Display superusers in rights list

This commit is contained in:
Yohann D'ANELLO 2020-08-31 21:11:00 +02:00
parent ca6f7cac9a
commit b8c1cfba40
5 changed files with 166 additions and 110 deletions

View File

@ -2,8 +2,12 @@
# SPDX-License-Identifier: GPL-3.0-or-later
import django_tables2 as tables
from django.contrib.auth.models import User
from django.urls import reverse_lazy
from django.utils.html import format_html
from django.utils.translation import gettext_lazy as _
from django_tables2 import A
from member.models import Membership
from note_kfet.middlewares import get_current_authenticated_user
from permission.backends import PermissionBackend
@ -48,3 +52,18 @@ class RightsTable(tables.Table):
template_name = 'django_tables2/bootstrap4.html'
fields = ('user.last_name', 'user.first_name', 'user', 'club', 'roles', )
model = Membership
class SuperuserTable(tables.Table):
username = tables.LinkColumn(
"member:user_detail",
args=[A("pk")],
)
class Meta:
model = User
fields = ('last_name', 'first_name', 'username', )
attrs = {
'class': 'table table-condensed table-striped table-hover',
'style': 'table-layout: fixed;'
}

View File

@ -1,92 +1,117 @@
{% extends "base.html" %}
{% comment %}
SPDX-License-Identifier: GPL-3.0-or-later
SPDX-License-Identifier: GPL-3.0-or-later
{% endcomment %}
{% load i18n %}
{% load render_table from django_tables2 %}
{% block contenttitle %}{% endblock %}
{% block content %}
{% if user.is_authenticated %}
<div class="card bg-light mb-3">
<h3 class="card-header text-center">
{% trans "Users that have surnormal rights" %}
</h3>
{% render_table special_memberships_table %}
</div>
{% endif %}
<div class="card bg-light">
<h3 class="card-header text-center">
{% trans "Roles description" %}
</h3>
<div class="card-body">
{% if user.is_authenticated %}
<div class="form-check">
<label for="owned_only" class="form-check-label">
<input id="owned_only" name="owned_only" type="checkbox" class="checkboxinput form-check-input">
{% trans "Filter with roles that I have in at least one club" %}
</label>
</div>
{% endif %}
</div>
<div class="accordion" id="accordionRoles">
{% regroup active_memberships by roles as memberships_per_role %}
{% for role in roles %}
<div class="card {% if not role.clubs %}no-club{% endif %}">
<div class="card-header py-1" id="{{ role|slugify }} ">
<a href="#" class="text-decoration-none" data-toggle="collapse" data-target="#collapse{{ role|slugify }}"
aria-expanded="true" aria-controls="collapse{{ role|slugify }}">
{{ role }}
{% if role.weirole %}(<em>Pour le WEI</em>){% endif %}
{% if role.for_club %}(<em>Pour le club {{ role.for_club }} uniquement</em>){% endif %}
{% if role.clubs %}
<small><span class="badge badge-success">{% trans "Owned" %} : {{ role.clubs|join:", " }}</span></small>
{% endif %}
</a>
</div>
<div id="collapse{{ role|slugify }}" class="collapse" aria-labelledby="{{ role|slugify }}"
data-parent="#accordionRoles">
<div class="card-body">
{% if role.clubs %}
<div class="alert alert-success">
{% trans "Own this role in the clubs" %} {{ role.clubs|join:", " }}
</div>
{% endif %}
<ul>
{% for permission in role.permissions.all %}
<li data-toggle="tooltip"
title="{% trans "Mask:" %} {{ permission.mask }}, {% trans "Query:" %} {{ permission.query }}">
<b>{{ permission }}</b> ({{ permission.get_type_display }}
{{ permission.model }}{% if permission.permanent %},
