django-orchestra/orchestra/contrib/systemusers/actions.py

85 lines
3.3 KiB
Python
Raw Normal View History

import os
2014-11-12 12:45:37 +00:00
from django import forms
from django.contrib import messages, admin
from django.core.exceptions import PermissionDenied
from django.template.response import TemplateResponse
2014-11-12 12:45:37 +00:00
from django.utils.translation import ungettext, ugettext_lazy as _
from orchestra.admin.decorators import action_with_confirmation
from orchestra.contrib.orchestration.middlewares import OperationsMiddleware
2014-11-12 12:45:37 +00:00
from .forms import GrantPermissionForm
2014-11-12 12:45:37 +00:00
def grant_permission(modeladmin, request, queryset):
account_id = None
for user in queryset:
account_id = account_id or user.account_id
if user.account_id != account_id:
messages.error("Users from the same account should be selected.")
user = queryset[0]
if request.method == 'POST':
form = GrantPermissionForm(user, request.POST)
if form.is_valid():
cleaned_data = form.cleaned_data
to = os.path.join(cleaned_data['base_path'], cleaned_data['path_extension'])
ro = cleaned_data['read_only']
for user in queryset:
user.grant_to = to
user.grant_ro = ro
# DOn't collect, execute right away for path validation
OperationsMiddleware.collect('grant_permission', instance=user)
context = {
'type': _("read-only") if ro else _("read-write"),
'to': to,
}
msg = _("Granted %(type)s permissions on %(to)s") % context
modeladmin.log_change(request, user, msg)
# TODO feedback message
return
opts = modeladmin.model._meta
app_label = opts.app_label
context = {
'title': _("Grant permission"),
'action_name': _("Grant permission"),
'action_value': 'grant_permission',
'queryset': queryset,
'opts': opts,
'obj': user,
'app_label': app_label,
'action_checkbox_name': admin.helpers.ACTION_CHECKBOX_NAME,
'form': GrantPermissionForm(user),
}
return TemplateResponse(request, 'admin/systemusers/systemuser/grant_permission.html',
context, current_app=modeladmin.admin_site.name)
2014-11-12 12:45:37 +00:00
grant_permission.url_name = 'grant-permission'
grant_permission.verbose_name = _("Grant permission")
def delete_selected(modeladmin, request, queryset):
""" wrapper arround admin.actions.delete_selected to prevent main system users deletion """
opts = modeladmin.model._meta
app_label = opts.app_label
# Check that the user has delete permission for the actual model
if not modeladmin.has_delete_permission(request):
raise PermissionDenied
else:
accounts = []
for user in queryset:
if user.is_main:
accounts.append(user.username)
if accounts:
n = len(accounts)
messages.error(request, ungettext(
"You have selected one main system user (%(accounts)s), which can not be deleted.",
"You have selected some main system users which can not be deleted (%(accounts)s).",
n) % {
'accounts': ', '.join(accounts[:10]+['...'] if n > 10 else accounts)
}
)
return
return admin.actions.delete_selected(modeladmin, request, queryset)
delete_selected.short_description = _("Delete selected %(verbose_name_plural)s")