diff options
author | Leif Johansson <leifj@sunet.se> | 2011-03-03 23:28:11 +0100 |
---|---|---|
committer | Leif Johansson <leifj@sunet.se> | 2011-03-03 23:28:11 +0100 |
commit | d60a62a68a5c3442a6b464cca1c1a218d57d8ecc (patch) | |
tree | bc7f4d62751fff095bfcd547a95714b19e5b5487 /coip | |
parent | 5bf172664d789d10781441e2a812f626c15c8da6 (diff) |
new acl UI
Diffstat (limited to 'coip')
-rw-r--r-- | coip/apps/membership/views.py | 4 | ||||
-rw-r--r-- | coip/apps/name/forms.py | 24 | ||||
-rw-r--r-- | coip/apps/name/models.py | 1 | ||||
-rw-r--r-- | coip/apps/name/views.py | 40 | ||||
-rw-r--r-- | coip/extensions/templatetags/permdisplay.py | 4 | ||||
-rw-r--r-- | coip/urls.py | 7 |
6 files changed, 64 insertions, 16 deletions
diff --git a/coip/apps/membership/views.py b/coip/apps/membership/views.py index fd7036e..7c4c4e1 100644 --- a/coip/apps/membership/views.py +++ b/coip/apps/membership/views.py @@ -36,6 +36,10 @@ def join(request,id,membername=None): if form.is_valid(): m = form.save() return HttpResponseRedirect(name.url()) + else: + return respond_to(request, + {'text/html': 'apps/membership/edit.html'}, + {'form': form,'name': name, 'formtitle': 'Add a member to %s' % name.short}) else: if membername: try: diff --git a/coip/apps/name/forms.py b/coip/apps/name/forms.py index dc36ecd..549456f 100644 --- a/coip/apps/name/forms.py +++ b/coip/apps/name/forms.py @@ -6,7 +6,7 @@ Created on Jun 24, 2010 from django import forms from coip.apps.name.models import Name, Attribute, NameLink from django.forms import fields -from django.forms.widgets import HiddenInput, CheckboxSelectMultiple +from django.forms.widgets import HiddenInput, CheckboxSelectMultiple, TextInput from form_utils.forms import BetterModelForm, BetterForm class NameForm(forms.ModelForm): @@ -71,7 +71,23 @@ class NameLinkForm(forms.ModelForm): class NameLinkDeleteForm(forms.Form): confirm = fields.BooleanField(label="Confirm") -class PermissionForm(forms.Form): +class PermissionForm(BetterForm): dst = fields.IntegerField(widget=HiddenInput) - subject = fields.CharField(min_length=1024) - permissions = fields.MultipleChoiceField(widget=CheckboxSelectMultiple,choices=[('r','read'),('w','write'),('l','list'),('i','insert'),('d','delete')]) + subject = fields.CharField(max_length=1024,label="Group",widget=TextInput(attrs={'size': 40})) + permissions = fields.MultipleChoiceField(widget=CheckboxSelectMultiple, + choices=[('r','read'), + ('w','write'), + ('l','list members and groups'), + ('i','manage members'), + ('d','delete'), + ('a','manage access')]) + class Meta: + fieldsets = [('subject',{'fields': ['dst','subject'], + 'legend': 'Step 1: Select a group', + 'classes': ['step'], + 'description': 'Start typing in the textfield to find the group you want.'}), + ('permission',{'fields': ['permissions'], + 'legend': 'Step 2: Set permissions', + 'classes': ['step','submit_step'], + 'description': 'Select the rights that members of the group should have.'})] +
\ No newline at end of file diff --git a/coip/apps/name/models.py b/coip/apps/name/models.py index a1384a3..d8c089e 100644 --- a/coip/apps/name/models.py +++ b/coip/apps/name/models.py @@ -204,6 +204,7 @@ class NameLink(models.Model): access_control = 0 part_of = 1 + child_access_control = 2 def __unicode__(self): return "%s -> %s [%s %s]" % (self.src,self.dst,self.type,self.data) diff --git a/coip/apps/name/views.py b/coip/apps/name/views.py index 90c0773..3032374 100644 --- a/coip/apps/name/views.py +++ b/coip/apps/name/views.py @@ -9,12 +9,13 @@ from django.http import HttpResponseNotFound, HttpResponseForbidden,\ HttpResponseRedirect, Http404 from django.contrib.auth.decorators import login_required from coip.multiresponse import respond_to, json_response, render403 -from pprint import pformat +from pprint import pformat, pprint import logging from coip.apps.name.forms import NameEditForm, NewNameForm, NameDeleteForm,\ PermissionForm from django.shortcuts import get_object_or_404 from django.contrib.auth.models import User +from django.db.models import Q @login_required def delete(request,id): @@ -89,7 +90,18 @@ def edit(request,id): @login_required -def editacl(request,id,type): +def lsacl(request,id,type=NameLink.access_control): + name = get_object_or_404(Name,pk=id) + + if not name.has_permission(request.user,'a'): + return render403("You do not have permission to list permissions on %s" % (name)) + + return respond_to(request, + {'text/html': 'apps/name/acls.html'}, + {'name': name, 'acl': name.lsacl()}) + +@login_required +def addacl(request,id,type=NameLink.access_control): name = get_object_or_404(Name,pk=id) if not name.has_permission(request.user,'a'): @@ -103,13 +115,17 @@ def editacl(request,id,type): p = form.cleaned_data['permissions'] if not p: p = [] - perms = p.join('') - link = NameLink.objects.get_or_create(src=name,dst=dst,type=NameLink.access_control) + perms = "".join(p) + (link,created) = NameLink.objects.get_or_create(src=name,dst=dst,type=NameLink.access_control) link.data = perms link.save() - - form = PermissionForm() - return respond_to(request,{'text/html': 'apps/name/acls.html'},{'form': form, 'name': name, 'acl': name.lsacl(),'formtitle': 'Add Permission','submitname':'Add'}) + return HttpResponseRedirect("/name/%s/acl/%s" % (id,type)) + else: + form = PermissionForm() + + return respond_to(request, + {'text/html': 'apps/name/addace.html'}, + {'form': form, 'name': name,'formtitle': 'Add Permission','submitname':'Add'}) @login_required def links(request,id,type=NameLink.access_control): @@ -207,4 +223,12 @@ def rtree(request,id=None): @login_required def ctree(request,id=None): - return _tree(request,id,False)
\ No newline at end of file + return _tree(request,id,False) + +@login_required +def search(request): + list = [] + if request.REQUEST.has_key('term'): + term = request.REQUEST['term'] + list = [{'label': name.short,'value': name.id} for name in Name.objects.filter(Q(short__contains=term) | Q(value__contains=term))] + return json_response(list)
\ No newline at end of file diff --git a/coip/extensions/templatetags/permdisplay.py b/coip/extensions/templatetags/permdisplay.py index 23e6ed3..3928094 100644 --- a/coip/extensions/templatetags/permdisplay.py +++ b/coip/extensions/templatetags/permdisplay.py @@ -25,7 +25,7 @@ permdisplay.is_safe = True register.filter(permdisplay) def acldstdisplay(dst): - if dst.display.startswith("user:"): + if dst.display.startswith("user:") and dst.display.count(":") == 1: (pfx,username) = split(dst.display,":",1) user = User.objects.get(username=username) if user: @@ -33,7 +33,7 @@ def acldstdisplay(dst): else: return "Unknown user \"%s\"" % username else: - return "Members of <a class=\"tip\" title=\"%s\" href=\"/name/id/%d\">%s</a>" % (dst.display,dst.id,dst.short) + return "members of %s (%s)" % (dst.short,dst.display) acldstdisplay.is_safe = True diff --git a/coip/urls.py b/coip/urls.py index ffabf11..edca1cc 100644 --- a/coip/urls.py +++ b/coip/urls.py @@ -35,19 +35,22 @@ urlpatterns = patterns('', # Names (r'^name/id/(?P<id>[0-9]+)(?:\.([^\.]+))?$', 'coip.apps.name.views.show_by_id'), (r'^name$', 'coip.apps.name.views.show_root'), + (r'^name/search.json$', 'coip.apps.name.views.search'), (r'^name/(?P<id>[0-9]+)/edit$', 'coip.apps.name.views.edit'), (r'^name/(?P<id>[0-9]+)/delete$', 'coip.apps.name.views.delete'), (r'^name/(?P<id>[0-9]+)/add$', 'coip.apps.name.views.add'), (r'^name/(?P<id>[0-9]+)/join$', 'coip.apps.membership.views.join'), (r'^name/(?P<id>[0-9]+)/join/(?P<membername>[^\/]+)$', 'coip.apps.membership.views.join'), (r'^name/(?P<id>[0-9]+)/leave/(?P<membername>[^\/]+)$', 'coip.apps.membership.views.leave'), - (r'^name/(?P<name>.+)(?:\.([^\.]+))?$', 'coip.apps.name.views.show_by_name'), # Name Links (r'^name/(?P<id>[0-9]+)/link/(?P<type>[0-9]+).json$', 'coip.apps.name.views.links'), (r'^namelink/(?P<id>[0-9]+)/remove$', 'coip.apps.name.views.removelink'), - (r'^name/(?P<id>[0-9]+)/link/(?P<type>[0-9]+)$', 'coip.apps.name.views.editacl'), + # ACL + (r'^name/(?P<id>[0-9]+)/acl/(?P<type>[0-9]+)$', 'coip.apps.name.views.lsacl'), + (r'^name/(?P<id>[0-9]+)/acl/(?P<type>[0-9]+)/add$', 'coip.apps.name.views.addacl'), # Links (r'^name/(?P<id>[0-9]+)/addlink$', 'coip.apps.link.views.add'), + (r'^name/(?P<name>.+)(?:\.([^\.]+))?$', 'coip.apps.name.views.show_by_name'), (r'^link/(?P<id>[0-9]+)/remove$', 'coip.apps.link.views.remove'), # Membership (r'^membership/(?P<id>[0-9]+)$', 'coip.apps.membership.views.show'), |