Create new permission groups and fix member register permissions
This commit is contained in:
Jan Tuomi
@@ -14,14 +14,14 @@ class Migration(migrations.Migration):
|
|||||||
operations = [
|
operations = [
|
||||||
migrations.AlterModelOptions(
|
migrations.AlterModelOptions(
|
||||||
name='member',
|
name='member',
|
||||||
options={'permissions': (('check_by_email', 'Can check if user exists by email'), ('read', 'Can see member in list'))},
|
options={'permissions': (('check_by_email', 'Can check if user exists by email'), ('read_member', 'Can see member in list'))},
|
||||||
),
|
),
|
||||||
migrations.AlterModelOptions(
|
migrations.AlterModelOptions(
|
||||||
name='payment',
|
name='payment',
|
||||||
options={'permissions': (('read', 'Can see payment in list'),)},
|
options={'permissions': (('read_payment', 'Can see payment in list'),)},
|
||||||
),
|
),
|
||||||
migrations.AlterModelOptions(
|
migrations.AlterModelOptions(
|
||||||
name='request',
|
name='request',
|
||||||
options={'permissions': (('read', 'Can see member application in list'),)},
|
options={'permissions': (('read_application', 'Can see member application in list'),)},
|
||||||
),
|
),
|
||||||
]
|
]
|
||||||
|
|||||||
+3
-3
@@ -45,7 +45,7 @@ class Request(BaseMember):
|
|||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
permissions = (
|
permissions = (
|
||||||
('read', 'Can see member application in list'),
|
('read_application', 'Can see member application in list'),
|
||||||
)
|
)
|
||||||
|
|
||||||
submitted = models.DateTimeField(_('Submitted'), default=timezone.now)
|
submitted = models.DateTimeField(_('Submitted'), default=timezone.now)
|
||||||
@@ -62,7 +62,7 @@ class Payment(models.Model):
|
|||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
permissions = (
|
permissions = (
|
||||||
('read', 'Can see payment in list'),
|
('read_payment', 'Can see payment in list'),
|
||||||
)
|
)
|
||||||
|
|
||||||
date = models.DateTimeField(_('Date'), default=timezone.now)
|
date = models.DateTimeField(_('Date'), default=timezone.now)
|
||||||
@@ -98,7 +98,7 @@ class Member(BaseMember):
|
|||||||
class Meta:
|
class Meta:
|
||||||
permissions = (
|
permissions = (
|
||||||
('check_by_email', 'Can check if user exists by email'),
|
('check_by_email', 'Can check if user exists by email'),
|
||||||
('read', 'Can see member in list'),
|
('read_member', 'Can see member in list'),
|
||||||
)
|
)
|
||||||
|
|
||||||
def last_paid(self):
|
def last_paid(self):
|
||||||
|
|||||||
@@ -18,7 +18,7 @@ from members.forms import ApplicationForm
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["GET"])
|
@require_http_methods(["GET"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.read_application', login_url='/login', raise_exception=True)
|
||||||
def application_list(request, *args, **kwargs):
|
def application_list(request, *args, **kwargs):
|
||||||
"""List member applications not yet processed."""
|
"""List member applications not yet processed."""
|
||||||
applications = Request.objects.all()
|
applications = Request.objects.all()
|
||||||
@@ -40,7 +40,7 @@ def application_list(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["GET"])
|
@require_http_methods(["GET"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.change_request', login_url='/login', raise_exception=True)
|
||||||
def application_edit(request, *args, **kwargs):
|
def application_edit(request, *args, **kwargs):
|
||||||
"""Edit member request information."""
|
"""Edit member request information."""
|
||||||
i = kwargs.pop('index', None)
|
i = kwargs.pop('index', None)
|
||||||
@@ -58,7 +58,7 @@ def application_edit(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["POST"])
|
@require_http_methods(["POST"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.add_member', login_url='/login', raise_exception=True)
|
||||||
def application_accept(request, *args, **kwargs):
|
def application_accept(request, *args, **kwargs):
|
||||||
"""Accept application."""
|
"""Accept application."""