{% trans "permanent" %}{% endif %})</li>
{% empty %}
<em>{% trans "No associated permission" %}</em>
{% endfor %}
</ul>
<div class="card bg-light mb-3">
<h3 class="card-header text-center">
{% trans "Users that have surnormal rights" %}
</h3>
<div class="card-body">
<div class="card">
<div class="card-head">
<h4 class="card-header text-center">
<a href="#" data-toggle="collapse" data-target="#card-superusers">{% trans "Superusers" %}</a>
</h4>
</div>
<div class="card-body collapse show" id="card-superusers">
{% render_table superusers %}
</div>
</div>
<hr>
<div class="card">
<div class="card-head">
<h4 class="card-header text-center">
<a href="#" data-toggle="collapse" data-target="#card-clubs">{% trans "Club managers" %}</a>
</h4>
</div>
<div class="card-body collapse show" id="card-clubs">
{% render_table special_memberships_table %}
</div>
</div>
</div>
</div>
{% endif %}
<div class="card bg-light">
<h3 class="card-header text-center">
{% trans "Roles description" %}
</h3>
<div class="card-body">
{% if user.is_authenticated %}
<div class="form-check">
<label for="owned_only" class="form-check-label">
<input id="owned_only" name="owned_only" type="checkbox" class="checkboxinput form-check-input">
{% trans "Filter with roles that I have in at least one club" %}
</label>
</div>
{% endif %}
</div>
<div class="accordion" id="accordionRoles">
{% regroup active_memberships by roles as memberships_per_role %}
{% for role in roles %}
<div class="card {% if not role.clubs %}no-club{% endif %}">
<div class="card-header py-1" id="{{ role|slugify }} ">
<a href="#" class="text-decoration-none" data-toggle="collapse"
data-target="#collapse{{ role|slugify }}"
aria-expanded="true" aria-controls="collapse{{ role|slugify }}">
{{ role }}
{% if role.weirole %}(<em>Pour le WEI</em>){% endif %}
{% if role.for_club %}(<em>Pour le club {{ role.for_club }} uniquement</em>){% endif %}
{% if role.clubs %}
<small><span class="badge badge-success">{% trans "Owned" %} :
{{ role.clubs|join:", " }}</span></small>
{% endif %}
</a>
</div>
<div id="collapse{{ role|slugify }}" class="collapse" aria-labelledby="{{ role|slugify }}"
data-parent="#accordionRoles">
<div class="card-body">
{% if role.clubs %}
<div class="alert alert-success">
{% trans "Own this role in the clubs" %} {{ role.clubs|join:", " }}
</div>
{% endif %}
<ul>
{% for permission in role.permissions.all %}
<li data-toggle="tooltip"
title="{% trans "Mask:" %} {{ permission.mask }}, {% trans "Query:" %} {{ permission.query }}">
<b>{{ permission }}</b> ({{ permission.get_type_display }}
{{ permission.model }}{% if permission.permanent %},
{% trans "permanent" %}{% endif %})
</li>
{% empty %}
<em>{% trans "No associated permission" %}</em>
{% endfor %}
</ul>
</div>
</div>
</div>
{% endfor %}
</div>
</div>
</div>
{% endfor %}
</div>
</div>
{% endblock %}
{% block extrajavascript %}
<script>
$(document).ready(function () {
let checkbox = $("#owned_only");
<script>
$(document).ready(function () {
let checkbox = $("#owned_only");
function update() {
if (checkbox.is(":checked"))
$(".no-club").addClass('d-none');
else
$(".no-club").removeClass('d-none');
}
function update() {
if (checkbox.is(":checked"))
$(".no-club").addClass('d-none');
else
$(".no-club").removeClass('d-none');
}
checkbox.change(update);
update();
});
</script>
checkbox.change(update);
update();
});
</script>
{% endblock %}

