From e048e075471eef441ca2a0e5e4570b07fc49e871 Mon Sep 17 00:00:00 2001 From: Kasper Brandt Date: Mon, 13 Oct 2014 12:11:34 +0200 Subject: [PATCH] [#766] Added permissions form to user management page --- akvo/rsr/forms.py | 11 +++++++++++ akvo/rsr/models/organisation.py | 7 +++++-- akvo/rsr/views/my_rsr.py | 15 ++++++++++----- akvo/settings/10-base.conf | 2 +- akvo/templates/myrsr/user_management.html | 11 ++++++++++- 5 files changed, 37 insertions(+), 9 deletions(-) diff --git a/akvo/rsr/forms.py b/akvo/rsr/forms.py index 379b826216..f91a9d8688 100644 --- a/akvo/rsr/forms.py +++ b/akvo/rsr/forms.py @@ -205,3 +205,14 @@ def save(self, request): # TODO: The approval process of users request.user.organisations.add(self.cleaned_data['organisation']) + +class UserPermissionsForm(forms.Form): + permission = forms.ChoiceField( + choices=( + ('', 'Pending'), + ('2', 'User'), + ('4', 'Editor'), + ('3', 'Admin') + ), + label='' + ) \ No newline at end of file diff --git a/akvo/rsr/models/organisation.py b/akvo/rsr/models/organisation.py index edeb6b24d1..d20b22270b 100644 --- a/akvo/rsr/models/organisation.py +++ b/akvo/rsr/models/organisation.py @@ -195,6 +195,11 @@ def all_projects(self): from .project import Project return Project.objects.filter(partnerships__organisation__in=self) + def users(self): + "returns a queryset of all users belonging to the organisation(s)" + from .user import User + return User.objects.filter(employments__organisation__in=self).distinct() + def __unicode__(self): return self.name @@ -291,8 +296,6 @@ def dollar_funds_needed(self): # the ORM aggregate() doesn't work here since we may have multiple partnership relations to the same project return self._aggregate_funds_needed(self.published_projects().dollars().distinct()) - # New API end - class Meta: app_label = 'rsr' verbose_name = _(u'organisation') diff --git a/akvo/rsr/views/my_rsr.py b/akvo/rsr/views/my_rsr.py index 5b68797204..bfcebfe8f1 100644 --- a/akvo/rsr/views/my_rsr.py +++ b/akvo/rsr/views/my_rsr.py @@ -8,9 +8,9 @@ import json -from akvo.rsr.forms import PasswordForm, ProfileForm, UserOrganisationForm -from akvo.rsr.models import Project, User -from django.contrib.auth.decorators import login_required +from akvo.rsr.forms import PasswordForm, ProfileForm, UserOrganisationForm, UserPermissionsForm +from akvo.rsr.models import Project +from django.contrib.auth.decorators import login_required, permission_required from django.http import HttpResponse from django.shortcuts import render, render_to_response from django.template import RequestContext @@ -69,8 +69,13 @@ def my_projects(request): context = {'projects': Project.objects.published()} return render(request, 'myrsr/my_projects.html', context) - +@permission_required('rsr.delete_user', raise_exception=True) @login_required def user_management(request): - context = {'users': User.objects.all()} + organisations = request.user.organisations.all() + permissionsForm = UserPermissionsForm() + context = { + 'users': organisations.users(), + 'permissionsForm': permissionsForm + } return render(request, 'myrsr/user_management.html', context) \ No newline at end of file diff --git a/akvo/settings/10-base.conf b/akvo/settings/10-base.conf index d8902f84db..80b8245429 100644 --- a/akvo/settings/10-base.conf +++ b/akvo/settings/10-base.conf @@ -54,7 +54,7 @@ INSTALLED_APPS = ( gettext = lambda s: s -LOGIN_URL = '/signin/' +LOGIN_URL = '/sign_in/' LOGIN_REDIRECT_URL = '/' MIDDLEWARE_CLASSES = ( diff --git a/akvo/templates/myrsr/user_management.html b/akvo/templates/myrsr/user_management.html index c946934c1e..628de6ed72 100644 --- a/akvo/templates/myrsr/user_management.html +++ b/akvo/templates/myrsr/user_management.html @@ -76,7 +76,16 @@

User management

{% endfor %} - Permission settings +
{% csrf_token %} + {% for field in permissionsForm %} + {% bootstrap_field field %} + {% endfor %} + {% buttons %} + + {% endbuttons %} +
{% endfor %}