mirror of
https://gitlab.crans.org/bde/nk20
synced 2024-12-22 23:42:25 +00:00
Display superusers in rights list
This commit is contained in:
parent
ca6f7cac9a
commit
b8c1cfba40
@ -2,8 +2,12 @@
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
import django_tables2 as tables
|
||||
from django.contrib.auth.models import User
|
||||
from django.urls import reverse_lazy
|
||||
from django.utils.html import format_html
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from django_tables2 import A
|
||||
|
||||
from member.models import Membership
|
||||
from note_kfet.middlewares import get_current_authenticated_user
|
||||
from permission.backends import PermissionBackend
|
||||
@ -48,3 +52,18 @@ class RightsTable(tables.Table):
|
||||
template_name = 'django_tables2/bootstrap4.html'
|
||||
fields = ('user.last_name', 'user.first_name', 'user', 'club', 'roles', )
|
||||
model = Membership
|
||||
|
||||
|
||||
class SuperuserTable(tables.Table):
|
||||
username = tables.LinkColumn(
|
||||
"member:user_detail",
|
||||
args=[A("pk")],
|
||||
)
|
||||
|
||||
class Meta:
|
||||
model = User
|
||||
fields = ('last_name', 'first_name', 'username', )
|
||||
attrs = {
|
||||
'class': 'table table-condensed table-striped table-hover',
|
||||
'style': 'table-layout: fixed;'
|
||||
}
|
||||
|
@ -1,92 +1,117 @@
|
||||
{% extends "base.html" %}
|
||||
{% comment %}
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
{% endcomment %}
|
||||
{% load i18n %}
|
||||
{% load render_table from django_tables2 %}
|
||||
{% block contenttitle %}{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
{% if user.is_authenticated %}
|
||||
<div class="card bg-light mb-3">
|
||||
<h3 class="card-header text-center">
|
||||
{% trans "Users that have surnormal rights" %}
|
||||
</h3>
|
||||
{% render_table special_memberships_table %}
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
<div class="card bg-light">
|
||||
<h3 class="card-header text-center">
|
||||
{% trans "Roles description" %}
|
||||
</h3>
|
||||
<div class="card-body">
|
||||
{% if user.is_authenticated %}
|
||||
<div class="form-check">
|
||||
<label for="owned_only" class="form-check-label">
|
||||
<input id="owned_only" name="owned_only" type="checkbox" class="checkboxinput form-check-input">
|
||||
{% trans "Filter with roles that I have in at least one club" %}
|
||||
</label>
|
||||
</div>
|
||||
{% endif %}
|
||||
</div>
|
||||
<div class="accordion" id="accordionRoles">
|
||||
{% regroup active_memberships by roles as memberships_per_role %}
|
||||
{% for role in roles %}
|
||||
<div class="card {% if not role.clubs %}no-club{% endif %}">
|
||||
<div class="card-header py-1" id="{{ role|slugify }} ">
|
||||
<a href="#" class="text-decoration-none" data-toggle="collapse" data-target="#collapse{{ role|slugify }}"
|
||||
aria-expanded="true" aria-controls="collapse{{ role|slugify }}">
|
||||
{{ role }}
|
||||
{% if role.weirole %}(<em>Pour le WEI</em>){% endif %}
|
||||
{% if role.for_club %}(<em>Pour le club {{ role.for_club }} uniquement</em>){% endif %}
|
||||
{% if role.clubs %}
|
||||
<small><span class="badge badge-success">{% trans "Owned" %} : {{ role.clubs|join:", " }}</span></small>
|
||||
{% endif %}
|
||||
</a>
|
||||
</div>
|
||||
|
||||
<div id="collapse{{ role|slugify }}" class="collapse" aria-labelledby="{{ role|slugify }}"
|
||||
data-parent="#accordionRoles">
|
||||
<div class="card-body">
|
||||
{% if role.clubs %}
|
||||
<div class="alert alert-success">
|
||||
