forked from DGNum/gestioCOF
Ajout groupes K-Fêt utilisateurs en lecture
- Pour voir les groupes, il faut la permission `kfet.manage_perms` - Pour modifier les groupes auxquels fait parti un compte, il la faut également
This commit is contained in:
parent
8507072c8f
commit
e64a443fb3
9 changed files with 198 additions and 67 deletions
|
@ -1,6 +1,6 @@
|
||||||
from django import forms
|
from django import forms
|
||||||
from django.core.exceptions import ValidationError
|
from django.core.exceptions import ValidationError
|
||||||
from django.contrib.auth.models import User
|
from django.contrib.auth.models import User, Group
|
||||||
from django.forms import modelformset_factory
|
from django.forms import modelformset_factory
|
||||||
from kfet.models import (Account, Checkout, Article, OperationGroup, Operation,
|
from kfet.models import (Account, Checkout, Article, OperationGroup, Operation,
|
||||||
CheckoutStatement)
|
CheckoutStatement)
|
||||||
|
@ -78,9 +78,20 @@ class UserForm(forms.ModelForm):
|
||||||
}
|
}
|
||||||
|
|
||||||
class UserRestrictForm(UserForm):
|
class UserRestrictForm(UserForm):
|
||||||
|
class Meta(UserForm.Meta):
|
||||||
|
fields = ['first_name', 'last_name']
|
||||||
|
|
||||||
|
class UserRestrictTeamForm(UserForm):
|
||||||
class Meta(UserForm.Meta):
|
class Meta(UserForm.Meta):
|
||||||
fields = ['first_name', 'last_name', 'email']
|
fields = ['first_name', 'last_name', 'email']
|
||||||
|
|
||||||
|
class UserGroupForm(forms.ModelForm):
|
||||||
|
groups = forms.ModelMultipleChoiceField(
|
||||||
|
Group.objects.filter(name__icontains='K-Fêt'))
|
||||||
|
class Meta:
|
||||||
|
model = User
|
||||||
|
fields = ['groups']
|
||||||
|
|
||||||
# -----
|
# -----
|
||||||
# Checkout forms
|
# Checkout forms
|
||||||
# -----
|
# -----
|
||||||
|
|
18
kfet/migrations/0030_auto_20160821_0029.py
Normal file
18
kfet/migrations/0030_auto_20160821_0029.py
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
|
from django.db import models, migrations
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
('kfet', '0029_genericteamtoken'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.AlterModelOptions(
|
||||||
|
name='globalpermissions',
|
||||||
|
options={'permissions': (('is_team', 'Is part of the team'), ('perform_deposit', 'Effectuer une charge'), ('perform_negative_operations', 'Enregistrer des commandes en négatif'), ('override_frozen_protection', "Forcer le gel d'un compte"), ('cancel_old_operations', 'Annuler des commandes non récentes'), ('manage_perms', 'Gérer les permissions K-Fêt')), 'managed': False},
|
||||||
|
),
|
||||||
|
]
|
|
@ -79,12 +79,7 @@ class Account(models.Model):
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def name(self):
|
def name(self):
|
||||||
if self.first_name and self.last_name:
|
return self.user.get_full_name()
|
||||||
return '%s %s' % (self.first_name, self.last_name)
|
|
||||||
elif self.first_name:
|
|
||||||
return self.first_name
|
|
||||||
else:
|
|
||||||
return self.last_name
|
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def is_cash(self):
|
def is_cash(self):
|
||||||
|
@ -488,6 +483,7 @@ class GlobalPermissions(models.Model):
|
||||||
'Enregistrer des commandes en négatif'),
|
'Enregistrer des commandes en négatif'),
|
||||||
('override_frozen_protection', "Forcer le gel d'un compte"),
|
('override_frozen_protection', "Forcer le gel d'un compte"),
|
||||||
('cancel_old_operations', 'Annuler des commandes non récentes'),
|
('cancel_old_operations', 'Annuler des commandes non récentes'),
|
||||||
|
('manage_perms', 'Gérer les permissions K-Fêt')
|
||||||
)
|
)
|
||||||
|
|
||||||
class Settings(models.Model):
