diff --git a/HISTORY.rst b/HISTORY.rst index dd4af76e22..aa8bb496cc 100644 --- a/HISTORY.rst +++ b/HISTORY.rst @@ -10,6 +10,8 @@ - User Django's provided form for setting an users password. This change allows displaying the current password policies and validation. +- Add method to modify a group's role membership from the group's + view. 2.7.3 (2017-09-11) ================== diff --git a/mayan/apps/permissions/apps.py b/mayan/apps/permissions/apps.py index 9a6e9dcaf0..bc044c6447 100644 --- a/mayan/apps/permissions/apps.py +++ b/mayan/apps/permissions/apps.py @@ -1,5 +1,6 @@ from __future__ import unicode_literals +from django.apps import apps from django.utils.translation import ugettext_lazy as _ from common import ( @@ -10,9 +11,9 @@ from rest_api.classes import APIEndPoint from .handlers import purge_permissions from .links import ( - link_permission_grant, link_permission_revoke, link_role_create, - link_role_delete, link_role_edit, link_role_list, link_role_members, - link_role_permissions + link_group_members, link_permission_grant, link_permission_revoke, + link_role_create, link_role_delete, link_role_edit, link_role_list, + link_role_members, link_role_permissions ) from .search import * # NOQA @@ -26,9 +27,13 @@ class PermissionsApp(MayanAppConfig): super(PermissionsApp, self).ready() Role = self.get_model('Role') + Group = apps.get_model(app_label='auth', model_name='Group') APIEndPoint(app=self, version_string='1') + menu_object.bind_links( + links=(link_group_members,), position=98, sources=(Group,) + ) menu_object.bind_links( links=( link_role_edit, link_role_members, link_role_permissions, diff --git a/mayan/apps/permissions/links.py b/mayan/apps/permissions/links.py index 010f49de68..a167108069 100644 --- a/mayan/apps/permissions/links.py +++ b/mayan/apps/permissions/links.py @@ -3,6 +3,7 @@ from __future__ import unicode_literals from django.utils.translation import ugettext_lazy as _ from navigation import Link +from user_management.permissions import permission_group_edit from .permissions import ( permission_permission_grant, permission_permission_revoke, @@ -10,6 +11,10 @@ from .permissions import ( permission_role_view ) +link_group_members = Link( + permissions=(permission_group_edit,), text=_('Roles'), + view='permissions:group_members', args='object.id' +) link_permission_grant = Link( permissions=(permission_permission_grant,), text=_('Grant'), view='permissions:permission_multiple_grant' diff --git a/mayan/apps/permissions/urls.py b/mayan/apps/permissions/urls.py index 2eb8d57546..a7698f0236 100644 --- a/mayan/apps/permissions/urls.py +++ b/mayan/apps/permissions/urls.py @@ -4,11 +4,15 @@ from django.conf.urls import url from .api_views import APIPermissionList, APIRoleListView, APIRoleView from .views import ( - RoleCreateView, RoleDeleteView, RoleEditView, RoleListView, - SetupRoleMembersView, SetupRolePermissionsView + GroupRoleMembersView, RoleCreateView, RoleDeleteView, RoleEditView, + RoleListView, SetupRoleMembersView, SetupRolePermissionsView ) urlpatterns = [ + url( + r'^group/(?P\d+)/members/$', GroupRoleMembersView.as_view(), + name='group_members' + ), url(r'^role/list/$', RoleListView.as_view(), name='role_list'), url(r'^role/create/$', RoleCreateView.as_view(), name='role_create'), url( diff --git a/mayan/apps/permissions/views.py b/mayan/apps/permissions/views.py index 3afa69b5eb..e066e2a4dc 100644 --- a/mayan/apps/permissions/views.py +++ b/mayan/apps/permissions/views.py @@ -12,6 +12,7 @@ from common.views import ( AssignRemoveView, SingleObjectCreateView, SingleObjectDeleteView, SingleObjectEditView, SingleObjectListView ) +from user_management.permissions import permission_group_edit from .classes import Permission, PermissionNamespace from .models import Role, StoredPermission @@ -22,6 +23,40 @@ from .permissions import ( ) +class GroupRoleMembersView(AssignRemoveView): + grouped = False + left_list_title = _('Available roles') + right_list_title = _('Group roles') + view_permission = permission_group_edit + + def add(self, item): + role = get_object_or_404(Role, pk=item) + self.get_object().roles.add(role) + + def get_extra_context(self): + return { + 'object': self.get_object(), + 'title': _('Roles of group: %s') % self.get_object() + } + + def get_object(self): + return get_object_or_404(Group, pk=self.kwargs['pk']) + + def left_list(self): + return [ + (force_text(role.pk), role.label) for role in set(Role.objects.all()) - set(self.get_object().roles.all()) + ] + + def right_list(self): + return [ + (force_text(role.pk), role.label) for role in self.get_object().roles.all() + ] + + def remove(self, item): + role = get_object_or_404(Role, pk=item) + self.get_object().roles.remove(role) + + class RoleCreateView(SingleObjectCreateView): fields = ('label',) model = Role diff --git a/mayan/apps/user_management/apps.py b/mayan/apps/user_management/apps.py index a58a8bc22a..301c6ddbc0 100644 --- a/mayan/apps/user_management/apps.py +++ b/mayan/apps/user_management/apps.py @@ -92,9 +92,12 @@ class UserManagementApp(MayanAppConfig): sources=('user_management:user_list',) ) menu_object.bind_links( - links=(link_group_edit, link_group_members, link_group_delete), + links=(link_group_edit, link_group_members,), sources=(Group,) ) + menu_object.bind_links( + links=(link_group_delete,), position=99, sources=(Group,) + ) menu_object.bind_links( links=( link_user_edit, link_user_set_password, link_user_groups, @@ -104,9 +107,8 @@ class UserManagementApp(MayanAppConfig): menu_secondary.bind_links( links=(link_group_list, link_group_add), sources=( 'user_management:group_multiple_delete', - 'user_management:group_delete', 'user_management:group_edit', 'user_management:group_list', 'user_management:group_add', - 'user_management:group_members' + Group ) ) menu_secondary.bind_links(