{% trans "Own this role in the clubs" %} {{ role.clubs|join:", " }}
|
||||
</div>
|
||||
{% endif %}
|
||||
<ul>
|
||||
{% for permission in role.permissions.all %}
|
||||
<li data-toggle="tooltip"
|
||||
title="{% trans "Mask:" %} {{ permission.mask }}, {% trans "Query:" %} {{ permission.query }}">
|
||||
<b>{{ permission }}</b> ({{ permission.get_type_display }}
|
||||
{{ permission.model }}{% if permission.permanent %},
|
||||
{% trans "permanent" %}{% endif %})</li>
|
||||
{% empty %}
|
||||
<em>{% trans "No associated permission" %}</em>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
<div class="card bg-light mb-3">
|
||||
<h3 class="card-header text-center">
|
||||
{% trans "Users that have surnormal rights" %}
|
||||
</h3>
|
||||
<div class="card-body">
|
||||
<div class="card">
|
||||
<div class="card-head">
|
||||
<h4 class="card-header text-center">
|
||||
<a href="#" data-toggle="collapse" data-target="#card-superusers">{% trans "Superusers" %}</a>
|
||||
</h4>
|
||||
</div>
|
||||
<div class="card-body collapse show" id="card-superusers">
|
||||
{% render_table superusers %}
|
||||
</div>
|
||||
</div>
|
||||
<hr>
|
||||
<div class="card">
|
||||
<div class="card-head">
|
||||
<h4 class="card-header text-center">
|
||||
<a href="#" data-toggle="collapse" data-target="#card-clubs">{% trans "Club managers" %}</a>
|
||||
</h4>
|
||||
</div>
|
||||
<div class="card-body collapse show" id="card-clubs">
|
||||
{% render_table special_memberships_table %}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
<div class="card bg-light">
|
||||
<h3 class="card-header text-center">
|
||||
{% trans "Roles description" %}
|
||||
</h3>
|
||||
<div class="card-body">
|
||||
{% if user.is_authenticated %}
|
||||
<div class="form-check">
|
||||
<label for="owned_only" class="form-check-label">
|
||||
<input id="owned_only" name="owned_only" type="checkbox" class="checkboxinput form-check-input">
|
||||
{% trans "Filter with roles that I have in at least one club" %}
|
||||
</label>
|
||||
</div>
|
||||
{% endif %}
|
||||
</div>
|
||||
<div class="accordion" id="accordionRoles">
|
||||
{% regroup active_memberships by roles as memberships_per_role %}
|
||||
{% for role in roles %}
|
||||
<div class="card {% if not role.clubs %}no-club{% endif %}">
|
||||
<div class="card-header py-1" id="{{ role|slugify }} ">
|
||||
<a href="#" class="text-decoration-none" data-toggle="collapse"
|
||||
data-target="#collapse{{ role|slugify }}"
|
||||
aria-expanded="true" aria-controls="collapse{{ role|slugify }}">
|
||||
{{ role }}
|
||||
{% if role.weirole %}(<em>Pour le WEI</em>){% endif %}
|
||||
{% if role.for_club %}(<em>Pour le club {{ role.for_club }} uniquement</em>){% endif %}
|
||||
{% if role.clubs %}
|
||||
<small><span class="badge badge-success">{% trans "Owned" %} :
|
||||
{{ role.clubs|join:", " }}</span></small>
|
||||
{% endif %}
|
||||
</a>
|
||||
</div>
|
||||
|
||||
<div id="collapse{{ role|slugify }}" class="collapse" aria-labelledby="{{ role|slugify }}"
|
||||
data-parent="#accordionRoles">
|
||||
<div class="card-body">
|
||||
{% if role.clubs %}
|
||||
<div class="alert alert-success">
|
||||
{% trans "Own this role in the clubs" %} {{ role.clubs|join:", " }}
|
||||
</div>
|
||||
{% endif %}
|
||||
<ul>
|
||||
{% for permission in role.permissions.all %}
|
||||
<li data-toggle="tooltip"
|
||||
title="{% trans "Mask:" %} {{ permission.mask }}, {% trans "Query:" %} {{ permission.query }}">
|
||||
<b>{{ permission }}</b> ({{ permission.get_type_display }}
|
