0004-manager-remove-children-table-from-role-members-page.patch
src/authentic2/manager/role_views.py | ||
---|---|---|
267 | 267 | |
268 | 268 |
def get_context_data(self, **kwargs): |
269 | 269 |
ctx = super().get_context_data(**kwargs) |
270 |
ctx['children'] = list( |
|
271 |
views.filter_view( |
|
272 |
self.request, |
|
273 |
self.object.children(include_self=False, annotate=True).order_by( |
|
274 |
F('ou').asc(nulls_first=True), 'name' |
|
275 |
), |
|
276 |
)[:11] |
|
277 |
) |
|
278 | 270 |
ctx['parents'] = list( |
279 | 271 |
views.filter_view( |
280 | 272 |
self.request, |
src/authentic2/manager/templates/authentic2/manager/role_members.html | ||
---|---|---|
42 | 42 |
<li><a href="{% url "a2-manager-role-permissions" pk=object.pk %}">{% trans "Permissions" %}</a></li> |
43 | 43 |
{% endif %} |
44 | 44 |
<li><a href="{% url "a2-manager-role-journal" pk=object.pk %}">{% trans "Journal" %}</a></li> |
45 |
{% if view.can_manage_members %} |
|
46 |
<li><a href="{% url "a2-manager-role-children" pk=object.pk %}">{% trans "Add a role as a member" %}</a></li> |
|
47 |
{% endif %} |
|
45 | 48 |
</ul> |
46 | 49 |
</span> |
47 | 50 |
{% endblock %} |
... | ... | |
102 | 105 |
{% endif %} |
103 | 106 |
</div> |
104 | 107 |
</div> |
105 |
<div class="section"> |
|
106 |
<h3>{% trans "Grants its permissions to roles:" %} |
|
107 |
{% if view.can_manage_members %} |
|
108 |
<a href="{% url "a2-manager-role-children" pk=object.pk %}" class="button">{% trans "Edit" %}</a> |
|
109 |
{% else %} |
|
110 |
<a title="{% trans "Permission denied" %}" class="button disabled">{% trans "Edit" %}</a> |
|
111 |
{% endif %} |
|
112 |
</h3> |
|
113 |
<div> |
|
114 |
{% if children %} |
|
115 |
<ul class="objects-list single-links"> |
|
116 |
{% for child in children|slice:":10" %} |
|
117 |
<li> |
|
118 |
<a class="role-inheritance-child" href="{% url "a2-manager-role-members" pk=child.pk %}">{% if child.ou and has_multiple_ou %}{{ child.ou }} - {% endif %}{{ child }}</a> |
|
119 |
{% if not child.direct %} |
|
120 |
<span class="badge">{% trans "Indirect" %}</span> |
|
121 |
{% endif %} |
|
122 |
</li> |
|
123 |
{% endfor %} |
|
124 |
{% if children|length > 10 %} |
|
125 |
<li><a class="role-inheritance-view-all" href="{% url "a2-manager-role-children" pk=object.pk %}">({% trans "view all roles" %})</a></li> |
|
126 |
{% endif %} |
|
127 |
</ul> |
|
128 |
{% else %} |
|
129 |
<p>{% trans "This role doesn't grant its permissions to any other role." %}</p> |
|
130 |
{% endif %} |
|
131 |
</div> |
|
132 |
</div> |
|
133 | 108 | |
134 | 109 |
<fieldset class="gadjo-foldable gadjo-folded" id="other-properties"> |
135 | 110 |
<legend class="gadjo-foldable-widget">{% trans "Advanced parameters" %}</legend> |
tests/test_ldap.py | ||
---|---|---|
686 | 686 | |
687 | 687 |
response = app.get('/manage/roles/%s/' % (role.pk)) |
688 | 688 |
assert 'synchronised from LDAP' in response.text |
689 |
assert 'Add a role as a member' not in response.text |
|
689 | 690 |
q = response.pyquery.remove_namespaces() |
690 | 691 |
assert not q('form.manager-m2m-add-form') |
691 |
assert q('div.section h3 a.button.disabled') |
|
692 | 692 |
assert not q('table tbody td a.icon-remove-sign js-remove-object') |
693 | 693 | |
694 | 694 |
tests/test_role_manager.py | ||
---|---|---|
350 | 350 |
assert 'name,slug,ou' in resp.text |
351 | 351 | |
352 | 352 | |
353 |
