0008-manager-disable-popup-display-on-insufficient-auth-l.patch
src/authentic2/manager/templates/authentic2/manager/ou_detail.html | ||
---|---|---|
18 | 18 |
{{ block.super }} |
19 | 19 |
<span class="actions"> |
20 | 20 |
{% if view.could_delete %} |
21 |
<a rel="popup" href="{% url "a2-manager-ou-delete" pk=object.pk %}">{% trans "Delete" %}</a>
|
|
21 |
<a rel="{{ delete_rel }}" href="{% url "a2-manager-ou-delete" pk=object.pk %}">{% trans "Delete" %}</a>
|
|
22 | 22 |
{% else %} |
23 | 23 |
<a class="disabled" title="{% trans "You do not have the rights to delete this organizational unit." %}" href="#">{% trans "Delete" %}</a> |
24 | 24 |
{% endif %} |
src/authentic2/manager/templates/authentic2/manager/ous.html | ||
---|---|---|
11 | 11 |
{{ block.super }} |
12 | 12 |
<span class="actions"> |
13 | 13 |
{% if view.could_add %} |
14 |
<a href="{% url "a2-manager-ou-add" %}" rel="popup">{% trans "Add organizational unit" %}</a>
|
|
14 |
<a href="{% url "a2-manager-ou-add" %}" rel="{{ add_rel }}">{% trans "Add organizational unit" %}</a>
|
|
15 | 15 |
{% endif %} |
16 | 16 |
</span> |
17 | 17 |
{% endblock %} |
src/authentic2/manager/templates/authentic2/manager/role_members.html | ||
---|---|---|
20 | 20 |
{{ block.super }} |
21 | 21 |
<span class="actions"> |
22 | 22 |
{% if not object.is_internal and view.could_delete %} |
23 |
<a rel="popup" href="{% url "a2-manager-role-delete" pk=object.pk %}">{% trans "Delete" %}</a>
|
|
23 |
<a rel="{{ delete_rel }}" href="{% url "a2-manager-role-delete" pk=object.pk %}">{% trans "Delete" %}</a>
|
|
24 | 24 |
{% else %} |
25 | 25 |
<a class="disabled" title="{% trans "This role is technical, you cannot delete it." %}" href="#">{% trans "Delete" %}</a> |
26 | 26 |
{% endif %} |
... | ... | |
72 | 72 |
{% endif %} |
73 | 73 |
{% endfor %} |
74 | 74 |
{% if view.could_change %} |
75 |
<a rel="popup" href="{% url "a2-manager-role-add-admin-user" pk=object.pk %}" class="role-add icon-add-sign"></a>
|
|
75 |
<a rel="{{ change_rel }}" href="{% url "a2-manager-role-add-admin-user" pk=object.pk %}" class="role-add icon-add-sign"></a>
|
|
76 | 76 |
{% else %} |
77 | 77 |
<a title="{% trans "Permission denied" %}" class="disabled role-add icon-add-sign"></a> |
78 | 78 |
{% endif %} |
... | ... | |
88 | 88 |
{% endif %} |
89 | 89 |
{% endfor %} |
90 | 90 |
{% if view.could_change %} |
91 |
<a rel="popup" href="{% url "a2-manager-role-add-admin-role" pk=object.pk %}" class="role-add icon-add-sign"></a>
|
|
91 |
<a rel="{{ change_rel }}" href="{% url "a2-manager-role-add-admin-role" pk=object.pk %}" class="role-add icon-add-sign"></a>
|
|
92 | 92 |
{% else %} |
93 | 93 |
<a title="{% trans "Permission denied" %}" class="disabled role-add icon-add-sign"></a> |
94 | 94 |
{% endif %} |
... | ... | |
104 | 104 |
{% endif %} |
105 | 105 |
{% endfor %} |
106 | 106 |
{% if view.could_change %} |
107 |
<a rel="popup" href="{% url "a2-manager-role-add-child" pk=object.pk %}" class="role-add icon-add-sign"></a>
|
|
107 |
