from django.conf import settings
from django.contrib.admin.views.decorators import staff_member_required
from django.contrib.auth.decorators import login_required
-from django.contrib.auth.models import Group
+from django.contrib.auth.models import Group, Permission
from django.core.exceptions import PermissionDenied
from django.db.models import Q, Sum
from django.http import HttpResponse, HttpResponseRedirect
from django.urls import reverse_lazy
from django.utils.timezone import now
-from django.views.generic.base import RedirectView, TemplateView
+from django.utils.translation import ugettext_lazy as _
+from django.views.decorators.http import require_POST
+from django.views.generic.base import RedirectView, TemplateView, View
from django.views.generic.detail import DetailView
-from django.views.generic.edit import CreateView, FormView, UpdateView
+from django.views.generic.edit import CreateView, DeleteView, FormView, UpdateView
from django.views.generic.list import ListView
from .forms import MemberCreateForm, MemberEditForm, MemberEmissionForm, MembershipForm
from .models import Membership, User
+RELEVANT_PERMISSIONS = [
+ ('nonstop.add_track', _('Add tracks to nonstop')),
+ ('emissions.change_nonstop', _('Adjust nonstop schedule')),
+ ('emissions.change_schedule', _('Adjust emissions schedules')),
+ ('emissions.add_diffusion', _('Add a diffusion out of regular schedules')),
+ ('emissions.add_emission', _('Add a new emission')),
+ ('emissions.delete_emission', _('Delete an emission (careful!)')),
+ ('nonstop.add_scheduleddiffusion', _('Define a stream in an episode')),
+ ('nonstop.change_stream', _('Manage available streams')),
+ ('service_messages.change_message', _('Manage service messages')),
+ ('agendas.add_booking', _('Manage agendas')),
+ ('aa.add_user', _('Manage users and goups')),
+]
+
class ProfileView(TemplateView):
template_name = 'aa/profile.html'
register_membership = login_required(RegisterMembershipView.as_view())
+
+
+class GroupsList(ListView):
+ paginate_by = 100
+ template_name = 'aa/groups_list.html'
+
+ def dispatch(self, request, *args, **kwargs):
+ if not self.request.user.has_perm('aa.add_user'):
+ raise PermissionDenied()
+ return super().dispatch(request, *args, **kwargs)
+
+ def get_queryset(self):
+ return Group.objects.order_by('name')
+
+
+groups_list = login_required(GroupsList.as_view())
+
+
+class GroupCreateView(CreateView):
+ model = Group
+ fields = ['name']
+ template_name = 'aa/group_new.html'
+ success_url = reverse_lazy('groups-list')
+
+ def get_object(self):
+ if not self.request.user.has_perm('aa.add_user'):
+ raise PermissionDenied()
+ return super().get_object()
+
+
+group_new = login_required(GroupCreateView.as_view())
+
+
+class GroupDetailView(DetailView):
+ model = Group
+ template_name = 'aa/group_detail.html'
+
+ def get_object(self):
+ if not self.request.user.has_perm('aa.add_user'):
+ raise PermissionDenied()
+ return super().get_object()
+
+ def get_context_data(self, **kwargs):
+ context = super().get_context_data(**kwargs)
+ group = self.get_object()
+ has_perms = [
+ f'{x.content_type.app_label}.{x.codename}' for x in group.permissions.all().select_related()
+ ]
+ context['perms'] = [
+ {'code': x[0], 'label': x[1], 'enabled': x[0] in has_perms} for x in RELEVANT_PERMISSIONS
+ ]
+ return context
+
+
+group_view = login_required(GroupDetailView.as_view())
+
+
+class GroupUpdatePerms(View):
+ def post(self, request, *args, **kwargs):
+ if not request.user.has_perm('aa.add_user'):
+ raise PermissionDenied()
+ group = Group.objects.get(**kwargs)
+ set_permissions = set()
+ unset_permissions = set()
+ for perm in RELEVANT_PERMISSIONS:
+ app_label, codename = perm[0].split('.')
+ perm_obj = Permission.objects.filter(content_type__app_label=app_label, codename=codename).first()
+ if not perm_obj:
+ continue
+ if perm[0] in request.POST.getlist('perms'):
+ group.permissions.add(perm_obj)
+ else:
+ group.permissions.remove(perm_obj)
+ return HttpResponseRedirect(reverse_lazy('groups-list'))
+
+
+group_update_perms = login_required(require_POST(GroupUpdatePerms.as_view()))
+
+
+class GroupDeleteView(DeleteView):
+ model = Group
+ template_name = 'aa/group_confirm_delete.html'
+ success_url = reverse_lazy('groups-list')
+
+ def get_object(self):
+ if not self.request.user.has_perm('aa.add_user'):
+ raise PermissionDenied()
+ return super().get_object()
+
+
+group_delete = login_required(GroupDeleteView.as_view())