|
class Settings(models.Model):
|
||||||
|
|
|
@ -55,10 +55,6 @@ a:focus, a:hover {
|
||||||
padding:0;
|
padding:0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*.col-content-left {
|
|
||||||
position:fixed;
|
|
||||||
}*/
|
|
||||||
|
|
||||||
.content-left-top {
|
.content-left-top {
|
||||||
background:#fff;
|
background:#fff;
|
||||||
padding:10px 30px;
|
padding:10px 30px;
|
||||||
|
@ -102,6 +98,22 @@ a:focus, a:hover {
|
||||||
margin:0 15px;
|
margin:0 15px;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.content-right-block {
|
||||||
|
padding-bottom:5px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.content-right-block:last-child {
|
||||||
|
padding-bottom:15px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.content-right-block > div {
|
||||||
|
background:#fff;
|
||||||
|
}
|
||||||
|
|
||||||
|
.content-right-block > div.row {
|
||||||
|
margin:0;
|
||||||
|
}
|
||||||
|
|
||||||
.content-right-block h2 {
|
.content-right-block h2 {
|
||||||
margin:20px 20px 15px;
|
margin:20px 20px 15px;
|
||||||
padding-bottom:5px;
|
padding-bottom:5px;
|
||||||
|
@ -109,6 +121,14 @@ a:focus, a:hover {
|
||||||
font-size:40px;
|
font-size:40px;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.content-right-block h3 {
|
||||||
|
border-bottom: 1px solid #c8102e;
|
||||||
|
margin: 20px 15px 15px;
|
||||||
|
padding-bottom: 10px;
|
||||||
|
padding-left: 20px;
|
||||||
|
font-size:25px;
|
||||||
|
}
|
||||||
|
|
||||||
.content-right-block table {
|
.content-right-block table {
|
||||||
width:100%;
|
width:100%;
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,21 +6,34 @@
|
||||||
{% block content %}
|
{% block content %}
|
||||||
|
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-lg-12">
|
<div class="col-sm-4 col-md-3 col-content-left">
|
||||||
<div class="btn-group btn-group-lg">
|
<div class="content-left">
|
||||||
<a class="btn btn-primary" href="{% url 'kfet.account.create' %}">Créer un compte</a>
|
<div class="content-left-top text-center">
|
||||||
|
<div class="line">{{ accounts|length|add:-1 }} comptes</div>
|
||||||
|
</div>
|
||||||
|
<div class="buttons">
|
||||||
|
<a class="btn btn-primary btn-lg" href="{% url 'kfet.account.create' %}">Créer un compte</a>
|
||||||
|
<a class="btn btn-primary btn-lg" href="{% url 'kfet.account.group' %}">Permissions</a>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="col-sm-8 col-md-9 col-content-right">
|
||||||
|
{% include 'kfet/base_messages.html' %}
|
||||||
|
<div class="content-right">
|
||||||
|
<div class="content-right-block">
|
||||||
|
<h2>Liste des comptes</h2>
|
||||||
|
<div>
|
||||||
|
<ul>
|
||||||
|
{% for account in accounts %}
|
||||||
|
<li>
|
||||||
|
<a href="{% url 'kfet.account.read' account.trigramme %}">{{ account }}</a>
|
||||||
|
</li>
|
||||||
|
{% endfor %}
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<ul>
|
|
||||||
{% for account in accounts %}
|
|
||||||
<li>
|
|
||||||
<a href="{% url 'kfet.account.read' account.trigramme %}">
|
|
||||||
{{ account }}
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
{% endfor %}
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
|
49
kfet/templates/kfet/account_group.html
Normal file
49
kfet/templates/kfet/account_group.html
Normal file
|
@ -0,0 +1,49 @@
|
||||||
|
{% extends 'kfet/base.html' %}
|
||||||
|
|
||||||
|
{% block title %}Groupes de comptes{% endblock %}
|
||||||
|
{% block content-header-title %}Groupes de comptes{% endblock %}
|
||||||
|
|
||||||
|
{% block content %}
|
||||||
|
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-sm-4 col-md-3 col-content-left">
|
||||||
|
<div class="content-left">