<a rel="{{ change_rel }}" href="{% url "a2-manager-role-add-child" pk=object.pk %}" class="role-add icon-add-sign"></a>
|
|
108 | 108 |
{% else %} |
109 | 109 |
<a title="{% trans "Permission denied" %}" class="disabled role-add icon-add-sign"></a> |
110 | 110 |
{% endif %} |
src/authentic2/manager/templates/authentic2/manager/role_permissions.html | ||
---|---|---|
11 | 11 |
{{ block.super }} |
12 | 12 |
<span class="actions"> |
13 | 13 |
{% if view.could_delete %} |
14 |
<a rel="popup" href="{% url "a2-manager-role-delete" pk=object.pk %}">{% trans "Delete" %}</a>
|
|
14 |
<a rel="{{ delete_rel }}" href="{% url "a2-manager-role-delete" pk=object.pk %}">{% trans "Delete" %}</a>
|
|
15 | 15 |
{% endif %} |
16 | 16 |
{% if view.could_change and not object.is_internal %} |
17 | 17 |
<a href="{% url "a2-manager-role-edit" pk=object.pk %}">{% trans "Edit" %}</a> |
src/authentic2/manager/templates/authentic2/manager/roles.html | ||
---|---|---|
7 | 7 |
{{ block.super }} |
8 | 8 |
<span class="actions"> |
9 | 9 |
{% if view.could_add %} |
10 |
<a href="{% url "a2-manager-role-add" %}" rel="popup">{% trans "Add role" %}</a>
|
|
10 |
<a href="{% url "a2-manager-role-add" %}" rel="{{ add_rel }}">{% trans "Add role" %}</a>
|
|
11 | 11 |
{% else %} |
12 | 12 |
<a href="#" class="disabled" rel="popup">{% trans "Add role" %}</a> |
13 | 13 |
{% endif %} |
src/authentic2/manager/templates/authentic2/manager/user_detail.html | ||
---|---|---|
7 | 7 |
{{ block.super }} |
8 | 8 |
<span class="actions"> |
9 | 9 |
{% if view.could_delete %} |
10 |
<a rel="popup" href="{% url "a2-manager-user-delete" pk=object.pk %}">{% trans "Delete" %}</a>
|
|
10 |
<a rel="{{ delete_rel }}" href="{% url "a2-manager-user-delete" pk=object.pk %}">{% trans "Delete" %}</a>
|
|
11 | 11 |
{% else %} |
12 | 12 |
<a class="disabled" title="{% trans "You do not have the rights to delete this user." %}" href="#">{% trans "Delete" %}</a> |
13 | 13 |
{% endif %} |
src/authentic2/manager/views.py | ||
---|---|---|
156 | 156 |
return response |
157 | 157 |
return super(PermissionMixin, self).dispatch(request, *args, **kwargs) |
158 | 158 | |
159 |
def get_context_data(self, **kwargs): |
|
160 |
ctx = super(PermissionMixin, self).get_context_data(**kwargs) |
|
161 |
for perm in ['view', 'add', 'delete', 'change']: |
|
162 |
if getattr(self, 'can_' + perm, False): |
|
163 |
ctx[perm + '_rel'] = 'popup' |
|
164 |
return ctx |
|
165 | ||
159 | 166 | |
160 | 167 |
def filter_view(request, qs): |
161 | 168 |
model = qs.model |
... | ... | |
264 | 271 |
self.permission = permission |
265 | 272 | |
266 | 273 |
def display(self, instance, request): |
267 |
if self.permission: |
|
268 |
return request.user.has_perm(self.permission, instance) |
|
274 |
auth_level = request.session.get('auth_level', 1) |
|
275 |
try: |
|
276 |
if self.permission: |
|
277 |
return request.user.has_perm(self.permission, instance, |
|
278 |
auth_level=auth_level) |
|
279 |
except InsufficientAuthLevel: |
|
280 |
self.popup = False |
|
269 | 281 |
return True |
270 | 282 | |
271 | 283 | |
272 |
- |