Added view to add or remove user to a specific role
This commit is contained in:
Roberto Rosario
@@ -25,6 +25,7 @@
|
|||||||
{% with subtemplate.object as object %}
|
{% with subtemplate.object as object %}
|
||||||
{% with subtemplate.object_name as object_name %}
|
{% with subtemplate.object_name as object_name %}
|
||||||
{% with subtemplate.form_action as form_action %}
|
{% with subtemplate.form_action as form_action %}
|
||||||
|
{% with subtemplate.submit_label as submit_label %}
|
||||||
{% with subtemplate.form as form %}
|
{% with subtemplate.form as form %}
|
||||||
|
|
||||||
{% with subtemplate.content as content %}
|
{% with subtemplate.content as content %}
|
||||||
@@ -42,6 +43,7 @@
|
|||||||
{% endwith %}
|
{% endwith %}
|
||||||
{% endwith %}
|
{% endwith %}
|
||||||
{% endwith %}
|
{% endwith %}
|
||||||
|
{% endwith %}
|
||||||
|
|
||||||
|
|
||||||
{% endwith %}
|
{% endwith %}
|
||||||
@@ -73,6 +75,7 @@
|
|||||||
{% with form.title as title %}
|
{% with form.title as title %}
|
||||||
{% with form.object as object %}
|
{% with form.object as object %}
|
||||||
{% with form.object_name as object_name %}
|
{% with form.object_name as object_name %}
|
||||||
|
{% with form.submit_label as submit_label %}
|
||||||
{% with form.form_action as form_action %}
|
{% with form.form_action as form_action %}
|
||||||
<div class="grid_{{ form.grid|default:11 }}">
|
<div class="grid_{{ form.grid|default:11 }}">
|
||||||
{% with form.form as form %}
|
{% with form.form as form %}
|
||||||
@@ -88,6 +91,7 @@
|
|||||||
{% endwith %}
|
{% endwith %}
|
||||||
{% endwith %}
|
{% endwith %}
|
||||||
{% endwith %}
|
{% endwith %}
|
||||||
|
{% endwith %}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|||||||
@@ -63,11 +63,10 @@
|
|||||||
{% else %}
|
{% else %}
|
||||||
{% include "generic_form_instance.html" %}
|
{% include "generic_form_instance.html" %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if not read_only %}
|
{% if not read_only %}
|
||||||
<div class="group navform wat-cf">
|
<div class="group navform wat-cf">
|
||||||
<button class="button" type="submit" name="{{ form.prefix }}-submit">
|
<button class="button" type="submit" name="{{ form.prefix }}-submit">
|
||||||
<img src="{{ MEDIA_URL }}web_theme_media/images/icons/tick.png" alt="{% if object %}{% trans 'Save' %}{% else %}{% trans 'Submit' %}{% endif %}" /> {% if object %}{% trans "Save" %}{% else %}{% trans "Submit" %}{% endif %}
|
<img src="{{ MEDIA_URL }}web_theme_media/images/icons/tick.png" alt="{% if submit_label %}{{ submit_label }}{% else %}{% if object %}{% trans 'Save' %}{% else %}{% trans 'Submit' %}{% endif %}{% endif %}" /> {% if submit_label %}{{ submit_label }}{% else %}{% if object %}{% trans "Save" %}{% else %}{% trans "Submit" %}{% endif %}{% endif %}
|
||||||
</button>
|
</button>
|
||||||
{% comment %}
|
{% comment %}
|
||||||
<a href="#header" class="button">
|
<a href="#header" class="button">
|
||||||
|
|||||||
@@ -19,10 +19,11 @@ PERMISSION_PERMISSION_REVOKE = 'permission_revoke'
|
|||||||
role_list = {'text': _(u'roles'), 'view': 'role_list', 'famfam': 'medal_gold_1', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_ROLE_VIEW]}}
|
role_list = {'text': _(u'roles'), 'view': 'role_list', 'famfam': 'medal_gold_1', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_ROLE_VIEW]}}
|
||||||
role_create = {'text': _(u'create new role'), 'view': 'role_create', 'famfam': 'medal_gold_add', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_ROLE_CREATE]}}
|
