Ajout groupes K-Fêt utilisateurs en lecture

- Pour voir les groupes, il faut la permission `kfet.manage_perms`
- Pour modifier les groupes auxquels fait parti un compte, il la faut
  également
This commit is contained in:
Aurélien Delobelle 2016-08-21 02:53:35 +02:00
parent 8507072c8f
commit e64a443fb3
9 changed files with 198 additions and 67 deletions

View file

@ -1,6 +1,6 @@
from django import forms from django import forms
from django.core.exceptions import ValidationError from django.core.exceptions import ValidationError
from django.contrib.auth.models import User from django.contrib.auth.models import User, Group
from django.forms import modelformset_factory from django.forms import modelformset_factory
from kfet.models import (Account, Checkout, Article, OperationGroup, Operation, from kfet.models import (Account, Checkout, Article, OperationGroup, Operation,
CheckoutStatement) CheckoutStatement)
@ -78,9 +78,20 @@ class UserForm(forms.ModelForm):
} }
class UserRestrictForm(UserForm): class UserRestrictForm(UserForm):
class Meta(UserForm.Meta):
fields = ['first_name', 'last_name']
class UserRestrictTeamForm(UserForm):
class Meta(UserForm.Meta): class Meta(UserForm.Meta):
fields = ['first_name', 'last_name', 'email'] fields = ['first_name', 'last_name', 'email']
class UserGroupForm(forms.ModelForm):
groups = forms.ModelMultipleChoiceField(
Group.objects.filter(name__icontains='K-Fêt'))
class Meta:
model = User
fields = ['groups']
# ----- # -----
# Checkout forms # Checkout forms
# ----- # -----

View file

@ -0,0 +1,18 @@
# -*- coding: utf-8 -*-
from __future__ import unicode_literals
from django.db import models, migrations
class Migration(migrations.Migration):
dependencies = [
('kfet', '0029_genericteamtoken'),
]
operations = [
migrations.AlterModelOptions(
name='globalpermissions',
options={'permissions': (('is_team', 'Is part of the team'), ('perform_deposit', 'Effectuer une charge'), ('perform_negative_operations', 'Enregistrer des commandes en négatif'), ('override_frozen_protection', "Forcer le gel d'un compte"), ('cancel_old_operations', 'Annuler des commandes non récentes'), ('manage_perms', 'Gérer les permissions K-Fêt')), 'managed': False},
),
]

View file

@ -79,12 +79,7 @@ class Account(models.Model):
@property @property
def name(self): def name(self):
if self.first_name and self.last_name: return self.user.get_full_name()
return '%s %s' % (self.first_name, self.last_name)
elif self.first_name:
return self.first_name
else:
return self.last_name
@property @property
def is_cash(self): def is_cash(self):
@ -488,6 +483,7 @@ class GlobalPermissions(models.Model):
'Enregistrer des commandes en négatif'), 'Enregistrer des commandes en négatif'),
('override_frozen_protection', "Forcer le gel d'un compte"), ('override_frozen_protection', "Forcer le gel d'un compte"),
('cancel_old_operations', 'Annuler des commandes non récentes'), ('cancel_old_operations', 'Annuler des commandes non récentes'),
('manage_perms', 'Gérer les permissions K-Fêt')
) )
class Settings(models.Model): class Settings(models.Model):

View file

@ -55,10 +55,6 @@ a:focus, a:hover {
padding:0; padding:0;
} }
/*.col-content-left {
position:fixed;
}*/
.content-left-top { .content-left-top {
background:#fff; background:#fff;
padding:10px 30px; padding:10px 30px;
@ -102,6 +98,22 @@ a:focus, a:hover {
margin:0 15px; margin:0 15px;
} }
.content-right-block {
padding-bottom:5px;
}
.content-right-block:last-child {
padding-bottom:15px;
}
.content-right-block > div {
background:#fff;
}
.content-right-block > div.row {
margin:0;
}
.content-right-block h2 { .content-right-block h2 {
margin:20px 20px 15px; margin:20px 20px 15px;
padding-bottom:5px; padding-bottom:5px;
@ -109,6 +121,14 @@ a:focus, a:hover {
font-size:40px; font-size:40px;
} }
.content-right-block h3 {
border-bottom: 1px solid #c8102e;
margin: 20px 15px 15px;
padding-bottom: 10px;
padding-left: 20px;
font-size:25px;
}
.content-right-block table { .content-right-block table {
width:100%; width:100%;
} }

