wcs-roles-allows-backoffice-access.diff
wcs/admin/roles.ptl | ||
---|---|---|
44 | 44 |
form.add(CheckboxWidget, 'emails_to_members', |
45 | 45 |
title=_('Propage emails to all users holding the role'), |
46 | 46 |
value=self.role.emails_to_members) |
47 |
form.add(CheckboxWidget, 'allows_backoffice_access', |
|
48 |
title=_('Users holding the role can access to backoffice'), |
|
49 |
value=self.role.allows_backoffice_access) |
|
47 | 50 |
form.add_submit("submit", _("Submit")) |
48 | 51 |
form.add_submit("cancel", _("Cancel")) |
49 | 52 |
return form |
... | ... | |
60 | 63 |
form.get_widget('name').set_error(_('This name is already used')) |
61 | 64 |
raise ValueError() |
62 | 65 | |
63 |
for f in ('name', 'details', 'emails_to_members'): |
|
66 |
for f in ('name', 'details', 'emails_to_members', 'allows_backoffice_access'):
|
|
64 | 67 |
setattr(role, f, form.get_widget(f).parse()) |
65 | 68 |
role.emails = [x for x in form.get_widget('emails').parse() or [] if x] |
66 | 69 |
role.store() |
wcs/backoffice/root.ptl | ||
---|---|---|
85 | 85 | |
86 | 86 |
l = [] |
87 | 87 |
if user: |
88 |
if not user.can_go_in_backoffice(): |
|
89 |
raise errors.AccessForbiddenError() |
|
88 | 90 |
for formdef in FormDef.select(order_by='name', ignore_errors=True): |
89 | 91 |
if user.is_admin or formdef.receiver_id in (user.roles or []): |
90 | 92 |
l.append(formdef) |
91 | 93 | |
94 |
if not l: |
|
95 |
raise errors.AccessForbiddenError() |
|
96 | ||
92 | 97 |
cats = Category.select(order_by = 'name') |
93 | 98 |
lists = [] |
94 | 99 |
for c in cats: |
... | ... | |
99 | 104 |
if t: |
100 | 105 |
lists.append((None, t)) |
101 | 106 | |
102 |
if not lists: |
|
103 |
raise errors.AccessForbiddenError() |
|
104 | ||
105 | 107 |
mid_term = ((len(lists) * 2) + sum([len(x[-1]) for x in lists])) / 2 |
106 | 108 |
count = 0 |
107 | 109 |
in_second_column = False |
wcs/forms/root.ptl | ||
---|---|---|
1027 | 1027 |
message |
1028 | 1028 |
'</div>' |
1029 | 1029 | |
1030 |
backoffice_link = False |
|
1031 | 1030 |
list_forms = [] |
1032 | 1031 |
advertised_forms = [] |
1033 | 1032 |
if self.category: |
... | ... | |
1039 | 1038 |
ignore_errors=True) |
1040 | 1039 | |
1041 | 1040 |
for formdef in formdefs: |
1042 |
if (not formdef.is_disabled()) and user and formdef.receiver_id in (user.roles or []): |
|
1043 |
backoffice_link = True |
|
1044 | 1041 |
if formdef.roles: |
1045 | 1042 |
if not user: |
1046 | 1043 |
if formdef.always_advertise: |
... | ... | |
1055 | 1052 |
advertised_forms.append(formdef) |
1056 | 1053 |
continue |
1057 | 1054 |
list_forms.append(formdef) |
1058 |
if user and user.is_admin: |
|
1059 |
backoffice_link = True |
|
1060 | 1055 | |
1061 | 1056 |
user_forms = [] |
1062 | 1057 |
if user: |
... | ... | |
1100 | 1095 | |
1101 | 1096 |
if not self.category: |
1102 | 1097 |
'<p id="logout">' |
1103 |
if backoffice_link:
|
|
1098 |
if user.can_go_in_backoffice():
|
|
1104 | 1099 |
'<a href="%sbackoffice/">%s</a> ' % (root_url, _('Back Office')) |
1105 | 1100 |
if user.anonymous: |
1106 | 1101 |
if not get_cfg('misc', {}).get('do-not-token', False): |
wcs/roles.py | ||
---|---|---|
23 | 23 |
details = None |
24 | 24 |
emails = None |
25 | 25 |
emails_to_members = False |
26 |
allows_backoffice_access = True |
|
26 | 27 | |
27 | 28 |
def __init__(self, name = None): |
28 | 29 |
StorableObject.__init__(self) |
wcs/users.py | ||
---|---|---|
106 | 106 |
def can_go_in_backoffice(self): |
107 | 107 |
if self.is_admin: |
108 | 108 |
return True |
109 |
from formdef import FormDef |
|
110 |
formdefs = FormDef.select(lambda x: not x.is_disabled()) |
|
111 |
for formdef_id in FormDef.keys(): |
|
112 |
formdef = FormDef.get(formdef_id, ignore_errors=True) |
|
113 |
if formdef and not formdef.is_disabled() and formdef.receiver_id in (self.roles or []): |
|
114 |
return True |
|
109 |
from roles import Role |
|
110 |
for role_id in self.roles or []: |
|
111 |
try: |
|
112 |
role = Role.get(role_id) |
|
113 |
if role.allows_backoffice_access: |
|
114 |
return True |
|
115 |
except KeyError: # role has been deleted |
|
116 |
pass |
|
115 | 117 |
return False |
116 | 118 | |
117 | 119 |
def get_available_roles(cls): |