add management of groups

diff --git a/panikdb/aa/urls.py b/panikdb/aa/urls.py
index bab75b134a4e2852c622db46b7eb93c494507123..9ed9b98f8c118a95a00bc166a8091e197cf217c8 100644 (file)
--- a/panikdb/aa/urls.py
+++ b/panikdb/aa/urls.py
@@ -21,6 +21,11 @@ urlpatterns = [
         views.register_membership,
         name='member-register-membership',
     ),
+    url(r'^members/groups/$', views.groups_list, name='groups-list'),
+    url(r'^members/groups/new/$', views.group_new, name='group-new'),
+    url(r'^members/groups/(?P<pk>\d+)/$', views.group_view, name='group-view'),
+    url(r'^members/groups/(?P<pk>\d+)/perms/$', views.group_update_perms, name='group-update-perms'),
+    url(r'^members/groups/(?P<pk>\d+)/delete/$', views.group_delete, name='group-delete'),
     url(r'^profile/$', views.profile_view, name='profile-view'),
     url(r'^profile/edit/$', views.profile_contact_edit, name='profile-contact-edit'),
 ]

diff --git a/panikdb/aa/views.py b/panikdb/aa/views.py
index ae7267c64e808c4f9fc4bea94dafb4b41a5784b8..8c8237d9a363387a7f044007e27698f1bad55033 100644 (file)
--- a/panikdb/aa/views.py
+++ b/panikdb/aa/views.py
@@ -2,20 +2,36 @@ import vobject
 from django.conf import settings
 from django.contrib.admin.views.decorators import staff_member_required
 from django.contrib.auth.decorators import login_required
-from django.contrib.auth.models import Group
+from django.contrib.auth.models import Group, Permission
 from django.core.exceptions import PermissionDenied
 from django.db.models import Q, Sum
 from django.http import HttpResponse, HttpResponseRedirect
 from django.urls import reverse_lazy
 from django.utils.timezone import now
-from django.views.generic.base import RedirectView, TemplateView
+from django.utils.translation import ugettext_lazy as _
+from django.views.decorators.http import require_POST
+from django.views.generic.base import RedirectView, TemplateView, View
 from django.views.generic.detail import DetailView
-from django.views.generic.edit import CreateView, FormView, UpdateView
+from django.views.generic.edit import CreateView, DeleteView, FormView, UpdateView
 from django.views.generic.list import ListView
 
 from .forms import MemberCreateForm, MemberEditForm, MemberEmissionForm, MembershipForm
 from .models import Membership, User
 
+RELEVANT_PERMISSIONS = [
+    ('nonstop.add_track', _('Add tracks to nonstop')),
+    ('emissions.change_nonstop', _('Adjust nonstop schedule')),
+    ('emissions.change_schedule', _('Adjust emissions schedules')),
+    ('emissions.add_diffusion', _('Add a diffusion out of regular schedules')),
+    ('emissions.add_emission', _('Add a new emission')),
+    ('emissions.delete_emission', _('Delete an emission (careful!)')),
+    ('nonstop.add_scheduleddiffusion', _('Define a stream in an episode')),
+    ('nonstop.change_stream', _('Manage available streams')),
+    ('service_messages.change_message', _('Manage service messages')),
+    ('agendas.add_booking', _('Manage agendas')),
+    ('aa.add_user', _('Manage users and goups')),
+]
+
 
 class ProfileView(TemplateView):
     template_name = 'aa/profile.html'
@@ -271,3 +287,94 @@ class RegisterMembershipView(FormView):
 
 
 register_membership = login_required(RegisterMembershipView.as_view())
+
+
+class GroupsList(ListView):
+    paginate_by = 100
+    template_name = 'aa/groups_list.html'
+
+    def dispatch(self, request, *args, **kwargs):
+        if not self.request.user.has_perm('aa.add_user'):
+            raise PermissionDenied()
+        return super().dispatch(request, *args, **kwargs)
+
+    def get_queryset(self):
+        return Group.objects.order_by('name')
+
+
+groups_list = login_required(GroupsList.as_view())
+
+
+class GroupCreateView(CreateView):
+    model = Group
+    fields = ['name']
+    template_name = 'aa/group_new.html'
+    success_url = reverse_lazy('groups-list')
+
+    def get_object(self):
+        if not self.request.user.has_perm('aa.add_user'):
+            raise PermissionDenied()
+        return super().get_object()
+
+
+group_new = login_required(GroupCreateView.as_view())
+
+
+class GroupDetailView(DetailView):
+    model = Group
+    template_name = 'aa/group_detail.html'
+
+    def get_object(self):
+        if not self.request.user.has_perm('aa.add_user'):
+            raise PermissionDenied()
+        return super().get_object()
+
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        group = self.get_object()
+        has_perms = [
+            f'{x.content_type.app_label}.{x.codename}' for x in group.permissions.all().select_related()
+        ]
+        context['perms'] = [
+            {'code': x[0], 'label': x[1], 'enabled': x[0] in has_perms} for x in RELEVANT_PERMISSIONS
+        ]
+        return context
+
+
+group_view = login_required(GroupDetailView.as_view())
+
+
+class GroupUpdatePerms(View):
+    def post(self, request, *args, **kwargs):
+        if not request.user.has_perm('aa.add_user'):
+            raise PermissionDenied()
+        group = Group.objects.get(**kwargs)
+        set_permissions = set()
+        unset_permissions = set()
+        for perm in RELEVANT_PERMISSIONS:
+            app_label, codename = perm[0].split('.')
+            perm_obj = Permission.objects.filter(content_type__app_label=app_label, codename=codename).first()
+            if not perm_obj:
+                continue
+            if perm[0] in request.POST.getlist('perms'):
+                group.permissions.add(perm_obj)
+            else:
+                group.permissions.remove(perm_obj)
+        return HttpResponseRedirect(reverse_lazy('groups-list'))
+
+
+group_update_perms = login_required(require_POST(GroupUpdatePerms.as_view()))
+
+
+class GroupDeleteView(DeleteView):
+    model = Group
+    template_name = 'aa/group_confirm_delete.html'
+    success_url = reverse_lazy('groups-list')
+
+    def get_object(self):
+        if not self.request.user.has_perm('aa.add_user'):
+            raise PermissionDenied()
+        return super().get_object()
+
+
+group_delete = login_required(GroupDeleteView.as_view())