|
||||||
|
<div class="content-left-top text-center">
|
||||||
|
<div class="line"></div>
|
||||||
|
</div>
|
||||||
|
<div class="buttons">
|
||||||
|
<a class="btn btn-primary btn-lg" href="">Créer un groupe</a>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="col-sm-8 col-md-9 col-content-right">
|
||||||
|
{% include 'kfet/base_messages.html' %}
|
||||||
|
<div class="content-right">
|
||||||
|
{% for group in groups %}
|
||||||
|
<div class="content-right-block">
|
||||||
|
<h2>{{ group.name }}</h2>
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-sm-6">
|
||||||
|
<h3>Permissions</h3>
|
||||||
|
<ul>
|
||||||
|
{% for perm in group.permissions.all %}
|
||||||
|
<li>{{ perm.name }}</li>
|
||||||
|
{% endfor %}
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
<div class="col-sm-6">
|
||||||
|
<h3>Comptes</h3>
|
||||||
|
<ul>
|
||||||
|
{% for user in group.user_set.all %}
|
||||||
|
<li>{{ user.profile.account_kfet }}</li>
|
||||||
|
{% endfor %}
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
{% endfor %}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{% endblock %}
|
|
@ -33,6 +33,7 @@
|
||||||
{{ user_form.as_p }}
|
{{ user_form.as_p }}
|
||||||
{{ cof_form.as_p }}
|
{{ cof_form.as_p }}
|
||||||
{{ account_form.as_p }}
|
{{ account_form.as_p }}
|
||||||
|
{{ group_form.as_p }}
|
||||||
{% if perms.kfet.is_team and not perms.kfet.change_account %}
|
{% if perms.kfet.is_team and not perms.kfet.change_account %}
|
||||||
<input type="password" name="KFETPASSWORD">
|
<input type="password" name="KFETPASSWORD">
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
|
@ -39,6 +39,10 @@ urlpatterns = [
|
||||||
url(r'^accounts/(?P<trigramme>.{3})/edit$', views.account_update,
|
url(r'^accounts/(?P<trigramme>.{3})/edit$', views.account_update,
|
||||||
name = 'kfet.account.update'),
|
name = 'kfet.account.update'),
|
||||||
|
|
||||||
|
# Account - Groups
|
||||||
|
url(r'^accounts/groups$', views.account_group,
|
||||||
|
name = 'kfet.account.group'),
|
||||||
|
|
||||||
# -----
|
# -----
|
||||||
# Checkout urls
|
# Checkout urls
|
||||||
# -----
|
# -----
|
||||||
|
|
|
@ -7,7 +7,7 @@ from django.contrib import messages
|
||||||
from django.contrib.messages.views import SuccessMessageMixin
|
from django.contrib.messages.views import SuccessMessageMixin
|
||||||
from django.contrib.auth import authenticate, login
|
from django.contrib.auth import authenticate, login
|
||||||
from django.contrib.auth.decorators import login_required, permission_required
|
from django.contrib.auth.decorators import login_required, permission_required
|
||||||
from django.contrib.auth.models import User, Permission
|
from django.contrib.auth.models import User, Permission, Group
|
||||||
from django.http import HttpResponse, JsonResponse, Http404
|
from django.http import HttpResponse, JsonResponse, Http404
|
||||||
from django.forms import modelformset_factory
|
from django.forms import modelformset_factory
|
||||||
from django.db import IntegrityError, transaction
|
from django.db import IntegrityError, transaction
|
||||||
|
@ -19,7 +19,6 @@ from kfet.models import (Account, Checkout, Article, Settings, AccountNegative,
|
||||||
CheckoutStatement, GenericTeamToken)
|
CheckoutStatement, GenericTeamToken)
|
||||||
from kfet.forms import *
|
from kfet.forms import *
|
||||||
from collections import defaultdict
|
from collections import defaultdict
|
||||||
from channels import Group
|
|
||||||
from kfet import consumers
|
from kfet import consumers
|
||||||
from datetime import timedelta
|
from datetime import timedelta
|
||||||
import django_cas_ng
|
import django_cas_ng
|
||||||
|
