diff options
author | Johan Berggren <jbn@nordu.net> | 2011-03-04 14:38:19 +0100 |
---|---|---|
committer | Johan Berggren <jbn@nordu.net> | 2011-03-04 14:38:19 +0100 |
commit | 613ab889ea717c86cda5b61332027581d6eb61e8 (patch) | |
tree | f46c11bc3bdb97e5fcdd7c8c0c470cf7d28bec29 /coip | |
parent | 07a04353ebacf6769683b55694d5aa78139d1d4f (diff) | |
parent | f0dd7b2469b6d276fdfdc0a0dc4da5101ce272cc (diff) |
Merge branch 'master' of git.nordu.net:coip
Diffstat (limited to 'coip')
-rw-r--r-- | coip/apps/membership/views.py | 4 | ||||
-rw-r--r-- | coip/apps/name/forms.py | 24 | ||||
-rw-r--r-- | coip/apps/name/models.py | 1 | ||||
-rw-r--r-- | coip/apps/name/views.py | 46 | ||||
-rw-r--r-- | coip/apps/userprofile/views.py | 2 | ||||
-rw-r--r-- | coip/extensions/templatetags/permdisplay.py | 4 | ||||
-rw-r--r-- | coip/urls.py | 10 |
7 files changed, 70 insertions, 21 deletions
diff --git a/coip/apps/membership/views.py b/coip/apps/membership/views.py index fd7036e..7c4c4e1 100644 --- a/coip/apps/membership/views.py +++ b/coip/apps/membership/views.py @@ -36,6 +36,10 @@ def join(request,id,membername=None): if form.is_valid(): m = form.save() return HttpResponseRedirect(name.url()) + else: + return respond_to(request, + {'text/html': 'apps/membership/edit.html'}, + {'form': form,'name': name, 'formtitle': 'Add a member to %s' % name.short}) else: if membername: try: diff --git a/coip/apps/name/forms.py b/coip/apps/name/forms.py index dc36ecd..549456f 100644 --- a/coip/apps/name/forms.py +++ b/coip/apps/name/forms.py @@ -6,7 +6,7 @@ Created on Jun 24, 2010 from django import forms from coip.apps.name.models import Name, Attribute, NameLink from django.forms import fields -from django.forms.widgets import HiddenInput, CheckboxSelectMultiple +from django.forms.widgets import HiddenInput, CheckboxSelectMultiple, TextInput from form_utils.forms import BetterModelForm, BetterForm class NameForm(forms.ModelForm): @@ -71,7 +71,23 @@ class NameLinkForm(forms.ModelForm): class NameLinkDeleteForm(forms.Form): confirm = fields.BooleanField(label="Confirm") -class PermissionForm(forms.Form): +class PermissionForm(BetterForm): dst = fields.IntegerField(widget=HiddenInput) - subject = fields.CharField(min_length=1024) - permissions = fields.MultipleChoiceField(widget=CheckboxSelectMultiple,choices=[('r','read'),('w','write'),('l','list'),('i','insert'),('d','delete')]) + subject = fields.CharField(max_length=1024,label="Group",widget=TextInput(attrs={'size': 40})) + permissions = fields.MultipleChoiceField(widget=CheckboxSelectMultiple, + choices=[('r','read'), + ('w','write'), + ('l','list members and groups'), + ('i','manage members'), + ('d','delete'), + ('a','manage access')]) + class Meta: + fieldsets = [('subject',{'fields': ['dst','subject'], + 'legend': 'Step 1: Select a group', + 'classes': ['step'], + 'description': 'Start typing in the textfield to find the group you want.'}), + ('permission',{'fields': ['permissions'], + 'legend': 'Step 2: Set permissions', + 'classes': ['step','submit_step'], + 'description': 'Select the rights that members of the group should have.'})] +
