Beispiel #1
0
def user(request, userId):
    managedUser = get_object_or_404(User, id=userId)

    permissions = [ perm.codename for perm in managedUser.user_permissions.all() ]
    if managedUser.is_superuser:
        permissions.append("is_superuser")
    #endif

    if request.method == "POST":
        form = GlobalPermissionsForm(request.POST)
        if form.is_valid():
            data = form.cleaned_data

            if request.user.is_superuser:
                managedUser.is_superuser = data['is_superuser']
            #endif

            toAdd = []
            toRemove = []

            for field in data:
                if data[field]:
                    toAdd.append(field)
                else:
                    toRemove.append(field)
                #endif
            #endfor

            # This permissions we add to user
            toAddPerms = [ perm for perm in Permission.objects.filter(codename__in=toAdd) ]
            managedUser.user_permissions.add(*toAddPerms)

            # This permissions we remove from user
            toRemovePerms = [ perm for perm in Permission.objects.filter(codename__in=toRemove) ]
            managedUser.user_permissions.remove(*toRemovePerms)

            managedUser.save()

            # Redirect back on manage user page
            return HttpResponseRedirect(
                reverse("accounts:permissions_user", kwargs={ "userId": managedUser.id })
            )
        #endif
    else:
        form = GlobalPermissionsForm()
        initial = {}
        for field in form.fields:
            initial[field] = bool(field in permissions)
        #endfor
        form.initial = initial
    #endif

    return render_to_response(
        "accounts/permissions/user.html",
        {
            "managedUser":      managedUser,
            "form":             form
        },
        context_instance=RequestContext(request)
    )
Beispiel #2
0
def show(request, userId):
    managedUser = get_object_or_404(User, id=userId)

    form = GlobalPermissionsForm()

    userPermissions = [ perm.codename for perm in managedUser.user_permissions.all() ]
    groupsPermissions = {}
    for group in managedUser.groups.all():
        groupsPermissions[group] = [ perm.codename for perm in group.permissions.all() ]
    #endfor

    permissions = []
    for field in form.fields:
        groupPerm = []
        for group in groupsPermissions:
            if field in groupsPermissions[group]:
                groupPerm.append("<a href=\"%s\">%s</a>" \
                    % (reverse("accounts:permissions_group", kwargs={ "groupId": group.id}), group.name))
            #endif
        #endif

        if field == "is_superuser":
            userPerm = managedUser.is_superuser
        else:
            userPerm = field in userPermissions
        #endif

        permissions.append({
            "label":    unicode(form.fields[field].label),
            "has":      userPerm or len(groupPerm),
            "user":     userPerm,
            "groups":   groupPerm
        })
    #endfor

    return render_to_response(
        "accounts/permissions/show.html",
        {
            "managedUser":      managedUser,
            "permissions":      permissions
        },
        context_instance=RequestContext(request)
    )