||||
user_ldap.save()
|
||||
|
||||
def ldap_del(self):
|
||||
|
@ -1032,88 +1005,6 @@ def service_user_post_delete(sender, **kwargs):
|
|||
service_user.ldap_del()
|
||||
|
||||
|
||||
class Right(models.Model):
|
||||
""" Couple droit/user. Peut-être aurait-on mieux fait ici d'utiliser un
|
||||
manytomany
|
||||
Ceci dit le résultat aurait été le même avec une table intermediaire"""
|
||||
PRETTY_NAME = "Droits affectés à des users"
|
||||
|
||||
user = models.ForeignKey('User', on_delete=models.PROTECT)
|
||||
right = models.ForeignKey('ListRight', on_delete=models.PROTECT)
|
||||
|
||||
class Meta:
|
||||
unique_together = ("user", "right")
|
||||
|
||||
def get_instance(rightid, *args, **kwargs):
|
||||
return Right.objects.get(pk=rightid)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
"""Check if an user can create a Right object.
|
||||
|
||||
:param user_request: The user who wants to create an object.
|
||||
:return: a message and a boolean which is True if the user can create.
|
||||
"""
|
||||
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit de\
|
||||
créer des droits"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can edit a Right object.
|
||||
|
||||
:param self: The Right which is to be edited.
|
||||
:param user_request: The user who requests to edit self.
|
||||
:return: a message and a boolean which is True if edition is granted.
|
||||
"""
|
||||
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit\
|
||||
d'éditer des droits."
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete a Right object.
|
||||
|
||||
:param self: The Right which is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if deletion is granted, and a message.
|
||||
"""
|
||||
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit de\
|
||||
supprimer des droits"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every Right objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
return user_request.has_perms(('cableur',)), u"Vous ne pouvez pas voir\
|
||||
la liste des droits."
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can view a Right object.
|
||||
|
||||
:param self: The targeted Right.
|
||||
:param user_request: The user who ask for viewing the target.
|
||||
:return: A boolean telling if the acces is granted and an explanation
|
||||
text
|
||||
"""
|
||||
return user_request.has_perms(('cableur',)), u"Vous ne pouvez pas voir\
|
||||
ce droit."
|
||||
|
||||
def __str__(self):
|
||||
return str(self.user)
|
||||
|
||||
|
||||
@receiver(post_save, sender=Right)
|
||||
def right_post_save(sender, **kwargs):
|
||||
""" Synchronise les users ldap groups avec les groupes de droits"""
|
||||
right = kwargs['instance'].right
|
||||
right.ldap_sync()
|
||||
|
||||
|
||||
@receiver(post_delete, sender=Right)
|
||||
def right_post_delete(sender, **kwargs):
|
||||
""" Supprime l'user du groupe"""
|
||||
right = kwargs['instance'].right
|
||||
right.ldap_sync()
|
||||
|
||||
|
||||
class School(models.Model):
|
||||
""" Etablissement d'enseignement"""
|
||||
PRETTY_NAME = "Etablissements enregistrés"
|
||||
|
@ -1176,7 +1067,7 @@ class School(models.Model):
|
|||
return self.name
|
||||
|
||||
|
||||
class ListRight(models.Model):
|
||||
class ListRight(Group):
|
||||
""" Ensemble des droits existants. Chaque droit crée un groupe
|
||||
ldap synchronisé, avec gid.
|
||||
Permet de gérer facilement les accès serveurs et autres
|
||||
|
@ -1184,7 +1075,7 @@ class ListRight(models.Model):
|
|||
il n'est plus modifiable après creation"""
|
||||
PRETTY_NAME = "Liste des droits existants"
|
||||
|
||||
listright = models.CharField(
|
||||
unix_name = models.CharField(
|
||||
max_length=255,
|
||||
unique=True,
|
||||
validators=[RegexValidator(
|
||||
|
@ -1253,7 +1144,7 @@ class ListRight(models.Model):
|
|||
de voir les groupes de droits"
|
||||
|
||||
def __str__(self):
|
||||
return self.listright
|
||||
return self.name
|
||||
|
||||
def ldap_sync(self):
|
||||
"""Sychronise les groups ldap avec le model listright coté django"""
|
||||
|
|
|
@ -27,6 +27,8 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
<tr>
|
||||
<th>Droit</th>
|
||||
<th>Gid</th>
|
||||
<th>Permissions</th>
|
||||
<th>Users</th>
|
||||
<th>Details</th>
|
||||
<th></th>
|
||||
<th></th>
|
||||
|
@ -34,8 +36,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
</thead>
|
||||
{% for listright in listright_list %}
|
||||
<tr>
|
||||
<td>{{ listright.listright }}</td>
|
||||
<td>{{ listright.name }}</td>
|
||||
<td>{{ listright.gid }}</td>
|
||||
<td>{{ listright.permissions.all }}</td>
|
||||
<td>{{ listright.user_set.all }}</td>
|
||||
<td>{{ listright.details }}</td>
|
||||
<td class="text-right">
|
||||
{% include 'buttons/edit.html' with href='users:edit-listright' id=listright.id %}
