From e64a443fb3d14ea78e47bd030b0ec49f749fc0ad Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aur=C3=A9lien=20Delobelle?= <aurelien.delobelle@ens.fr>
Date: Sun, 21 Aug 2016 02:53:35 +0200
Subject: [PATCH] =?UTF-8?q?Ajout=20groupes=20K-F=C3=AAt=20utilisateurs=20e?=
 =?UTF-8?q?n=20lecture?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Pour voir les groupes, il faut la permission `kfet.manage_perms`
- Pour modifier les groupes auxquels fait parti un compte, il la faut
  également
---
 kfet/forms.py                              |  13 ++-
 kfet/migrations/0030_auto_20160821_0029.py |  18 ++++
 kfet/models.py                             |   8 +-
 kfet/static/kfet/css/index.css             |  28 +++++-
 kfet/templates/kfet/account.html           |  39 +++++---
 kfet/templates/kfet/account_group.html     |  49 ++++++++++
 kfet/templates/kfet/account_update.html    |   1 +
 kfet/urls.py                               |   4 +
 kfet/views.py                              | 105 ++++++++++++---------
 9 files changed, 198 insertions(+), 67 deletions(-)
 create mode 100644 kfet/migrations/0030_auto_20160821_0029.py
 create mode 100644 kfet/templates/kfet/account_group.html

diff --git a/kfet/forms.py b/kfet/forms.py
index e6807884..8dcd00fc 100644
--- a/kfet/forms.py
+++ b/kfet/forms.py
@@ -1,6 +1,6 @@
 from django import forms
 from django.core.exceptions import ValidationError
-from django.contrib.auth.models import User
+from django.contrib.auth.models import User, Group
 from django.forms import modelformset_factory
 from kfet.models import (Account, Checkout, Article, OperationGroup, Operation,
     CheckoutStatement)
@@ -78,9 +78,20 @@ class UserForm(forms.ModelForm):
         }
 
 class UserRestrictForm(UserForm):
+    class Meta(UserForm.Meta):
+        fields = ['first_name', 'last_name']
+
+class UserRestrictTeamForm(UserForm):
     class Meta(UserForm.Meta):
         fields = ['first_name', 'last_name', 'email']
 
+class UserGroupForm(forms.ModelForm):
+    groups = forms.ModelMultipleChoiceField(
+            Group.objects.filter(name__icontains='K-Fêt'))
+    class Meta:
+        model  = User
+        fields = ['groups']
+
 # -----
 # Checkout forms
 # -----
diff --git a/kfet/migrations/0030_auto_20160821_0029.py b/kfet/migrations/0030_auto_20160821_0029.py
new file mode 100644
index 00000000..ed54efa9
--- /dev/null
+++ b/kfet/migrations/0030_auto_20160821_0029.py
@@ -0,0 +1,18 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import models, migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('kfet', '0029_genericteamtoken'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='globalpermissions',
+            options={'permissions': (('is_team', 'Is part of the team'), ('perform_deposit', 'Effectuer une charge'), ('perform_negative_operations', 'Enregistrer des commandes en négatif'), ('override_frozen_protection', "Forcer le gel d'un compte"), ('cancel_old_operations', 'Annuler des commandes non récentes'), ('manage_perms', 'Gérer les permissions K-Fêt')), 'managed': False},
+        ),
+    ]
diff --git a/kfet/models.py b/kfet/models.py
index fbda4db4..7319e731 100644
--- a/kfet/models.py
+++ b/kfet/models.py
@@ -79,12 +79,7 @@ class Account(models.Model):
 
     @property
     def name(self):
-        if self.first_name and self.last_name:
-            return '%s %s' % (self.first_name, self.last_name)
-        elif self.first_name:
-            return self.first_name
-        else:
-            return self.last_name
+        return self.user.get_full_name()
 
     @property
     def is_cash(self):
@@ -488,6 +483,7 @@ class GlobalPermissions(models.Model):
                 'Enregistrer des commandes en négatif'),
             ('override_frozen_protection', "Forcer le gel d'un compte"),
             ('cancel_old_operations', 'Annuler des commandes non récentes'),
+            ('manage_perms', 'Gérer les permissions K-Fêt')
         )
 
 class Settings(models.Model):
diff --git a/kfet/static/kfet/css/index.css b/kfet/static/kfet/css/index.css
index d98453fd..fa08b10a 100644
--- a/kfet/static/kfet/css/index.css
+++ b/kfet/static/kfet/css/index.css
@@ -55,10 +55,6 @@ a:focus, a:hover {
     padding:0;
 }
 
