From e80f602974ea9a75af08e4e4f1f0cdde2b267d47 Mon Sep 17 00:00:00 2001 From: Roberto Rosario Date: Sat, 27 Apr 2019 02:06:11 -0400 Subject: [PATCH] Update role permission view to use AddRemoveView Signed-off-by: Roberto Rosario --- HISTORY.rst | 1 + docs/releases/3.2.rst | 1 + mayan/apps/permissions/models.py | 14 ++++++ mayan/apps/permissions/views.py | 74 ++++++++++++-------------------- 4 files changed, 43 insertions(+), 47 deletions(-) diff --git a/HISTORY.rst b/HISTORY.rst index 793a753f9a..f6347ec0d7 100644 --- a/HISTORY.rst +++ b/HISTORY.rst @@ -167,6 +167,7 @@ * Update the role group list view to use the new AddRemoveView. * Commit the group event in conjunction with the role event when a group is added or remove from role. +* Update the role permission view to use the new AddRemoveView. 3.1.11 (2019-04-XX) =================== diff --git a/docs/releases/3.2.rst b/docs/releases/3.2.rst index 8cc651e75f..c88b2765d3 100644 --- a/docs/releases/3.2.rst +++ b/docs/releases/3.2.rst @@ -199,6 +199,7 @@ Other changes * Update the role group list view to use the new AddRemoveView. * Commit the group event in conjunction with the role event when a group is added or remove from role. +* Update the role permission view to use the new AddRemoveView. Removals -------- diff --git a/mayan/apps/permissions/models.py b/mayan/apps/permissions/models.py index 5ebde5d80e..1541ab3b60 100644 --- a/mayan/apps/permissions/models.py +++ b/mayan/apps/permissions/models.py @@ -147,6 +147,20 @@ class Role(models.Model): return (self.label,) natural_key.dependencies = ['auth.Group', 'permissions.StoredPermission'] + def permissions_add(self, queryset, _user=None): + with transaction.atomic(): + event_role_edited.commit( + actor=_user, target=self + ) + self.permissions.add(*queryset) + + def permissions_remove(self, queryset, _user=None): + with transaction.atomic(): + event_role_edited.commit( + actor=_user, target=self + ) + self.permissions.remove(*queryset) + def save(self, *args, **kwargs): _user = kwargs.pop('_user', None) diff --git a/mayan/apps/permissions/views.py b/mayan/apps/permissions/views.py index 9647fae190..4c5886f97e 100644 --- a/mayan/apps/permissions/views.py +++ b/mayan/apps/permissions/views.py @@ -99,72 +99,52 @@ class SetupRoleMembersView(AddRemoveView): } -class SetupRolePermissionsView(AssignRemoveView): +class SetupRolePermissionsView(AddRemoveView): + action_add_method = 'permissions_add' + action_remove_method = 'permissions_remove' grouped = True - left_list_title = _('Available permissions') - right_list_title = _('Granted permissions') + main_object_model = Role + main_object_permission = permission_role_edit + main_object_pk_url_kwarg = 'pk' + list_available_title = _('Available permissions') + list_added_title = _('Granted permissions') + related_field = 'permissions' + secondary_object_model = StoredPermission - @staticmethod - def generate_choices(entries): - results = [] + def generate_choices(self, queryset): + namespaces_dictionary = {} # Sort permissions by their translatable label - entries = sorted( - entries, key=lambda permission: permission.volatile_permission.label + object_list = sorted( + queryset, key=lambda permission: permission.volatile_permission.label ) # Group permissions by namespace - for namespace, permissions in itertools.groupby(entries, lambda entry: entry.namespace): - permission_options = [ - (force_text(permission.pk), permission) for permission in permissions - ] - results.append( - (PermissionNamespace.get(namespace), permission_options) + for permission in object_list: + namespaces_dictionary.setdefault( + permission.volatile_permission.namespace.label, + [] + ) + namespaces_dictionary[permission.volatile_permission.namespace.label].append( + (permission.pk, force_text(permission)) ) - return results + # Sort permissions by their translatable namespace label + return sorted(namespaces_dictionary.items()) - def add(self, item): - permission = get_object_or_404(klass=StoredPermission, pk=item) - self.get_object().permissions.add(permission) - - def dispatch(self, request, *args, **kwargs): - AccessControlList.objects.check_access( - permissions=(permission_role_edit,), - user=self.request.user, obj=self.get_object() - ) - return super(SetupRolePermissionsView, self).dispatch(request, *args, **kwargs) + def get_actions_extra_kwargs(self): + return {'_user': self.request.user} def get_extra_context(self): return { - 'object': self.get_object(), + 'object': self.main_object, 'subtitle': _( 'Permissions granted here will apply to the entire system ' 'and all objects.' ), - 'title': _('Permissions for role: %s') % self.get_object(), + 'title': _('Permissions for role: %s') % self.main_object, } - def get_object(self): - return get_object_or_404(klass=Role, pk=self.kwargs['pk']) - - def left_list(self): - Permission.refresh() - - return SetupRolePermissionsView.generate_choices( - entries=StoredPermission.objects.exclude( - id__in=self.get_object().permissions.values_list('pk', flat=True) - ) - ) - - def right_list(self): - return SetupRolePermissionsView.generate_choices( - entries=self.get_object().permissions.all() - ) - - def remove(self, item): - permission = get_object_or_404(klass=StoredPermission, pk=item) - self.get_object().permissions.remove(permission) class RoleListView(SingleObjectListView):