||||
{{ permission.model }}{% if permission.permanent %},
|
||||
{% trans "permanent" %}{% endif %})
|
||||
</li>
|
||||
{% empty %}
|
||||
<em>{% trans "No associated permission" %}</em>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% endfor %}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% endfor %}
|
||||
</div>
|
||||
</div>
|
||||
{% endblock %}
|
||||
|
||||
{% block extrajavascript %}
|
||||
<script>
|
||||
$(document).ready(function () {
|
||||
let checkbox = $("#owned_only");
|
||||
<script>
|
||||
$(document).ready(function () {
|
||||
let checkbox = $("#owned_only");
|
||||
|
||||
function update() {
|
||||
if (checkbox.is(":checked"))
|
||||
$(".no-club").addClass('d-none');
|
||||
else
|
||||
$(".no-club").removeClass('d-none');
|
||||
}
|
||||
function update() {
|
||||
if (checkbox.is(":checked"))
|
||||
$(".no-club").addClass('d-none');
|
||||
else
|
||||
$(".no-club").removeClass('d-none');
|
||||
}
|
||||
|
||||
checkbox.change(update);
|
||||
update();
|
||||
});
|
||||
</script>
|
||||
checkbox.change(update);
|
||||
update();
|
||||
});
|
||||
</script>
|
||||
{% endblock %}
|
@ -4,6 +4,7 @@
|
||||
from datetime import date
|
||||
|
||||
from django.contrib.auth.mixins import LoginRequiredMixin
|
||||
from django.contrib.auth.models import User
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.db.models import Q
|
||||
from django.forms import HiddenInput
|
||||
@ -13,7 +14,7 @@ from member.models import Membership
|
||||
|
||||
from .backends import PermissionBackend
|
||||
from .models import Role
|
||||
from .tables import RightsTable
|
||||
from .tables import RightsTable, SuperuserTable
|
||||
|
||||
|
||||
class ProtectQuerysetMixin:
|
||||
@ -114,12 +115,13 @@ class RightsView(TemplateView):
|
||||
special_memberships = Membership.objects.filter(
|
||||
date_start__lte=date.today(),
|
||||
date_end__gte=date.today(),
|
||||
).filter(roles__in=Role.objects.filter(~(Q(name="Adhérent BDE")
|
||||
| Q(name="Adhérent Kfet")
|
||||
| Q(name="Membre de club")
|
||||
| Q(name="Adhérent WEI")
|
||||
| Q(name="1A")))).order_by("club", "user__last_name")\
|
||||
).filter(roles__in=Role.objects.filter((~(Q(name="Adhérent BDE")
|
||||
| Q(name="Adhérent Kfet")
|
||||
| Q(name="Membre de club")
|
||||
| Q(name="Bureau de club"))
|
||||
& Q(weirole__isnull=True)))).order_by("club", "user__last_name")\
|
||||
.distinct().all()
|
||||
context["special_memberships_table"] = RightsTable(special_memberships)
|
||||
context["special_memberships_table"] = RightsTable(special_memberships, prefix="clubs-")
|
||||
context["superusers"] = SuperuserTable(User.objects.filter(is_superuser=True).all(), prefix="superusers-")
|
||||
|
||||
return context
|
||||
|
@ -8,7 +8,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2020-08-31 20:32+0200\n"
|
||||
"POT-Creation-Date: 2020-08-31 21:07+0200\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
@ -885,6 +885,7 @@ msgid "Add"
|
||||
msgstr ""
|
||||
|
||||
#: apps/member/templates/member/club_detail.html:13
|
||||
#: apps/permission/templates/permission/all_rights.html:30
|
||||
msgid "Club managers"
|
||||
msgstr ""
|
||||
|
||||
@ -1566,7 +1567,7 @@ msgid ""
|
||||
msgstr ""
|
||||
|
||||
#: apps/permission/models.py:183
|
||||
#: apps/permission/templates/permission/all_rights.html:63
|
||||
#: apps/permission/templates/permission/all_rights.html:87
|
||||
msgid "permanent"
|
||||
msgstr ""
|
||||
|
||||
@ -1597,7 +1598,7 @@ msgid ""
|
||||
"of model {app_label}.{model_name}."
