mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-12-23 07:23:46 +00:00
ACL
This commit is contained in:
parent
9d79ffb5ca
commit
a5013920da
3 changed files with 17 additions and 4 deletions
|
@ -447,7 +447,7 @@ class StateForm(FormRevMixin, ModelForm):
|
|||
super(StateForm, self).__init__(*args, prefix=prefix, **kwargs)
|
||||
|
||||
|
||||
class GroupForm(FormRevMixin, ModelForm):
|
||||
class GroupForm(FieldPermissionFormMixin, FormRevMixin, ModelForm):
|
||||
""" Gestion des groupes d'un user"""
|
||||
groups = forms.ModelMultipleChoiceField(
|
||||
Group.objects.all(),
|
||||
|
@ -462,7 +462,8 @@ class GroupForm(FormRevMixin, ModelForm):
|
|||
def __init__(self, *args, **kwargs):
|
||||
prefix = kwargs.pop('prefix', self.Meta.model.__name__)
|
||||
super(GroupForm, self).__init__(*args, prefix=prefix, **kwargs)
|
||||
self.fields['is_superuser'].label = "Superuser"
|
||||
if 'is_superuser' in self.fields:
|
||||
self.fields['is_superuser'].label = "Superuser"
|
||||
|
||||
|
||||
class SchoolForm(FormRevMixin, ModelForm):
|
||||
|
|
|
@ -812,6 +812,18 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
|
|||
"Droit requis pour éditer les groupes de l'user"
|
||||
)
|
||||
|
||||
@staticmethod
|
||||
def can_change_is_superuser(user_request, *_args, **_kwargs):
|
||||
""" Check if an user can change a is_superuser flag
|
||||
|
||||
:param user_request: The user who request
|
||||
:returns: a message and a boolean which is True if permission is granted.
|
||||
"""
|
||||
return (
|
||||
user_request.is_superuser,
|
||||
"Droit superuser requis pour éditer le flag superuser"
|
||||
)
|
||||
|
||||
def can_view(self, user_request, *_args, **_kwargs):
|
||||
"""Check if an user can view an user object.
|
||||
|
||||
|
|
|
@ -246,7 +246,7 @@ def state(request, user, userid):
|
|||
@can_edit(User, 'groups')
|
||||
def groups(request, user, userid):
|
||||
""" View to edit the groups of a user """
|
||||
group_form = GroupForm(request.POST or None, instance=user)
|
||||
group_form = GroupForm(request.POST or None, instance=user, user=request.user)
|
||||
if group_form.is_valid():
|
||||
if group_form.changed_data:
|
||||
group_form.save()
|
||||
|
@ -295,7 +295,7 @@ def del_group(request, user, listrightid, **_kwargs):
|
|||
|
||||
|
||||
@login_required
|
||||
@can_edit(User, 'groups')
|
||||
@can_edit(User, 'is_superuser')
|
||||
def del_superuser(request, user, **_kwargs):
|
||||
"""Remove the superuser right of an user."""
|
||||
user.is_superuser = False
|
||||
|
|
Loading…
Reference in a new issue