wcs-roles-allows-backoffice-access.diff
| wcs/admin/roles.ptl | ||
|---|---|---|
| 44 | 44 |
form.add(CheckboxWidget, 'emails_to_members', |
| 45 | 45 |
title=_('Propage emails to all users holding the role'),
|
| 46 | 46 |
value=self.role.emails_to_members) |
| 47 |
form.add(CheckboxWidget, 'allows_backoffice_access', |
|
| 48 |
title=_('Users holding the role can access to backoffice'),
|
|
| 49 |
value=self.role.allows_backoffice_access) |
|
| 47 | 50 |
form.add_submit("submit", _("Submit"))
|
| 48 | 51 |
form.add_submit("cancel", _("Cancel"))
|
| 49 | 52 |
return form |
| ... | ... | |
| 60 | 63 |
form.get_widget('name').set_error(_('This name is already used'))
|
| 61 | 64 |
raise ValueError() |
| 62 | 65 | |
| 63 |
for f in ('name', 'details', 'emails_to_members'):
|
|
| 66 |
for f in ('name', 'details', 'emails_to_members', 'allows_backoffice_access'):
|
|
| 64 | 67 |
setattr(role, f, form.get_widget(f).parse()) |
| 65 | 68 |
role.emails = [x for x in form.get_widget('emails').parse() or [] if x]
|
| 66 | 69 |
role.store() |
| wcs/backoffice/root.ptl | ||
|---|---|---|
| 85 | 85 | |
| 86 | 86 |
l = [] |
| 87 | 87 |
if user: |
| 88 |
if not user.can_go_in_backoffice(): |
|
| 89 |
raise errors.AccessForbiddenError() |
|
| 88 | 90 |
for formdef in FormDef.select(order_by='name', ignore_errors=True): |
| 89 | 91 |
if user.is_admin or formdef.receiver_id in (user.roles or []): |
| 90 | 92 |
l.append(formdef) |
| 91 | 93 | |
| 94 |
if not l: |
|
| 95 |
raise errors.AccessForbiddenError() |
|
| 96 | ||
| 92 | 97 |
cats = Category.select(order_by = 'name') |
| 93 | 98 |
lists = [] |
| 94 | 99 |
for c in cats: |
| ... | ... | |
| 99 | 104 |
if t: |
| 100 | 105 |
lists.append((None, t)) |
| 101 | 106 | |
| 102 |
if not lists: |
|
| 103 |
raise errors.AccessForbiddenError() |
|
| 104 | ||
| 105 | 107 |
mid_term = ((len(lists) * 2) + sum([len(x[-1]) for x in lists])) / 2 |
| 106 | 108 |
count = 0 |
| 107 | 109 |
in_second_column = False |
| wcs/forms/root.ptl | ||
|---|---|---|
| 1027 | 1027 |
message |
| 1028 | 1028 |
'</div>' |
| 1029 | 1029 | |
| 1030 |
backoffice_link = False |
|
| 1031 | 1030 |
list_forms = [] |
| 1032 | 1031 |
advertised_forms = [] |
| 1033 | 1032 |
if self.category: |
| ... | ... | |
| 1039 | 1038 |
ignore_errors=True) |
| 1040 | 1039 | |
| 1041 | 1040 |
for formdef in formdefs: |
| 1042 |
if (not formdef.is_disabled()) and user and formdef.receiver_id in (user.roles or []): |
|
| 1043 |
backoffice_link = True |
|
| 1044 | 1041 |
if formdef.roles: |
| 1045 | 1042 |
if not user: |
| 1046 | 1043 |
if formdef.always_advertise: |
| ... | ... | |
| 1055 | 1052 |
advertised_forms.append(formdef) |
| 1056 | 1053 |
continue |
| 1057 | 1054 |
list_forms.append(formdef) |
| 1058 |
if user and user.is_admin: |
|
| 1059 |
backoffice_link = True |
|
| 1060 | 1055 | |
| 1061 | 1056 |
user_forms = [] |
| 1062 | 1057 |
if user: |
| ... | ... | |
| 1100 | 1095 | |
| 1101 | 1096 |
if not self.category: |
| 1102 | 1097 |
'<p id="logout">' |
| 1103 |
if backoffice_link:
|
|
| 1098 |
if user.can_go_in_backoffice():
|
|
| 1104 | 1099 |
'<a href="%sbackoffice/">%s</a> ' % (root_url, _('Back Office'))
|
| 1105 | 1100 |
if user.anonymous: |
| 1106 | 1101 |
if not get_cfg('misc', {}).get('do-not-token', False):
|
| wcs/roles.py | ||
|---|---|---|
| 23 | 23 |
details = None |
| 24 | 24 |
emails = None |
| 25 | 25 |
emails_to_members = False |
| 26 |
allows_backoffice_access = True |
|
| 26 | 27 | |
| 27 | 28 |
def __init__(self, name = None): |
| 28 | 29 |
StorableObject.__init__(self) |
| wcs/users.py | ||
|---|---|---|
| 106 | 106 |
def can_go_in_backoffice(self): |
| 107 | 107 |
if self.is_admin: |
| 108 | 108 |
return True |
| 109 |
from formdef import FormDef |
|
| 110 |
formdefs = FormDef.select(lambda x: not x.is_disabled()) |
|
| 111 |
for formdef_id in FormDef.keys(): |
|
| 112 |
formdef = FormDef.get(formdef_id, ignore_errors=True) |
|
| 113 |
if formdef and not formdef.is_disabled() and formdef.receiver_id in (self.roles or []): |
|
| 114 |
return True |
|
| 109 |
from roles import Role |
|
| 110 |
for role_id in self.roles or []: |
|
| 111 |
try: |
|
| 112 |
role = Role.get(role_id) |
|
| 113 |
if role.allows_backoffice_access: |
|
| 114 |
return True |
|
| 115 |
except KeyError: # role has been deleted |
|
| 116 |
pass |
|
| 115 | 117 |
return False |
| 116 | 118 | |
| 117 | 119 |
def get_available_roles(cls): |