--- a/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/create_group.html Thu Dec 08 12:12:13 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/create_group.html Thu Dec 08 16:04:44 2011 +0100
@@ -115,7 +115,7 @@
<a href="#" id="removeall" title="{% trans "remove all" %}">{% trans "remove all" %}</a>
| <a href="#" id="chooseaux" title="{% trans "Decide whether a user user can change this group" %}">{% trans "is admin" %}</a>
| <a href="#" id="removeaux">{% trans "is not admin" %}</a>
- </div>
+ </div>
</div>
<div id="adminselection">
--- a/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/partial/permissions.html Thu Dec 08 12:12:13 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/partial/permissions.html Thu Dec 08 16:04:44 2011 +0100
@@ -34,7 +34,7 @@
</div>
<select multiple="multiple" id="selectedlist" >
{% for elem in member_list %}
- <option value="{{elem.type}}-{{ elem.id }}" {% if elem.change %}style="color: #2181B1;"{% endif %}>{{ elem.name }}</option>
+ <option value="{{ elem.id }}-{{elem.type}}" {% if elem.change %}style="color: #2181B1;"{% endif %}>{{ elem.name }}</option>
{% endfor %}
</select>
<div id="selectedlistfooter" class="span-6" >
@@ -46,10 +46,13 @@
<div id="read">
{% for elem in member_list %}
- <input type="hidden" value="{{ elem.type }}-{{ elem.id }} name="read_list"/>
+ <input type="hidden" value="{{ elem.id }}-{{ elem.type }}" name="read_list"/>
{% endfor %}
</div>
<div id="write">
+ {% for elem in admin_list %}
+ <input type="hidden" value="{{ elem.id }}-{{ elem.type }}" name="write_list"/>
+ {% endfor %}
</div>
</div>
--- a/src/ldt/ldt/ldt_utils/views.py Thu Dec 08 12:12:13 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/views.py Thu Dec 08 16:04:44 2011 +0100
@@ -23,7 +23,7 @@
from ldt.ldt_utils.models import Content
from ldt.ldt_utils.utils import boolean_convert, LdtUtils, LdtSearch
from ldt.security.utils import (assign_perm_to_obj, set_forbidden_stream,
- add_change_attr, get_allowed_elem_list)
+ add_change_attr, get_userlist_model, get_userlist_group)
from lxml.html import fragment_fromstring
from models import Media, Project
from projectserializer import ProjectSerializer
@@ -872,7 +872,7 @@
groups = request.user.groups.exclude(name=settings.PUBLIC_GROUP_NAME)
elem_list = User.objects.all()[0:20]
elem_list = [{'name': e.username, 'id': e.id, 'type': 'user'} for e in elem_list]
- member_list = get_allowed_elem_list(project, request.user)
+ member_list, admin_list = get_userlist_model(project, request.user)
if request.method == "POST" :
submit_action = request.REQUEST.get("submit_button", False)
@@ -913,9 +913,9 @@
form_status = 'none'
- return render_to_response('ldt/ldt_utils/create_ldt.html', {'form':form, 'form_status':form_status, 'groups': groups,
- 'elem_list': elem_list, 'ldt_id': ldt_id, 'contents':contents,
- 'member_list': member_list, 'create_project_action':reverse("ldt.ldt_utils.views.update_project", args=[ldt_id])}, context_instance=RequestContext(request))
+ return render_to_response('ldt/ldt_utils/create_ldt.html', {'form':form, 'form_status':form_status, 'groups': groups, 'elem_list': elem_list,
+ 'ldt_id': ldt_id, 'contents':contents, 'member_list': member_list, 'admin_list': admin_list,
+ 'create_project_action':reverse("ldt.ldt_utils.views.update_project", args=[ldt_id])}, context_instance=RequestContext(request))
@login_required
def copy_project(request, ldt_id, group_id=None):
@@ -1176,16 +1176,17 @@
if iri_id:
create_content_action = reverse('ldt.ldt_utils.views.write_content', kwargs={'iri_id':iri_id})
+ member_list, admin_list = get_userlist_model(Content.objects.get(iri_id=iri_id), request.user)
else:
+ member_list = admin_list = []
create_content_action = reverse('ldt.ldt_utils.views.write_content')
session_key = request.COOKIES[settings.SESSION_COOKIE_NAME]
- cookie_name = settings.SESSION_COOKIE_NAME
-
+ cookie_name = settings.SESSION_COOKIE_NAME
content_form.fields["media_obj"].queryset = Media.safe_objects.all()
return render_to_response('ldt/ldt_utils/create_content.html', {'content_form': content_form, 'media_form': media_form, 'form_status': form_status, 'create_content_action': create_content_action,
- 'elem_list': elem_list, 'iri_id': iri_id, 'session_key':session_key, 'cookie_name':cookie_name}, context_instance=RequestContext(request))
+ 'elem_list': elem_list, 'member_list': member_list, 'admin_list': admin_list, 'iri_id': iri_id, 'session_key':session_key, 'cookie_name':cookie_name}, context_instance=RequestContext(request))
@login_required
def prepare_delete_content(request, iri_id=None):