|
||||
msgstr ""
|
||||
|
||||
#: apps/permission/signals.py:73 apps/permission/views.py:88
|
||||
#: apps/permission/signals.py:73 apps/permission/views.py:89
|
||||
#, python-brace-format
|
||||
msgid ""
|
||||
"You don't have the permission to add an instance of model {app_label}."
|
||||
@ -1615,53 +1616,57 @@ msgstr ""
|
||||
msgid "Users that have surnormal rights"
|
||||
msgstr ""
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:21
|
||||
#: apps/permission/templates/permission/all_rights.html:19
|
||||
msgid "Superusers"
|
||||
msgstr ""
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:43
|
||||
msgid "Roles description"
|
||||
msgstr ""
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:28
|
||||
#: apps/permission/templates/permission/all_rights.html:50
|
||||
msgid "Filter with roles that I have in at least one club"
|
||||
msgstr ""
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:44
|
||||
#: apps/permission/templates/permission/all_rights.html:67
|
||||
msgid "Owned"
|
||||
msgstr ""
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:54
|
||||
#: apps/permission/templates/permission/all_rights.html:78
|
||||
msgid "Own this role in the clubs"
|
||||
msgstr ""
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:60
|
||||
#: apps/permission/templates/permission/all_rights.html:84
|
||||
msgid "Mask:"
|
||||
msgstr ""
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:60
|
||||
#: apps/permission/templates/permission/all_rights.html:84
|
||||
msgid "Query:"
|
||||
msgstr ""
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:65
|
||||
#: apps/permission/templates/permission/all_rights.html:90
|
||||
msgid "No associated permission"
|
||||
msgstr ""
|
||||
|
||||
#: apps/permission/views.py:55
|
||||
#: apps/permission/views.py:56
|
||||
#, python-brace-format
|
||||
msgid ""
|
||||
"You don't have the permission to update this instance of the model "
|
||||
"\"{model}\" with these parameters. Please correct your data and retry."
|
||||
msgstr ""
|
||||
|
||||
#: apps/permission/views.py:59
|
||||
#: apps/permission/views.py:60
|
||||
#, python-brace-format
|
||||
msgid ""
|
||||
"You don't have the permission to create an instance of the model \"{model}\" "
|
||||
"with these parameters. Please correct your data and retry."
|
||||
msgstr ""
|
||||
|
||||
#: apps/permission/views.py:95 note_kfet/templates/base.html:106
|
||||
#: apps/permission/views.py:96 note_kfet/templates/base.html:106
|
||||
msgid "Rights"
|
||||
msgstr ""
|
||||
|
||||
#: apps/permission/views.py:100
|
||||
#: apps/permission/views.py:101
|
||||
msgid "All rights"
|
||||
msgstr ""
|
||||
|
||||
|
@ -8,7 +8,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2020-08-31 20:32+0200\n"
|
||||
"POT-Creation-Date: 2020-08-31 21:07+0200\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
@ -910,6 +910,7 @@ msgid "Add"
|
||||
msgstr "Ajouter"
|
||||
|
||||
#: apps/member/templates/member/club_detail.html:13
|
||||
#: apps/permission/templates/permission/all_rights.html:30
|
||||
msgid "Club managers"
|
||||
msgstr "Bureau du club"
|
||||
|
||||
@ -1611,7 +1612,7 @@ msgstr ""
|
||||
"l'utilisateur est expirée."