|
||||||
form = ApplicationForm(request.POST)
|
form = ApplicationForm(request.POST)
|
||||||
@@ -86,7 +86,7 @@ def application_accept(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["POST"])
|
@require_http_methods(["POST"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.delete_request', login_url='/login', raise_exception=True)
|
||||||
def application_delete(request, *args, **kwargs):
|
def application_delete(request, *args, **kwargs):
|
||||||
"""Delete member application."""
|
"""Delete member application."""
|
||||||
try:
|
try:
|
||||||
@@ -114,7 +114,7 @@ def application_delete(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["GET"])
|
@require_http_methods(["GET"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.delete_request', login_url='/login', raise_exception=True)
|
||||||
def application_delete_confirm(request, *args, **kwargs):
|
def application_delete_confirm(request, *args, **kwargs):
|
||||||
"""Confirm application deletion."""
|
"""Confirm application deletion."""
|
||||||
i = kwargs.pop('index', None)
|
i = kwargs.pop('index', None)
|
||||||
|
|||||||
@@ -27,7 +27,7 @@ from members.views.utils import *
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["GET"])
|
@require_http_methods(["GET"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.read_member', login_url='/login', raise_exception=True)
|
||||||
def member_list(request, *args, **kwargs):
|
def member_list(request, *args, **kwargs):
|
||||||
"""Render members list."""
|
"""Render members list."""
|
||||||
search = request.GET.get('q', None)
|
search = request.GET.get('q', None)
|
||||||
@@ -53,7 +53,7 @@ def member_list(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["GET"])
|
@require_http_methods(["GET"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.add_member', login_url='/login', raise_exception=True)
|
||||||
def member_add(request, *args, **kwargs):
|
def member_add(request, *args, **kwargs):
|
||||||
"""Render add member page."""
|
"""Render add member page."""
|
||||||
form = MemberForm()
|
form = MemberForm()
|
||||||
@@ -62,7 +62,7 @@ def member_add(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["GET"])
|
@require_http_methods(["GET"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.delete_member', login_url='/login', raise_exception=True)
|
||||||
def member_delete_confirm(request, *args, **kwargs):
|
def member_delete_confirm(request, *args, **kwargs):
|
||||||
"""Render member deletion confirmation page."""
|
"""Render member deletion confirmation page."""
|
||||||
i = kwargs.pop('index', None)
|
i = kwargs.pop('index', None)
|
||||||
@@ -78,7 +78,7 @@ def member_delete_confirm(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["GET"])
|
@require_http_methods(["GET"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.add_member', login_url='/login', raise_exception=True)
|
||||||
def member_add_many(request, *args, **kwargs):
|
def member_add_many(request, *args, **kwargs):
|
||||||
"""Render add multiple members page."""
|
"""Render add multiple members page."""
|
||||||
return render(request, 'member_add_many.html', {})
|
return render(request, 'member_add_many.html', {})
|
||||||
@@ -86,7 +86,7 @@ def member_add_many(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["POST"])
|
@require_http_methods(["POST"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.add_member', login_url='/login', raise_exception=True)
|
||||||
def add_many_confirm(request, *args, **kwargs):
|
def add_many_confirm(request, *args, **kwargs):
|
||||||
models = request.session['models']
|
models = request.session['models']
|
||||||
|
|
||||||
@@ -108,7 +108,7 @@ def add_many_confirm(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["POST"])
|
@require_http_methods(["POST"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.add_member', login_url='/login', raise_exception=True)
|
||||||
def member_submit(request, *args, **kwargs):
|
def member_submit(request, *args, **kwargs):
|
||||||
"""Add member based on data gained from member form."""
|
"""Add member based on data gained from member form."""
|
||||||
form = MemberForm(request.POST)
|
form = MemberForm(request.POST)
|
||||||
@@ -128,7 +128,7 @@ def member_submit(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["POST"])
|
@require_http_methods(["POST"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.change_member', login_url='/login', raise_exception=True)
|
||||||
def member_update(request, *args, **kwargs):
|
def member_update(request, *args, **kwargs):
|
||||||
"""Update member information."""
|
"""Update member information."""
|
||||||
form = MemberForm(request.POST)
|
form = MemberForm(request.POST)
|
||||||
@@ -154,7 +154,7 @@ def member_update(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["POST"])
|
@require_http_methods(["POST"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.delete_member', login_url='/login', raise_exception=True)
|
||||||
def member_delete(request, *args, **kwargs):
|
def member_delete(request, *args, **kwargs):
|
||||||
"""Delete member."""