@@ -1329,7 +1330,6 @@
form_status = 'saved'
return render_to_response("ldt/ldt_utils/create_group.html", {'form_status' : form_status}, context_instance=RequestContext(request))
- member_list = group.user_set.exclude(id=request.user.id)
query = Q(id=settings.ANONYMOUS_USER_ID) | Q(id=request.user.id) | Q(is_superuser=True)
user_list = User.objects.exclude(query)[0:20]
user_list = [{'name': x.username, 'id': x.id, 'type': 'user'} for x in user_list]
@@ -1347,33 +1347,35 @@
if form.is_valid():
name = form.cleaned_data['name']
new_member_list = form.cleaned_data['read_list']
+ old_member_list = group.user_set.exclude(id=request.user.id)
admin_list = form.cleaned_data['write_list']
group.name = name
for user in new_member_list:
if not hasattr(user, 'username'):
- raise AttributeError('new_member_list should only contain users')
- group.user_set.add(user)
- if user in admin_list:
- assign('change_group', user, group)
- else:
- remove_perm('change_group', user, group)
+ raise AttributeError('new_member_list should only contain users')
+ if user != request.user:
+ group.user_set.add(user)
+ if user in admin_list:
+ assign('change_group', user, group)
+ else:
+ remove_perm('change_group', user, group)
- for user in member_list:
+ for user in old_member_list:
if user not in new_member_list:
group.user_set.remove(user)
remove_perm('change_group', user, group)
-
+
group.save()
form_status = 'saved'
else:
form = GroupAddForm(initial={'name':unicode(group.name)})
- member_list = [{'name': x.username, 'id': x.id, 'type': 'user'} for x in member_list]
+ member_list, admin_list = get_userlist_group(group, request.user)
return render_to_response("ldt/ldt_utils/create_group.html", {'group_id' : group_id, 'form' : form, 'form_status' : form_status,
- 'elem_list' : user_list, 'member_list': member_list,
- }, context_instance=RequestContext(request))
+ 'elem_list' : user_list, 'member_list': member_list, 'admin_list': admin_list},
+ context_instance=RequestContext(request))
@login_required
def leave_group(request, group_id, redirect=True):
@@ -1390,5 +1392,5 @@
return HttpResponseRedirect(reverse('ldt.ldt_utils.views.groups'))
else:
return HttpResponse(simplejson.dumps({'res':True}, ensure_ascii=False), mimetype='application/json')
-
+
--- a/src/ldt/ldt/security/utils.py Thu Dec 08 12:12:13 2011 +0100
+++ b/src/ldt/ldt/security/utils.py Thu Dec 08 16:04:44 2011 +0100
@@ -1,7 +1,7 @@
from django.conf import settings
from django.contrib.contenttypes.models import ContentType
from guardian.core import ObjectPermissionChecker
-from guardian.shortcuts import assign, remove_perm, get_users_with_perms, get_groups_with_perms
+from guardian.shortcuts import assign, remove_perm, get_users_with_perms, get_groups_with_perms, get_objects_for_group
try:
from threading import local
@@ -127,18 +127,55 @@
remove_perms(read_list, old_groups, object, name)
-def get_allowed_elem_list(object, owner):
- users = get_users_with_perms(object).exclude(id=owner.id)
- groups = get_groups_with_perms(object)
+def get_userlist_model(object, owner):
+ users = get_users_with_perms(object, attach_perms=True)
+ groups = get_groups_with_perms(object, attach_perms=True)
+ object_name = object.__class__.__name__.lower()
+ def create_dict (users_or_groups, name, groups=True):
+ l = []
+ admin_list = []
+
+ for elem in users_or_groups.keys():
+ if elem == owner:
+ continue
+
+ if groups:
+ elem_dict = {'name': elem.name, 'type': 'group', 'id': elem.id}
+ else:
+ elem_dict = {'name': elem.username, 'type': 'user', 'id': elem.id}
+
+ for perm in users_or_groups[elem]:
+ if perm == 'change_%s' % name:
+ elem_dict['change'] = True
+ admin_list.append(elem_dict)
+ continue
+
+ l.append(elem_dict)
+ return l, admin_list
+
+ users_list, admin_users = create_dict(users, object_name, False)
+ groups_list, admin_groups = create_dict(groups, object_name, True)
+
+ return [users_list + groups_list, admin_users + admin_groups]
+
+
+def get_userlist_group(group, user):
+ members = group.user_set.all()
+ admin = get_users_with_perms(group)
+
member_list = []
- for u in users:
- member_list.append({'name': u.username, 'id': u.id, 'type': 'user'})
+ for u in members:
+ if u == user:
+ continue
+ u_dict = {'name': u.username, 'id': u.id, 'type': 'user'}
+ if u in admin:
+ u_dict['change'] = True
+ member_list.append(u_dict)
- for g in groups:
- member_list.append({'name': g.name, 'id': g.id, 'type': 'group'})
+ admin_list = [{'name': e.username, 'id': e.id, 'type': 'user'} for e in admin]
- return member_list
+ return [member_list, admin_list]