def get_form(self):
"""
Set available user permissions
"""
return self.form_class(available_roles=get_permission_list(
self.request.user),
**self.get_form_kwargs())
def get_form(self):
"""
Set available user permissions
"""
form = self.form_class(available_roles=get_permission_list(self.request.user),
**self.get_form_kwargs())
form.helper = FormHelper()
form.helper.form_id = slugify(self.request.path)
form.helper.form_method = 'post'
form.helper.form_action = self.request.path
form.helper.add_input(Submit('submit', self.submit_text, css_class='btn-success btn-block'))
form.helper.form_class = 'wger-form'
return form
def gym_permissions_user_edit(request, user_pk):
"""
Edits the permissions of a gym member
"""
member = get_object_or_404(User, pk=user_pk)
user = request.user
if not user.is_authenticated:
return HttpResponseForbidden()
if not user.has_perm('gym.manage_gyms') and not user.has_perm(
'gym.manage_gym'):
return HttpResponseForbidden()
if user.has_perm('gym.manage_gym'
) and user.userprofile.gym != member.userprofile.gym:
return HttpResponseForbidden()
# Calculate available user permissions
form_group_permission = get_permission_list(user)
if request.method == 'POST':
form = GymUserPermissionForm(available_roles=form_group_permission,
data=request.POST)
if form.is_valid():
# Remove the user from all gym permission groups
member.groups.remove(Group.objects.get(name='gym_member'))
member.groups.remove(Group.objects.get(name='gym_trainer'))
member.groups.remove(Group.objects.get(name='gym_manager'))
member.groups.remove(Group.objects.get(name='general_gym_manager'))
# Set appropriate permission groups
if 'user' in form.cleaned_data['role']:
member.groups.add(Group.objects.get(name='gym_member'))
if 'trainer' in form.cleaned_data['role']:
member.groups.add(Group.objects.get(name='gym_trainer'))
if 'admin' in form.cleaned_data['role']:
member.groups.add(Group.objects.get(name='gym_manager'))
if 'manager' in form.cleaned_data['role']:
member.groups.add(
Group.objects.get(name='general_gym_manager'))
return HttpResponseRedirect(
reverse('gym:gym:user-list',
kwargs={'pk': member.userprofile.gym.pk}))
else:
initial_data = {}
if member.groups.filter(name='gym_member').exists():
initial_data['user'] = True
if member.groups.filter(name='gym_trainer').exists():
initial_data['trainer'] = True
if member.groups.filter(name='gym_manager').exists():
initial_data['admin'] = True
if member.groups.filter(name='general_gym_manager').exists():
initial_data['manager'] = True
form = GymUserPermissionForm(initial={'role': initial_data},
available_roles=form_group_permission)
context = {}
context['title'] = member.get_full_name()
context['form'] = form
context['extend_template'] = 'base_empty.html' if request.is_ajax(
) else 'base.html'
context['submit_text'] = 'Save'
return render(request, 'form.html', context)
def get_form(self):
'''
Set available user permissions
'''
return self.form_class(available_roles=get_permission_list(self.request.user),
**self.get_form_kwargs())
def gym_permissions_user_edit(request, user_pk):
'''
Edits the permissions of a gym member
'''
member = get_object_or_404(User, pk=user_pk)
user = request.user
if not user.is_authenticated():
return HttpResponseForbidden()
if not user.has_perm('gym.manage_gyms') and not user.has_perm('gym.manage_gym'):
return HttpResponseForbidden()
if user.has_perm('gym.manage_gym') and user.userprofile.gym != member.userprofile.gym:
return HttpResponseForbidden()
# Calculate available user permissions
form_group_permission = get_permission_list(user)
if request.method == 'POST':
form = GymUserPermisssionForm(request.POST,
available_roles=form_group_permission)
if form.is_valid():
# Remove the user from all gym permission groups
member.groups.remove(Group.objects.get(name='gym_member'))
member.groups.remove(Group.objects.get(name='gym_trainer'))
member.groups.remove(Group.objects.get(name='gym_manager'))
member.groups.remove(Group.objects.get(name='general_gym_manager'))
# Set appropriate permission groups
if 'user' in form.cleaned_data['role']:
member.groups.add(Group.objects.get(name='gym_member'))
if 'trainer' in form.cleaned_data['role']:
member.groups.add(Group.objects.get(name='gym_trainer'))
if 'admin' in form.cleaned_data['role']:
member.groups.add(Group.objects.get(name='gym_manager'))
if 'manager' in form.cleaned_data['role']:
member.groups.add(Group.objects.get(name='general_gym_manager'))
return HttpResponseRedirect(reverse('gym:gym:user-list',
kwargs={'pk': member.userprofile.gym.pk}))
else:
initial_data = {}
if member.groups.filter(name='gym_member').exists():
initial_data['user'] = True
if member.groups.filter(name='gym_trainer').exists():
initial_data['trainer'] = True
if member.groups.filter(name='gym_manager').exists():
initial_data['admin'] = True
if member.groups.filter(name='general_gym_manager').exists():
initial_data['manager'] = True
form = GymUserPermisssionForm(initial={'role': initial_data},
available_roles=form_group_permission)
context = {}
context['title'] = member.get_full_name()
context['form'] = form
context['form_action'] = reverse('gym:gym:edit-user-permission', kwargs={'user_pk': member.pk})
context['extend_template'] = 'base_empty.html' if request.is_ajax() else 'base.html'
context['submit_text'] = 'Save'
return render(request, 'form.html', context)