|
||||
|
|
|
@ -42,10 +42,6 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
<i class="glyphicon glyphicon-flash"></i>
|
||||
Changer le statut
|
||||
</a>
|
||||
<a class="btn btn-primary btn-sm" role="button" href="{% url 'users:add-right' users.id %}">
|
||||
<i class="glyphicon glyphicon-ok"></i>
|
||||
Ajouter un droit
|
||||
</a>
|
||||
<a class="btn btn-info btn-sm" role="button" href="{% url 'users:history' 'user' users.id %}">
|
||||
<i class="glyphicon glyphicon-time"></i>
|
||||
Historique
|
||||
|
|
|
@ -77,10 +77,6 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
Gérer les service users
|
||||
</a>
|
||||
{% acl_end %}
|
||||
<a class="list-group-item list-group-item-danger" href="{% url "users:del-right" %}">
|
||||
<i class="glyphicon glyphicon-trash"></i>
|
||||
Retirer un droit
|
||||
</a>
|
||||
{% can_change User state %}
|
||||
<a class="list-group-item list-group-item-danger" href="{% url "users:mass-archive" %}">
|
||||
<i class="glyphicon glyphicon-book"></i>
|
||||
|
|
|
@ -64,8 +64,6 @@ urlpatterns = [
|
|||
views.edit_whitelist,
|
||||
name='edit-whitelist'
|
||||
),
|
||||
url(r'^add_right/(?P<userid>[0-9]+)$', views.add_right, name='add-right'),
|
||||
url(r'^del_right/$', views.del_right, name='del-right'),
|
||||
url(r'^add_school/$', views.add_school, name='add-school'),
|
||||
url(
|
||||
r'^edit_school/(?P<schoolid>[0-9]+)$',
|
||||
|
|
|
@ -55,7 +55,6 @@ from reversion import revisions as reversion
|
|||
from users.serializers import MailSerializer
|
||||
from users.models import (
|
||||
User,
|
||||
Right,
|
||||
Ban,
|
||||
Whitelist,
|
||||
School,
|
||||
|
@ -66,14 +65,12 @@ from users.models import (
|
|||
Club,
|
||||
)
|
||||
from users.forms import (
|
||||
DelRightForm,
|
||||
BanForm,
|
||||
WhitelistForm,
|
||||
DelSchoolForm,
|
||||
DelListRightForm,
|
||||
NewListRightForm,
|
||||
StateForm,
|
||||
RightForm,
|
||||
SchoolForm,
|
||||
EditServiceUserForm,
|
||||
ServiceUserForm,
|
||||
|
@ -313,51 +310,6 @@ def del_serviceuser(request, user, userid):
|
|||
)
|
||||
|
||||
|
||||
@login_required
|
||||
@can_create(Right)
|
||||
@can_edit(User)
|
||||
def add_right(request, user, userid):
|
||||
""" Ajout d'un droit à un user, need droit bureau """
|
||||
right = RightForm(request.POST or None)
|
||||
if right.is_valid():
|
||||
right = right.save(commit=False)
|
||||
right.user = user
|
||||
try:
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
reversion.set_user(request.user)
|
||||
reversion.set_comment("Ajout du droit %s" % right.right)
|
||||
right.save()
|
||||
messages.success(request, "Droit ajouté")
|
||||
except IntegrityError:
|
||||
pass
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(userid)}
|
||||
))
|
||||
return form({'userform': right}, 'users/user.html', request)
|
||||
|
||||
|
||||
@login_required
|
||||
@permission_required('bureau')
|
||||
def del_right(request):
|
||||
""" Supprimer un droit à un user, need droit bureau """
|
||||
user_right_list = dict()
|
||||
for right in ListRight.objects.all():
|
||||
user_right_list[right] = DelRightForm(right, request.POST or None)
|
||||
for _keys, right_item in user_right_list.items():
|
||||
if right_item.is_valid():
|
||||
right_del = right_item.cleaned_data['rights']
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
reversion.set_user(request.user)
|
||||
reversion.set_comment("Retrait des droit %s" % ','.join(
|
||||
str(deleted_right) for deleted_right in right_del
|
||||
))
|
||||
right_del.delete()
|
||||
messages.success(request, "Droit retiré avec succès")
|
||||
return redirect(reverse('users:index'))
|
||||
return form({'userform': user_right_list}, 'users/del_right.html', request)
|
||||
|
||||
|
||||
@login_required
|
||||
@can_create(Ban)
|
||||
@can_edit(User)
|
||||
|
@ -731,7 +683,7 @@ def index_school(request):
|
|||
@can_view_all(ListRight)
|
||||
def index_listright(request):
|
||||
""" Affiche l'ensemble des droits , need droit cableur """
|
||||
listright_list = ListRight.objects.order_by('listright')
|
||||
listright_list = ListRight.objects.order_by('unix_name')
|
||||
return render(
|
||||
request,
|
||||
'users/index_listright.html',
|
||||
|
@ -796,7 +748,6 @@ def profil(request, users, userid):
|
|||
request.GET.get('order'),
|
||||
SortTable.USERS_INDEX_WHITE
|
||||
)
|
||||
list_droits = Right.objects.filter(user=users)
|
||||
options, _created = OptionalUser.objects.get_or_create()
|
||||
user_solde = options.user_solde
|
||||
return render(
|
||||
|
@ -808,7 +759,6 @@ def profil(request, users, userid):
|
|||
'facture_list': factures,
|
||||
'ban_list': bans,
|
||||
'white_list': whitelists,
|
||||
'list_droits': list_droits,
|
||||
'user_solde': user_solde,
|
||||
}
|
||||
)
|
||||
|
|
Loading…
Reference in a new issue