Display superusers in rights list

2025-06-20 17:41:55 +02:00 · 2020-08-31 21:11:00 +02:00
parent ca6f7cac9a
commit b8c1cfba40
5 changed files with 166 additions and 110 deletions
--- a/apps/permission/tables.py
+++ b/apps/permission/tables.py
@ -2,8 +2,12 @@
 # SPDX-License-Identifier: GPL-3.0-or-later

 import django_tables2 as tables
+from django.contrib.auth.models import User
 from django.urls import reverse_lazy
 from django.utils.html import format_html
+from django.utils.translation import gettext_lazy as _
+from django_tables2 import A
+
 from member.models import Membership
 from note_kfet.middlewares import get_current_authenticated_user
 from permission.backends import PermissionBackend
@ -48,3 +52,18 @@ class RightsTable(tables.Table):
        template_name = 'django_tables2/bootstrap4.html'
        fields = ('user.last_name', 'user.first_name', 'user', 'club', 'roles', )
        model = Membership
+
+
+class SuperuserTable(tables.Table):
+    username = tables.LinkColumn(
+        "member:user_detail",
+        args=[A("pk")],
+    )
+
+    class Meta:
+        model = User
+        fields = ('last_name', 'first_name', 'username', )
+        attrs = {
+            'class': 'table table-condensed table-striped table-hover',
+            'style': 'table-layout: fixed;'
+        }
--- a/apps/permission/templates/permission/all_rights.html
+++ b/apps/permission/templates/permission/all_rights.html
@ -1,92 +1,117 @@
 {% extends "base.html" %}
 {% comment %}
-SPDX-License-Identifier: GPL-3.0-or-later
+    SPDX-License-Identifier: GPL-3.0-or-later
 {% endcomment %}
 {% load i18n %}
 {% load render_table from django_tables2 %}
 {% block contenttitle %}{% endblock %}

 {% block content %}
-{% if user.is_authenticated %}
-<div class="card bg-light mb-3">
-  <h3 class="card-header text-center">
-    {% trans "Users that have surnormal rights" %}
-  </h3>
-  {% render_table special_memberships_table %}
-</div>
-{% endif %}
-
-<div class="card bg-light">
-  <h3 class="card-header text-center">
-    {% trans "Roles description" %}
-  </h3>
-  <div class="card-body">
    {% if user.is_authenticated %}
-    <div class="form-check">
-      <label for="owned_only" class="form-check-label">
-        <input id="owned_only" name="owned_only" type="checkbox" class="checkboxinput form-check-input">
-        {% trans "Filter with roles that I have in at least one club" %}
-      </label>
-    </div>
-    {% endif %}
-  </div>
-  <div class="accordion" id="accordionRoles">
-    {% regroup active_memberships by roles as memberships_per_role %}
-    {% for role in roles %}
-    <div class="card {% if not role.clubs %}no-club{% endif %}">
-      <div class="card-header py-1" id="{{ role|slugify }} ">
-        <a href="#" class="text-decoration-none" data-toggle="collapse" data-target="#collapse{{ role|slugify }}"
-          aria-expanded="true" aria-controls="collapse{{ role|slugify }}">
-          {{ role }}
-          {% if role.weirole %}(<em>Pour le WEI</em>){% endif %}
-          {% if role.for_club %}(<em>Pour le club {{ role.for_club }} uniquement</em>){% endif %}
-          {% if role.clubs %}
-          <small><span class="badge badge-success">{% trans "Owned" %} : {{ role.clubs|join:", " }}</span></small>
-          {% endif %}
-        </a>
-      </div>
-
-      <div id="collapse{{ role|slugify }}" class="collapse" aria-labelledby="{{ role|slugify }}"
-        data-parent="#accordionRoles">
-        <div class="card-body">
-          {% if role.clubs %}
-          <div class="alert alert-success">
-            {% trans "Own this role in the clubs" %} {{ role.clubs|join:", " }}
-          </div>
-          {% endif %}
-          <ul>
-            {% for permission in role.permissions.all %}
-            <li data-toggle="tooltip"
-              title="{% trans "Mask:" %} {{ permission.mask }}, {% trans "Query:" %} {{ permission.query }}">
-              <b>{{ permission }}</b> ({{ permission.get_type_display }}
-              {{ permission.model }}{% if permission.permanent %},
-              {% trans "permanent" %}{% endif %})</li>
-            {% empty %}
-            <em>{% trans "No associated permission" %}</em>
-            {% endfor %}
-          </ul>
+        <div class="card bg-light mb-3">
+            <h3 class="card-header text-center">
+                {% trans "Users that have surnormal rights" %}
+            </h3>
+            <div class="card-body">
+                <div class="card">
+                    <div class="card-head">
+                        <h4 class="card-header text-center">
+                            <a href="#" data-toggle="collapse" data-target="#card-superusers">{% trans "Superusers" %}</a>
+                        </h4>
+                    </div>
+                    <div class="card-body collapse show" id="card-superusers">
+                        {% render_table superusers %}
+                    </div>
+                </div>
+                <hr>
+                <div class="card">
+                    <div class="card-head">
+                        <h4 class="card-header text-center">
+                            <a href="#" data-toggle="collapse" data-target="#card-clubs">{% trans "Club managers" %}</a>
+                        </h4>
+                    </div>
+                    <div class="card-body collapse show" id="card-clubs">
+                        {% render_table special_memberships_table %}
+                    </div>
+                </div>
+            </div>
+        </div>
+    {% endif %}
+
+    <div class="card bg-light">
+        <h3 class="card-header text-center">
+            {% trans "Roles description" %}
+        </h3>
+        <div class="card-body">
+            {% if user.is_authenticated %}
+                <div class="form-check">
+                    <label for="owned_only" class="form-check-label">
+                        <input id="owned_only" name="owned_only" type="checkbox" class="checkboxinput form-check-input">
+                        {% trans "Filter with roles that I have in at least one club" %}
+                    </label>
+                </div>
+            {% endif %}
+        </div>
+        <div class="accordion" id="accordionRoles">
+            {% regroup active_memberships by roles as memberships_per_role %}
+            {% for role in roles %}
+                <div class="card {% if not role.clubs %}no-club{% endif %}">
+                    <div class="card-header py-1" id="{{ role|slugify }} ">
+                        <a href="#" class="text-decoration-none" data-toggle="collapse"
+                           data-target="#collapse{{ role|slugify }}"
+                           aria-expanded="true" aria-controls="collapse{{ role|slugify }}">
+                            {{ role }}
+                            {% if role.weirole %}(<em>Pour le WEI</em>){% endif %}
+                            {% if role.for_club %}(<em>Pour le club {{ role.for_club }} uniquement</em>){% endif %}
+                            {% if role.clubs %}
+                                <small><span class="badge badge-success">{% trans "Owned" %} :
+                                    {{ role.clubs|join:", " }}</span></small>
+                            {% endif %}
+                        </a>
+                    </div>
+
+                    <div id="collapse{{ role|slugify }}" class="collapse" aria-labelledby="{{ role|slugify }}"
+                         data-parent="#accordionRoles">
+                        <div class="card-body">
+                            {% if role.clubs %}
+                                <div class="alert alert-success">
+                                    {% trans "Own this role in the clubs" %} {{ role.clubs|join:", " }}
+                                </div>
+                            {% endif %}
+                            <ul>
+                                {% for permission in role.permissions.all %}
+                                    <li data-toggle="tooltip"
+                                        title="{% trans "Mask:" %} {{ permission.mask }}, {% trans "Query:" %} {{ permission.query }}">
+                                        <b>{{ permission }}</b> ({{ permission.get_type_display }}
+                                        {{ permission.model }}{% if permission.permanent %},
+                                            {% trans "permanent" %}{% endif %})
+                                    </li>
+                                    {% empty %}
+                                    <em>{% trans "No associated permission" %}</em>
+                                {% endfor %}
+                            </ul>
+                        </div>
+                    </div>
+                </div>
+            {% endfor %}
        </div>
-      </div>
    </div>
-    {% endfor %}
-  </div>
-</div>
 {% endblock %}

