diff -r 8f332dd06c1e -r dce127afac9d src/cm/views/user.py --- a/src/cm/views/user.py Thu Oct 03 10:11:23 2013 +0200 +++ b/src/cm/views/user.py Thu Oct 03 10:19:03 2013 +0200 @@ -20,7 +20,7 @@ from django.views.generic.list_detail import object_list from django.contrib.auth.decorators import login_required from cm.views import get_keys_from_dict -from cm.security import has_global_perm +from cm.security import has_global_perm, has_global_perm_or_perm_on_text from cm.exception import UnauthorizedException from cm.cm_settings import SHOW_EMAILS_IN_ADMIN from tagging.models import Tag @@ -228,20 +228,20 @@ SEPARATORS_RE = re.compile('[;,\n]+') -@has_global_perm('can_manage_workspace') +@has_global_perm_or_perm_on_text('can_manage_workspace', 'can_manage_text') def user_mass_add(request, key=None): return user_add(request, key=key, mass=True) -@has_global_perm('can_manage_workspace') +@has_global_perm_or_perm_on_text('can_manage_workspace', 'can_manage_text') def user_add(request, key=None, mass=False): text = get_text_by_keys_or_404(key) if key else None if request.method == 'POST': userform = UserForm(request.POST) if not mass else MassUserForm(request.POST) - userroleform = UserRoleForm(request.POST) + userroleform = UserRoleForm(request.POST) if not(key) else None noteform = UserAddForm(request.POST) userprofileform = UserProfileAddForm(request.POST) localroleform = UserRoleTextForm(request.POST, prefix="local") if key else None - if userform.is_valid() and userroleform.is_valid() and noteform.is_valid() and userprofileform.is_valid() and (not localroleform or localroleform.is_valid()): + if userform.is_valid() and (not userroleform or userroleform.is_valid()) and noteform.is_valid() and userprofileform.is_valid() and (not localroleform or localroleform.is_valid()): data = userform.cleaned_data data.update(userprofileform.cleaned_data) data.update(noteform.cleaned_data) @@ -251,9 +251,10 @@ for email in [s.strip() for s in SEPARATORS_RE.split(emails)]: if email and not User.objects.filter(email__iexact=email) and email not in email_created: user = UserProfile.objects.create_inactive_user(email, True, **data) - userrole = UserRole.objects.create(user=user, role=userroleform.cleaned_data['role'], text=None) if key: localuserrole = UserRole.objects.create(user=user, role=localroleform.cleaned_data['role'], text=text) + else: + userrole = UserRole.objects.create(user=user, role=userroleform.cleaned_data['role'], text=None) email_created.add(email) register_activity(request, "user_created", user=user) display_message(request, ungettext(u'%(nb_users)d user added', u'%(nb_users)d users added', len(email_created)) % {'nb_users': len(email_created)}) @@ -263,7 +264,7 @@ return HttpResponseRedirect(reverse('user')) else: userform = UserForm() if not mass else MassUserForm() - userroleform = UserRoleForm() + userroleform = UserRoleForm() if not(key) else None userprofileform = UserProfileAddForm({'preferred_language' : request.LANGUAGE_CODE}) noteform = UserAddForm() localroleform = UserRoleTextForm(prefix="local") if key else None