team-3/src/c3nav/control/views.py

103 lines
3.2 KiB
Python
Raw Normal View History

from functools import wraps
2017-12-08 18:41:48 +01:00
from django.contrib import messages
from django.contrib.auth.decorators import login_required
2017-12-08 17:42:32 +01:00
from django.contrib.auth.models import User
from django.core.exceptions import PermissionDenied
2017-12-08 17:42:32 +01:00
from django.core.paginator import Paginator
2017-12-08 21:31:53 +01:00
from django.db.models import Prefetch
2017-12-08 18:41:48 +01:00
from django.shortcuts import get_object_or_404, redirect, render
from django.utils.translation import ugettext_lazy as _
2017-12-08 21:31:53 +01:00
from c3nav.control.forms import AccessPermissionForm, UserPermissionsForm
2017-12-08 18:41:48 +01:00
from c3nav.control.models import UserPermissions
2017-12-08 21:31:53 +01:00
from c3nav.mapdata.models.access import AccessPermission
2017-12-08 15:21:33 +01:00
def control_panel_view(func):
@wraps(func)
2017-12-08 17:42:32 +01:00
def wrapped_func(request, *args, **kwargs):
if not request.user_permissions.control_panel:
raise PermissionDenied
2017-12-08 17:42:32 +01:00
return func(request, *args, **kwargs)
return login_required(login_url='site.login')(wrapped_func)
2017-12-08 17:42:32 +01:00
@login_required
@control_panel_view
2017-12-08 15:21:33 +01:00
def main_index(request):
return render(request, 'control/index.html', {})
2017-12-08 17:42:32 +01:00
@login_required
@control_panel_view
def user_list(request):
search = request.GET.get('s')
page = request.GET.get('page', 1)
queryset = User.objects.order_by('id')
if search:
queryset = queryset.filter(username__icontains=search.strip())
paginator = Paginator(queryset, 20)
users = paginator.page(page)
return render(request, 'control/users.html', {
'users': users,
})
2017-12-08 18:41:48 +01:00
@login_required
@control_panel_view
def user_detail(request, user):
2017-12-08 21:31:53 +01:00
qs = User.objects.select_related(
'permissions',
).prefetch_related(
Prefetch('accesspermissions', AccessPermission.objects.select_related('access_restriction'))
)
2017-12-08 18:41:48 +01:00
user = get_object_or_404(qs, pk=user)
ctx = {
'user': user,
}
# user permissions
try:
permissions = user.permissions
except AttributeError:
permissions = UserPermissions(user=user)
ctx.update({
'user_permissions': tuple(
field.verbose_name for field in UserPermissions._meta.get_fields()
if not field.one_to_one and getattr(permissions, field.attname)
)
})
if request.user_permissions.grant_permissions:
if request.method == 'POST' and request.POST.get('submit_user_permissions'):
form = UserPermissionsForm(instance=permissions, data=request.POST)
if form.is_valid():
form.save()
messages.success(request, _('General permissions successfully updated.'))
return redirect(request.path_info)
else:
form = UserPermissionsForm(instance=permissions)
ctx.update({
'user_permissions_form': form
})
2017-12-08 21:31:53 +01:00
# access permissions
if request.method == 'POST' and request.POST.get('submit_access_permissions'):
form = AccessPermissionForm(request=request, data=request.POST)
if form.is_valid():
form.save(user)
messages.success(request, _('Access permissions successfully updated.'))
return redirect(request.path_info)
else:
form = AccessPermissionForm(request=request)
ctx.update({
2017-12-08 21:46:24 +01:00
'access_permission_form': form
2017-12-08 21:31:53 +01:00
})
2017-12-08 18:41:48 +01:00
return render(request, 'control/user.html', ctx)