 {% block extrajavascript %}
-<script>
-  $(document).ready(function () {
-    let checkbox = $("#owned_only");
+    <script>
+        $(document).ready(function () {
+            let checkbox = $("#owned_only");

-    function update() {
-      if (checkbox.is(":checked"))
-        $(".no-club").addClass('d-none');
-      else
-        $(".no-club").removeClass('d-none');
-    }
+            function update() {
+                if (checkbox.is(":checked"))
+                    $(".no-club").addClass('d-none');
+                else
+                    $(".no-club").removeClass('d-none');
+            }

-    checkbox.change(update);
-    update();
-  });
-</script>
+            checkbox.change(update);
+            update();
+        });
+    </script>
 {% endblock %}
--- a/apps/permission/views.py
+++ b/apps/permission/views.py
@ -4,6 +4,7 @@
 from datetime import date

 from django.contrib.auth.mixins import LoginRequiredMixin
+from django.contrib.auth.models import User
 from django.core.exceptions import PermissionDenied
 from django.db.models import Q
 from django.forms import HiddenInput
@ -13,7 +14,7 @@ from member.models import Membership

 from .backends import PermissionBackend
 from .models import Role
-from .tables import RightsTable
+from .tables import RightsTable, SuperuserTable


 class ProtectQuerysetMixin:
@ -114,12 +115,13 @@ class RightsView(TemplateView):
            special_memberships = Membership.objects.filter(
                date_start__lte=date.today(),
                date_end__gte=date.today(),
-            ).filter(roles__in=Role.objects.filter(~(Q(name="Adhérent BDE")
-                                                     | Q(name="Adhérent Kfet")
-                                                     | Q(name="Membre de club")
-                                                     | Q(name="Adhérent WEI")
-                                                     | Q(name="1A")))).order_by("club", "user__last_name")\
+            ).filter(roles__in=Role.objects.filter((~(Q(name="Adhérent BDE")
+                                                      | Q(name="Adhérent Kfet")
+                                                      | Q(name="Membre de club")
+                                                      | Q(name="Bureau de club"))
+                                                    & Q(weirole__isnull=True)))).order_by("club", "user__last_name")\
                .distinct().all()
-            context["special_memberships_table"] = RightsTable(special_memberships)
+            context["special_memberships_table"] = RightsTable(special_memberships, prefix="clubs-")
+            context["superusers"] = SuperuserTable(User.objects.filter(is_superuser=True).all(), prefix="superusers-")

        return context