0004-manager-remove-children-table-from-role-members-page.patch
| src/authentic2/manager/role_views.py | ||
|---|---|---|
| 267 | 267 | |
| 268 | 268 |
def get_context_data(self, **kwargs): |
| 269 | 269 |
ctx = super().get_context_data(**kwargs) |
| 270 |
ctx['children'] = list( |
|
| 271 |
views.filter_view( |
|
| 272 |
self.request, |
|
| 273 |
self.object.children(include_self=False, annotate=True).order_by( |
|
| 274 |
F('ou').asc(nulls_first=True), 'name'
|
|
| 275 |
), |
|
| 276 |
)[:11] |
|
| 277 |
) |
|
| 278 | 270 |
ctx['parents'] = list( |
| 279 | 271 |
views.filter_view( |
| 280 | 272 |
self.request, |
| src/authentic2/manager/templates/authentic2/manager/role_members.html | ||
|---|---|---|
| 42 | 42 |
<li><a href="{% url "a2-manager-role-permissions" pk=object.pk %}">{% trans "Permissions" %}</a></li>
|
| 43 | 43 |
{% endif %}
|
| 44 | 44 |
<li><a href="{% url "a2-manager-role-journal" pk=object.pk %}">{% trans "Journal" %}</a></li>
|
| 45 |
{% if view.can_manage_members %}
|
|
| 46 |
<li><a href="{% url "a2-manager-role-children" pk=object.pk %}">{% trans "Add a role as a member" %}</a></li>
|
|
| 47 |
{% endif %}
|
|
| 45 | 48 |
</ul> |
| 46 | 49 |
</span> |
| 47 | 50 |
{% endblock %}
|
| ... | ... | |
| 102 | 105 |
{% endif %}
|
| 103 | 106 |
</div> |
| 104 | 107 |
</div> |
| 105 |
<div class="section"> |
|
| 106 |
<h3>{% trans "Grants its permissions to roles:" %}
|
|
| 107 |
{% if view.can_manage_members %}
|
|
| 108 |
<a href="{% url "a2-manager-role-children" pk=object.pk %}" class="button">{% trans "Edit" %}</a>
|
|
| 109 |
{% else %}
|
|
| 110 |
<a title="{% trans "Permission denied" %}" class="button disabled">{% trans "Edit" %}</a>
|
|
| 111 |
{% endif %}
|
|
| 112 |
</h3> |
|
| 113 |
<div> |
|
| 114 |
{% if children %}
|
|
| 115 |
<ul class="objects-list single-links"> |
|
| 116 |
{% for child in children|slice:":10" %}
|
|
| 117 |
<li> |
|
| 118 |
<a class="role-inheritance-child" href="{% url "a2-manager-role-members" pk=child.pk %}">{% if child.ou and has_multiple_ou %}{{ child.ou }} - {% endif %}{{ child }}</a>
|
|
| 119 |
{% if not child.direct %}
|
|
| 120 |
<span class="badge">{% trans "Indirect" %}</span>
|
|
| 121 |
{% endif %}
|
|
| 122 |
</li> |
|
| 123 |
{% endfor %}
|
|
| 124 |
{% if children|length > 10 %}
|
|
| 125 |
<li><a class="role-inheritance-view-all" href="{% url "a2-manager-role-children" pk=object.pk %}">({% trans "view all roles" %})</a></li>
|
|
| 126 |
{% endif %}
|
|
| 127 |
</ul> |
|
| 128 |
{% else %}
|
|
| 129 |
<p>{% trans "This role doesn't grant its permissions to any other role." %}</p>
|
|
| 130 |
{% endif %}
|
|
| 131 |
</div> |
|
| 132 |
</div> |
|
| 133 | 108 | |
| 134 | 109 |
<fieldset class="gadjo-foldable gadjo-folded" id="other-properties"> |
| 135 | 110 |
<legend class="gadjo-foldable-widget">{% trans "Advanced parameters" %}</legend>
|
| tests/test_ldap.py | ||
|---|---|---|
| 686 | 686 | |
| 687 | 687 |
response = app.get('/manage/roles/%s/' % (role.pk))
|
| 688 | 688 |
assert 'synchronised from LDAP' in response.text |
| 689 |
assert 'Add a role as a member' not in response.text |
|
| 689 | 690 |
q = response.pyquery.remove_namespaces() |
| 690 | 691 |
assert not q('form.manager-m2m-add-form')
|
| 691 |
assert q('div.section h3 a.button.disabled')
|
|
| 692 | 692 |
assert not q('table tbody td a.icon-remove-sign js-remove-object')
|
| 693 | 693 | |
| 694 | 694 | |
| tests/test_role_manager.py | ||
|---|---|---|
| 350 | 350 |
assert 'name,slug,ou' in resp.text |
| 351 | 351 | |
| 352 | 352 | |
| 353 |