role_create = {'text': _(u'create new role'), 'view': 'role_create', 'famfam': 'medal_gold_add', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_ROLE_CREATE]}}
|
||||||
role_edit = {'text': _(u'edit'), 'view': 'role_edit', 'args': 'object.id', 'famfam': 'medal_gold_1', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_ROLE_EDIT]}}
|
role_edit = {'text': _(u'edit'), 'view': 'role_edit', 'args': 'object.id', 'famfam': 'medal_gold_1', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_ROLE_EDIT]}}
|
||||||
|
role_members = {'text': _(u'members'), 'view': 'role_members', 'args': 'object.id', 'famfam': 'group_key', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_ROLE_EDIT]}}
|
||||||
role_permissions = {'text': _(u'role permissions'), 'view': 'role_permissions', 'args': 'object.id', 'famfam': 'key_go', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_PERMISSION_GRANT, PERMISSION_PERMISSION_REVOKE]}}
|
role_permissions = {'text': _(u'role permissions'), 'view': 'role_permissions', 'args': 'object.id', 'famfam': 'key_go', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_PERMISSION_GRANT, PERMISSION_PERMISSION_REVOKE]}}
|
||||||
role_delete = {'text': _(u'delete'), 'view': 'role_delete', 'args': 'object.id', 'famfam': 'medal_gold_delete', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_ROLE_DELETE]}}
|
role_delete = {'text': _(u'delete'), 'view': 'role_delete', 'args': 'object.id', 'famfam': 'medal_gold_delete', 'permissions': {'namespace': 'permissions', 'permissions': [PERMISSION_ROLE_DELETE]}}
|
||||||
|
|
||||||
register_links(Role, [role_permissions, role_edit, role_delete])
|
register_links(Role, [role_permissions, role_edit, role_members, role_delete])
|
||||||
register_links(['role_list', 'role_view', 'role_create', 'role_edit', 'role_permissions', 'role_delete'], [role_create], menu_name='sidebar')
|
register_links(['role_list', 'role_view', 'role_create', 'role_edit', 'role_permissions', 'role_delete'], [role_create], menu_name='sidebar')
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -1,9 +1,10 @@
|
|||||||
|
from django.conf import settings
|
||||||
from django import forms
|
from django import forms
|
||||||
from django.utils.translation import ugettext_lazy as _
|
from django.utils.translation import ugettext_lazy as _
|
||||||
|
|
||||||
from common.forms import DetailForm
|
from common.forms import DetailForm
|
||||||
|
|
||||||
from models import Role
|
from models import Role, RoleMember
|
||||||
|
|
||||||
|
|
||||||
class RoleForm(forms.ModelForm):
|
class RoleForm(forms.ModelForm):
|
||||||
@@ -14,3 +15,15 @@ class RoleForm(forms.ModelForm):
|
|||||||
class RoleForm_view(DetailForm):
|
class RoleForm_view(DetailForm):
|
||||||
class Meta:
|
class Meta:
|
||||||
model = Role
|
model = Role
|
||||||
|
|
||||||
|
|
||||||
|
class ChoiceForm(forms.Form):
|
||||||
|
def __init__(self, *args, **kwargs):
|
||||||
|
choices = kwargs.pop('choices', [])
|
||||||
|
label = kwargs.pop('label', _(u'Selection'))
|
||||||
|
super(ChoiceForm, self).__init__(*args, **kwargs)
|
||||||
|
self.fields['selection'].choices = choices
|
||||||
|
self.fields['selection'].label = label
|
||||||
|
self.fields['selection'].widget.attrs.update({'size':14})
|
||||||
|
|
||||||
|
selection = forms.MultipleChoiceField()
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ urlpatterns = patterns('permissions.views',
|
|||||||
url(r'^role/(?P<role_id>\d+)/permissions/$', 'role_permissions', (), 'role_permissions'),
|
url(r'^role/(?P<role_id>\d+)/permissions/$', 'role_permissions', (), 'role_permissions'),
