--- a/src/ldt/ldt/ldt_utils/middleware/userprofile.py Mon Dec 12 10:19:04 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/middleware/userprofile.py Mon Dec 12 12:26:18 2011 +0100
@@ -7,7 +7,6 @@
if request.user.is_authenticated():
profile = request.user.get_profile()
- request.user.is_regular = profile.is_regular
language = profile.language
else:
language = settings.LANGUAGE_CODE[:2]
--- a/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/create_group.html Mon Dec 12 10:19:04 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/create_group.html Mon Dec 12 12:26:18 2011 +0100
@@ -108,13 +108,16 @@
</div>
<select multiple="multiple" id="selecteduserslist" >
{% for user in member_list %}
- <option value="{{ user.id }}-{{user.type}}" {% if user.change %}style="color: #2181B1;"{% endif %}>{{ user.name }}</option>
+ <option value="{{ user.id }}-{{user.type}}" {% if is_owner_group and user.change %}style="color: #2181B1;"{% endif %}>{{ user.name }}</option>
{% endfor %}
</select>
<div id="selecteduserslistfooter" >
<a href="#" id="removeall" title="{% trans "remove all" %}">{% trans "remove all" %}</a>
+
+ {% if is_owner_group %}
| <a href="#" id="chooseaux" title="{% trans "Decide whether a user user can change this group" %}">{% trans "is admin" %}</a>
| <a href="#" id="removeaux">{% trans "is not admin" %}</a>
+ {% endif %}
</div>
</div>
@@ -134,7 +137,9 @@
<button type="button" id="close_button" value="close">{% trans "close_cancel" %}</button>
{% if group_id %}
<button class="button" id="ldt_submit" type="submit" value="update" name="submit_button">{% trans "update_group" %}</button>
- <button class="button" id="ldt_submit" type="submit" value="delete" name="submit_button">{% trans "delete_group" %}</button>
+ {% if is_owner_group %}
+ <button class="button" id="ldt_submit" type="submit" value="delete" name="submit_button">{% trans "delete_group" %}</button>
+ {% endif %}
{% else %}
<button class="button" id="ldt_submit" type="submit" value="create" name="submit_button">{% trans "create_group" %}</button>
{% endif %}
--- a/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/groups.html Mon Dec 12 10:19:04 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/groups.html Mon Dec 12 12:26:18 2011 +0100
@@ -86,7 +86,7 @@
<div class="span-12 last titlediv" >
<div class="span-8 projectscontentstitle">{% trans "My groups" %}</div>
<div class="span-4 last searchfielddiv" >
- {% if user.is_regular %}
+ {% if perms.auth.add_group %}
<a class="create_group" href="{% url ldt.ldt_utils.views.create_group %}"><img class='icon_title' src="{{LDT_MEDIA_PREFIX}}img/film_add.png" alt="{% trans 'Create group' %}" title="{% trans 'Create group' %}" /></a>
{% endif %}
</div>
--- a/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/partial/groupslist.html Mon Dec 12 10:19:04 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/templates/ldt/ldt_utils/partial/groupslist.html Mon Dec 12 12:26:18 2011 +0100
@@ -9,15 +9,10 @@
<tbody class="projectscontentsbody">
{% for group in groups %}
<tr class="imageline {% cycle 'projectscontentsoddline' 'projectscontentsevenline'%} update_group_projects" id="{{ group.id }}">
-
- {% if user.is_regular %}
- {% if group.change %}
- <td class="cellimg"><a class="grouplink create_group" title="{% trans "Change this group"%}" href="{% url ldt.ldt_utils.views.update_group group.id %}">c</a></td>
- <td><b>{{ group.name }}</b></td>
- {% else %}
- <td class="cellimg"><a class="grouplink leave_group" title="{% trans "Leave this group" %}" href="{% url ldt.ldt_utils.views.leave_group group.id %}">l</a></td>
- <td>{{ group.name }}</td>
- {% endif %}
+
+ {% if group.change %}
+ <td class="cellimg"><a class="grouplink create_group" title="{% trans "Change this group"%}" href="{% url ldt.ldt_utils.views.update_group group.id %}">c</a></td>
+ <td><b>{{ group.name }}</b></td>
{% else %}
<td class="cellimg"></td>
<td>{{ group.name }}</td>
--- a/src/ldt/ldt/ldt_utils/urls.py Mon Dec 12 10:19:04 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/urls.py Mon Dec 12 12:26:18 2011 +0100
@@ -40,7 +40,6 @@
url(r'^segmentHighlight/(?P<project_id>.*)/(?P<content_id>.*)/(?P<ensemble_id>.*)/(?P<cutting_id>.*)/(?P<segment_id>.*)/$', 'views.highlight_segment'),
url(r'^createGroup/$', 'views.create_group'),
url(r'^updateGroup/(?P<group_id>.*)$', 'views.update_group'),
- url(r'^leaveGroup/(?P<group_id>.*)$', 'views.leave_group'),
)
urlpatterns += patterns('',
--- a/src/ldt/ldt/ldt_utils/views.py Mon Dec 12 10:19:04 2011 +0100