|
"""Delete member."""
|
||||||
try:
|
try:
|
||||||
@@ -181,7 +181,7 @@ def member_delete(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["GET"])
|
@require_http_methods(["GET"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.change_member', login_url='/login', raise_exception=True)
|
||||||
def member_edit(request, *args, **kwargs):
|
def member_edit(request, *args, **kwargs):
|
||||||
"""Edit member information."""
|
"""Edit member information."""
|
||||||
i = kwargs.pop('index', None)
|
i = kwargs.pop('index', None)
|
||||||
|
|||||||
@@ -18,7 +18,7 @@ from members.forms import PaymentForm
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["GET"])
|
@require_http_methods(["GET"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.read_payment', login_url='/login', raise_exception=True)
|
||||||
def payment_list(request, *args, **kwargs):
|
def payment_list(request, *args, **kwargs):
|
||||||
"""Render list of payments."""
|
"""Render list of payments."""
|
||||||
search = request.GET.get('q', None)
|
search = request.GET.get('q', None)
|
||||||
@@ -45,7 +45,7 @@ def payment_list(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["GET"])
|
@require_http_methods(["GET"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.add_payment', login_url='/login', raise_exception=True)
|
||||||
def payment_add(request, *args, **kwargs):
|
def payment_add(request, *args, **kwargs):
|
||||||
"""Render add payment form."""
|
"""Render add payment form."""
|
||||||
form = PaymentForm()
|
form = PaymentForm()
|
||||||
@@ -54,7 +54,7 @@ def payment_add(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["POST"])
|
@require_http_methods(["POST"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.add_payment', login_url='/login', raise_exception=True)
|
||||||
def payment_submit(request, *args, **kwargs):
|
def payment_submit(request, *args, **kwargs):
|
||||||
"""Submit payment."""
|
"""Submit payment."""
|
||||||
form = PaymentForm(request.POST)
|
form = PaymentForm(request.POST)
|
||||||
@@ -75,7 +75,7 @@ def payment_submit(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["GET"])
|
@require_http_methods(["GET"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.change_payment', login_url='/login', raise_exception=True)
|
||||||
def payment_edit(request, *args, **kwargs):
|
def payment_edit(request, *args, **kwargs):
|
||||||
"""Edit payment."""
|
"""Edit payment."""
|
||||||
i = kwargs.pop('index', None)
|
i = kwargs.pop('index', None)
|
||||||
@@ -93,7 +93,7 @@ def payment_edit(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["GET"])
|
@require_http_methods(["GET"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.delete_payment', login_url='/login', raise_exception=True)
|
||||||
def payment_delete_confirm(request, *args, **kwargs):
|
def payment_delete_confirm(request, *args, **kwargs):
|
||||||
"""Render payment delete confirmation page."""
|
"""Render payment delete confirmation page."""
|
||||||
i = kwargs.pop('index', None)
|
i = kwargs.pop('index', None)
|
||||||
@@ -111,7 +111,7 @@ def payment_delete_confirm(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["POST"])
|
@require_http_methods(["POST"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.delete_payment', login_url='/login', raise_exception=True)
|
||||||
def payment_delete(request, *args, **kwargs):
|
def payment_delete(request, *args, **kwargs):
|
||||||
"""Delete payment."""
|
"""Delete payment."""
|
||||||
try:
|
try:
|
||||||
@@ -139,7 +139,7 @@ def payment_delete(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["POST"])
|
@require_http_methods(["POST"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.change_payment', login_url='/login', raise_exception=True)
|
||||||
def payment_update(request, *args, **kwargs):
|
def payment_update(request, *args, **kwargs):
|
||||||
"""Update payment information."""
|
"""Update payment information."""
|
||||||
form = PaymentForm(request.POST)
|
form = PaymentForm(request.POST)
|
||||||
|
|||||||
@@ -93,7 +93,7 @@ def convert_table_to_html(table, request):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["GET"])
|
@require_http_methods(["GET"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.change_member', login_url='/login', raise_exception=True)
|
||||||
def settings_page(request, *args, **kwargs):
|
def settings_page(request, *args, **kwargs):
|
||||||
"""Render member app settings page."""
