Add a public rights page to view which permissions are granted to which role, update Font Awesome to 5.13

2025-11-04 09:12:11 +01:00 · 2020-04-26 01:20:46 +02:00
parent b0f6ec1061
commit a83ab4bf85
8 changed files with 175 additions and 29 deletions
--- a/apps/permission/models.py
+++ b/apps/permission/models.py
@@ -305,14 +305,15 @@ class RolePermissions(models.Model):
    """
    Permissions associated with a Role
    """
-    role = models.ForeignKey(
+    role = models.OneToOneField(
        Role,
        on_delete=models.PROTECT,
-        related_name='+',
+        related_name='permissions',
        verbose_name=_('role'),
    )
    permissions = models.ManyToManyField(
        Permission,
+        verbose_name=_("permissions"),
    )

    def __str__(self):
--- a/apps/permission/urls.py
+++ b/apps/permission/urls.py
@@ -0,0 +1,10 @@
+# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from django.urls import path
+from permission.views import RightsView
+
+app_name = 'permission'
+urlpatterns = [
+    path('rights', RightsView.as_view(), name="rights"),
+]
--- a/apps/permission/views.py
+++ b/apps/permission/views.py
@@ -1,14 +1,18 @@
 # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later
+from datetime import date

 from django.forms import HiddenInput
-from django.views.generic import UpdateView
+from django.utils.translation import gettext_lazy as _
+from django.views.generic import UpdateView, TemplateView
+from member.models import Role, Membership

 from .backends import PermissionBackend


 class ProtectQuerysetMixin:
    """
+    This is a View class decorator and not a proper View class.
    Ensure that the user has the right to see or update objects.
    Display 404 error if the user can't see an object, remove the fields the user can't
    update on an update form (useful if the user can't change only specified fields).
@@ -32,3 +36,25 @@ class ProtectQuerysetMixin:
                form.fields[key].widget = HiddenInput()

        return form
+
+
+class RightsView(TemplateView):
+    template_name = "permission/all_rights.html"
+
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+
+        context["title"] = _("All rights")
+        roles = Role.objects.all()
+        context["roles"] = roles
+        if self.request.user.is_authenticated:
+            active_memberships = Membership.objects.filter(user=self.request.user,
+                                                           date_start__lte=date.today(),
+                                                           date_end__gte=date.today()).all()
+        else:
+            active_memberships = Membership.objects.none()
+
+        for role in roles:
+            role.clubs = [membership.club for membership in active_memberships if role in membership.roles.all()]
+
+        return context