Commit dcd1e2af authored by chirac's avatar chirac

Merge branch 'fix_110_display_superuser' into 'master'

Fix #110 display superuser

Closes #110

See merge request federez/re2o!150
parents 34d29349 a5013920
......@@ -66,7 +66,11 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<td><p class="text-success">{{utilisateur.last}}</p></td>
{% endif %}
{% if droit != 'Superuser' %}
<a href="{% url 'users:del-group' %}">
{% else %}
<a href="{% url 'users:del-superuser' %}">
{% endif %}
<button type="button" class="btn btn-danger" aria-label="Left Align">
<span class="fa fa-user-times" aria-hidden="true"></span>
......@@ -41,7 +41,7 @@ from django.urls import reverse
from django.shortcuts import render, redirect
from django.contrib import messages
from django.contrib.auth.decorators import login_required
from django.db.models import Count, Max
from django.db.models import Count, Max, F
from reversion.models import Revision
from reversion.models import Version, ContentType
......@@ -469,7 +469,12 @@ def stats_droits(request):
for droit in ListRight.objects.all().select_related('group_ptr'):
stats_list[droit] = droit.user_set.all().annotate(
stats_list['Superuser'] = User.objects.filter(is_superuser=True).annotate(
return render(
......@@ -454,7 +454,7 @@ class StateForm(FormRevMixin, ModelForm):
super(StateForm, self).__init__(*args, prefix=prefix, **kwargs)
class GroupForm(FormRevMixin, ModelForm):
class GroupForm(FieldPermissionFormMixin, FormRevMixin, ModelForm):
""" Gestion des groupes d'un user"""
groups = forms.ModelMultipleChoiceField(
......@@ -464,11 +464,13 @@ class GroupForm(FormRevMixin, ModelForm):
class Meta:
model = User
fields = ['groups']
fields = ['is_superuser', 'groups']
def __init__(self, *args, **kwargs):
prefix = kwargs.pop('prefix', self.Meta.model.__name__)
super(GroupForm, self).__init__(*args, prefix=prefix, **kwargs)
if 'is_superuser' in self.fields:
self.fields['is_superuser'].label = "Superuser"
class SchoolForm(FormRevMixin, ModelForm):
......@@ -812,6 +812,18 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
"Droit requis pour éditer les groupes de l'user"
def can_change_is_superuser(user_request, *_args, **_kwargs):
""" Check if an user can change a is_superuser flag
:param user_request: The user who request
:returns: a message and a boolean which is True if permission is granted.
return (
"Droit superuser requis pour éditer le flag superuser"
def can_view(self, user_request, *_args, **_kwargs):
"""Check if an user can view an user object.
......@@ -33,6 +33,44 @@ with this program; if not, write to the Free Software Foundation, Inc.,
{% if superuser_right %}
<tr class="active">
<button class="btn btn-default" data-parent="#accordion_superuser" type="button" data-toggle="collapse" data-target="#collapseListRight_user_superuser" aria-expanded="true" aria-controls="collapseListRight_user_superuser">
Utilisateurs ({{ superuser_right.count }})
Donne tous les droits sur Re2o.
<td class="text-right">
<td colspan=5>
<div class="panel-group" id="accordion_superuser" role="tablist" aria-multiselectable="true" style="margin-bottom: 0px;">
<div class="panel" style="border: none;">
<div class="panel-collapse collapse in" id="collapseListRight_user_superuser" role="tabpanel">
<ul class="list-group" style="margin-bottom: 0px">
{% for user in superuser_right %}
<li class="list-group-item col-xs-12 col-sm-6 col-md-4" style="border:none;">
<a role="button" href="{% url 'users:del-superuser' %}" title="{{ desc|default:"Supprimer" }}">
<i class="fa fa-times" style="color:red"></i>
{% endfor %}
{% endif %}
{% for listright in listright_list %}
<tr class="active">
......@@ -43,6 +43,9 @@ urlpatterns = [
url(r'^new_serviceuser/$', views.new_serviceuser, name='new-serviceuser'),
......@@ -246,7 +246,7 @@ def state(request, user, userid):
@can_edit(User, 'groups')
def groups(request, user, userid):
""" View to edit the groups of a user """
group_form = GroupForm(request.POST or None, instance=user)
group_form = GroupForm(request.POST or None, instance=user, user=request.user)
if group_form.is_valid():
if group_form.changed_data:
......@@ -294,6 +294,16 @@ def del_group(request, user, listrightid, **_kwargs):
return HttpResponseRedirect(request.META.get('HTTP_REFERER'))
@can_edit(User, 'is_superuser')
def del_superuser(request, user, **_kwargs):
"""Remove the superuser right of an user."""
user.is_superuser = False
messages.success(request, "%s n'est plus superuser" % user)
return HttpResponseRedirect(request.META.get('HTTP_REFERER'))
def new_serviceuser(request):
......@@ -763,10 +773,14 @@ def index_listright(request):
""" Affiche l'ensemble des droits"""
listright_list = ListRight.objects.order_by('unix_name')\
superuser_right = User.objects.filter(is_superuser=True)
return render(
{'listright_list': listright_list}
'listright_list': listright_list,
'superuser_right' : superuser_right,
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment