mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-25 22:22:26 +00:00
ACL
This commit is contained in:
parent
9d79ffb5ca
commit
a5013920da
3 changed files with 17 additions and 4 deletions
|
@ -447,7 +447,7 @@ class StateForm(FormRevMixin, ModelForm):
|
||||||
super(StateForm, self).__init__(*args, prefix=prefix, **kwargs)
|
super(StateForm, self).__init__(*args, prefix=prefix, **kwargs)
|
||||||
|
|
||||||
|
|
||||||
class GroupForm(FormRevMixin, ModelForm):
|
class GroupForm(FieldPermissionFormMixin, FormRevMixin, ModelForm):
|
||||||
""" Gestion des groupes d'un user"""
|
""" Gestion des groupes d'un user"""
|
||||||
groups = forms.ModelMultipleChoiceField(
|
groups = forms.ModelMultipleChoiceField(
|
||||||
Group.objects.all(),
|
Group.objects.all(),
|
||||||
|
@ -462,6 +462,7 @@ class GroupForm(FormRevMixin, ModelForm):
|
||||||
def __init__(self, *args, **kwargs):
|
def __init__(self, *args, **kwargs):
|
||||||
prefix = kwargs.pop('prefix', self.Meta.model.__name__)
|
prefix = kwargs.pop('prefix', self.Meta.model.__name__)
|
||||||
super(GroupForm, self).__init__(*args, prefix=prefix, **kwargs)
|
super(GroupForm, self).__init__(*args, prefix=prefix, **kwargs)
|
||||||
|
if 'is_superuser' in self.fields:
|
||||||
self.fields['is_superuser'].label = "Superuser"
|
self.fields['is_superuser'].label = "Superuser"
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -812,6 +812,18 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
|
||||||
"Droit requis pour éditer les groupes de l'user"
|
"Droit requis pour éditer les groupes de l'user"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def can_change_is_superuser(user_request, *_args, **_kwargs):
|
||||||
|
""" Check if an user can change a is_superuser flag
|
||||||
|
|
||||||
|
:param user_request: The user who request
|
||||||
|
:returns: a message and a boolean which is True if permission is granted.
|
||||||
|
"""
|
||||||
|
return (
|
||||||
|
user_request.is_superuser,
|
||||||
|
"Droit superuser requis pour éditer le flag superuser"
|
||||||
|
)
|
||||||
|
|
||||||
def can_view(self, user_request, *_args, **_kwargs):
|
def can_view(self, user_request, *_args, **_kwargs):
|
||||||
"""Check if an user can view an user object.
|
"""Check if an user can view an user object.
|
||||||
|
|
||||||
|
|
|
@ -246,7 +246,7 @@ def state(request, user, userid):
|
||||||
@can_edit(User, 'groups')
|
@can_edit(User, 'groups')
|
||||||
def groups(request, user, userid):
|
def groups(request, user, userid):
|
||||||
""" View to edit the groups of a user """
|
""" View to edit the groups of a user """
|
||||||
group_form = GroupForm(request.POST or None, instance=user)
|
group_form = GroupForm(request.POST or None, instance=user, user=request.user)
|
||||||
if group_form.is_valid():
|
if group_form.is_valid():
|
||||||
if group_form.changed_data:
|
if group_form.changed_data:
|
||||||
group_form.save()
|
group_form.save()
|
||||||
|
@ -295,7 +295,7 @@ def del_group(request, user, listrightid, **_kwargs):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@can_edit(User, 'groups')
|
@can_edit(User, 'is_superuser')
|
||||||
def del_superuser(request, user, **_kwargs):
|
def del_superuser(request, user, **_kwargs):
|
||||||
"""Remove the superuser right of an user."""
|
"""Remove the superuser right of an user."""
|
||||||
user.is_superuser = False
|
user.is_superuser = False
|
||||||
|
|
Loading…
Reference in a new issue