Commit dcd1e2af authored by chirac's avatar chirac

Merge branch 'fix_110_display_superuser' into 'master'

Fix #110 display superuser

Closes #110

See merge request federez/re2o!150
parents 34d29349 a5013920
......@@ -66,7 +66,11 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<td><p class="text-success">{{utilisateur.last}}</p></td>
{% endif %}
<td>
{% if droit != 'Superuser' %}
<a href="{% url 'users:del-group' utilisateur.id droit.id %}">
{% else %}
<a href="{% url 'users:del-superuser' utilisateur.id %}">
{% endif %}
<button type="button" class="btn btn-danger" aria-label="Left Align">
<span class="fa fa-user-times" aria-hidden="true"></span>
</button>
......@@ -79,4 +83,4 @@ with this program; if not, write to the Free Software Foundation, Inc.,
</div>
</div>
</div>
{% endfor %}
\ No newline at end of file
{% endfor %}
......@@ -41,7 +41,7 @@ from django.urls import reverse
from django.shortcuts import render, redirect
from django.contrib import messages
from django.contrib.auth.decorators import login_required
from django.db.models import Count, Max
from django.db.models import Count, Max, F
from reversion.models import Revision
from reversion.models import Version, ContentType
......@@ -469,9 +469,14 @@ def stats_droits(request):
for droit in ListRight.objects.all().select_related('group_ptr'):
stats_list[droit] = droit.user_set.all().annotate(
num=Count('revision'),
last=Max('revision__date_created')
last=Max('revision__date_created'),
)
stats_list['Superuser'] = User.objects.filter(is_superuser=True).annotate(
num=Count('revision'),
last=Max('revision__date_created'),
)
return render(
request,
'logs/stats_droits.html',
......
......@@ -454,7 +454,7 @@ class StateForm(FormRevMixin, ModelForm):
super(StateForm, self).__init__(*args, prefix=prefix, **kwargs)
class GroupForm(FormRevMixin, ModelForm):
class GroupForm(FieldPermissionFormMixin, FormRevMixin, ModelForm):
""" Gestion des groupes d'un user"""
groups = forms.ModelMultipleChoiceField(
Group.objects.all(),
......@@ -464,11 +464,13 @@ class GroupForm(FormRevMixin, ModelForm):
class Meta:
model = User
fields = ['groups']
fields = ['is_superuser', 'groups']
def __init__(self, *args, **kwargs):
prefix = kwargs.pop('prefix', self.Meta.model.__name__)
super(GroupForm, self).__init__(*args, prefix=prefix, **kwargs)
if 'is_superuser' in self.fields:
self.fields['is_superuser'].label = "Superuser"
class SchoolForm(FormRevMixin, ModelForm):
......
......@@ -812,6 +812,18 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
"Droit requis pour éditer les groupes de l'user"
)
@staticmethod
def can_change_is_superuser(user_request, *_args, **_kwargs):
""" Check if an user can change a is_superuser flag
:param user_request: The user who request
:returns: a message and a boolean which is True if permission is granted.
"""
return (
user_request.is_superuser,
"Droit superuser requis pour éditer le flag superuser"
)
def can_view(self, user_request, *_args, **_kwargs):
"""Check if an user can view an user object.
......
......@@ -33,6 +33,44 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<th></th>
</tr>
</thead>
{% if superuser_right %}
<tr class="active">
<td>Superuser</td>
<td></td>
<td>True</td>
<td>
<button class="btn btn-default" data-parent="#accordion_superuser" type="button" data-toggle="collapse" data-target="#collapseListRight_user_superuser" aria-expanded="true" aria-controls="collapseListRight_user_superuser">
Utilisateurs ({{ superuser_right.count }})
</button>
</td>
<td>
Donne tous les droits sur Re2o.
</td>
<td class="text-right">
</td>
</tr>
<tr>
<td colspan=5>
<div class="panel-group" id="accordion_superuser" role="tablist" aria-multiselectable="true" style="margin-bottom: 0px;">
<div class="panel" style="border: none;">
<div class="panel-collapse collapse in" id="collapseListRight_user_superuser" role="tabpanel">
<ul class="list-group" style="margin-bottom: 0px">
{% for user in superuser_right %}
<li class="list-group-item col-xs-12 col-sm-6 col-md-4" style="border:none;">
{{user}}
<a role="button" href="{% url 'users:del-superuser' user.pk %}" title="{{ desc|default:"Supprimer" }}">
<i class="fa fa-times" style="color:red"></i>
</a>
</li>
{% endfor %}
</ul>
</div>
</div>
</div>
</td>
</tr>
{% endif %}
{% for listright in listright_list %}
<tr class="active">
<td>
......@@ -48,9 +86,9 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<button class="btn btn-default" data-parent="#accordion_{{listright.gid}}" type="button" data-toggle="collapse" data-target="#collapseListRight_perm_{{listright.gid}}" aria-expanded="true" aria-controls="collapseListRight_perm_{{listright.gid}}">
Ensemble des permissions ({{ listright.permissions.all|length }})
</button>
</div>
</td>
<td>{{ listright.details }}</td>
</div>
</td>
<td>{{ listright.details }}</td>
<td class="text-right">
{% include 'buttons/edit.html' with href='users:edit-listright' id=listright.id %}
{% include 'buttons/history.html' with href='users:history' name='listright' id=listright.id %}
......
......@@ -43,6 +43,9 @@ urlpatterns = [
url(r'^del_group/(?P<userid>[0-9]+)/(?P<listrightid>[0-9]+)$',
views.del_group,
name='del-group'),
url(r'^del_superuser/(?P<userid>[0-9]+)$',
views.del_superuser,
name='del-superuser'),
url(r'^new_serviceuser/$', views.new_serviceuser, name='new-serviceuser'),
url(r'^edit_serviceuser/(?P<serviceuserid>[0-9]+)$',
views.edit_serviceuser,
......
......@@ -246,7 +246,7 @@ def state(request, user, userid):
@can_edit(User, 'groups')
def groups(request, user, userid):
""" View to edit the groups of a user """
group_form = GroupForm(request.POST or None, instance=user)
group_form = GroupForm(request.POST or None, instance=user, user=request.user)
if group_form.is_valid():
if group_form.changed_data:
group_form.save()
......@@ -294,6 +294,16 @@ def del_group(request, user, listrightid, **_kwargs):
return HttpResponseRedirect(request.META.get('HTTP_REFERER'))
@login_required
@can_edit(User, 'is_superuser')
def del_superuser(request, user, **_kwargs):
"""Remove the superuser right of an user."""
user.is_superuser = False
user.save()
messages.success(request, "%s n'est plus superuser" % user)
return HttpResponseRedirect(request.META.get('HTTP_REFERER'))
@login_required
@can_create(ServiceUser)
def new_serviceuser(request):
......@@ -763,10 +773,14 @@ def index_listright(request):
""" Affiche l'ensemble des droits"""
listright_list = ListRight.objects.order_by('unix_name')\
.prefetch_related('permissions').prefetch_related('user_set')
superuser_right = User.objects.filter(is_superuser=True)
return render(
request,
'users/index_listright.html',
{'listright_list': listright_list}
{
'listright_list': listright_list,
'superuser_right' : superuser_right,
}
)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment