Commit 13dc0b24 by Kálmán Viktor

dashboard: permissions form for group edit

parent ff62083a
...@@ -47,6 +47,8 @@ from storage.models import Disk ...@@ -47,6 +47,8 @@ from storage.models import Disk
from vm.models import ( from vm.models import (
InstanceTemplate, Lease, InterfaceTemplate, Node, Trait, Instance InstanceTemplate, Lease, InterfaceTemplate, Node, Trait, Instance
) )
from django.contrib.admin.widgets import FilteredSelectMultiple
from django.contrib.auth.models import Permission
from .models import Profile, GroupProfile from .models import Profile, GroupProfile
from circle.settings.base import LANGUAGES from circle.settings.base import LANGUAGES
from django.utils.translation import string_concat from django.utils.translation import string_concat
...@@ -1181,3 +1183,31 @@ class RawDataForm(forms.ModelForm): ...@@ -1181,3 +1183,31 @@ class RawDataForm(forms.ModelForm):
css_class="btn btn-success", css_class="btn btn-success",
css_id="submit-password-button")) css_id="submit-password-button"))
return helper return helper
permissions_filtered = Permission.objects.exclude(
codename__startswith="add_").exclude(
codename__startswith="delete_").exclude(
codename__startswith="change_")
class GroupPermissionForm(forms.ModelForm):
permissions = forms.ModelMultipleChoiceField(
queryset=permissions_filtered,
widget=FilteredSelectMultiple(_("permissions"), is_stacked=False)
)
class Meta:
model = Group
fields = ('permissions', )
@property
def helper(self):
helper = FormHelper()
helper.form_show_labels = False
helper.form_action = reverse_lazy(
"dashboard.views.group-permissions",
kwargs={'group_pk': self.instance.pk})
helper.add_input(Submit("submit", _("Save"),
css_class="btn btn-success", ))
return helper
...@@ -722,3 +722,28 @@ textarea[name="list-new-namelist"] { ...@@ -722,3 +722,28 @@ textarea[name="list-new-namelist"] {
margin-bottom: 20px; margin-bottom: 20px;
} }
#group-detail-permission .filtered {
margin: 2px 0;
padding: 2px 3px;
vertical-align: middle;
font-family: "Lucida Grande", Verdana, Arial, sans-serif;
font-weight: normal;
font-size: 11px;
border: 1px solid #ccc;
}
#group-detail-permission .selector-available h2,
#group-detail-permission .selector-chosen h2 {
margin: 0;
padding: 5px 8px 5px 8px;
font-size: 12px;
text-align: left;
font-weight: bold;
background: #7CA0C7;
color: white;
}
#group-detail-user-table {
margin-top: 20px;
}
...@@ -48,6 +48,8 @@ ...@@ -48,6 +48,8 @@
{% crispy group_profile_form %} {% crispy group_profile_form %}
</form> </form>
<hr />
<h3>{% trans "User list"|capfirst %} <h3>{% trans "User list"|capfirst %}
{% if perms.auth.add_user %} {% if perms.auth.add_user %}
<a href="{% url "dashboard.views.create-user" group.pk %}" class="btn btn-success pull-right">{% trans "Create user" %}</a> <a href="{% url "dashboard.views.create-user" group.pk %}" class="btn btn-success pull-right">{% trans "Create user" %}</a>
...@@ -100,8 +102,8 @@ ...@@ -100,8 +102,8 @@
</div> </div>
</form> </form>
<hr />
<h3 id="group-detail-perm-header">{% trans "Permissions"|capfirst %}</h3> <h3 id="group-detail-perm-header">{% trans "Access permissions"|capfirst %}</h3>
<form action="{{acl.url}}" method="post">{% csrf_token %} <form action="{{acl.url}}" method="post">{% csrf_token %}
<table class="table table-striped table-with-form-fields table-bordered" id="group-detail-perm-table"> <table class="table table-striped table-with-form-fields table-bordered" id="group-detail-perm-table">
<thead> <thead>
...@@ -172,11 +174,25 @@ ...@@ -172,11 +174,25 @@
</div> </div>
</form> </form>
{% if user.is_superuser %}
<hr />
<script type="text/javascript" src="/static/admin/js/jquery.min.js"></script>
<script type="text/javascript" src="/static/admin/js/jquery.init.js"></script>
{{ group_perm_form.media }}
<h3>{% trans "Group permissions" %}</h3>
<div id="group-detail-permission">
{% crispy group_perm_form %}
</div>
<link rel="stylesheet" type="text/css" href="/static/admin/css/widgets.css" />
{% endif %}
</div> </div>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
<script src="{{ STATIC_URL}}dashboard/group-details.js"></script>
{% endblock %} {% endblock %}
...@@ -38,7 +38,8 @@ from .views import ( ...@@ -38,7 +38,8 @@ from .views import (
get_vm_screenshot, get_vm_screenshot,
ProfileView, toggle_use_gravatar, UnsubscribeFormView, ProfileView, toggle_use_gravatar, UnsubscribeFormView,
UserKeyDelete, UserKeyDetail, UserKeyCreate, UserKeyDelete, UserKeyDetail, UserKeyCreate,
VmTraitsUpdate, VmRawDataUpdate VmTraitsUpdate, VmRawDataUpdate,
GroupPermissionsView,
) )
urlpatterns = patterns( urlpatterns = patterns(
...@@ -168,6 +169,9 @@ urlpatterns = patterns( ...@@ -168,6 +169,9 @@ urlpatterns = patterns(
url(r'^group/(?P<group_pk>\d+)/create/$', url(r'^group/(?P<group_pk>\d+)/create/$',
UserCreationView.as_view(), UserCreationView.as_view(),
name="dashboard.views.create-user"), name="dashboard.views.create-user"),
url(r'^group/(?P<group_pk>\d+)/permissions/$',
GroupPermissionsView.as_view(),
name="dashboard.views.group-permissions"),
url(r'^sshkey/delete/(?P<pk>\d+)/$', url(r'^sshkey/delete/(?P<pk>\d+)/$',
UserKeyDelete.as_view(), UserKeyDelete.as_view(),
......
...@@ -61,7 +61,7 @@ from .forms import ( ...@@ -61,7 +61,7 @@ from .forms import (
UserCreationForm, GroupProfileUpdateForm, UnsubscribeForm, UserCreationForm, GroupProfileUpdateForm, UnsubscribeForm,
VmSaveForm, UserKeyForm, VmSaveForm, UserKeyForm,
CirclePasswordChangeForm, VmCreateDiskForm, VmDownloadDiskForm, CirclePasswordChangeForm, VmCreateDiskForm, VmDownloadDiskForm,
TraitsForm, RawDataForm TraitsForm, RawDataForm, GroupPermissionForm
) )
from .tables import ( from .tables import (
...@@ -807,12 +807,18 @@ class GroupDetailView(CheckedDetailView): ...@@ -807,12 +807,18 @@ class GroupDetailView(CheckedDetailView):
context['acl'] = get_group_acl_data(self.object) context['acl'] = get_group_acl_data(self.object)
context['group_profile_form'] = GroupProfileUpdate.get_form_object( context['group_profile_form'] = GroupProfileUpdate.get_form_object(
self.request, self.object.profile) self.request, self.object.profile)
if self.request.user.is_superuser:
context['group_perm_form'] = GroupPermissionForm(
instance=self.object)
return context return context
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
self.object = self.get_object() self.object = self.get_object()
if not self.get_has_level()(request.user, 'operator'): if not self.get_has_level()(request.user, 'operator'):
raise PermissionDenied() raise PermissionDenied()
if request.POST.get('new_name'): if request.POST.get('new_name'):
return self.__set_name(request) return self.__set_name(request)
if request.POST.get('list-new-name'): if request.POST.get('list-new-name'):
...@@ -874,6 +880,17 @@ class GroupDetailView(CheckedDetailView): ...@@ -874,6 +880,17 @@ class GroupDetailView(CheckedDetailView):
kwargs={'pk': self.object.pk})) kwargs={'pk': self.object.pk}))
class GroupPermissionsView(SuperuserRequiredMixin, UpdateView):
model = Group
form_class = GroupPermissionForm
slug_field = "pk"
slug_url_kwarg = "group_pk"
def get_success_url(self):
return "%s#group-detail-permission" % (
self.get_object().groupprofile.get_absolute_url())
class AclUpdateView(LoginRequiredMixin, View, SingleObjectMixin): class AclUpdateView(LoginRequiredMixin, View, SingleObjectMixin):
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment