diff --git a/apps/permission/templates/permission/scopes.html b/apps/permission/templates/permission/scopes.html new file mode 100644 index 00000000..26a5feda --- /dev/null +++ b/apps/permission/templates/permission/scopes.html @@ -0,0 +1,74 @@ +{% extends "base.html" %} + +{% load i18n %} + +{% block content %} +
+
+

{% trans "Available scopes" %}

+
+
+
+ {% for app, app_scopes in scopes.items %} +
+ +
+
+ {% for scope_id, scope_desc in app_scopes.items %} +
+ +
+ {% endfor %} +

+ + {{ request.scheme }}://{{ request.get_host }}{% url 'oauth2_provider:authorize' %}?client_id={{ app.client_id }}&response_type=code + +

+
+
+
+ {% empty %} +

+ {% trans "No applications defined" %}. + {% trans "Click here" %} {% trans "if you want to register a new one" %}. +

+ {% endfor %} +
+
+
+{% endblock %} + +{% block extrajavascript %} + +{% endblock %} diff --git a/apps/permission/urls.py b/apps/permission/urls.py index 0894ecf0..43eec1ef 100644 --- a/apps/permission/urls.py +++ b/apps/permission/urls.py @@ -1,10 +1,17 @@ # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay # SPDX-License-Identifier: GPL-3.0-or-later +from django.conf import settings from django.urls import path -from permission.views import RightsView + +from .views import RightsView, ScopesView app_name = 'permission' urlpatterns = [ - path('rights', RightsView.as_view(), name="rights"), + path('rights/', RightsView.as_view(), name="rights"), ] + +if "oauth2_provider" in settings.INSTALLED_APPS: + urlpatterns += [ + path('scopes/', ScopesView.as_view(), name="scopes"), + ] diff --git a/apps/permission/views.py b/apps/permission/views.py index 25066731..9bee5295 100644 --- a/apps/permission/views.py +++ b/apps/permission/views.py @@ -1,6 +1,6 @@ # Copyright (C) 2018-2021 by BDE ENS Paris-Saclay # SPDX-License-Identifier: GPL-3.0-or-later - +from collections import OrderedDict from datetime import date from django.contrib.auth.mixins import LoginRequiredMixin @@ -143,3 +143,26 @@ class RightsView(TemplateView): prefix="superusers-") return context + + +class ScopesView(LoginRequiredMixin, TemplateView): + template_name = "permission/scopes.html" + + def get_context_data(self, **kwargs): + context = super().get_context_data(**kwargs) + + from oauth2_provider.models import Application + from .scopes import PermissionScopes + + scopes = PermissionScopes() + context["scopes"] = {} + all_scopes = scopes.get_all_scopes() + for app in Application.objects.filter(Q(user=self.request.user) | Q(client_type='public')).all(): + available_scopes = scopes.get_available_scopes(app) + context["scopes"][app] = OrderedDict() + items = [(k, v) for (k, v) in all_scopes.items() if k in available_scopes] + items.sort(key=lambda x: (int(x[0].split("_")[1]), int(x[0].split("_")[0]))) + for k, v in items: + context["scopes"][app][k] = v + + return context diff --git a/locale/fr/LC_MESSAGES/django.po b/locale/fr/LC_MESSAGES/django.po index f5f26a89..3a6f2d3a 100644 --- a/locale/fr/LC_MESSAGES/django.po +++ b/locale/fr/LC_MESSAGES/django.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: \n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2021-08-29 14:06+0200\n" +"POT-Creation-Date: 2021-06-15 21:17+0200\n" "PO-Revision-Date: 2020-11-16 20:02+0000\n" "Last-Translator: Yohann D'ANELLO \n" "Language-Team: French \n" @@ -956,8 +956,8 @@ msgstr "Verrouiller de force" msgid "" "Are you sure you want to unlock this note? Transactions will be re-enabled." msgstr "" -"Êtes-vous sûr⋅e de vouloir déverrouiller cette note ? Les transactions seront " -"à nouveau possible." +"Êtes-vous sûr⋅e de vouloir déverrouiller cette note ? Les transactions " +"seront à nouveau possible." #: apps/member/templates/member/club_alias.html:10 #: apps/member/templates/member/profile_alias.html:10 apps/member/views.py:253 @@ -1803,6 +1803,25 @@ msgstr "Requête :" msgid "No associated permission" msgstr "Pas de permission associée" +#: apps/permission/templates/permission/scopes.html:8 +msgid "Available scopes" +msgstr "Scopes disponibles" + +#: apps/permission/templates/permission/scopes.html:42 +#: note_kfet/templates/oauth2_provider/application_list.html:18 +msgid "No applications defined" +msgstr "Pas d'application définie" + +#: apps/permission/templates/permission/scopes.html:43 +#: note_kfet/templates/oauth2_provider/application_list.html:19 +msgid "Click here" +msgstr "Cliquez ici" + +#: apps/permission/templates/permission/scopes.html:43 +#: note_kfet/templates/oauth2_provider/application_list.html:19 +msgid "if you want to register a new one" +msgstr "si vous voulez en enregistrer une nouvelle" + #: apps/permission/views.py:72 #, python-brace-format msgid "" @@ -3133,11 +3152,10 @@ msgstr "Il n'y a pas de résultat." #: note_kfet/templates/oauth2_provider/application_confirm_delete.html:8 msgid "Are you sure to delete the application" -msgstr "" -"Êtes-vous sûr⋅e de vouloir supprimer l'application" +msgstr "Êtes-vous sûr⋅e de vouloir supprimer l'application" #: note_kfet/templates/oauth2_provider/application_confirm_delete.html:17 -#: note_kfet/templates/oauth2_provider/authorize.html:27 +#: note_kfet/templates/oauth2_provider/authorize.html:28 msgid "Cancel" msgstr "Annuler" @@ -3174,18 +3192,6 @@ msgstr "Modifier l'application" msgid "Your applications" msgstr "Vos applications" -#: note_kfet/templates/oauth2_provider/application_list.html:18 -msgid "No applications defined" -msgstr "Pas d'application définie" - -#: note_kfet/templates/oauth2_provider/application_list.html:19 -msgid "Click here" -msgstr "Cliquez ici" - -#: note_kfet/templates/oauth2_provider/application_list.html:19 -msgid "if you want to register a new one" -msgstr "si vous voulez en enregistrer une nouvelle" - #: note_kfet/templates/oauth2_provider/application_list.html:24 msgid "New Application" msgstr "Nouvelle application" @@ -3195,7 +3201,7 @@ msgid "Register a new application" msgstr "Enregistrer une nouvelle application" #: note_kfet/templates/oauth2_provider/authorize.html:9 -#: note_kfet/templates/oauth2_provider/authorize.html:28 +#: note_kfet/templates/oauth2_provider/authorize.html:29 msgid "Authorize" msgstr "Autoriser" @@ -3203,7 +3209,7 @@ msgstr "Autoriser" msgid "Application requires following permissions:" msgstr "L'application requiert les permissions suivantes :" -#: note_kfet/templates/oauth2_provider/authorize.html:35 +#: note_kfet/templates/oauth2_provider/authorize.html:36 #: note_kfet/templates/oauth2_provider/authorized-oob.html:15 msgid "Error:" msgstr "Erreur :" @@ -3218,8 +3224,7 @@ msgstr "Merci de retourner à votre application et entrez ce code :" #: note_kfet/templates/oauth2_provider/authorized-token-delete.html:9 msgid "Are you sure you want to delete this token?" -msgstr "" -"Êtes-vous sûr⋅e de vouloir supprimer ce jeton ?" +msgstr "Êtes-vous sûr⋅e de vouloir supprimer ce jeton ?" #: note_kfet/templates/oauth2_provider/authorized-tokens.html:7 msgid "Tokens" diff --git a/note_kfet/templates/oauth2_provider/authorize.html b/note_kfet/templates/oauth2_provider/authorize.html index 61348a5d..16c9f3b6 100644 --- a/note_kfet/templates/oauth2_provider/authorize.html +++ b/note_kfet/templates/oauth2_provider/authorize.html @@ -12,14 +12,15 @@

{% trans "Application requires following permissions:" %}

- {% csrf_token %} - {{ form|crispy }}
    {% for scope in scopes_descriptions %}
  • {{ scope }}
    • {% endfor %}
+ + {% csrf_token %} + {{ form|crispy }}