8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-25 22:22:26 +00:00

Merge branch 'fix_110_display_superuser' into 'master'

Fix #110 display superuser

Closes #110

See merge request federez/re2o!150
This commit is contained in:
chirac 2018-05-03 14:42:44 +02:00
commit dcd1e2af96
7 changed files with 88 additions and 10 deletions

View file

@ -66,7 +66,11 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<td><p class="text-success">{{utilisateur.last}}</p></td> <td><p class="text-success">{{utilisateur.last}}</p></td>
{% endif %} {% endif %}
<td> <td>
{% if droit != 'Superuser' %}
<a href="{% url 'users:del-group' utilisateur.id droit.id %}"> <a href="{% url 'users:del-group' utilisateur.id droit.id %}">
{% else %}
<a href="{% url 'users:del-superuser' utilisateur.id %}">
{% endif %}
<button type="button" class="btn btn-danger" aria-label="Left Align"> <button type="button" class="btn btn-danger" aria-label="Left Align">
<span class="fa fa-user-times" aria-hidden="true"></span> <span class="fa fa-user-times" aria-hidden="true"></span>
</button> </button>

View file

@ -41,7 +41,7 @@ from django.urls import reverse
from django.shortcuts import render, redirect from django.shortcuts import render, redirect
from django.contrib import messages from django.contrib import messages
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required
from django.db.models import Count, Max from django.db.models import Count, Max, F
from reversion.models import Revision from reversion.models import Revision
from reversion.models import Version, ContentType from reversion.models import Version, ContentType
@ -469,7 +469,12 @@ def stats_droits(request):
for droit in ListRight.objects.all().select_related('group_ptr'): for droit in ListRight.objects.all().select_related('group_ptr'):
stats_list[droit] = droit.user_set.all().annotate( stats_list[droit] = droit.user_set.all().annotate(
num=Count('revision'), num=Count('revision'),
last=Max('revision__date_created') last=Max('revision__date_created'),
)
stats_list['Superuser'] = User.objects.filter(is_superuser=True).annotate(
num=Count('revision'),
last=Max('revision__date_created'),
) )
return render( return render(

View file

@ -454,7 +454,7 @@ class StateForm(FormRevMixin, ModelForm):
super(StateForm, self).__init__(*args, prefix=prefix, **kwargs) super(StateForm, self).__init__(*args, prefix=prefix, **kwargs)
class GroupForm(FormRevMixin, ModelForm): class GroupForm(FieldPermissionFormMixin, FormRevMixin, ModelForm):
""" Gestion des groupes d'un user""" """ Gestion des groupes d'un user"""
groups = forms.ModelMultipleChoiceField( groups = forms.ModelMultipleChoiceField(
Group.objects.all(), Group.objects.all(),
@ -464,11 +464,13 @@ class GroupForm(FormRevMixin, ModelForm):
class Meta: class Meta:
model = User model = User
fields = ['groups'] fields = ['is_superuser', 'groups']
def __init__(self, *args, **kwargs): def __init__(self, *args, **kwargs):
prefix = kwargs.pop('prefix', self.Meta.model.__name__) prefix = kwargs.pop('prefix', self.Meta.model.__name__)
super(GroupForm, self).__init__(*args, prefix=prefix, **kwargs) super(GroupForm, self).__init__(*args, prefix=prefix, **kwargs)
if 'is_superuser' in self.fields:
self.fields['is_superuser'].label = "Superuser"
class SchoolForm(FormRevMixin, ModelForm): class SchoolForm(FormRevMixin, ModelForm):

View file

@ -812,6 +812,18 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
"Droit requis pour éditer les groupes de l'user" "Droit requis pour éditer les groupes de l'user"
) )
@staticmethod
def can_change_is_superuser(user_request, *_args, **_kwargs):
""" Check if an user can change a is_superuser flag
:param user_request: The user who request
:returns: a message and a boolean which is True if permission is granted.
"""
return (
user_request.is_superuser,
"Droit superuser requis pour éditer le flag superuser"
)
def can_view(self, user_request, *_args, **_kwargs): def can_view(self, user_request, *_args, **_kwargs):
"""Check if an user can view an user object. """Check if an user can view an user object.