|
||||
|
||||
#: apps/permission/models.py:183
|
||||
#: apps/permission/templates/permission/all_rights.html:63
|
||||
#: apps/permission/templates/permission/all_rights.html:87
|
||||
msgid "permanent"
|
||||
msgstr "permanent"
|
||||
|
||||
@ -1646,7 +1647,7 @@ msgstr ""
|
||||
"Vous n'avez pas la permission de modifier le champ {field} sur l'instance du "
|
||||
"modèle {app_label}.{model_name}."
|
||||
|
||||
#: apps/permission/signals.py:73 apps/permission/views.py:88
|
||||
#: apps/permission/signals.py:73 apps/permission/views.py:89
|
||||
#, python-brace-format
|
||||
msgid ""
|
||||
"You don't have the permission to add an instance of model {app_label}."
|
||||
@ -1668,35 +1669,39 @@ msgstr ""
|
||||
msgid "Users that have surnormal rights"
|
||||
msgstr "Liste des utilisateurs ayant des droits surnormaux"
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:21
|
||||
#: apps/permission/templates/permission/all_rights.html:19
|
||||
msgid "Superusers"
|
||||
msgstr "Super-utilisateurs"
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:43
|
||||
msgid "Roles description"
|
||||
msgstr "Description de tous les rôles"
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:28
|
||||
#: apps/permission/templates/permission/all_rights.html:50
|
||||
msgid "Filter with roles that I have in at least one club"
|
||||
msgstr "Filtrer les rôles que je possède dans au moins un club"
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:44
|
||||
#: apps/permission/templates/permission/all_rights.html:67
|
||||
msgid "Owned"
|
||||
msgstr "Possédé"
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:54
|
||||
#: apps/permission/templates/permission/all_rights.html:78
|
||||
msgid "Own this role in the clubs"
|
||||
msgstr "Possède ce rôle dans les clubs"
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:60
|
||||
#: apps/permission/templates/permission/all_rights.html:84
|
||||
msgid "Mask:"
|
||||
msgstr "Masque :"
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:60
|
||||
#: apps/permission/templates/permission/all_rights.html:84
|
||||
msgid "Query:"
|
||||
msgstr "Requête :"
|
||||
|
||||
#: apps/permission/templates/permission/all_rights.html:65
|
||||
#: apps/permission/templates/permission/all_rights.html:90
|
||||
msgid "No associated permission"
|
||||
msgstr "Pas de permission associée"
|
||||
|
||||
#: apps/permission/views.py:55
|
||||
#: apps/permission/views.py:56
|
||||
#, python-brace-format
|
||||
msgid ""
|
||||
"You don't have the permission to update this instance of the model "
|
||||
@ -1705,7 +1710,7 @@ msgstr ""
|
||||
"Vous n'avez pas la permission de modifier cette instance du modèle « {model} "
|
||||
"» avec ces paramètres. Merci de les corriger et de réessayer."
|
||||
|
||||
#: apps/permission/views.py:59
|
||||
#: apps/permission/views.py:60
|
||||
#, python-brace-format
|
||||
msgid ""
|
||||
"You don't have the permission to create an instance of the model \"{model}\" "
|
||||
@ -1714,11 +1719,11 @@ msgstr ""
|
||||
"Vous n'avez pas la permission d'ajouter une instance du modèle « {model} » "
|
||||
"avec ces paramètres. Merci de les corriger et de réessayer."
|
||||
|
||||
#: apps/permission/views.py:95 note_kfet/templates/base.html:106
|
||||
#: apps/permission/views.py:96 note_kfet/templates/base.html:106
|
||||
msgid "Rights"
|
||||
msgstr "Droits"
|
||||
|
||||
#: apps/permission/views.py:100
|
||||
#: apps/permission/views.py:101
|
||||
msgid "All rights"
|
||||
msgstr "Tous les droits"
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user