diff options
| author | Andrea Lepori <alepori@student.ethz.ch> | 2022-12-29 12:45:35 +0100 |
|---|---|---|
| committer | Andrea Lepori <alepori@student.ethz.ch> | 2022-12-29 12:45:36 +0100 |
| commit | 45cadf46d65e5d8f0620a8412bbc90cf23ab5c74 (patch) | |
| tree | b03074797dff9fb509d4845c9ac6c4068087f9ce | |
| parent | Merge branch 'master' into dev (diff) | |
| download | scout-subs-45cadf46d65e5d8f0620a8412bbc90cf23ab5c74.tar.gz scout-subs-45cadf46d65e5d8f0620a8412bbc90cf23ab5c74.zip | |
superuser mode
| -rw-r--r-- | client/templatetags/app_filter.py | 9 | ||||
| -rw-r--r-- | server/views.py | 56 | ||||
| -rw-r--r-- | templates/registration/base_admin.html | 34 | ||||
| -rw-r--r-- | version.txt | 2 |
4 files changed, 80 insertions, 21 deletions
diff --git a/client/templatetags/app_filter.py b/client/templatetags/app_filter.py index aa93cf2..335827e 100644 --- a/client/templatetags/app_filter.py +++ b/client/templatetags/app_filter.py @@ -89,4 +89,11 @@ def user_list(user): else: gr = GroupSettings.objects.filter(group__in=groups).filter(view_documents=True) - return (len(gr) != 0)
\ No newline at end of file + return (len(gr) != 0) + +@register.filter(name="su_color") +def su_color(status): + if status: + return "green" + else: + return "red lighten-1"
\ No newline at end of file diff --git a/server/views.py b/server/views.py index d295de6..481c177 100644 --- a/server/views.py +++ b/server/views.py @@ -46,14 +46,21 @@ def isCapi_enabled(user): return False
# function to get group list based on permissions of user
-def getGroups(user):
+def getGroups(request):
+ user = request.user
if user.is_staff:
groups = list(user.groups.all())
else:
groups = list(user.groups.all())[1:]
- if user.is_superuser:
+ if user.is_superuser and request.session.get("superuser"):
groups = list(Group.objects.all())
+ if "superuser_group" in request.session:
+ su_group = Group.objects.get(name=request.session["superuser_group"])
+ if su_group in groups:
+ groups.remove(su_group)
+ groups = [su_group] + groups
+
print(groups)
return groups
@@ -62,7 +69,7 @@ def getGroups(user): def index(request):
context = {}
- groups = getGroups(request.user)
+ groups = getGroups(request)
q_obj = Q(group__in=groups)
@@ -90,6 +97,21 @@ def index(request): # check if changing settings
if request.method == "POST" and request.user.is_staff:
+ if request.user.is_superuser and "su_status" in request.POST:
+ action = request.POST["su_status"]
+ if action == "change":
+ if "superuser" not in request.session:
+ request.session["superuser"] = True
+ else:
+ request.session["superuser"] = not request.session["superuser"]
+
+ if "superuser_group" not in request.session:
+ request.session["superuser_group"] = "reparto"
+ elif action in ["diga", "muta", "reparto", "posto", "clan"]:
+ request.session["superuser_group"] = action
+
+ return HttpResponseRedirect("/server")
+
for i in groups:
settings = GroupSettings.objects.filter(group=i)
@@ -123,7 +145,7 @@ def uapprove(request): data = []
if request.method == "POST":
# get group name and obj
- group = getGroups(request.user)[0]
+ group = getGroups(request)[0]
parent_group = group.name
# get permission object
@@ -188,7 +210,7 @@ def docapprove(request): context = {}
data = []
- groups = getGroups(request.user)
+ groups = getGroups(request)
# setup variables for error text and success text
error = False
@@ -299,7 +321,7 @@ def docapprove(request): @staff_member_required
def approve_direct(request):
# get groups that the user is manager of
- groups = getGroups(request.user)
+ groups = getGroups(request)
if request.method == "POST" and "doc_code" in request.POST:
# if user submitted the form to approve a document
@@ -359,7 +381,7 @@ def approve_direct(request): def ulist(request):
context = {}
# group name and obj
- group = getGroups(request.user)[0]
+ group = getGroups(request)[0]
if request.method == "POST":
# request to download document
@@ -466,7 +488,7 @@ def doctype(request): group_check = 'checked="checked"'
# if user not staff of primary get only non primary groups
- groups = getGroups(request.user)
+ groups = getGroups(request)
if request.method == "POST":
# check if request to edit
@@ -770,7 +792,7 @@ def custom_parameters_preview(request): def doccreate(request):
context = {}
- groups = getGroups(request.user)
+ groups = getGroups(request)
# if user is not staff of primary set default group to secondary and default public type
if request.user.is_staff:
group_private = False
@@ -905,7 +927,7 @@ def docedit(request): @user_passes_test(isStaff)
def docedit_wrapper(request, context):
- groups = getGroups(request.user)
+ groups = getGroups(request)
group = groups[0]
if request.user.is_staff and "group" in context.keys():
@@ -1006,7 +1028,7 @@ def doclist(request): context = {}
# group name and obj
- parent_groups = getGroups(request.user)