View File

@ -4,6 +4,7 @@
from datetime import date
from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.auth.models import User
from django.core.exceptions import PermissionDenied
from django.db.models import Q
from django.forms import HiddenInput
@ -13,7 +14,7 @@ from member.models import Membership
from .backends import PermissionBackend
from .models import Role
from .tables import RightsTable
from .tables import RightsTable, SuperuserTable
class ProtectQuerysetMixin:
@ -114,12 +115,13 @@ class RightsView(TemplateView):
special_memberships = Membership.objects.filter(
date_start__lte=date.today(),
date_end__gte=date.today(),
).filter(roles__in=Role.objects.filter(~(Q(name="Adhérent BDE")
| Q(name="Adhérent Kfet")
| Q(name="Membre de club")
| Q(name="Adhérent WEI")
| Q(name="1A")))).order_by("club", "user__last_name")\
).filter(roles__in=Role.objects.filter((~(Q(name="Adhérent BDE")
| Q(name="Adhérent Kfet")
| Q(name="Membre de club")
| Q(name="Bureau de club"))
& Q(weirole__isnull=True)))).order_by("club", "user__last_name")\
.distinct().all()
context["special_memberships_table"] = RightsTable(special_memberships)
context["special_memberships_table"] = RightsTable(special_memberships, prefix="clubs-")
context["superusers"] = SuperuserTable(User.objects.filter(is_superuser=True).all(), prefix="superusers-")
return context

View File

@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2020-08-31 20:32+0200\n"
"POT-Creation-Date: 2020-08-31 21:07+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -885,6 +885,7 @@ msgid "Add"
msgstr ""
#: apps/member/templates/member/club_detail.html:13
#: apps/permission/templates/permission/all_rights.html:30
msgid "Club managers"
msgstr ""
@ -1566,7 +1567,7 @@ msgid ""
msgstr ""
#: apps/permission/models.py:183
#: apps/permission/templates/permission/all_rights.html:63
#: apps/permission/templates/permission/all_rights.html:87
msgid "permanent"
msgstr ""
@ -1597,7 +1598,7 @@ msgid ""
"of model {app_label}.{model_name}."
msgstr ""
#: apps/permission/signals.py:73 apps/permission/views.py:88
#: apps/permission/signals.py:73 apps/permission/views.py:89
#, python-brace-format
msgid ""
"You don't have the permission to add an instance of model {app_label}."
@ -1615,53 +1616,57 @@ msgstr ""
msgid "Users that have surnormal rights"
msgstr ""
#: apps/permission/templates/permission/all_rights.html:21
#: apps/permission/templates/permission/all_rights.html:19
msgid "Superusers"
msgstr ""
#: apps/permission/templates/permission/all_rights.html:43
msgid "Roles description"
msgstr ""
#: apps/permission/templates/permission/all_rights.html:28
#: apps/permission/templates/permission/all_rights.html:50
msgid "Filter with roles that I have in at least one club"
msgstr ""
#: apps/permission/templates/permission/all_rights.html:44
#: apps/permission/templates/permission/all_rights.html:67
msgid "Owned"
msgstr ""
#: apps/permission/templates/permission/all_rights.html:54
#: apps/permission/templates/permission/all_rights.html:78
msgid "Own this role in the clubs"
msgstr ""
#: apps/permission/templates/permission/all_rights.html:60
#: apps/permission/templates/permission/all_rights.html:84
msgid "Mask:"
msgstr ""
#: apps/permission/templates/permission/all_rights.html:60
#: apps/permission/templates/permission/all_rights.html:84
msgid "Query:"
msgstr ""
#: apps/permission/templates/permission/all_rights.html:65
#: apps/permission/templates/permission/all_rights.html:90
msgid "No associated permission"
msgstr ""
#: apps/permission/views.py:55
#: apps/permission/views.py:56
#, python-brace-format
msgid ""
"You don't have the permission to update this instance of the model "
"\"{model}\" with these parameters. Please correct your data and retry."
msgstr ""
#: apps/permission/views.py:59
#: apps/permission/views.py:60
#, python-brace-format
msgid ""
"You don't have the permission to create an instance of the model \"{model}\" "
"with these parameters. Please correct your data and retry."
msgstr ""
#: apps/permission/views.py:95 note_kfet/templates/base.html:106
#: apps/permission/views.py:96 note_kfet/templates/base.html:106
msgid "Rights"
msgstr ""
#: apps/permission/views.py:100
#: apps/permission/views.py:101
msgid "All rights"
msgstr ""