+++ b/src/ldt/ldt/ldt_utils/views.py Mon Dec 12 12:26:18 2011 +0100
@@ -1285,8 +1285,9 @@
@login_required
def create_group(request):
- if not request.user.is_regular:
- return HttpResponseServerError('<h1>User can not leave a group.</h1>')
+ if not request.user.has_perm('auth.add_group'):
+ return HttpResponseServerError('<h1>User %s can not create a group.</h1>' % request.user.username)
+
query = Q(id=settings.ANONYMOUS_USER_ID) | Q(id=request.user.id) | Q(is_superuser=True)
user_list = User.objects.exclude(query)[0:20]
user_list = [{'name': x.username, 'id': x.id, 'type': 'user'} for x in user_list]
@@ -1302,6 +1303,7 @@
group = Group.objects.create(name=name)
group.save()
+ assign('is_owner_group', request.user, group)
assign('change_group', request.user, group)
request.user.groups.add(group)
@@ -1320,29 +1322,28 @@
@login_required
def update_group(request, group_id):
- if not request.user.is_regular:
- return HttpResponseServerError('<h1>User can not update a group.</h1>')
+ group = get_object_or_404(Group, id=group_id)
+ checker = ObjectPermissionChecker(request.user)
- group = get_object_or_404(Group, id=group_id)
-
- if not request.user.has_perm('change_group', group):
+ if not checker.has_perm('change_group', group):
form_status = 'saved'
return render_to_response("ldt/ldt_utils/create_group.html", {'form_status' : form_status}, context_instance=RequestContext(request))
query = Q(id=settings.ANONYMOUS_USER_ID) | Q(id=request.user.id) | Q(is_superuser=True)
user_list = User.objects.exclude(query)[0:20]
user_list = [{'name': x.username, 'id': x.id, 'type': 'user'} for x in user_list]
- form_status = ''
+ form_status = ''
+ is_owner_group = checker.has_perm('is_owner_group', group)
if request.method == "POST":
form = GroupAddForm(request.POST, instance=group)
submit_action = request.REQUEST.get("submit_button", False)
if submit_action == 'delete':
- remove_perm('change_group', request.user, group)
- group.delete()
- form_status = 'deleted'
- else:
+ if is_owner_group:
+ group.delete()
+ form_status = 'deleted'
+ else:
if form.is_valid():
name = form.cleaned_data['name']
new_member_list = form.cleaned_data['read_list']
@@ -1355,11 +1356,12 @@
raise AttributeError('new_member_list should only contain users')
if user != request.user:
group.user_set.add(user)
- if user in admin_list:
- assign('change_group', user, group)
- else:
- remove_perm('change_group', user, group)
-
+ if is_owner_group:
+ if user in admin_list:
+ assign('change_group', user, group)
+ else:
+ remove_perm('change_group', user, group)
+
for user in old_member_list:
if user not in new_member_list:
group.user_set.remove(user)
@@ -1373,23 +1375,6 @@
member_list, admin_list = get_userlist_group(group, request.user)
return render_to_response("ldt/ldt_utils/create_group.html", {'group_id' : group_id, 'form' : form, 'form_status' : form_status,
- 'elem_list' : user_list, 'member_list': member_list, 'admin_list': admin_list},
- context_instance=RequestContext(request))
+ 'elem_list' : user_list, 'member_list': member_list, 'admin_list': admin_list,
+ 'is_owner_group': is_owner_group}, context_instance=RequestContext(request))
-@login_required
-def leave_group(request, group_id, redirect=True):
- if not request.user.is_regular:
- return HttpResponseServerError('<h1>User can not leave a group.</h1>')
-
- group = get_object_or_404(Group, id=group_id)
- redirect = boolean_convert(redirect)
-
- if not request.user.has_perm('change_group', group):
- request.user.groups.remove(group)
-
- if redirect:
- return HttpResponseRedirect(reverse('ldt.ldt_utils.views.groups'))
- else:
- return HttpResponse(simplejson.dumps({'res':True}, ensure_ascii=False), mimetype='application/json')
-
-
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/ldt/ldt/user/migrations/0005_add_user_permission.py Mon Dec 12 12:26:18 2011 +0100
@@ -0,0 +1,75 @@
+#@PydevCodeAnalysisIgnore
+# encoding: utf-8
+import datetime
+from south.db import db
+from south.v2 import DataMigration
+from django.db import models
+from django.contrib.auth.models import User
+from ldt.user.models import UserProfile
+from django.contrib.auth.models import Group, Permission
+from django.contrib.contenttypes.models import ContentType
+
+
+class Migration(DataMigration):
+
+ def forwards(self, orm):
+ content_type = ContentType.objects.get(app_label='auth', model='group')
+ permission = Permission.objects.create(codename='is_owner_group',
+ name='Can delete and administrate a group',
+ content_type=content_type)
+
+
+ def backwards(self, orm):
+ "Write your backwards methods here."