@pytest.mark.parametrize('relation', ['child', 'parent'])
|
|
| 354 |
def test_role_members_display_inheritance_info(app, superuser, settings, simple_role, relation): |
|
| 353 |
def test_role_members_display_role_parents(app, superuser, settings, simple_role): |
|
| 355 | 354 |
url = reverse('a2-manager-role-members', kwargs={'pk': simple_role.pk})
|
| 356 | 355 | |
| 357 | 356 |
resp = login(app, superuser, url) |
| 358 |
assert "This role doesn't grant its permissions to any other role." in resp.text |
|
| 359 | 357 |
assert "This role doesn't contain permissions of any other role." in resp.text |
| 360 | 358 | |
| 361 | 359 |
for i in range(10): |
| 362 | 360 |
role = Role.objects.create(name=f'Role {i}', ou=get_default_ou())
|
| 363 |
getattr(simple_role, 'add_%s' % relation)(role)
|
|
| 361 |
simple_role.add_parent(role)
|
|
| 364 | 362 | |
| 365 | 363 |
resp = app.get(url) |
| 366 |
if relation == 'child': |
|
| 367 |
assert "This role doesn't grant its permissions to any other role." not in resp.text |
|
| 368 |
assert "This role doesn't contain permissions of any other role." in resp.text |
|
| 369 |
elif relation == 'parent': |
|
| 370 |
assert "This role doesn't grant its permissions to any other role." in resp.text |
|
| 371 |
assert "This role doesn't contain permissions of any other role." not in resp.text |
|
| 372 | ||
| 373 |
for i, el in enumerate(resp.pyquery.find('a.role-inheritance-%s' % relation)):
|
|
| 364 |
assert "This role doesn't contain permissions of any other role." not in resp.text |
|
| 365 | ||
| 366 |
for i, el in enumerate(resp.pyquery.find('a.role-inheritance-parent')):
|
|
| 374 | 367 |
assert el.text == f'Role {i}'
|
| 375 | 368 |
assert '(view all roles)' not in resp.text |
| 376 | 369 | |
| 377 | 370 |
role = Role.objects.create(name='Role a', ou=get_default_ou()) |
| 378 |
getattr(simple_role, 'add_%s' % relation)(role)
|
|
| 371 |
simple_role.add_parent(role)
|
|
| 379 | 372 |
resp = app.get(url) |
| 380 |
assert not resp.pyquery('a.role-inheritance-%s:contains("Role a")' % relation)
|
|
| 373 |
assert 'Role a' not in resp.text
|
|
| 381 | 374 |
assert '(view all roles)' in resp.text |
| 382 | 375 | |
| 383 |
resp = resp.click('(view all roles)', href=relation)
|
|
| 376 |
resp = resp.click('(view all roles)')
|
|
| 384 | 377 |
assert 'Role a' in resp.text |
| 385 | 378 | |
| 386 | 379 |
# display OU if there are more than one |
| 387 | 380 |
ou1 = OU.objects.create(name='ou1') |
| 388 | 381 |
resp = app.get(url) |
| 389 |
for i, el in enumerate(resp.pyquery.find('a.role-inheritance-%s' % relation)):
|
|
| 382 |
for i, el in enumerate(resp.pyquery.find('a.role-inheritance-parent')):
|
|
| 390 | 383 |
assert el.text == f'Default organizational unit - Role {i}'
|
| 391 | 384 | |
| 392 | 385 |
# sort by OU, then name |
| ... | ... | |
| 394 | 387 |
Role.objects.filter(name__in=['Role 5', 'Role 6']).update(ou=None) |
| 395 | 388 | |
| 396 | 389 |
resp = app.get(url) |
| 397 |
assert [el.text for el in resp.pyquery.find('a.role-inheritance-%s' % relation)] == [
|
|
| 390 |
assert [el.text for el in resp.pyquery.find('a.role-inheritance-parent')] == [
|
|
| 398 | 391 |
'Role 5', |
| 399 | 392 |
'Role 6', |
| 400 | 393 |
'Default organizational unit - Role 0', |
| ... | ... | |
| 460 | 453 | |
| 461 | 454 |
rows = [text_content(el) for el in resp.pyquery('tr td.link')]
|
| 462 | 455 |
assert rows == ['user1', 'Jôhn Dôe'] |
| 456 | ||
| 457 |
resp = resp.click('Add a role as a member')
|
|
| 458 |
assert 'Role a' in resp.text |
|
| 463 |
- |
|