def user(request, userId): managedUser = get_object_or_404(User, id=userId) permissions = [ perm.codename for perm in managedUser.user_permissions.all() ] if managedUser.is_superuser: permissions.append("is_superuser") #endif if request.method == "POST": form = GlobalPermissionsForm(request.POST) if form.is_valid(): data = form.cleaned_data if request.user.is_superuser: managedUser.is_superuser = data['is_superuser'] #endif toAdd = [] toRemove = [] for field in data: if data[field]: toAdd.append(field) else: toRemove.append(field) #endif #endfor # This permissions we add to user toAddPerms = [ perm for perm in Permission.objects.filter(codename__in=toAdd) ] managedUser.user_permissions.add(*toAddPerms) # This permissions we remove from user toRemovePerms = [ perm for perm in Permission.objects.filter(codename__in=toRemove) ] managedUser.user_permissions.remove(*toRemovePerms) managedUser.save() # Redirect back on manage user page return HttpResponseRedirect( reverse("accounts:permissions_user", kwargs={ "userId": managedUser.id }) ) #endif else: form = GlobalPermissionsForm() initial = {} for field in form.fields: initial[field] = bool(field in permissions) #endfor form.initial = initial #endif return render_to_response( "accounts/permissions/user.html", { "managedUser": managedUser, "form": form }, context_instance=RequestContext(request) )
def show(request, userId): managedUser = get_object_or_404(User, id=userId) form = GlobalPermissionsForm() userPermissions = [ perm.codename for perm in managedUser.user_permissions.all() ] groupsPermissions = {} for group in managedUser.groups.all(): groupsPermissions[group] = [ perm.codename for perm in group.permissions.all() ] #endfor permissions = [] for field in form.fields: groupPerm = [] for group in groupsPermissions: if field in groupsPermissions[group]: groupPerm.append("<a href=\"%s\">%s</a>" \ % (reverse("accounts:permissions_group", kwargs={ "groupId": group.id}), group.name)) #endif #endif if field == "is_superuser": userPerm = managedUser.is_superuser else: userPerm = field in userPermissions #endif permissions.append({ "label": unicode(form.fields[field].label), "has": userPerm or len(groupPerm), "user": userPerm, "groups": groupPerm }) #endfor return render_to_response( "accounts/permissions/show.html", { "managedUser": managedUser, "permissions": permissions }, context_instance=RequestContext(request) )