View file

@ -6,21 +6,34 @@
{% block content %} {% block content %}
<div class="row"> <div class="row">
<div class="col-lg-12"> <div class="col-sm-4 col-md-3 col-content-left">
<div class="btn-group btn-group-lg"> <div class="content-left">
<a class="btn btn-primary" href="{% url 'kfet.account.create' %}">Créer un compte</a> <div class="content-left-top text-center">
<div class="line">{{ accounts|length|add:-1 }} comptes</div>
</div>
<div class="buttons">
<a class="btn btn-primary btn-lg" href="{% url 'kfet.account.create' %}">Créer un compte</a>
<a class="btn btn-primary btn-lg" href="{% url 'kfet.account.group' %}">Permissions</a>
</div>
</div>
</div>
<div class="col-sm-8 col-md-9 col-content-right">
{% include 'kfet/base_messages.html' %}
<div class="content-right">
<div class="content-right-block">
<h2>Liste des comptes</h2>
<div>
<ul>
{% for account in accounts %}
<li>
<a href="{% url 'kfet.account.read' account.trigramme %}">{{ account }}</a>
</li>
{% endfor %}
</ul>
</div>
</div>
</div> </div>
</div> </div>
</div> </div>
<ul>
{% for account in accounts %}
<li>
<a href="{% url 'kfet.account.read' account.trigramme %}">
{{ account }}
</a>
</li>
{% endfor %}
</ul>
{% endblock %} {% endblock %}

View file

@ -0,0 +1,49 @@
{% extends 'kfet/base.html' %}
{% block title %}Groupes de comptes{% endblock %}
{% block content-header-title %}Groupes de comptes{% endblock %}
{% block content %}
<div class="row">
<div class="col-sm-4 col-md-3 col-content-left">
<div class="content-left">
<div class="content-left-top text-center">
<div class="line"></div>
</div>
<div class="buttons">
<a class="btn btn-primary btn-lg" href="">Créer un groupe</a>
</div>
</div>
</div>
<div class="col-sm-8 col-md-9 col-content-right">
{% include 'kfet/base_messages.html' %}
<div class="content-right">
{% for group in groups %}
<div class="content-right-block">
<h2>{{ group.name }}</h2>
<div class="row">
<div class="col-sm-6">
<h3>Permissions</h3>
<ul>
{% for perm in group.permissions.all %}
<li>{{ perm.name }}</li>
{% endfor %}
</ul>
</div>
<div class="col-sm-6">
<h3>Comptes</h3>
<ul>
{% for user in group.user_set.all %}
<li>{{ user.profile.account_kfet }}</li>
{% endfor %}
</ul>
</div>
</div>
</div>
{% endfor %}
</div>
</div>
</div>
{% endblock %}

View file

@ -33,6 +33,7 @@
{{ user_form.as_p }} {{ user_form.as_p }}
{{ cof_form.as_p }} {{ cof_form.as_p }}
{{ account_form.as_p }} {{ account_form.as_p }}
{{ group_form.as_p }}
{% if perms.kfet.is_team and not perms.kfet.change_account %} {% if perms.kfet.is_team and not perms.kfet.change_account %}
<input type="password" name="KFETPASSWORD"> <input type="password" name="KFETPASSWORD">
{% endif %} {% endif %}

View file

@ -39,6 +39,10 @@ urlpatterns = [
url(r'^accounts/(?P<trigramme>.{3})/edit$', views.account_update, url(r'^accounts/(?P<trigramme>.{3})/edit$', views.account_update,
name = 'kfet.account.update'), name = 'kfet.account.update'),
# Account - Groups
url(r'^accounts/groups$', views.account_group,
name = 'kfet.account.group'),
# ----- # -----
# Checkout urls # Checkout urls
# ----- # -----

View file

@ -7,7 +7,7 @@ from django.contrib import messages
from django.contrib.messages.views import SuccessMessageMixin from django.contrib.messages.views import SuccessMessageMixin
from django.contrib.auth import authenticate, login from django.contrib.auth import authenticate, login
from django.contrib.auth.decorators import login_required, permission_required from django.contrib.auth.decorators import login_required, permission_required
from django.contrib.auth.models import User, Permission from django.contrib.auth.models import User, Permission, Group
from django.http import HttpResponse, JsonResponse, Http404 from django.http import HttpResponse, JsonResponse, Http404
from django.forms import modelformset_factory from django.forms import modelformset_factory
from django.db import IntegrityError, transaction from django.db import IntegrityError, transaction
@ -19,7 +19,6 @@ from kfet.models import (Account, Checkout, Article, Settings, AccountNegative,
CheckoutStatement, GenericTeamToken) CheckoutStatement, GenericTeamToken)
from kfet.forms import * from kfet.forms import *
from collections import defaultdict from collections import defaultdict
from channels import Group
from kfet import consumers from kfet import consumers
from datetime import timedelta from datetime import timedelta
import django_cas_ng import django_cas_ng
@ -78,7 +77,6 @@ def account_create(request):
# A envoyer au template # A envoyer au template
data_template = { data_template = {
'account_trigramme_form': AccountTriForm(), 'account_trigramme_form': AccountTriForm(),
'errors' : {},
} }
# Enregistrement # Enregistrement
@ -102,12 +100,6 @@ def account_create(request):
trigramme_form = AccountTriForm(request.POST) trigramme_form = AccountTriForm(request.POST)
account_form = AccountNoTriForm(request.POST) account_form = AccountNoTriForm(request.POST)
# Ajout des erreurs pour le template
data_template['errors']['user_form'] = user_form.errors
data_template['errors']['cof_form'] = cof_form.errors
data_template['errors']['trigramme_form'] = trigramme_form.errors
data_template['errors']['account_form'] = account_form.errors
if all((user_form.is_valid(), cof_form.is_valid(), if all((user_form.is_valid(), cof_form.is_valid(),
trigramme_form.is_valid(), account_form.is_valid())): trigramme_form.is_valid(), account_form.is_valid())):
data = {} data = {}
@ -123,6 +115,11 @@ def account_create(request):
except Account.UserHasAccount as e: except Account.UserHasAccount as e:
messages.error(request, \ messages.error(request, \
"Cet utilisateur a déjà un compte K-Fêt : %s" % e.trigramme) "Cet utilisateur a déjà un compte K-Fêt : %s" % e.trigramme)
else:
messages.error(request, user_form.errors)
messages.error(request, cof_form.errors)
messages.error(request, trigramme_form.errors)
messages.error(request, account_form.errors)
return render(request, "kfet/account_create.html", data_template) return render(request, "kfet/account_create.html", data_template)
@ -227,22 +224,31 @@ def account_update(request, trigramme):
and request.user != account.user: and request.user != account.user:
raise PermissionDenied raise PermissionDenied
if request.user.has_perm('kfet.is_team'):
user_form = UserRestrictTeamForm(instance=account.user)
group_form = UserGroupForm(instance=account.user)
account_form = AccountForm(instance=account)
cof_form = CofRestrictForm(instance=account.cofprofile)
else:
user_form = UserRestrictForm(instance=account.user)
account_form = None
cof_form = None
group_form = None
if request.method == "POST": if request.method == "POST":
# Update attempt # Update attempt
success = False
missing_perm = False
# Peuplement des forms if request.user.has_perm('kfet.is_team'):
if request.user.has_perm('kfet.change_account'): account_form = AccountForm(request.POST, instance=account)
account_form = AccountForm(request.POST, instance = account)
else:
account_form = AccountRestrictForm(request.POST, instance = account)
cof_form = CofRestrictForm(request.POST, instance=account.cofprofile) cof_form = CofRestrictForm(request.POST, instance=account.cofprofile)
user_form = UserRestrictForm(request.POST, instance=account.user) user_form = UserRestrictTeamForm(request.POST, instance=account.user)
group_form = UserGroupForm(request.POST, instance=account.user)
# Checking permissions
if (request.user.has_perm('kfet.change_account') if (request.user.has_perm('kfet.change_account')
or request.user == account.user): and account_form.is_valid() and cof_form.is_valid()
# Permissions ok and user_form.is_valid()):
if all((account_form.is_valid(), cof_form.is_valid(), user_form.is_valid())):
data = {} data = {}
# Fill data for Account.save() # Fill data for Account.save()
put_cleaned_data_in_dict(data, user_form) put_cleaned_data_in_dict(data, user_form)
@ -250,37 +256,50 @@ def account_update(request, trigramme):
# Updating # Updating
account_form.save(data = data) account_form.save(data = data)
if request.user == account.user:
messages.success(request, # Checking perm to manage perms
'Vos informations ont été mises à jour') if (request.user.has_perm('kfet.manage_perms')
else: and group_form.is_valid()):
group_form.save()
success = True
messages.success(request, messages.success(request,
'Informations du compte %s mises à jour' % account.trigramme) 'Informations du compte %s mises à jour' % account.trigramme)
#return redirect('kfet.account.read', account.trigramme) elif not request.user.has_perm('kfet.change_account'):
missing_perm = True
if request.user == account.user:
missing_perm = False
user_form = UserRestrictForm(request.POST, instance=account.user)
if user_form.is_valid():
user_form.save()
success = True
messages.success(request, 'Vos informations ont été mises à jour')
if missing_perm:
messages.error('Permission refusée')
if success:
return redirect('kfet.account.read', account.trigramme)
else: else:
messages.error(request, messages.error('Informations non mises à jour. Corrigez les erreurs')
'Informations non mises à jour. Corrigez les erreurs')
else:
# Permissions not ok
if request.user.has_perm('kfet.is_team'):
account_form = AccountForm(request.POST, instance = account)
messages.error(request, 'Permission refusée')
else:
# No update attempt
if request.user.has_perm('kfet.is_team'):
account_form = AccountForm(instance = account)
else:
account_form = AccountRestrictForm(instance = account)
cof_form = CofRestrictForm(instance = account.cofprofile)
user_form = UserRestrictForm(instance = account.user)
return render(request, "kfet/account_update.html", { return render(request, "kfet/account_update.html", {
'account' : account, 'account' : account,
'account_form' : account_form, 'account_form' : account_form,
'cof_form' : cof_form, 'cof_form' : cof_form,
'user_form' : user_form, 'user_form' : user_form,
'group_form' : group_form,
}) })
@permission_required('kfet.manage_perms')
def account_group(request):
groups = (Group.objects
.filter(name__icontains='K-Fêt')
.prefetch_related('permissions', 'user_set__profile__account_kfet')
)
return render(request, 'kfet/account_group.html', { 'groups': groups })
# ----- # -----
# Checkout views # Checkout views
# ----- # -----