\ No newline at end of file diff --git a/coip/apps/name/models.py b/coip/apps/name/models.py index a1384a3..d8c089e 100644 --- a/coip/apps/name/models.py +++ b/coip/apps/name/models.py @@ -204,6 +204,7 @@ class NameLink(models.Model): access_control = 0 part_of = 1 + child_access_control = 2 def __unicode__(self): return "%s -> %s [%s %s]" % (self.src,self.dst,self.type,self.data) diff --git a/coip/apps/name/views.py b/coip/apps/name/views.py index 90c0773..36a0f16 100644 --- a/coip/apps/name/views.py +++ b/coip/apps/name/views.py @@ -9,12 +9,13 @@ from django.http import HttpResponseNotFound, HttpResponseForbidden,\ HttpResponseRedirect, Http404 from django.contrib.auth.decorators import login_required from coip.multiresponse import respond_to, json_response, render403 -from pprint import pformat +from pprint import pformat, pprint import logging from coip.apps.name.forms import NameEditForm, NewNameForm, NameDeleteForm,\ PermissionForm from django.shortcuts import get_object_or_404 from django.contrib.auth.models import User +from django.db.models import Q @login_required def delete(request,id): @@ -89,7 +90,18 @@ def edit(request,id): @login_required -def editacl(request,id,type): +def lsacl(request,id,type=NameLink.access_control): + name = get_object_or_404(Name,pk=id) + + if not name.has_permission(request.user,'a'): + return render403("You do not have permission to list permissions on %s" % (name)) + + return respond_to(request, + {'text/html': 'apps/name/acls.html'}, + {'name': name, 'acl': name.lsacl()}) + +@login_required +def addacl(request,id,type=NameLink.access_control): name = get_object_or_404(Name,pk=id) if not name.has_permission(request.user,'a'): @@ -103,13 +115,17 @@ def editacl(request,id,type): p = form.cleaned_data['permissions'] if not p: p = [] - perms = p.join('') - link = NameLink.objects.get_or_create(src=name,dst=dst,type=NameLink.access_control) + perms = "".join(p) + (link,created) = NameLink.objects.get_or_create(src=name,dst=dst,type=NameLink.access_control) link.data = perms link.save() - - form = PermissionForm() - return respond_to(request,{'text/html': 'apps/name/acls.html'},{'form': form, 'name': name, 'acl': name.lsacl(),'formtitle': 'Add Permission','submitname':'Add'}) + return HttpResponseRedirect("/name/%s/acl/%s" % (id,type)) + else: + form = PermissionForm() + + return respond_to(request, + {'text/html': 'apps/name/addace.html'}, + {'form': form, 'name': name,'formtitle': 'Add Permission','submitname':'Add'}) @login_required def links(request,id,type=NameLink.access_control): @@ -124,15 +140,15 @@ def links(request,id,type=NameLink.access_control): @login_required -def removelink(request,id): - link = get_object_or_404(NameLink,pk=id) +def rmacl(request,id,aclid): + link = get_object_or_404(NameLink,pk=aclid) name = link.src type = link.type if not name.has_permission(request.user,'w'): return render403("You do not have permission to remove name links from %s" % (name)) link.delete() - return HttpResponseRedirect("/name/{{name.id}}/link/{{type}}") + return HttpResponseRedirect("/name/%d/acl/%s" % (name.id,type)) @login_required def show_root(request): @@ -207,4 +223,12 @@ def rtree(request,id=None): @login_required def ctree(request,id=None): - return _tree(request,id,False)
\ No newline at end of file + return _tree(request,id,False) + +@login_required +def search(request): + list = [] + if request.REQUEST.has_key('term'): + term = request.REQUEST['term'] + list = [{'label': name.short,'value': name.id} for name in Name.objects.filter(Q(short__contains=term) | Q(value__contains=term))] + return json_response(list)