View File

@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2020-08-31 20:32+0200\n"
"POT-Creation-Date: 2020-08-31 21:07+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -910,6 +910,7 @@ msgid "Add"
msgstr "Ajouter"
#: apps/member/templates/member/club_detail.html:13
#: apps/permission/templates/permission/all_rights.html:30
msgid "Club managers"
msgstr "Bureau du club"
@ -1611,7 +1612,7 @@ msgstr ""
"l'utilisateur est expirée."
#: apps/permission/models.py:183
#: apps/permission/templates/permission/all_rights.html:63
#: apps/permission/templates/permission/all_rights.html:87
msgid "permanent"
msgstr "permanent"
@ -1646,7 +1647,7 @@ msgstr ""
"Vous n'avez pas la permission de modifier le champ {field} sur l'instance du "
"modèle {app_label}.{model_name}."
#: apps/permission/signals.py:73 apps/permission/views.py:88
#: apps/permission/signals.py:73 apps/permission/views.py:89
#, python-brace-format
msgid ""
"You don't have the permission to add an instance of model {app_label}."
@ -1668,35 +1669,39 @@ msgstr ""
msgid "Users that have surnormal rights"
msgstr "Liste des utilisateurs ayant des droits surnormaux"
#: apps/permission/templates/permission/all_rights.html:21
#: apps/permission/templates/permission/all_rights.html:19
msgid "Superusers"
msgstr "Super-utilisateurs"
#: apps/permission/templates/permission/all_rights.html:43
msgid "Roles description"
msgstr "Description de tous les rôles"
#: apps/permission/templates/permission/all_rights.html:28
#: apps/permission/templates/permission/all_rights.html:50
msgid "Filter with roles that I have in at least one club"
msgstr "Filtrer les rôles que je possède dans au moins un club"
#: apps/permission/templates/permission/all_rights.html:44
#: apps/permission/templates/permission/all_rights.html:67
msgid "Owned"
msgstr "Possédé"
#: apps/permission/templates/permission/all_rights.html:54
#: apps/permission/templates/permission/all_rights.html:78
msgid "Own this role in the clubs"
msgstr "Possède ce rôle dans les clubs"
#: apps/permission/templates/permission/all_rights.html:60
#: apps/permission/templates/permission/all_rights.html:84
msgid "Mask:"
msgstr "Masque :"
#: apps/permission/templates/permission/all_rights.html:60
#: apps/permission/templates/permission/all_rights.html:84
msgid "Query:"
msgstr "Requête :"
#: apps/permission/templates/permission/all_rights.html:65
#: apps/permission/templates/permission/all_rights.html:90
msgid "No associated permission"
msgstr "Pas de permission associée"
#: apps/permission/views.py:55
#: apps/permission/views.py:56
#, python-brace-format
msgid ""
"You don't have the permission to update this instance of the model "
@ -1705,7 +1710,7 @@ msgstr ""
"Vous n'avez pas la permission de modifier cette instance du modèle « {model} "
"» avec ces paramètres. Merci de les corriger et de réessayer."
#: apps/permission/views.py:59
#: apps/permission/views.py:60
#, python-brace-format
msgid ""
"You don't have the permission to create an instance of the model \"{model}\" "
@ -1714,11 +1719,11 @@ msgstr ""
"Vous n'avez pas la permission d'ajouter une instance du modèle « {model} » "
"avec ces paramètres. Merci de les corriger et de réessayer."
#: apps/permission/views.py:95 note_kfet/templates/base.html:106
#: apps/permission/views.py:96 note_kfet/templates/base.html:106
msgid "Rights"
msgstr "Droits"
#: apps/permission/views.py:100
#: apps/permission/views.py:101
msgid "All rights"
msgstr "Tous les droits"