CaZzzer/access-controller
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'feature/adm_ruleset/backend' into 'develop'

Browse Source 
Feature/adm ruleset/backend

See merge request 2020-2021/online/s101/group-02/access_controller!28
This commit is contained in:
Кравченко Артем 2021-03-04 16:20:17 +00:00
commit 3a448a399a
8 changed files with 137 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
main/migrations/0005_auto_20210302_2255.py Normal file
View File

@ -0,0 +1,17 @@
# Generated by Django 3.1.6 on 2021-03-02 19:55
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('main', '0004_rolechangelogs'),
]
operations = [
migrations.AlterModelOptions(
name='userprofile',
options={'permissions': [('admin', 'Have access to control page')]},
),
]

16
main/migrations/0006_delete_userprofile.py Normal file
View File

@ -0,0 +1,16 @@
# Generated by Django 3.1.6 on 2021-03-03 19:32
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('main', '0005_auto_20210302_2255'),
]
operations = [
migrations.DeleteModel(
name='UserProfile',
),
]

29
main/migrations/0007_userprofile.py Normal file
View File

@ -0,0 +1,29 @@
# Generated by Django 3.1.6 on 2021-03-03 19:35
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
('main', '0006_delete_userprofile'),
]
operations = [
migrations.CreateModel(
name='UserProfile',
fields=[
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('role', models.CharField(default='None', max_length=100)),
('image', models.URLField(blank=True, null=True)),
('name', models.CharField(default='None', max_length=100)),
('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
],
options={
'permissions': [('control_access', 'User has access to control page')],
},
),
]

17
main/migrations/0008_auto_20210303_2305.py Normal file
View File

@ -0,0 +1,17 @@
# Generated by Django 3.1.6 on 2021-03-03 20:05
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('main', '0007_userprofile'),
]
operations = [
migrations.AlterModelOptions(
name='userprofile',
options={},
),
]

3
main/templates/base/menu.html
View File

@ -11,6 +11,9 @@
{% if request.user.is_authenticated %}
<div class="btn-group" role="group" aria-label="Basic example">
<a class="btn btn-secondary" href="{% url 'profile' %}">Профиль</a>
{% if perms.main.has_control_access %}
<a class="btn btn-secondary" href="{% url 'control' %}">Управление</a>
{% endif %}
<a class="btn btn-secondary" href="{% url 'logout' %}">Выйти</a>
</div>
{% else %}

23
main/templates/pages/adm_ruleset.html
View File

@ -2,7 +2,7 @@
{% load static %}
{% block title %}Управление{%endblock %}
{% block title %}Управление{% endblock %}
{% block heading %}Управление{% endblock %}
@ -16,19 +16,24 @@
<p class="row page-description">Основная информация о странице</p>
</div>
{% block form %}
<form method="post">
{% csrf_token %}
<div class="row justify-content-center new-section">
{% block hidden_form %}
<div style="display: none">
{% for field in form.users %}
{{ field.tag }}
{% endfor %}
</div>
{% endblock %}
<div class="col-10">
<h6 class="table-title">Список сотрудников</h6>
{% block table %}
<table class="light-table">
<thead>
@ -52,10 +57,12 @@
</tbody>
</table>
{% endblock%}
</div>
</div>
{% block count %}
<div class="row justify-content-center new-section">
<div class="col-5">
<div class="info">
@ -91,19 +98,11 @@
</div>
</div>
{% endblock %}
</form>
{% endblock %}
</div>
<script>
"use strict";
let checkboxes = document.getElementsByName("users");
let fields = document.querySelectorAll(".checkbox_field");
if (checkboxes.length == fields.length) {
for (let i = 0; i < fields.length; ++i) {
let el = checkboxes[i].cloneNode(true);
fields[i].appendChild(el);
}
}
</script>
<script src="{% static 'main/js/control.js'%}"></script>
{% endblock %}

53
main/views.py
View File

@ -1,26 +1,30 @@
import logging
import os
from django.contrib.auth.decorators import login_required
from django.contrib.auth.forms import PasswordResetForm
from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.auth.models import User
from django.contrib.auth.tokens import default_token_generator
from django.contrib.auth.forms import PasswordResetForm
from django.contrib.auth.views import LoginView
from django.core.exceptions import PermissionDenied
from django.contrib.contenttypes.models import ContentType
from django.http import HttpResponseRedirect
from django.shortcuts import get_list_or_404, redirect, reverse, render
from django.urls import reverse_lazy
from django.shortcuts import render, get_list_or_404, redirect
from django.urls import reverse_lazy, reverse
from django.views.generic import FormView
from django_registration.views import RegistrationView
from zenpy import Zenpy
from zenpy.lib.api_objects import User as ZenpyUser
from access_controller.settings import EMAIL_HOST_USER, ZENDESK_ROLES
from main.extra_func import check_user_exist, update_profile, get_user_organization, make_engineer, make_light_agent, \
get_users_list
from main.forms import AdminPageUsers, CustomRegistrationForm, CustomAuthenticationForm
from .models import UserProfile
from access_controller.settings import EMAIL_HOST_USER
from main.extra_func import check_user_exist, update_profile, get_user_organization, \
make_engineer, make_light_agent, get_users_list
from django.contrib.auth.models import User, Permission
from main.models import UserProfile
from main.forms import CustomRegistrationForm, AdminPageUsers, CustomAuthenticationForm
from django_registration.views import RegistrationView
from django.contrib.auth.decorators import login_required
from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin
from django.core.exceptions import PermissionDenied
from access_controller.settings import ZENDESK_ROLES
from zenpy.lib.api_objects import User as ZenpyUser
class CustomRegistrationView(RegistrationView):
@ -58,12 +62,27 @@ class CustomRegistrationView(RegistrationView):
)
forms.save(**opts)
update_profile(user.userprofile)
self.set_permission(user)
return user
else:
raise ValueError('Непредвиденная ошибка')
else:
self.is_allowed = False
@staticmethod
def set_permission(user) -> None:
"""
Дает разрешение на просмотр страница администратора, если пользователь имеет роль admin
"""
content_type = ContentType.objects.get_for_model(UserProfile)
permission, created = Permission.objects.get_or_create(
codename='has_control_access',
content_type=content_type,
)
if user.userprofile.role == 'admin':
user.user_permissions.add(permission)
def get_success_url(self, user: User = None) -> success_url:
"""
Возвращает url-адрес страницы, куда нужно перейти после успешной/неуспешной регистрации
@ -148,10 +167,8 @@ def main_page(request):
return render(request, 'pages/index.html')
class AdminPageView(FormView, LoginRequiredMixin):
"""
Class AdminPageView - логика работы страницы администратора
"""
class AdminPageView(FormView, LoginRequiredMixin, PermissionRequiredMixin):
permission_required = 'main.has_control_access'
template_name = 'pages/adm_ruleset.html'
form_class = AdminPageUsers
success_url = '/control/'

9
static/main/js/control.js Normal file
View File

@ -0,0 +1,9 @@
"use strict";
let checkboxes = document.getElementsByName("users");
let fields = document.querySelectorAll(".checkbox_field");
if (checkboxes.length == fields.length) {
for (let i = 0; i < fields.length; ++i) {
let el = checkboxes[i].cloneNode(true);
fields[i].appendChild(el);
}
}