-/*.col-content-left {
-    position:fixed;
-}*/
-
 .content-left-top {
     background:#fff;
     padding:10px 30px;
@@ -102,6 +98,22 @@ a:focus, a:hover {
     margin:0 15px;
 }
 
+.content-right-block {
+    padding-bottom:5px;
+}
+
+.content-right-block:last-child {
+    padding-bottom:15px;
+}
+
+.content-right-block > div {
+    background:#fff;
+}
+
+.content-right-block > div.row {
+    margin:0;
+}
+
 .content-right-block h2 {
     margin:20px 20px 15px;
     padding-bottom:5px;
@@ -109,6 +121,14 @@ a:focus, a:hover {
     font-size:40px;
 }
 
+.content-right-block h3 {
+    border-bottom: 1px solid #c8102e;
+    margin: 20px 15px 15px;
+    padding-bottom: 10px;
+    padding-left: 20px;
+    font-size:25px;
+}
+
 .content-right-block table {
     width:100%;
 }
diff --git a/kfet/templates/kfet/account.html b/kfet/templates/kfet/account.html
index d753b54e..71d9f350 100644
--- a/kfet/templates/kfet/account.html
+++ b/kfet/templates/kfet/account.html
@@ -6,21 +6,34 @@
 {% block content %}
 
 <div class="row">
-  <div class="col-lg-12">
-    <div class="btn-group btn-group-lg">
-      <a class="btn btn-primary" href="{% url 'kfet.account.create' %}">Créer un compte</a>
+  <div class="col-sm-4 col-md-3 col-content-left">
+    <div class="content-left">
+      <div class="content-left-top text-center">
+        <div class="line">{{ accounts|length|add:-1 }} comptes</div>
+      </div>
+      <div class="buttons">
+        <a class="btn btn-primary btn-lg" href="{% url 'kfet.account.create' %}">Créer un compte</a>
+        <a class="btn btn-primary btn-lg" href="{% url 'kfet.account.group' %}">Permissions</a>
+      </div>
+    </div>
+  </div>
+  <div class="col-sm-8 col-md-9 col-content-right">
+    {% include 'kfet/base_messages.html' %}
+    <div class="content-right">
+      <div class="content-right-block">
+        <h2>Liste des comptes</h2>
+        <div>
+          <ul>
+            {% for account in accounts %}
+              <li>
+                <a href="{% url 'kfet.account.read' account.trigramme %}">{{ account }}</a>
+              </li>
+             {% endfor %}
+          </ul>
+        </div>
+      </div>
     </div>
   </div>
 </div>
 