|
||||||
url(r'^role/(?P<role_id>\d+)/edit/$', 'role_edit', (), 'role_edit'),
|
url(r'^role/(?P<role_id>\d+)/edit/$', 'role_edit', (), 'role_edit'),
|
||||||
url(r'^role/(?P<role_id>\d+)/delete/$', 'role_delete', (), 'role_delete'),
|
url(r'^role/(?P<role_id>\d+)/delete/$', 'role_delete', (), 'role_delete'),
|
||||||
|
url(r'^role/(?P<role_id>\d+)/members/$', 'role_members', (), 'role_members'),
|
||||||
|
|
||||||
url(r'^permission/(?P<permission_id>\d+)/for/(?P<app_label>[\w\-]+)/(?P<module_name>[\w\-]+)/(?P<pk>\d+)/grant/$', 'permission_grant_revoke', {'action': 'grant'}, 'permission_grant'),
|
url(r'^permission/(?P<permission_id>\d+)/for/(?P<app_label>[\w\-]+)/(?P<module_name>[\w\-]+)/(?P<pk>\d+)/grant/$', 'permission_grant_revoke', {'action': 'grant'}, 'permission_grant'),
|
||||||
url(r'^permission/(?P<permission_id>\d+)/for/(?P<app_label>[\w\-]+)/(?P<module_name>[\w\-]+)/(?P<pk>\d+)/revoke/$', 'permission_grant_revoke', {'action': 'revoke'}, 'permission_revoke'),
|
url(r'^permission/(?P<permission_id>\d+)/for/(?P<app_label>[\w\-]+)/(?P<module_name>[\w\-]+)/(?P<pk>\d+)/revoke/$', 'permission_grant_revoke', {'action': 'revoke'}, 'permission_revoke'),
|
||||||
|
|||||||
@@ -8,9 +8,10 @@ from django.core.urlresolvers import reverse
|
|||||||
from django.views.generic.create_update import create_object, delete_object, update_object
|
from django.views.generic.create_update import create_object, delete_object, update_object
|
||||||
from django.contrib.contenttypes.models import ContentType
|
from django.contrib.contenttypes.models import ContentType
|
||||||
from django.core.exceptions import ObjectDoesNotExist
|
from django.core.exceptions import ObjectDoesNotExist
|
||||||
|
from django.contrib.auth.models import User
|
||||||
|
|
||||||
from models import Role, Permission, PermissionHolder
|
from models import Role, Permission, PermissionHolder, RoleMember
|
||||||
from forms import RoleForm, RoleForm_view
|
from forms import RoleForm, RoleForm_view, ChoiceForm
|
||||||
from permissions import PERMISSION_ROLE_VIEW, PERMISSION_ROLE_EDIT, \
|
from permissions import PERMISSION_ROLE_VIEW, PERMISSION_ROLE_EDIT, \
|
||||||
PERMISSION_ROLE_CREATE, PERMISSION_ROLE_DELETE, PERMISSION_PERMISSION_GRANT, \
|
PERMISSION_ROLE_CREATE, PERMISSION_ROLE_DELETE, PERMISSION_PERMISSION_GRANT, \
|
||||||
PERMISSION_PERMISSION_REVOKE
|
PERMISSION_PERMISSION_REVOKE
|
||||||
@@ -158,3 +159,97 @@ def permission_grant_revoke(request, permission_id, app_label, module_name, pk,
|
|||||||
'previous': previous,
|
'previous': previous,
|
||||||
'title': title,
|
'title': title,
|
||||||
}, context_instance=RequestContext(request))
|
}, context_instance=RequestContext(request))
|
||||||
|
|
||||||
|
|
||||||
|
def generate_choices_w_labels(choices):
|
||||||
|
results = []
|
||||||
|
for choice in choices:
|
||||||
|
ct_label = ContentType.objects.get_for_model(choice).name
|
||||||
|
label = unicode(choice)
|
||||||
|
if isinstance(choice, User):
|
||||||
|
label = choice.get_full_name() if choice.get_full_name() else choice
|
||||||
|
|
||||||
|
results.append(('%s,%s' % (ct_label, choice.pk), '%s: %s' % (ct_label, label)))
|
||||||
|
|
||||||
|
#Sort results by the label not the key value
|
||||||
|
return sorted(results, key=lambda x: x[1])
|
||||||
|
|
||||||
|
|
||||||
|
def get_role_members(role):
|
||||||
|
return [member.member_object for member in role.rolemember_set.filter(member_type=ContentType.objects.get(model='user'))]
|
||||||
|
|
||||||
|
|
||||||
|
