From ee2ff8f63134cb39da482de25cd9fbcc9976cb61 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Laura=20Kl=C3=BCnder?= Date: Wed, 20 Dec 2017 22:30:14 +0100 Subject: [PATCH] group permission in control panel for better overview --- src/c3nav/control/templates/control/user.html | 120 +++++++++++++----- src/c3nav/control/views.py | 57 +++++++-- src/c3nav/mapdata/models/access.py | 16 ++- src/c3nav/site/static/site/css/c3nav.scss | 9 +- 4 files changed, 154 insertions(+), 48 deletions(-) diff --git a/src/c3nav/control/templates/control/user.html b/src/c3nav/control/templates/control/user.html index 17a85640..b95575c3 100644 --- a/src/c3nav/control/templates/control/user.html +++ b/src/c3nav/control/templates/control/user.html @@ -57,39 +57,97 @@ {% endif %}

{% trans 'Access Permissions' %}

- {% trans 'Add' as button_label %} - {% include 'control/fragment_access_permissions_form.html' with button_label=button_label %} - {% if user.accesspermissions.all %} -
- {% csrf_token %} - - - - - - - - - - {% for access_permission in user.accesspermissions.all %} + {% if access_restriction %} +

+ {% with restriction_title=access_restriction.title %} + {% blocktrans %}for {{ restriction_title }}{% endblocktrans %} + {% endwith %} – + « {% trans 'back' %} +

+ {% if access_permissions %} + + {% csrf_token %} +
{% trans 'Access Restriction' %}{% trans 'author' %}{% trans 'expires' %}{% trans 'can grant' %}{% trans 'key' %}
- - - - - - {% if request.user_permissions.grant_all_access or request.user == access_permission.author %} - - {% endif %} + + + + + - {% endfor %} -
{{ access_permission.access_restriction.title }} - {% if access_permission.author %} - {{ access_permission.author.username }} - {% endif %} - {% if access_permission.expire_date %}{{ access_permission.expire_date }}{% else %}{% trans 'never' %}{% endif %}{% if access_permission.can_grant %}{% trans 'Yes' %}{% else %}{% trans 'No' %}{% endif %}{% if access_permission.unique_key %}{{ access_permission.unique_key }}{% endif %}{% trans 'author' %}{% trans 'expires' %}{% trans 'can grant' %}{% trans 'key' %}
-
+ {% for permission in user.accesspermissions.all %} + + + {% if permission.author %} + {{ permission.author.username }} + {% endif %} + + + + {% if permission.expire_date %} + {{ permission.expire_date }} + {% else %} + {% trans 'never' %} + {% endif %} + + + + {% if permission.can_grant %} + {% trans 'Yes' %} + {% else %} + {% trans 'No' %} + {% endif %} + + {% if permission.unique_key %}{{ permission.unique_key }}{% endif %} + {% if request.user_permissions.grant_all_access or request.user == permission.author %} + + {% endif %} + + {% endfor %} + + + {% else %} +

{% trans 'none' %}

+ {% endif %} {% else %} -

{% trans 'none' %}

+ {% trans 'Add' as button_label %} + {% include 'control/fragment_access_permissions_form.html' with button_label=button_label %} + {% if access_permissions %} +
+ {% csrf_token %} + + + + + + + + {% for permission in access_permissions %} + + + + + + + {% endfor %} +
{% trans 'Access Restriction' %}{% trans 'expires' %}{% trans 'can grant' %}
{{ permission.title }} + + {% if permission.expire_date %} + {{ permission.expire_date }} + {% else %} + {% trans 'never' %} + {% endif %} + + + {% if permission.can_grant %} + {% trans 'Yes' %} + {% else %} + {% trans 'No' %} + {% endif %} + {% trans 'Details' %}
+
+ {% else %} +