-<ul>
-{% for account in accounts %}
-    <li>
-        <a href="{% url 'kfet.account.read' account.trigramme %}">
-            {{ account }}
-        </a>
-    </li>
-{% endfor %}
-</ul>
-
 {% endblock %}
diff --git a/kfet/templates/kfet/account_group.html b/kfet/templates/kfet/account_group.html
new file mode 100644
index 00000000..ad371f6e
--- /dev/null
+++ b/kfet/templates/kfet/account_group.html
@@ -0,0 +1,49 @@
+{% extends 'kfet/base.html' %}
+
+{% block title %}Groupes de comptes{% endblock %}
+{% block content-header-title %}Groupes de comptes{% endblock %}
+
+{% block content %}
+
+<div class="row">
+  <div class="col-sm-4 col-md-3 col-content-left">
+    <div class="content-left">
+      <div class="content-left-top text-center">
+        <div class="line"></div>
+      </div>
+      <div class="buttons">
+        <a class="btn btn-primary btn-lg" href="">Créer un groupe</a>
+      </div>
+    </div>
+  </div>
+  <div class="col-sm-8 col-md-9 col-content-right">
+    {% include 'kfet/base_messages.html' %}
+    <div class="content-right">
+      {% for group in groups %}
+        <div class="content-right-block">
+          <h2>{{ group.name }}</h2>
+          <div class="row">
+            <div class="col-sm-6">
+              <h3>Permissions</h3>
+              <ul>
+                {% for perm in group.permissions.all %}
+                  <li>{{ perm.name }}</li>
+                {% endfor %}
+              </ul>
+            </div>
+            <div class="col-sm-6">
+              <h3>Comptes</h3>
+              <ul>
+                {% for user in group.user_set.all %}
+                  <li>{{ user.profile.account_kfet }}</li>
+                {% endfor %}
+              </ul>
+            </div>
+          </div>
+        </div>
+      {% endfor %}
+    </div>
+  </div>
+</div>
+
+{% endblock %}
diff --git a/kfet/templates/kfet/account_update.html b/kfet/templates/kfet/account_update.html
index 43bc7f19..dedbcb24 100644
--- a/kfet/templates/kfet/account_update.html
+++ b/kfet/templates/kfet/account_update.html
@@ -33,6 +33,7 @@
           {{ user_form.as_p }}
           {{ cof_form.as_p }}
           {{ account_form.as_p }}
+          {{ group_form.as_p }}
           {% if perms.kfet.is_team and not perms.kfet.change_account %}
             <input type="password" name="KFETPASSWORD">
           {% endif %}
diff --git a/kfet/urls.py b/kfet/urls.py
index 944ebcaa..df597766 100644
--- a/kfet/urls.py
+++ b/kfet/urls.py
@@ -39,6 +39,10 @@ urlpatterns = [
     url(r'^accounts/(?P<trigramme>.{3})/edit$', views.account_update,
         name = 'kfet.account.update'),
 
+    # Account - Groups
+    url(r'^accounts/groups$', views.account_group,
+        name = 'kfet.account.group'),
+
     # -----
     # Checkout urls
     # -----
diff --git a/kfet/views.py b/kfet/views.py
index 0b6a03cf..60dc3798 100644
--- a/kfet/views.py
+++ b/kfet/views.py
@@ -7,7 +7,7 @@ from django.contrib import messages
 from django.contrib.messages.views import SuccessMessageMixin
 from django.contrib.auth import authenticate, login
 from django.contrib.auth.decorators import login_required, permission_required
-from django.contrib.auth.models import User, Permission
+from django.contrib.auth.models import User, Permission, Group
 from django.http import HttpResponse, JsonResponse, Http404
 from django.forms import modelformset_factory
 from django.db import IntegrityError, transaction
@@ -19,7 +19,6 @@ from kfet.models import (Account, Checkout, Article, Settings, AccountNegative,
     CheckoutStatement, GenericTeamToken)
 from kfet.forms import *
 from collections import defaultdict
-from channels import Group
 from kfet import consumers
 from datetime import timedelta
 import django_cas_ng
@@ -78,7 +77,6 @@ def account_create(request):
     # A envoyer au template
     data_template = {
         'account_trigramme_form': AccountTriForm(),
-        'errors' : {},
     }
 
     # Enregistrement
@@ -102,12 +100,6 @@ def account_create(request):
         trigramme_form = AccountTriForm(request.POST)
         account_form   = AccountNoTriForm(request.POST)
 
-        # Ajout des erreurs pour le template
-        data_template['errors']['user_form'] = user_form.errors
-        data_template['errors']['cof_form']  = cof_form.errors
-        data_template['errors']['trigramme_form'] = trigramme_form.errors
-        data_template['errors']['account_form'] = account_form.errors
-
         if all((user_form.is_valid(), cof_form.is_valid(),
                 trigramme_form.is_valid(), account_form.is_valid())):
             data = {}
@@ -123,6 +115,11 @@ def account_create(request):
             except Account.UserHasAccount as e:
                 messages.error(request, \
                     "Cet utilisateur a déjà un compte K-Fêt : %s" % e.trigramme)
+        else:
+            messages.error(request, user_form.errors)
+            messages.error(request, cof_form.errors)
+            messages.error(request, trigramme_form.errors)
+            messages.error(request, account_form.errors)
 
     return render(request, "kfet/account_create.html", data_template)
 
@@ -227,22 +224,31 @@ def account_update(request, trigramme):
             and request.user != account.user:
         raise PermissionDenied
 