View file

@ -33,6 +33,44 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<th></th> <th></th>
</tr> </tr>
</thead> </thead>
{% if superuser_right %}
<tr class="active">
<td>Superuser</td>
<td></td>
<td>True</td>
<td>
<button class="btn btn-default" data-parent="#accordion_superuser" type="button" data-toggle="collapse" data-target="#collapseListRight_user_superuser" aria-expanded="true" aria-controls="collapseListRight_user_superuser">
Utilisateurs ({{ superuser_right.count }})
</button>
</td>
<td>
Donne tous les droits sur Re2o.
</td>
<td class="text-right">
</td>
</tr>
<tr>
<td colspan=5>
<div class="panel-group" id="accordion_superuser" role="tablist" aria-multiselectable="true" style="margin-bottom: 0px;">
<div class="panel" style="border: none;">
<div class="panel-collapse collapse in" id="collapseListRight_user_superuser" role="tabpanel">
<ul class="list-group" style="margin-bottom: 0px">
{% for user in superuser_right %}
<li class="list-group-item col-xs-12 col-sm-6 col-md-4" style="border:none;">
{{user}}
<a role="button" href="{% url 'users:del-superuser' user.pk %}" title="{{ desc|default:"Supprimer" }}">
<i class="fa fa-times" style="color:red"></i>
</a>
</li>
{% endfor %}
</ul>
</div>
</div>
</div>
</td>
</tr>
{% endif %}
{% for listright in listright_list %} {% for listright in listright_list %}
<tr class="active"> <tr class="active">
<td> <td>

View file

@ -43,6 +43,9 @@ urlpatterns = [
url(r'^del_group/(?P<userid>[0-9]+)/(?P<listrightid>[0-9]+)$', url(r'^del_group/(?P<userid>[0-9]+)/(?P<listrightid>[0-9]+)$',
views.del_group, views.del_group,
name='del-group'), name='del-group'),
url(r'^del_superuser/(?P<userid>[0-9]+)$',
views.del_superuser,
name='del-superuser'),
url(r'^new_serviceuser/$', views.new_serviceuser, name='new-serviceuser'), url(r'^new_serviceuser/$', views.new_serviceuser, name='new-serviceuser'),
url(r'^edit_serviceuser/(?P<serviceuserid>[0-9]+)$', url(r'^edit_serviceuser/(?P<serviceuserid>[0-9]+)$',
views.edit_serviceuser, views.edit_serviceuser,

View file

@ -246,7 +246,7 @@ def state(request, user, userid):
@can_edit(User, 'groups') @can_edit(User, 'groups')
def groups(request, user, userid): def groups(request, user, userid):
""" View to edit the groups of a user """ """ View to edit the groups of a user """
group_form = GroupForm(request.POST or None, instance=user) group_form = GroupForm(request.POST or None, instance=user, user=request.user)
if group_form.is_valid(): if group_form.is_valid():
if group_form.changed_data: if group_form.changed_data:
group_form.save() group_form.save()
@ -294,6 +294,16 @@ def del_group(request, user, listrightid, **_kwargs):
return HttpResponseRedirect(request.META.get('HTTP_REFERER')) return HttpResponseRedirect(request.META.get('HTTP_REFERER'))
@login_required
@can_edit(User, 'is_superuser')
def del_superuser(request, user, **_kwargs):
"""Remove the superuser right of an user."""
user.is_superuser = False
user.save()
messages.success(request, "%s n'est plus superuser" % user)
return HttpResponseRedirect(request.META.get('HTTP_REFERER'))
@login_required @login_required
@can_create(ServiceUser) @can_create(ServiceUser)
def new_serviceuser(request): def new_serviceuser(request):
@ -763,10 +773,14 @@ def index_listright(request):
""" Affiche l'ensemble des droits""" """ Affiche l'ensemble des droits"""
listright_list = ListRight.objects.order_by('unix_name')\ listright_list = ListRight.objects.order_by('unix_name')\
.prefetch_related('permissions').prefetch_related('user_set') .prefetch_related('permissions').prefetch_related('user_set')
superuser_right = User.objects.filter(is_superuser=True)
return render( return render(
request, request,
'users/index_listright.html', 'users/index_listright.html',
{'listright_list': listright_list} {
'listright_list': listright_list,
'superuser_right' : superuser_right,
}
) )