update general user permissions

2017-12-08 18:41:48 +01:00 · 2017-12-08 18:41:48 +01:00 · 75381c47e9
commit 75381c47e9
parent 5091061ade
6 changed files with 95 additions and 3 deletions
--- a/src/c3nav/control/forms.py
+++ b/src/c3nav/control/forms.py
@ -0,0 +1,9 @@
+from django.forms import ModelForm
+
+from c3nav.control.models import UserPermissions
+
+
+class UserPermissionsForm(ModelForm):
+    class Meta:
+        model = UserPermissions
+        exclude = ('user', )
--- a/src/c3nav/control/templates/control/base.html
+++ b/src/c3nav/control/templates/control/base.html
@ -6,7 +6,8 @@
 {% block header_title_url %}{% url 'control.index' %}{% endblock %}

 {% block content %}
-<main>
+<main class="control">
+    {% include 'site/fragment_messages.html' %}
    <h2>{% block heading %}{% endblock %}</h2>
    <nav>
        <p>
--- a/src/c3nav/control/templates/control/user.html
+++ b/src/c3nav/control/templates/control/user.html
@ -0,0 +1,25 @@
+{% extends 'control/base.html' %}
+{% load i18n %}
+
+{% block heading %}{{ user.username }}{% endblock %}
+
+{% block subcontent %}
+    <h4>{% trans 'General Permissions' %}</h4>
+    {% if user_permissions_form %}
+        <form method="POST" class="user-permissions-form">
+            {% csrf_token %}
+            {% for field in user_permissions_form %}
+                <label>{{ field }} {{ field.label }}</label>
+            {% endfor %}
+            <button type="submit" name="submit_user_permissions" value="1">{% trans 'Save' %}</button>
+        </form>
+    {% else %}
+        <p>
+            {% for permission_title in user_permissions %}
+                {{ permission_title }},<br>
+            {% empty %}
+                <em>{% trans 'none' %}</em>
+            {% endfor %}
+        </p>
+    {% endif %}
+{% endblock %}
--- a/src/c3nav/control/urls.py
+++ b/src/c3nav/control/urls.py
@ -1,8 +1,9 @@
 from django.conf.urls import url

-from c3nav.control.views import main_index, user_list
+from c3nav.control.views import main_index, user_detail, user_list

 urlpatterns = [
    url(r'^users/$', user_list, name='control.users'),
+    url(r'^users/(?P<user>\d+)/$', user_detail, name='control.users.detail'),
    url(r'^$', main_index, name='control.index'),
 ]
--- a/src/c3nav/control/views.py
+++ b/src/c3nav/control/views.py
@ -1,10 +1,15 @@
 from functools import wraps

+from django.contrib import messages
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth.models import User
 from django.core.exceptions import PermissionDenied
 from django.core.paginator import Paginator
-from django.shortcuts import render
+from django.shortcuts import get_object_or_404, redirect, render
+from django.utils.translation import ugettext_lazy as _
+
+from c3nav.control.forms import UserPermissionsForm
+from c3nav.control.models import UserPermissions


 def control_panel_view(func):
@ -38,3 +43,40 @@ def user_list(request):
    return render(request, 'control/users.html', {
        'users': users,
    })
+
+
+@login_required
+@control_panel_view
+def user_detail(request, user):
+    qs = User.objects.select_related('permissions').prefetch_related('accesspermissions')
+    user = get_object_or_404(qs, pk=user)
+
+    ctx = {
+        'user': user,
+    }
+
+    # user permissions
+    try:
+        permissions = user.permissions
+    except AttributeError:
+        permissions = UserPermissions(user=user)
+    ctx.update({
+        'user_permissions': tuple(
+            field.verbose_name for field in UserPermissions._meta.get_fields()
+            if not field.one_to_one and getattr(permissions, field.attname)
+        )
+    })
+    if request.user_permissions.grant_permissions:
+        if request.method == 'POST' and request.POST.get('submit_user_permissions'):
+            form = UserPermissionsForm(instance=permissions, data=request.POST)
+            if form.is_valid():
+                form.save()
+                messages.success(request, _('General permissions successfully updated.'))
+                return redirect(request.path_info)
+        else:
+            form = UserPermissionsForm(instance=permissions)
+        ctx.update({
+            'user_permissions_form': form
+        })
+
+    return render(request, 'control/user.html', ctx)
--- a/src/c3nav/site/static/site/css/c3nav.css
+++ b/src/c3nav/site/static/site/css/c3nav.css
@ -690,3 +690,17 @@ ul.messages li.alert-danger {
    max-width: 400px;
    vertical-align: top;
 }
+
+main.control p {
+    margin-bottom: 1.0rem;
+}
+main.control h4, main.control h2 {
+    margin-bottom: 0.8rem;
+}
+main.control h4 {
+    margin-top: 2.5rem;
+}
+
+.user-permissions-form label {
+    font-weight: 400;
+}