@ -78,7 +77,6 @@ def account_create(request):
|
||||||
# A envoyer au template
|
# A envoyer au template
|
||||||
data_template = {
|
data_template = {
|
||||||
'account_trigramme_form': AccountTriForm(),
|
'account_trigramme_form': AccountTriForm(),
|
||||||
'errors' : {},
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# Enregistrement
|
# Enregistrement
|
||||||
|
@ -102,12 +100,6 @@ def account_create(request):
|
||||||
trigramme_form = AccountTriForm(request.POST)
|
trigramme_form = AccountTriForm(request.POST)
|
||||||
account_form = AccountNoTriForm(request.POST)
|
account_form = AccountNoTriForm(request.POST)
|
||||||
|
|
||||||
# Ajout des erreurs pour le template
|
|
||||||
data_template['errors']['user_form'] = user_form.errors
|
|
||||||
data_template['errors']['cof_form'] = cof_form.errors
|
|
||||||
data_template['errors']['trigramme_form'] = trigramme_form.errors
|
|
||||||
data_template['errors']['account_form'] = account_form.errors
|
|
||||||
|
|
||||||
if all((user_form.is_valid(), cof_form.is_valid(),
|
if all((user_form.is_valid(), cof_form.is_valid(),
|
||||||
trigramme_form.is_valid(), account_form.is_valid())):
|
trigramme_form.is_valid(), account_form.is_valid())):
|
||||||
data = {}
|
data = {}
|
||||||
|
@ -123,6 +115,11 @@ def account_create(request):
|
||||||
except Account.UserHasAccount as e:
|
except Account.UserHasAccount as e:
|
||||||
messages.error(request, \
|
messages.error(request, \
|
||||||
"Cet utilisateur a déjà un compte K-Fêt : %s" % e.trigramme)
|
"Cet utilisateur a déjà un compte K-Fêt : %s" % e.trigramme)
|
||||||
|
else:
|
||||||
|
messages.error(request, user_form.errors)
|
||||||
|
messages.error(request, cof_form.errors)
|
||||||
|
messages.error(request, trigramme_form.errors)
|
||||||
|
messages.error(request, account_form.errors)
|
||||||
|
|
||||||
return render(request, "kfet/account_create.html", data_template)
|
return render(request, "kfet/account_create.html", data_template)
|
||||||
|
|
||||||
|
@ -227,22 +224,31 @@ def account_update(request, trigramme):
|
||||||
and request.user != account.user:
|
and request.user != account.user:
|
||||||
raise PermissionDenied
|
raise PermissionDenied
|
||||||
|
|
||||||
|
if request.user.has_perm('kfet.is_team'):
|
||||||
|
user_form = UserRestrictTeamForm(instance=account.user)
|
||||||
|
group_form = UserGroupForm(instance=account.user)
|
||||||
|
account_form = AccountForm(instance=account)
|
||||||
|
cof_form = CofRestrictForm(instance=account.cofprofile)
|
||||||
|
else:
|
||||||
|
user_form = UserRestrictForm(instance=account.user)
|
||||||
|
account_form = None
|
||||||
|
cof_form = None
|
||||||
|
group_form = None
|
||||||
|
|
||||||
if request.method == "POST":
|
if request.method == "POST":
|
||||||
# Update attempt
|
# Update attempt
|
||||||
|
success = False
|
||||||
|
missing_perm = False
|
||||||
|
|
||||||
# Peuplement des forms
|
if request.user.has_perm('kfet.is_team'):
|
||||||
if request.user.has_perm('kfet.change_account'):
|
account_form = AccountForm(request.POST, instance=account)
|
||||||
account_form = AccountForm(request.POST, instance = account)
|
|
||||||
else:
|
|
||||||
account_form = AccountRestrictForm(request.POST, instance = account)
|
|
||||||
cof_form = CofRestrictForm(request.POST, instance=account.cofprofile)
|
cof_form = CofRestrictForm(request.POST, instance=account.cofprofile)
|
||||||
user_form = UserRestrictForm(request.POST, instance=account.user)
|
user_form = UserRestrictTeamForm(request.POST, instance=account.user)
|
||||||
|
group_form = UserGroupForm(request.POST, instance=account.user)
|
||||||
|
|
||||||
# Checking permissions
|
|
||||||
