def groupadd(request): if request.method == 'POST': logger.info(request.POST) form = GroupForm(request.POST) if form.is_valid(): form.save() for user in request.POST.getlist('users'): user = User.objects.get(id=user) user.groups.add(form.instance) user.save() #request.user.groups.add(form.instance) owners = form.data.getlist('owners') permission = permissions.get_or_set_owner_permission( form.instance.id, form.instance.name) logger.info(permission) for user in User.objects.filter(id__in=owners): user.groups.add(form.instance) user.user_permissions.add(permission) user.save() logger.info(user.has_perm('auth.is_owner_' + str(form.instance.id))) # request.user.groups.add(form.instance) return HttpResponseRedirect(reverse('staff.views.home')) else: form = GroupForm() return render(request, 'staff_groupedit.html', {'form': form})
def groupadd(request): if request.method == 'POST': form = GroupForm(request.POST) if form.is_valid(): form.save() request.user.groups.add(form.instance) return HttpResponseRedirect(reverse('staff.views.home')) else: form = GroupForm() return render(request, 'staff_groupedit.html', {'form': form})
def groupedit(request, gid): group = get_object_or_404(Group, pk=gid) if request.method == 'POST': form = GroupForm(request.POST, instance=group) if form.is_valid(): form.save() return HttpResponseRedirect(reverse('staff.views.home')) else: form = GroupForm(instance=group) return render(request, 'staff_groupedit.html', {'group': group, 'form': form})
def groupedit(request, gid): is_owner = request.user.has_perm("auth.is_owner_" + gid) if not is_owner: return render(request, 'staff_notallowed.html') group = get_object_or_404(Group, pk=gid) if request.method == 'POST': form = GroupForm(request.POST, instance=group) if form.is_valid(): form.save() group_id = form.instance.id group_name = form.instance.name permission_name = "auth.is_owner_" + str(group_id) permission = permissions.get_or_set_owner_permission( group_id, group_name) owners = form.data.getlist('owners') for user in User.objects.all(): user.groups = user.groups.exclude(id=form.instance.id) for user_id in request.POST.getlist('users'): user = User.objects.get(id=user_id) if not user.groups.filter(id=group_id): user.groups.add(form.instance) user.save() for owner in User.objects.filter( Q(user_permissions=permission)).distinct(): if owner.has_perm(permission_name) and str( owner.id) not in owners: owner.user_permissions.remove(permission) logger.info('No longer an owner: ' + str(owner.id) + ' - ' + owner.username) for owner_id in owners: owner = User.objects.get(id=owner_id) if not owner.groups.filter(id=group_id): owner.groups.add(group) owner.save() if not owner.has_perm(permission_name): owner.user_permissions.add(permission) logger.info('New owner: ' + str(owner.id) + ' - ' + owner.username) return HttpResponseRedirect(reverse('staff.views.home')) else: group = get_object_or_404(Group, pk=gid) else: form = GroupForm(instance=group) return render(request, 'staff_groupedit.html', { 'group': group, 'form': form })