+    if request.user.has_perm('kfet.is_team'):
+        user_form    = UserRestrictTeamForm(instance=account.user)
+        group_form   = UserGroupForm(instance=account.user)
+        account_form = AccountForm(instance=account)
+        cof_form     = CofRestrictForm(instance=account.cofprofile)
+    else:
+        user_form    = UserRestrictForm(instance=account.user)
+        account_form = None
+        cof_form     = None
+        group_form   = None
+
     if request.method == "POST":
         # Update attempt
+        success      = False
+        missing_perm = False
 
-        # Peuplement des forms
-        if request.user.has_perm('kfet.change_account'):
-            account_form = AccountForm(request.POST, instance = account)
-        else:
-            account_form = AccountRestrictForm(request.POST, instance = account)
-        cof_form  = CofRestrictForm(request.POST, instance=account.cofprofile)
-        user_form = UserRestrictForm(request.POST, instance=account.user)
+        if request.user.has_perm('kfet.is_team'):
+            account_form = AccountForm(request.POST, instance=account)
+            cof_form     = CofRestrictForm(request.POST, instance=account.cofprofile)
+            user_form    = UserRestrictTeamForm(request.POST, instance=account.user)
+            group_form   = UserGroupForm(request.POST, instance=account.user)
 
-        # Checking permissions
-        if (request.user.has_perm('kfet.change_account')
-                or request.user == account.user):
-            # Permissions ok
-            if all((account_form.is_valid(), cof_form.is_valid(), user_form.is_valid())):
+            if (request.user.has_perm('kfet.change_account')
+                    and account_form.is_valid() and cof_form.is_valid()
+                    and user_form.is_valid()):
                 data = {}
                 # Fill data for Account.save()
                 put_cleaned_data_in_dict(data, user_form)
@@ -250,37 +256,50 @@ def account_update(request, trigramme):
 
                 # Updating
                 account_form.save(data = data)
-                if request.user == account.user:
-                    messages.success(request,
-                        'Vos informations ont été mises à jour')
-                else:
-                    messages.success(request,
-                        'Informations du compte %s mises à jour' % account.trigramme)
-                #return redirect('kfet.account.read', account.trigramme)
-            else:
-                messages.error(request,
-                    'Informations non mises à jour. Corrigez les erreurs')
+
+                # Checking perm to manage perms
+                if (request.user.has_perm('kfet.manage_perms')
+                        and group_form.is_valid()):
+                    group_form.save()
+
+                success = True
+                messages.success(request,
+                    'Informations du compte %s mises à jour' % account.trigramme)
+            elif not request.user.has_perm('kfet.change_account'):
+                missing_perm = True
+
+        if request.user == account.user:
+            missing_perm = False
+            user_form = UserRestrictForm(request.POST, instance=account.user)
+
+            if user_form.is_valid():
+                user_form.save()
+                success = True
+                messages.success(request, 'Vos informations ont été mises à jour')
+
+        if missing_perm:
+            messages.error('Permission refusée')
+        if success:
+            return redirect('kfet.account.read', account.trigramme)
         else:
-            # Permissions not ok
-            if request.user.has_perm('kfet.is_team'):
-                account_form = AccountForm(request.POST, instance = account)
-            messages.error(request, 'Permission refusée')
-    else:
-        # No update attempt
-        if request.user.has_perm('kfet.is_team'):
-            account_form = AccountForm(instance = account)
-        else:
-            account_form = AccountRestrictForm(instance = account)
-        cof_form  = CofRestrictForm(instance = account.cofprofile)
-        user_form = UserRestrictForm(instance = account.user)
+            messages.error('Informations non mises à jour. Corrigez les erreurs')
 
     return render(request, "kfet/account_update.html", {
         'account'      : account,
         'account_form' : account_form,
         'cof_form'     : cof_form,
         'user_form'    : user_form,
+        'group_form'   : group_form,
     })
 
+@permission_required('kfet.manage_perms')
+def account_group(request):
+    groups = (Group.objects
+        .filter(name__icontains='K-Fêt')
+        .prefetch_related('permissions', 'user_set__profile__account_kfet')
+    )
+    return render(request, 'kfet/account_group.html', { 'groups': groups })
+
 # -----
 # Checkout views
 # -----