0001-manager-add-permissions-based-access-to-global-journ.patch

Valentin Deniaud, 08 avril 2021 11:12

Voir les différences: en ligne côte à côte

Subject: [PATCH] manager: add permissions based access to global journal
 (#52765)

 src/authentic2/manager/journal_views.py              |  9 +++------
 .../templates/authentic2/manager/homepage.html       |  6 +++++-
 src/authentic2/manager/views.py                      |  3 +++
 tests/test_manager_journal.py                        | 12 ++++++++----
 4 files changed, 19 insertions(+), 11 deletions(-)

             return ctx
     class GlobalJournalView(BaseJournalView):
     class GlobalJournalView(views.PermissionMixin, BaseJournalView):
         template_name = 'authentic2/manager/journal.html'
         def dispatch(self, request, *args, **kwargs):
             if not request.user.is_superuser:
                 raise PermissionDenied
             return super().dispatch(request, *args, **kwargs)
         permissions_global = True
         permissions = ['custom_user.view_user', 'a2_rbac.view_role']
     journal = GlobalJournalView.as_view()

     {% block appbar %}
       <h2>{% blocktrans %}Here you can manage objects related to organizational units, users, roles and applications.{% endblocktrans %}</h2>
       {% if user.is_superuser %}
       {% if user.is_superuser or can_view_journal %}
       <span class="actions">
       <a class="extra-actions-menu-opener"></a>
       <ul class="extra-actions-menu">
         {% if user.is_superuser %}
         <li><a download href="{% url 'a2-manager-site-export' %}">{% trans 'Export Site' %}</a></li>
         <li><a href="{% url 'a2-manager-site-import' %}" rel="popup">{% trans 'Import Site' %}</a></li>
         {% endif %}
         {% if user.is_superuser or can_view_journal %}
         <li><a href="{% url 'a2-manager-journal' %}">{% trans 'Journal' %}</a></li>
         {% endif %}
       </ul>
       </span>
       {% endif %}

         def get_context_data(self, **kwargs):
             kwargs['entries'] = self.get_homepage_entries()
             kwargs['can_view_journal'] = self.request.user.has_perms(
                 ['custom_user.view_user', 'a2_rbac.view_role']
+            )
             return super(HomepageView, self).get_context_data(**kwargs)

     from authentic2.journal import journal
     from authentic2.models import Service
     from .utils import login, text_content
     from .utils import login, logout, text_content
     def test_journal_authorization(app, db, admin):
         response = login(app, admin, path='/manage/')
         assert 'Journal' not in response
     def test_journal_authorization(app, db, simple_user, admin):
         response = login(app, simple_user)
         app.get('/manage/journal/', status=403)
         logout(app)
         response = login(app, admin, path='/manage/')
         assert 'Journal' in response
         app.get('/manage/journal/', status=200)
     @pytest.fixture(autouse=True)
     def events(db, freezer):
+    -

Projet

Général

Profil

Produits Entr'ouvert » Authentic 2

0001-manager-add-permissions-based-access-to-global-journ.patch