def user_roles(self):
user_roles = [AdminUserRole(domain=self.domain)]
user_roles.extend(
sorted(UserRole.by_domain(self.domain),
key=lambda role: role.name if role.name else '\uFFFF'))
show_es_issue = False
# skip the admin role since it's not editable
for role in user_roles[1:]:
try:
role.hasUsersAssigned = bool(role.ids_of_assigned_users)
except TypeError:
# when query_result['hits'] returns None due to an ES issue
show_es_issue = True
role.has_unpermitted_location_restriction = (
not self.can_restrict_access_by_location
and not role.permissions.access_all_locations)
if show_es_issue:
messages.error(
self.request,
mark_safe(
_("We might be experiencing issues fetching the entire list "
"of user roles right now. This issue is likely temporary and "
"nothing to worry about, but if you keep seeing this for "
"more than a day, please <a href='#modalReportIssue' "
"data-toggle='modal'>Report an Issue</a>.")))
return user_roles
def get_editable_role_choices(domain,
couch_user,
allow_admin_role,
use_qualified_id=True):
"""
:param domain: roles for domain
:param couch_user: user accessing the roles
:param allow_admin_role: to include admin role, in case user is admin
:param use_qualified_id: use role's qualified id as the id for the choice else the db id
"""
def role_to_choice(role):
return (role.get_qualified_id() if use_qualified_id else role.get_id,
role.name or _('(No Name)'))
roles = UserRole.by_domain(domain)
if not couch_user.is_domain_admin(domain):
try:
user_role = couch_user.get_role(domain)
except DomainMembershipError:
user_role = None
user_role_id = user_role.get_id if user_role else None
roles = [
role for role in roles
if role.accessible_by_non_admin_role(user_role_id)
]
elif allow_admin_role:
roles = [AdminUserRole(domain=domain)] + roles
return [role_to_choice(role) for role in roles]
def _get_editable_role_choices(domain, couch_user, allow_admin_role):
def role_to_choice(role):
return (role.get_qualified_id(), role.name or _('(No Name)'))
roles = UserRole.by_domain(domain)
if not couch_user.is_domain_admin(domain):
roles = [role for role in roles if role.is_non_admin_editable]
elif allow_admin_role:
roles = [AdminUserRole(domain=domain)] + roles
return [role_to_choice(role) for role in roles]
def user_roles(self):
user_roles = [AdminUserRole(domain=self.domain)]
user_roles.extend(sorted(UserRole.by_domain(self.domain),
key=lambda role: role.name if role.name else u'\uFFFF'))
# indicate if a role has assigned users, skip admin role
for i in range(1, len(user_roles)):
role = user_roles[i]
role.__setattr__('hasUsersAssigned',
True if len(role.ids_of_assigned_users) > 0 else False)
return user_roles
def user_roles(self):
user_roles = [AdminUserRole(domain=self.domain)]
user_roles.extend(
sorted(UserRole.by_domain(self.domain),
key=lambda role: role.name if role.name else u'\uFFFF'))
# skip the admin role since it's not editable
for role in user_roles[1:]:
role.hasUsersAssigned = bool(role.ids_of_assigned_users)
role.has_unpermitted_location_restriction = (
not self.can_restrict_access_by_location
and not role.permissions.access_all_locations)
return user_roles
def web_users(request, domain, template="users/web_users.html"):
context = _users_context(request, domain)
user_roles = [AdminUserRole(domain=domain)]
user_roles.extend(sorted(UserRole.by_domain(domain), key=lambda role: role.name if role.name else u'\uFFFF'))
role_labels = {}
for r in user_roles:
key = 'user-role:%s' % r.get_id if r.get_id else r.get_qualified_id()
role_labels[key] = r.name
invitations = DomainInvitation.by_domain(domain)
for invitation in invitations:
invitation.role_label = role_labels.get(invitation.role, "")
context.update({
'user_roles': user_roles,
'default_role': UserRole.get_default(),
'report_list': get_possible_reports(domain),
'invitations': invitations
})
return render(request, template, context)