+ parent_groups = getGroups(request)
# create typezone
zurich = pytz.timezone('Europe/Zurich')
@@ -1183,7 +1205,7 @@ def doclist(request): # get types and users for chips autocompletation
if request.user.is_staff:
auto_types = DocumentType.objects.filter(
- Q(group_private=False) | Q(group=getGroups(request.user)[0]))
+ Q(group_private=False) | Q(group=getGroups(request)[0]))
else:
auto_types = DocumentType.objects.filter(Q(group_private=False))
@@ -1532,7 +1554,7 @@ def zip_documents(docs, session_key): @user_passes_test(isStaff)
def upload_doc(request):
# setup group based on staff primary or not
- groups = getGroups(request.user)
+ groups = getGroups(request)
# setup variables for error text and success text
error = False
@@ -1601,7 +1623,7 @@ def upload_doc(request): def docpreview(request):
context = {}
# check for permissions
- groups = getGroups(request.user)
+ groups = getGroups(request)
if request.method == "POST":
# get document code
@@ -1652,7 +1674,7 @@ def docpreview(request): @user_passes_test(isStaff)
def data_request(request):
context = {}
- parent_group = getGroups(request.user)[0]
+ parent_group = getGroups(request)[0]
if request.method == "POST":
if "request" not in request.POST.keys():
@@ -1788,7 +1810,7 @@ def media_request(request, id=0, t="", flag=""): if flag == "usercode":
usercode = UserCode.objects.get(id=id)
if request.user.is_staff:
- groups = getGroups(request.user)
+ groups = getGroups(request)
usercode_group = usercode.user.groups[0]
if usercode_group not in groups:
return
@@ -1805,7 +1827,7 @@ def media_request(request, id=0, t="", flag=""): doc = Document.objects.get(id=id)
doc_group = doc.group
- groups = getGroups(request.user)
+ groups = getGroups(request)
group_view = Group.objects.filter(name="capi") in groups and GroupSettings.objects.filter(group__name=doc_group).filter(view_documents=True).count() != 0
# check if user can view media
diff --git a/templates/registration/base_admin.html b/templates/registration/base_admin.html index e4ecdf3..dc641c0 100644 --- a/templates/registration/base_admin.html +++ b/templates/registration/base_admin.html @@ -1,11 +1,11 @@ -{% with color="red lighten-1" %} +{% load app_filter %} +{% with color=request.session.superuser|su_color %} {% with hexcolor="#ef5350" %} {% with hexlightcolor="#ef9a9a" %} <!DOCTYPE html> <html> <head> {% load static %} - {% load app_filter %} <link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet"> <link rel="stylesheet" type="text/css" href="{% static 'materialize.min.css' %}"> <style> @@ -85,6 +85,10 @@ </head> <body> <nav class="nav-extended"> + <form id="su_change" method="post" action="{% url 'server'%}"> + {% csrf_token %} + <input type="hidden" name="su_status" id="su_status"> + </form> <form id="user_form" method="post" action="{% url 'user_switcher'%}"> {% csrf_token %} <input type="hidden" name="metadata" id="metadata"> @@ -129,6 +133,23 @@ <li><a href="{% url 'about' %}">Informazioni sul prodotto</a></li> </ul> </ul> + {% if user.is_superuser %} + <ul class="right"> + {% if request.session.superuser %} + <li class="dropdown-trigger" data-target='su_opts'><a href="#">{{request.session.superuser_group}}<i class="material-icons right">security</i></a></li> + <ul id="su_opts" class='dropdown-content'> + <li><a href="#!" onclick="su_change('diga')">diga</a></li> + <li><a href="#!" onclick="su_change('muta')">muta</a></li> + <li><a href="#!" onclick="su_change('reparto')">reparto</a></li> + <li><a href="#!" onclick="su_change('posto')">posto</a></li> + <li><a href="#!" onclick="su_change('clan')">clan</a></li> + <li><a id="su_btn" href="#!" onclick="su_change('change')">Esci superuser<i class="material-icons">security</i></a></li> + </ul> + {% else %} + <li><a id="su_btn" href="#!" onclick="su_change('change')"><i class="material-icons">security</i></a></li> + {% endif %} + </ul> + {% endif %} </div> {% block toolbar %} {% endblock %} @@ -152,6 +173,8 @@ document.addEventListener('DOMContentLoaded', function() { var elems = document.querySelectorAll('.userswitcher'); var instances = M.Dropdown.init(elems, {"coverTrigger": false, "constrainWidth": false}); + var elems = document.querySelectorAll('.dropdown-trigger'); + var instances = M.Dropdown.init(elems, {"coverTrigger": false, "constrainWidth": false}); }); function switcher_submit(id) { var form = document.getElementById('user_form') @@ -159,6 +182,13 @@ action.setAttribute('value', id); form.submit() } + + function su_change(parm) { + var form = document.getElementById('su_change') + var action = document.getElementById('su_status') + action.setAttribute('value', parm); + form.submit() + } {% block script %} {% endblock%} </script> diff --git a/version.txt b/version.txt index 9553714..8d25dce 100644 --- a/version.txt +++ b/version.txt @@ -1,2 +1,2 @@ version=0.6 -rev=14 +rev=15 |