@pytest.mark.parametrize('relation', ['child', 'parent']) |
|
354 |
def test_role_members_display_inheritance_info(app, superuser, settings, simple_role, relation): |
|
353 |
def test_role_members_display_role_parents(app, superuser, settings, simple_role): |
|
355 | 354 |
url = reverse('a2-manager-role-members', kwargs={'pk': simple_role.pk}) |
356 | 355 | |
357 | 356 |
resp = login(app, superuser, url) |
358 |
assert "This role doesn't grant its permissions to any other role." in resp.text |
|
359 | 357 |
assert "This role doesn't contain permissions of any other role." in resp.text |
360 | 358 | |
361 | 359 |
for i in range(10): |
362 | 360 |
role = Role.objects.create(name=f'Role {i}', ou=get_default_ou()) |
363 |
getattr(simple_role, 'add_%s' % relation)(role)
|
|
361 |
simple_role.add_parent(role)
|
|
364 | 362 | |
365 | 363 |
resp = app.get(url) |
366 |
if relation == 'child': |
|
367 |
assert "This role doesn't grant its permissions to any other role." not in resp.text |
|
368 |
assert "This role doesn't contain permissions of any other role." in resp.text |
|
369 |
elif relation == 'parent': |
|
370 |
assert "This role doesn't grant its permissions to any other role." in resp.text |
|
371 |
assert "This role doesn't contain permissions of any other role." not in resp.text |
|
372 | ||
373 |
for i, el in enumerate(resp.pyquery.find('a.role-inheritance-%s' % relation)): |
|
364 |
assert "This role doesn't contain permissions of any other role." not in resp.text |
|
365 | ||
366 |
for i, el in enumerate(resp.pyquery.find('a.role-inheritance-parent')): |
|
374 | 367 |
assert el.text == f'Role {i}' |
375 | 368 |
assert '(view all roles)' not in resp.text |
376 | 369 | |
377 | 370 |
role = Role.objects.create(name='Role a', ou=get_default_ou()) |
378 |
getattr(simple_role, 'add_%s' % relation)(role)
|
|
371 |
simple_role.add_parent(role)
|
|
379 | 372 |
resp = app.get(url) |
380 |
assert not resp.pyquery('a.role-inheritance-%s:contains("Role a")' % relation)
|
|
373 |
assert 'Role a' not in resp.text
|
|
381 | 374 |
assert '(view all roles)' in resp.text |
382 | 375 | |
383 |
resp = resp.click('(view all roles)', href=relation)
|
|
376 |
resp = resp.click('(view all roles)') |
|
384 | 377 |
assert 'Role a' in resp.text |
385 | 378 | |
386 | 379 |
# display OU if there are more than one |
387 | 380 |
ou1 = OU.objects.create(name='ou1') |
388 | 381 |
resp = app.get(url) |
389 |
for i, el in enumerate(resp.pyquery.find('a.role-inheritance-%s' % relation)):
|
|
382 |
for i, el in enumerate(resp.pyquery.find('a.role-inheritance-parent')):
|
|
390 | 383 |
assert el.text == f'Default organizational unit - Role {i}' |
391 | 384 | |
392 | 385 |
# sort by OU, then name |
... | ... | |
394 | 387 |
Role.objects.filter(name__in=['Role 5', 'Role 6']).update(ou=None) |
395 | 388 | |
396 | 389 |
resp = app.get(url) |
397 |
assert [el.text for el in resp.pyquery.find('a.role-inheritance-%s' % relation)] == [
|
|
390 |
assert [el.text for el in resp.pyquery.find('a.role-inheritance-parent')] == [
|
|
398 | 391 |
'Role 5', |
399 | 392 |
'Role 6', |
400 | 393 |
'Default organizational unit - Role 0', |
... | ... | |
460 | 453 | |
461 | 454 |
rows = [text_content(el) for el in resp.pyquery('tr td.link')] |
462 | 455 |
assert rows == ['user1', 'Jôhn Dôe'] |
456 | ||
457 |
resp = resp.click('Add a role as a member') |
|
458 |
assert 'Role a' in resp.text |
|
463 |
- |