Gestion des admins d'école

This commit is contained in:
Klafyvel 2018-03-02 00:23:41 +01:00
parent 1ccbd0cea9
commit 1721c95925
3 changed files with 65 additions and 11 deletions

View file

@ -7,6 +7,7 @@
<i class="fa fa-edit"></i>
Éditer
</a>
{% if manager_right in perms %}
<h2>Membres</h2>
<table class="table table-striped">
<thead>
@ -17,18 +18,28 @@
</thead>
<tbody>
{% for member in members %}
<td>{{member.last_name}}</td>
<td>{{member.first_name}}</td>
<td>{{member.username}}</td>
<td>
<a class="btn btn-outline-warning btn-sm" href="">
<i class="fa fa-trash"></i>
Supprimer
</a>
</td>
<tr>
<td>{{member.last_name}}</td>
<td>{{member.first_name}}</td>
<td>{{member.username}}</td>
<td>
{% if member in manager_group.user_set.all %}
<a class="btn btn-outline-danger btn-sm" href="{% url 'users:degrade-user' object.pk member.pk %}">
<i class="fa fa-trash"></i>
Enlever le privilège Administrateur
</a>
{% else %}
<a class="btn btn-outline-warning btn-sm" href="{% url 'users:promote-user' object.pk member.pk %}">
<i class="fa fa-star"></i>
Promouvoir administrateur
</a>
{% endif %}
</td>
</tr>
{% endfor %}
</tbody>
</table>
{% endif %}
<h2>Contenus</h2>
<a class="btn btn-success btn-sm" href="{% url 'content:content-new' %}">
<i class="fa fa-plus"></i>

View file

@ -10,6 +10,8 @@ from .views import (
PasswordChange,
Profile,
School,
promote_user,
degrade_user
)
app_name = 'users'
@ -54,6 +56,16 @@ urlpatterns = [
School.as_view(),
name='school'
),
path(
'school/<int:school_pk>/degrade/<int:user_pk>',
degrade_user,
name='degrade-user'
),
path(
'school/<int:school_pk>/promote/<int:user_pk>',
promote_user,
name='promote-user'
),
path(
'school/<int:pk>/edit',
EditSchool.as_view(),

View file

@ -1,11 +1,12 @@
from django.contrib.auth.models import User, Group
from django.contrib.auth.mixins import PermissionRequiredMixin, LoginRequiredMixin
from django.views.generic import CreateView, UpdateView, DeleteView, DetailView
from django.contrib.auth.views import LoginView, LogoutView, PasswordChangeView
from django.contrib.auth.views import LoginView, LogoutView, PasswordChangeView, login_required
from django.contrib.auth.hashers import make_password
from django.contrib.messages.views import SuccessMessageMixin
from django.contrib import messages
from django.urls import reverse, reverse_lazy
from django.shortcuts import get_object_or_404
from django.shortcuts import get_object_or_404, redirect
from .models import UserProfile, SchoolProfile
from content.models import Content
@ -140,6 +141,8 @@ class School(LoginRequiredMixin, PermissionRequiredMixin, DetailView):
context['contents'] = Content.objects.filter(school_owner=self.object.school)
context['school'] = True
context['members'] = User.objects.filter(userprofile__school=self.object.school)
context['manager_right'] = 'auth.manage_' + str(self.object.pk)
context['manager_group'],_ = Group.objects.get_or_create(name=str(self.object.pk)+'_admins')
return context
def has_permission(self):
@ -167,3 +170,31 @@ class PasswordChange(SuccessMessageMixin, PasswordChangeView):
'title' : "Changer le mot de passe",
'validate' : "Changer",
}
@login_required
def promote_user(request, school_pk, user_pk):
school = get_object_or_404(Group, pk=school_pk)
user = get_object_or_404(User, pk=user_pk)
if request.user.has_perm('manage_'+str(school.pk)):
admins,_ = Group.objects.get_or_create(name=str(school.pk)+'_admins')
user.groups.add(admins)
user.save()
messages.success(request, user.username + ' a été ajouté aux administrateurs de ' + school.name)
return redirect(reverse('users:school', kwargs={'pk':school.pk}))
messages.error(request, "Vous n'aves pas ce droit.")
return redirect('home')
@login_required
def degrade_user(request, school_pk, user_pk):
school = get_object_or_404(Group, pk=school_pk)
user = get_object_or_404(User, pk=user_pk)
if request.user.has_perm('manage_'+str(school.pk)):
admins,_ = Group.objects.get_or_create(name=str(school.pk)+'_admins')
user.groups.remove(admins)
user.save()
messages.success(request, user.username + ' a été enlevé des administrateurs de ' + school.name)
return redirect(reverse('users:school', kwargs={'pk':school.pk}))
messages.error(request, "Vous n'aves pas ce droit.")
return redirect('home')