\ No newline at end of file diff --git a/coip/apps/userprofile/views.py b/coip/apps/userprofile/views.py index fd114c9..4660a52 100644 --- a/coip/apps/userprofile/views.py +++ b/coip/apps/userprofile/views.py @@ -48,7 +48,7 @@ def home(request): home.short = "%s (%s)" % (profile.display_name,profile.identifier) home.save() add_member(home,profile.user,hidden=True) - home.setacl(home,"rwl") #don't allow users to delete or reset acls on their home, nor invite members - that would be confusing as hell + home.setacl(home,"rwlda") #don't allow users to delete or reset acls on their home, nor invite members - that would be confusing as hell names = [(link.src,link.data) for link in NameLink.objects.filter(dst__memberships__user=request.user,type=NameLink.access_control,data__contains='i').all()] diff --git a/coip/extensions/templatetags/permdisplay.py b/coip/extensions/templatetags/permdisplay.py index 23e6ed3..3928094 100644 --- a/coip/extensions/templatetags/permdisplay.py +++ b/coip/extensions/templatetags/permdisplay.py @@ -25,7 +25,7 @@ permdisplay.is_safe = True register.filter(permdisplay) def acldstdisplay(dst): - if dst.display.startswith("user:"): + if dst.display.startswith("user:") and dst.display.count(":") == 1: (pfx,username) = split(dst.display,":",1) user = User.objects.get(username=username) if user: @@ -33,7 +33,7 @@ def acldstdisplay(dst): else: return "Unknown user \"%s\"" % username else: - return "Members of <a class=\"tip\" title=\"%s\" href=\"/name/id/%d\">%s</a>" % (dst.display,dst.id,dst.short) + return "members of %s (%s)" % (dst.short,dst.display) acldstdisplay.is_safe = True diff --git a/coip/urls.py b/coip/urls.py index 4391f38..2b30391 100644 --- a/coip/urls.py +++ b/coip/urls.py @@ -35,19 +35,23 @@ urlpatterns = patterns('', # Names (r'^name/id/(?P<id>[0-9]+)(?:\.([^\.]+))?$', 'coip.apps.name.views.show_by_id'), (r'^name$', 'coip.apps.name.views.show_root'), + (r'^name/search.json$', 'coip.apps.name.views.search'), (r'^name/(?P<id>[0-9]+)/edit$', 'coip.apps.name.views.edit'), (r'^name/(?P<id>[0-9]+)/delete$', 'coip.apps.name.views.delete'), (r'^name/(?P<id>[0-9]+)/add$', 'coip.apps.name.views.add'), (r'^name/(?P<id>[0-9]+)/join$', 'coip.apps.membership.views.join'), (r'^name/(?P<id>[0-9]+)/join/(?P<membername>[^\/]+)$', 'coip.apps.membership.views.join'), (r'^name/(?P<id>[0-9]+)/leave/(?P<membername>[^\/]+)$', 'coip.apps.membership.views.leave'), - (r'^name/(?P<name>.+)(?:\.([^\.]+))?$', 'coip.apps.name.views.show_by_name'), # Name Links (r'^name/(?P<id>[0-9]+)/link/(?P<type>[0-9]+).json$', 'coip.apps.name.views.links'), - (r'^namelink/(?P<id>[0-9]+)/remove$', 'coip.apps.name.views.removelink'), - (r'^name/(?P<id>[0-9]+)/link/(?P<type>[0-9]+)$', 'coip.apps.name.views.editacl'), + # ACL + (r'^name/(?P<id>[0-9]+)/acl/(?P<type>[0-9]+)$', 'coip.apps.name.views.lsacl'), + (r'^name/(?P<id>[0-9]+)/acl/(?P<type>[0-9]+)/add$', 'coip.apps.name.views.addacl'), + (r'^name/(?P<id>[0-9]+)/acl/(?P<type>[0-9]+)/copy$', 'coip.apps.name.views.copyacl'), + (r'^name/(?P<id>[0-9]+)/acl/(?P<aclid>[0-9]+)/remove$', 'coip.apps.name.views.rmacl'), # Links (r'^name/(?P<id>[0-9]+)/addlink$', 'coip.apps.link.views.add'), + (r'^name/(?P<name>.+)(?:\.([^\.]+))?$', 'coip.apps.name.views.show_by_name'), (r'^link/(?P<id>[0-9]+)/remove$', 'coip.apps.link.views.remove'), # Membership (r'^membership/(?P<id>[0-9]+)$', 'coip.apps.membership.views.show'), |