+
+
+ models = {
+ 'auth.group': {
+ 'Meta': {'object_name': 'Group'},
+ 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+ 'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}),
+ 'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'})
+ },
+ 'auth.permission': {
+ 'Meta': {'ordering': "('content_type__app_label', 'content_type__model', 'codename')", 'unique_together': "(('content_type', 'codename'),)", 'object_name': 'Permission'},
+ 'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+ 'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['contenttypes.ContentType']"}),
+ 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+ 'name': ('django.db.models.fields.CharField', [], {'max_length': '50'})
+ },
+ 'auth.user': {
+ 'Meta': {'object_name': 'User'},
+ 'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
+ 'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}),
+ 'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
+ 'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}),
+ 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+ 'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),
+ 'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+ 'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+ 'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
+ 'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
+ 'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}),
+ 'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}),
+ 'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'})
+ },
+ 'contenttypes.contenttype': {
+ 'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"},
+ 'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+ 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+ 'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+ 'name': ('django.db.models.fields.CharField', [], {'max_length': '100'})
+ },
+ 'user.ldt': {
+ 'Meta': {'object_name': 'Ldt', '_ormbases': ['auth.User']},
+ 'user_ptr': ('django.db.models.fields.related.OneToOneField', [], {'to': "orm['auth.User']", 'unique': 'True', 'primary_key': 'True'})
+ },
+ 'user.userprofile': {
+ 'Meta': {'object_name': 'UserProfile'},
+ 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+ 'language': ('django.db.models.fields.CharField', [], {'default': "'fr'", 'max_length': '2'}),
+ 'user': ('django.db.models.fields.related.OneToOneField', [], {'to': "orm['auth.User']", 'unique': 'True'})
+ }
+ }
+
+ complete_apps = ['user']
--- a/src/ldt/ldt/user/migrations/0005_auto__add_field_userprofile_is_regular.py Mon Dec 12 10:19:04 2011 +0100
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,71 +0,0 @@
-# encoding: utf-8
-import datetime
-from south.db import db
-from south.v2 import SchemaMigration
-from django.db import models
-
-class Migration(SchemaMigration):
-
- def forwards(self, orm):
-
- # Adding field 'UserProfile.is_regular'
- db.add_column('user_userprofile', 'is_regular', self.gf('django.db.models.fields.BooleanField')(default=False), keep_default=False)
-
-
- def backwards(self, orm):
-
- # Deleting field 'UserProfile.is_regular'
- db.delete_column('user_userprofile', 'is_regular')
-
-
- models = {
- 'auth.group': {
- 'Meta': {'object_name': 'Group'},
- 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
- 'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}),
- 'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'})
- },
- 'auth.permission': {
- 'Meta': {'ordering': "('content_type__app_label', 'content_type__model', 'codename')", 'unique_together': "(('content_type', 'codename'),)", 'object_name': 'Permission'},
- 'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
- 'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['contenttypes.ContentType']"}),
- 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
- 'name': ('django.db.models.fields.CharField', [], {'max_length': '50'})
- },
- 'auth.user': {
- 'Meta': {'object_name': 'User'},
- 'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
- 'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}),
- 'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
- 'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}),
- 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
- 'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),
- 'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
- 'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
- 'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
- 'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
- 'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}),
- 'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}),
- 'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'})
- },
- 'contenttypes.contenttype': {
- 'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"},
- 'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
- 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
- 'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
- 'name': ('django.db.models.fields.CharField', [], {'max_length': '100'})
- },
- 'user.ldt': {
- 'Meta': {'object_name': 'Ldt', '_ormbases': ['auth.User']},
- 'user_ptr': ('django.db.models.fields.related.OneToOneField', [], {'to': "orm['auth.User']", 'unique': 'True', 'primary_key': 'True'})
- },
- 'user.userprofile': {
- 'Meta': {'object_name': 'UserProfile'},
- 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
- 'is_regular': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
- 'language': ('django.db.models.fields.CharField', [], {'default': "'fr'", 'max_length': '2'}),
- 'user': ('django.db.models.fields.related.OneToOneField', [], {'to': "orm['auth.User']", 'unique': 'True'})
- }
- }
-
- complete_apps = ['user']
--- a/src/ldt/ldt/user/models.py Mon Dec 12 10:19:04 2011 +0100
+++ b/src/ldt/ldt/user/models.py Mon Dec 12 12:26:18 2011 +0100
@@ -3,10 +3,9 @@
from django.contrib.auth.models import User, UserManager, Group
from django.db import models
from django.db.models.signals import post_save
-from django.utils.translation import ugettext as _
import datetime
-
+
class Ldt(User):
# irigroups = models.ManyToManyField(IriGroup, blank=True)
@@ -35,13 +34,12 @@
class UserProfile (models.Model):
user = models.OneToOneField(User)
language = models.CharField(max_length=2, default=settings.LANGUAGE_CODE[:2])
- is_regular = models.BooleanField(default=False, help_text=_("Designates whether the user can create and leave groups."))
@staticmethod
def create_user_profile(sender, instance, created, **kwargs):
if created:
UserProfile.objects.create(user=instance)
-
+
post_save.connect(UserProfile.create_user_profile, sender=User)