{% trans 'none' %}

+ {% endif %} {% endif %} {% endblock %} diff --git a/src/c3nav/control/views.py b/src/c3nav/control/views.py index 50df2f20..4cee88d7 100644 --- a/src/c3nav/control/views.py +++ b/src/c3nav/control/views.py @@ -12,12 +12,13 @@ from django.db import transaction from django.db.models import Prefetch from django.shortcuts import get_object_or_404, redirect, render from django.urls import reverse +from django.utils import timezone from django.utils.crypto import get_random_string from django.utils.translation import ugettext_lazy as _ from c3nav.control.forms import AccessPermissionForm, AnnouncementForm, UserPermissionsForm from c3nav.control.models import UserPermissions -from c3nav.mapdata.models.access import AccessPermission, AccessPermissionToken +from c3nav.mapdata.models.access import AccessPermission, AccessPermissionToken, AccessRestriction from c3nav.site.models import Announcement @@ -140,18 +141,52 @@ def user_detail(request, user): }) # access permissions - if request.method == 'POST' and request.POST.get('submit_access_permissions'): - form = AccessPermissionForm(request=request, data=request.POST) - if form.is_valid(): - form.get_token().redeem(user) - messages.success(request, _('Access permissions successfully granted.')) - return redirect(request.path_info) + now = timezone.now() + restriction = request.GET.get('restriction') + if restriction and restriction.isdigit(): + restriction = get_object_or_404(AccessRestriction, pk=restriction) + permissions = user.accesspermissions.filter(access_restriction=restriction).order_by('expire_date') + for permission in permissions: + permission.expired = permission.expire_date and permission.expire_date >= now + ctx.update({ + 'access_restriction': restriction, + 'access_permissions': user.accesspermissions.filter( + access_restriction=restriction + ).order_by('expire_date') + }) else: - form = AccessPermissionForm(request=request) + if request.method == 'POST' and request.POST.get('submit_access_permissions'): + form = AccessPermissionForm(request=request, data=request.POST) + if form.is_valid(): + form.get_token().redeem(user) + messages.success(request, _('Access permissions successfully granted.')) + return redirect(request.path_info) + else: + form = AccessPermissionForm(request=request) - ctx.update({ - 'access_permission_form': form - }) + access_permissions = {} + for permission in user.accesspermissions.select_related('access_restriction'): + access_permissions.setdefault(permission.access_restriction_id, []).append(permission) + access_permissions = tuple( + { + 'pk': pk, + 'title': permissions[0].access_restriction.title, + 'can_grant': any(item.can_grant for item in permissions), + 'expire_date': set(item.expire_date for item in permissions), + } for pk, permissions in access_permissions.items() + ) + for permission in access_permissions: + permission['expire_date'] = None if None in permission['expire_date'] else max(permission['expire_date']) + permission['expired'] = permission['expire_date'] and permission['expire_date'] >= now + access_permissions = tuple(sorted( + access_permissions, + key=lambda permission: (1, 0) if permission['expire_date'] is None else (0, permission['expire_date']), + reverse=True + )) + ctx.update({ + 'access_permissions': access_permissions, + 'access_permission_form': form + }) return render(request, 'control/user.html', ctx) diff --git a/src/c3nav/mapdata/models/access.py b/src/c3nav/mapdata/models/access.py index bc1b90fc..8e9b9dfb 100644 --- a/src/c3nav/mapdata/models/access.py +++ b/src/c3nav/mapdata/models/access.py @@ -151,6 +151,14 @@ class AccessPermission(models.Model): def user_access_permission_key(user_id): return 'mapdata:user_access_permission:%d' % user_id + @classmethod + def queryset_for_user(cls, user, can_grant=None): + return user.accesspermissions.filter( + Q(expire_date__isnull=True) | Q(expire_date__gt=timezone.now()) + ).filter( + Q(can_grant=True) if can_grant is not None else Q() + ) + @classmethod def get_for_request_with_expire_date(cls, request, can_grant=None): if not request.user.is_authenticated: @@ -159,11 +167,9 @@ class AccessPermission(models.Model): if request.user_permissions.grant_all_access: return {pk: None for pk in cls.get_all_access_restrictions()} - result = tuple(request.user.accesspermissions.filter( - Q(expire_date__isnull=True) | Q(expire_date__gt=timezone.now()) - ).filter( - Q(can_grant=True) if can_grant is not None else Q() - ).values_list('access_restriction_id', 'expire_date')) + result = tuple( + cls.queryset_for_user(request.user, can_grant).values_list('access_restriction_id', 'expire_date') + ) # collect permissions (can be multiple for one restriction) permissions = {} diff --git a/src/c3nav/site/static/site/css/c3nav.scss b/src/c3nav/site/static/site/css/c3nav.scss index d5e21062..c7f267c2 100644 --- a/src/c3nav/site/static/site/css/c3nav.scss +++ b/src/c3nav/site/static/site/css/c3nav.scss @@ -865,7 +865,7 @@ main.control form tr > * { padding-bottom: 4px; text-align: right; } -.button-cell button { +.button-cell button, .button-cell .button { margin: 0; } @@ -915,3 +915,10 @@ main .narrow form button { button + button { margin-left: 5px; } + +.red { + color: #9c0900; +} +.green { + color: #28b62c; +}