|
"""Render member app settings page."""
|
||||||
return render(request, 'settings.html', {})
|
return render(request, 'settings.html', {})
|
||||||
@@ -101,7 +101,7 @@ def settings_page(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["POST"])
|
@require_http_methods(["POST"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required(['members.change_member', 'members.change_payment'], login_url='/login', raise_exception=True)
|
||||||
def import_csv(request, *args, **kwargs):
|
def import_csv(request, *args, **kwargs):
|
||||||
"""Get csv data imported to page and create members based on that."""
|
"""Get csv data imported to page and create members based on that."""
|
||||||
try:
|
try:
|
||||||
@@ -145,7 +145,7 @@ def import_csv(request, *args, **kwargs):
|
|||||||
|
|
||||||
@ensure_csrf_cookie
|
@ensure_csrf_cookie
|
||||||
@require_http_methods(["GET"])
|
@require_http_methods(["GET"])
|
||||||
@permission_required('members.change_member', login_url='/login')
|
@permission_required('members.read_member', login_url='/login', raise_exception=True)
|
||||||
def export_csv(request, *args, **kwargs):
|
def export_csv(request, *args, **kwargs):
|
||||||
"""Export members as csv."""
|
"""Export members as csv."""
|
||||||
response = HttpResponse()
|
response = HttpResponse()
|
||||||
|
|||||||
@@ -50,36 +50,16 @@ class Command(BaseCommand):
|
|||||||
self.stdout.write('The group "officials" already existed '
|
self.stdout.write('The group "officials" already existed '
|
||||||
'and was not therefore created')
|
'and was not therefore created')
|
||||||
|
|
||||||
feed_permissions = Permission.objects.filter(codename__contains='feed')
|
cts = ContentType.objects.filter(app_label='webapp')
|
||||||
|
feed_permissions = Permission.objects.filter(content_type__in=cts, codename__contains='feed')
|
||||||
|
event_permissions = Permission.objects.filter(content_type__in=cts, codename__contains='event')
|
||||||
|
registration_permissions = Permission.objects.filter(content_type__in=cts, codename__contains='registration')
|
||||||
|
|
||||||
officials_group.permissions.add(*feed_permissions)
|
officials_group.permissions.add(*feed_permissions)
|
||||||
|
officials_group.permissions.add(*event_permissions)
|
||||||
|
officials_group.permissions.add(*registration_permissions)
|
||||||
|
|
||||||
def handle(self, *args, **options):
|
def handle(self, *args, **options):
|
||||||
|
|
||||||
self.stdout.write("Creating sikadmin group")
|
|
||||||
sikadmin_group, created = Group.objects.get_or_create(name="sikadmin")
|
|
||||||
if not created:
|
|
||||||
self.stdout.write('The group "sikadmin" already existed '
|
|
||||||
'and was not therefore created')
|
|
||||||
|
|
||||||
self.stdout.write("Creating sikadmin permission")
|
|
||||||
|
|
||||||
# TODO Use some sikadmin native model when such exists
|
|
||||||
group_ctype = ContentType.objects.get_for_model(Group)
|
|
||||||
sikadmin_permission, created = Permission.objects.get_or_create(
|
|
||||||
codename='sikadmin',
|
|
||||||
content_type=group_ctype,
|
|
||||||
name='SIK Admin')
|
|
||||||
|
|
||||||
if not created:
|
|
||||||
self.stdout.write('The permission "sikadmin" already existed '
|
|
||||||
'and was not therefore created')
|
|
||||||
|
|
||||||
self.stdout.write("Giving sikadmin group permission to sikadmin")
|
|
||||||
if sikadmin_group.permissions.filter(id=sikadmin_permission.id).exists():
|
|
||||||
self.stdout.write("Permission already existed. skipping...")
|
|
||||||
else:
|
|
||||||
sikadmin_group.permissions.add(sikadmin_permission)
|
|
||||||
|
|
||||||
self.create_infoscreen_moderator()
|
self.create_infoscreen_moderator()
|
||||||
self.create_member_register_viewer()
|
self.create_member_register_viewer()
|
||||||
self.create_member_register_administrator()
|
self.create_member_register_administrator()
|
||||||
|
|||||||
Reference in New Issue
Block a user