diff --git a/panikdb/templates/aa/group_confirm_delete.html b/panikdb/templates/aa/group_confirm_delete.html
new file mode 100644 (file)
index 0000000..91523c1
--- /dev/null
+++ b/panikdb/templates/aa/group_confirm_delete.html
@@ -0,0 +1,19 @@
+{% extends "base.html" %}
+{% load i18n %}
+
+{% block appbar %}
+<h2>{{ object }}</h2>
+{% endblock %}
+
+{% block content %}
+
+<form method="post">
+{% csrf_token %}
+<p>
+{% trans "Are you sure you want to delete this group?" %}
+</p>
+<div class="buttons">
+<button class="delete-button">{% trans "Confirm Deletion" %}</button>
+<a class="cancel" href="..">{% trans "Cancel" %}</a>
+</div>
+{% endblock %}

diff --git a/panikdb/templates/aa/group_detail.html b/panikdb/templates/aa/group_detail.html
new file mode 100644 (file)
index 0000000..2cec335
--- /dev/null
+++ b/panikdb/templates/aa/group_detail.html
@@ -0,0 +1,21 @@
+{% extends "aa/groups_list.html" %}
+{% load i18n %}
+
+{% block appbar %}
+<h2>{% trans "Permissions" %}</h2>
+{% endblock %}
+
+{% block content %}
+<form method="POST" action="{% url 'group-update-perms' pk=group.id %}">
+  {% csrf_token %}
+  <ul>
+  {% for perm in perms %}
+  <li><label><input name="perms" type="checkbox" value="{{ perm.code }}" {% if perm.enabled %}checked{% endif %}>{{ perm.label }}</label></li>
+  {% endfor %}
+  </ul>
+  <div class="buttons">
+  <button type="submit">{% trans "Update" %}</button>
+  </div>
+</form>
+
+{% endblock %}

diff --git a/panikdb/templates/aa/group_new.html b/panikdb/templates/aa/group_new.html
new file mode 100644 (file)
index 0000000..17e652d
--- /dev/null
+++ b/panikdb/templates/aa/group_new.html
@@ -0,0 +1,17 @@
+{% extends "base.html" %}
+{% load i18n %}
+
+{% block appbar %}
+<h2>{% trans "New group" %}</h2>
+{% endblock %}
+
+{% block content %}
+
+<form method="post">
+{% csrf_token %}
+{{ form.as_p }}
+<div class="buttons">
+<button>{% trans "Add" %}</button>
+<a class="cancel" href="..">{% trans "Cancel" %}</a>
+</div>
+{% endblock %}

diff --git a/panikdb/templates/aa/groups_list.html b/panikdb/templates/aa/groups_list.html
new file mode 100644 (file)
index 0000000..6c922f9
--- /dev/null
+++ b/panikdb/templates/aa/groups_list.html
@@ -0,0 +1,24 @@
+{% extends "base.html" %}
+{% load i18n %}
+
+{% block appbar %}
+<h2>{% trans "Members" %}</h2>
+{% if perms.aa.add_user %}
+<span class="actions">
+<a rel="popup" href="{% url 'group-new' %}">{% trans 'Add new group' %}</a>
+</span>
+{% endif %}
+{% endblock %}
+
+{% block more-user-links %}{{ block.super }} <a class="icon-members" href="{% url 'members-list-view' %}">Annuaire des membres</a>{% endblock %}
+
+{% block content %}
+<ul class="objects-list single-links layers">
+{% for group in object_list %}
+ <li><a rel="popup" href="{% url 'group-view' pk=group.id %}">{{ group }}</a>
+         <a class="delete" rel="popup" href="{% url 'group-delete' pk=group.id %}">{% trans "remove" %}</a>
+ </li>
+{% endfor %}
+</ul>
+
+{% endblock %}

diff --git a/panikdb/templates/aa/user_list.html b/panikdb/templates/aa/user_list.html
index 4fc12d4200f3ce31e2149a0cc11658d30b42a36d..b4a4d34b80728120c11b240b338f5b29bbd0b663 100644 (file)
--- a/panikdb/templates/aa/user_list.html
+++ b/panikdb/templates/aa/user_list.html
@@ -5,6 +5,7 @@
 <h2>{% trans "Members" %}</h2>
 {% if perms.aa.add_user %}
 <span class="actions">
+<a href="{% url 'groups-list' %}">{% trans 'Manage groups' %}</a>
 <a rel="popup" href="{% url 'member-new' %}">{% trans 'Add new member' %}</a>
 </span>
 {% endif %}