85 lines
3.3 KiB
Python
85 lines
3.3 KiB
Python
import os
|
|
|
|
from django import forms
|
|
from django.contrib import messages, admin
|
|
from django.core.exceptions import PermissionDenied
|
|
from django.template.response import TemplateResponse
|
|
from django.utils.translation import ungettext, ugettext_lazy as _
|
|
|
|
from orchestra.admin.decorators import action_with_confirmation
|
|
from orchestra.contrib.orchestration.middlewares import OperationsMiddleware
|
|
|
|
from .forms import GrantPermissionForm
|
|
|
|
|
|
def grant_permission(modeladmin, request, queryset):
|
|
account_id = None
|
|
for user in queryset:
|
|
account_id = account_id or user.account_id
|
|
if user.account_id != account_id:
|
|
messages.error("Users from the same account should be selected.")
|
|
user = queryset[0]
|
|
if request.method == 'POST':
|
|
form = GrantPermissionForm(user, request.POST)
|
|
if form.is_valid():
|
|
cleaned_data = form.cleaned_data
|
|
to = os.path.join(cleaned_data['base_path'], cleaned_data['path_extension'])
|
|
ro = cleaned_data['read_only']
|
|
for user in queryset:
|
|
user.grant_to = to
|
|
user.grant_ro = ro
|
|
# DOn't collect, execute right away for path validation
|
|
OperationsMiddleware.collect('grant_permission', instance=user)
|
|
context = {
|
|
'type': _("read-only") if ro else _("read-write"),
|
|
'to': to,
|
|
}
|
|
msg = _("Granted %(type)s permissions on %(to)s") % context
|
|
modeladmin.log_change(request, user, msg)
|
|
# TODO feedback message
|
|
return
|
|
opts = modeladmin.model._meta
|
|
app_label = opts.app_label
|
|
context = {
|
|
'title': _("Grant permission"),
|
|
'action_name': _("Grant permission"),
|
|
'action_value': 'grant_permission',
|
|
'queryset': queryset,
|
|
'opts': opts,
|
|
'obj': user,
|
|
'app_label': app_label,
|
|
'action_checkbox_name': admin.helpers.ACTION_CHECKBOX_NAME,
|
|
'form': GrantPermissionForm(user),
|
|
}
|
|
return TemplateResponse(request, 'admin/systemusers/systemuser/grant_permission.html',
|
|
context, current_app=modeladmin.admin_site.name)
|
|
grant_permission.url_name = 'grant-permission'
|
|
grant_permission.verbose_name = _("Grant permission")
|
|
|
|
|
|
def delete_selected(modeladmin, request, queryset):
|
|
""" wrapper arround admin.actions.delete_selected to prevent main system users deletion """
|
|
opts = modeladmin.model._meta
|
|
app_label = opts.app_label
|
|
# Check that the user has delete permission for the actual model
|
|
if not modeladmin.has_delete_permission(request):
|
|
raise PermissionDenied
|
|
else:
|
|
accounts = []
|
|
for user in queryset:
|
|
if user.is_main:
|
|
accounts.append(user.username)
|
|
if accounts:
|
|
n = len(accounts)
|
|
messages.error(request, ungettext(
|
|
"You have selected one main system user (%(accounts)s), which can not be deleted.",
|
|
"You have selected some main system users which can not be deleted (%(accounts)s).",
|
|
n) % {
|
|
'accounts': ', '.join(accounts[:10]+['...'] if n > 10 else accounts)
|
|
}
|
|
)
|
|
return
|
|
return admin.actions.delete_selected(modeladmin, request, queryset)
|
|
delete_selected.short_description = _("Delete selected %(verbose_name_plural)s")
|
|
|