if (request.user.has_perm('kfet.change_account')
|
if (request.user.has_perm('kfet.change_account')
|
||||||
or request.user == account.user):
|
and account_form.is_valid() and cof_form.is_valid()
|
||||||
# Permissions ok
|
and user_form.is_valid()):
|
||||||
if all((account_form.is_valid(), cof_form.is_valid(), user_form.is_valid())):
|
|
||||||
data = {}
|
data = {}
|
||||||
# Fill data for Account.save()
|
# Fill data for Account.save()
|
||||||
put_cleaned_data_in_dict(data, user_form)
|
put_cleaned_data_in_dict(data, user_form)
|
||||||
|
@ -250,37 +256,50 @@ def account_update(request, trigramme):
|
||||||
|
|
||||||
# Updating
|
# Updating
|
||||||
account_form.save(data = data)
|
account_form.save(data = data)
|
||||||
if request.user == account.user:
|
|
||||||
messages.success(request,
|
# Checking perm to manage perms
|
||||||
'Vos informations ont été mises à jour')
|
if (request.user.has_perm('kfet.manage_perms')
|
||||||
else:
|
and group_form.is_valid()):
|
||||||
|
group_form.save()
|
||||||
|
|
||||||
|
success = True
|
||||||
messages.success(request,
|
messages.success(request,
|
||||||
'Informations du compte %s mises à jour' % account.trigramme)
|
'Informations du compte %s mises à jour' % account.trigramme)
|
||||||
#return redirect('kfet.account.read', account.trigramme)
|
elif not request.user.has_perm('kfet.change_account'):
|
||||||
|
missing_perm = True
|
||||||
|
|
||||||
|
if request.user == account.user:
|
||||||
|
missing_perm = False
|
||||||
|
user_form = UserRestrictForm(request.POST, instance=account.user)
|
||||||
|
|
||||||
|
if user_form.is_valid():
|
||||||
|
user_form.save()
|
||||||
|
success = True
|
||||||
|
messages.success(request, 'Vos informations ont été mises à jour')
|
||||||
|
|
||||||
|
if missing_perm:
|
||||||
|
messages.error('Permission refusée')
|
||||||
|
if success:
|
||||||
|
return redirect('kfet.account.read', account.trigramme)
|
||||||
else:
|
else:
|
||||||
messages.error(request,
|
messages.error('Informations non mises à jour. Corrigez les erreurs')
|
||||||
'Informations non mises à jour. Corrigez les erreurs')
|
|
||||||
else:
|
|
||||||
# Permissions not ok
|
|
||||||
if request.user.has_perm('kfet.is_team'):
|
|
||||||
account_form = AccountForm(request.POST, instance = account)
|
|
||||||
messages.error(request, 'Permission refusée')
|
|
||||||
else:
|
|
||||||
# No update attempt
|
|
||||||
if request.user.has_perm('kfet.is_team'):
|
|
||||||
account_form = AccountForm(instance = account)
|
|
||||||
else:
|
|
||||||
account_form = AccountRestrictForm(instance = account)
|
|
||||||
cof_form = CofRestrictForm(instance = account.cofprofile)
|
|
||||||
user_form = UserRestrictForm(instance = account.user)
|
|
||||||
|
|
||||||
return render(request, "kfet/account_update.html", {
|
return render(request, "kfet/account_update.html", {
|
||||||
'account' : account,
|
'account' : account,
|
||||||
'account_form' : account_form,
|
'account_form' : account_form,
|
||||||
'cof_form' : cof_form,
|
'cof_form' : cof_form,
|
||||||
'user_form' : user_form,
|
'user_form' : user_form,
|
||||||
|
'group_form' : group_form,
|
||||||
})
|
})
|
||||||
|
|
||||||
|
@permission_required('kfet.manage_perms')
|
||||||
|
def account_group(request):
|
||||||
|
groups = (Group.objects
|
||||||
|
.filter(name__icontains='K-Fêt')
|
||||||
|
.prefetch_related('permissions', 'user_set__profile__account_kfet')
|
||||||
|
)
|
||||||
|
return render(request, 'kfet/account_group.html', { 'groups': groups })
|
||||||
|
|
||||||
# -----
|
# -----
|
||||||
# Checkout views
|
# Checkout views
|
||||||
# -----
|
# -----
|
||||||
|
|
Loading…
Reference in a new issue