def get_non_role_members(role):
|
||||||
|
#non members = all users - members - staff - super users
|
||||||
|
staff_users = User.objects.filter(is_staff=True)
|
||||||
|
super_users = User.objects.filter(is_superuser=True)
|
||||||
|
return list(set(User.objects.exclude(pk__in=[member.id for member in get_role_members(role)])) - set(staff_users) - set(super_users))
|
||||||
|
|
||||||
|
|
||||||
|
def role_members(request, role_id):
|
||||||
|
check_permissions(request.user, 'permissions', [PERMISSION_ROLE_EDIT])
|
||||||
|
role = get_object_or_404(Role, pk=role_id)
|
||||||
|
|
||||||
|
if request.method == 'POST':
|
||||||
|
if 'unselected-users-submit' in request.POST.keys():
|
||||||
|
unselected_users_form = ChoiceForm(request.POST,
|
||||||
|
prefix='unselected-users',
|
||||||
|
choices=generate_choices_w_labels(get_non_role_members(role)))
|
||||||
|
if unselected_users_form.is_valid():
|
||||||
|
for selection in unselected_users_form.cleaned_data['selection']:
|
||||||
|
model, pk = selection.split(u',')
|
||||||
|
ct = ContentType.objects.get(model=model)
|
||||||
|
obj = ct.get_object_for_this_type(pk=pk)
|
||||||
|
new_member, created = RoleMember.objects.get_or_create(role=role, member_type=ct, member_id=pk)
|
||||||
|
if created:
|
||||||
|
messages.success(request, _(u'%(obj)s added successfully to the role: %(role)s.') % {
|
||||||
|
'obj': generate_choices_w_labels([obj])[0][1], 'role': role})
|
||||||
|
|
||||||
|
elif 'selected-users-submit' in request.POST.keys():
|
||||||
|
selected_users_form = ChoiceForm(request.POST,
|
||||||
|
prefix='selected-users',
|
||||||
|
choices=generate_choices_w_labels(get_role_members(role)))
|
||||||
|
if selected_users_form.is_valid():
|
||||||
|
for selection in selected_users_form.cleaned_data['selection']:
|
||||||
|
model, pk = selection.split(u',')
|
||||||
|
ct = ContentType.objects.get(model=model)
|
||||||
|
obj = ct.get_object_for_this_type(pk=pk)
|
||||||
|
|
||||||
|
try:
|
||||||
|
member = RoleMember.objects.get(role=role, member_type=ct, member_id=pk)
|
||||||
|
member.delete()
|
||||||
|
messages.success(request, _(u'%(obj)s removed successfully from the role: %(role)s.') % {
|
||||||
|
'obj': generate_choices_w_labels([obj])[0][1], 'role': role})
|
||||||
|
except member.DoesNotExist:
|
||||||
|
messages.error(request, _(u'Unable to remove %(obj)s from the role: %(role)s.') % {
|
||||||
|
'obj': generate_choices_w_labels([obj])[0][1], 'role': role})
|
||||||
|
|
||||||
|
unselected_users_form = ChoiceForm(prefix='unselected-users',
|
||||||
|
choices=generate_choices_w_labels(get_non_role_members(role)))
|
||||||
|
selected_users_form = ChoiceForm(prefix='selected-users',
|
||||||
|
choices=generate_choices_w_labels(get_role_members(role)))
|
||||||
|
|
||||||
|
context = {
|
||||||
|
'object': role,
|
||||||
|
'object_name': _(u'role'),
|
||||||
|
'form_list': [
|
||||||
|
{
|
||||||
|
'form': unselected_users_form,
|
||||||
|
'title': _(u'non members of role'),
|
||||||
|
'grid': 6,
|
||||||
|
'grid_clear': False,
|
||||||
|
'submit_label': _(u'Add'),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
'form': selected_users_form,
|
||||||
|
'title': _(u'members of role'),
|
||||||
|
'grid': 6,
|
||||||
|
'grid_clear': True,
|
||||||
|
'submit_label': _(u'Remove'),
|
||||||
|
},
|
||||||
|
|
||||||
|
],
|
||||||
|
}
|
||||||
|
|
||||||
|
return render_to_response('generic_form.html', context,
|
||||||
|
context_instance=RequestContext(request))
|
||||||
|
|||||||
Reference in New Issue
Block a user