| 409 |
409 |
members_export = RoleMembersExportView.as_view()
|
| 410 |
410 |
|
| 411 |
411 |
|
| 412 |
|
class RoleChildrenView(RoleViewMixin, views.HideOUColumnMixin, views.BaseSubTableView):
|
| 413 |
|
title = _('Add child role')
|
| 414 |
|
form_class = forms.ChooseRoleForm
|
| 415 |
|
table_class = tables.InheritanceRolesTable
|
| 416 |
|
search_form_class = forms.RoleSearchForm
|
| 417 |
|
template_name = 'authentic2/manager/roles_inheritance.html'
|
| 418 |
|
permissions = ['a2_rbac.manage_members_role']
|
| 419 |
|
success_url = '.'
|
| 420 |
|
slug_field = 'uuid'
|
| 421 |
|
|
| 422 |
|
def get_table_queryset(self):
|
| 423 |
|
qs = super().get_table_queryset()
|
| 424 |
|
qs = qs.exclude(pk=self.object.pk)
|
| 425 |
|
children = self.object.children(annotate=True, include_self=False)
|
| 426 |
|
children = children.annotate(is_direct=Cast('direct', output_field=BooleanField()))
|
| 427 |
|
qs = qs.annotate(
|
| 428 |
|
checked=ExpressionWrapper(Q(pk__in=children.filter(is_direct=True)), output_field=BooleanField())
|
| 429 |
|
)
|
| 430 |
|
qs = qs.annotate(
|
| 431 |
|
indeterminate=ExpressionWrapper(
|
| 432 |
|
Q(pk__in=children.filter(is_direct=False)), output_field=BooleanField()
|
| 433 |
|
)
|
| 434 |
|
)
|
| 435 |
|
rp_qs = RoleParenting.objects.filter(parent__in=children).annotate(name=F('parent__name'))
|
| 436 |
|
qs = qs.prefetch_related(Prefetch('parent_relation', queryset=rp_qs, to_attr='via'))
|
| 437 |
|
return qs
|
| 438 |
|
|
| 439 |
|
def form_valid(self, form):
|
| 440 |
|
role = form.cleaned_data['role']
|
| 441 |
|
action = form.cleaned_data['action']
|
| 442 |
|
if action == 'add':
|
| 443 |
|
self.object.add_child(role)
|
| 444 |
|
hooks.call_hooks(
|
| 445 |
|
'event', name='manager-add-child-role', user=self.request.user, parent=self.object, child=role
|
| 446 |
|
)
|
| 447 |
|
self.request.journal.record('manager.role.inheritance.addition', parent=self.object, child=role)
|
| 448 |
|
elif action == 'remove':
|
| 449 |
|
self.object.remove_child(role)
|
| 450 |
|
hooks.call_hooks(
|
| 451 |
|
'event',
|
| 452 |
|
name='manager-remove-child-role',
|
| 453 |
|
user=self.request.user,
|
| 454 |
|
parent=self.object,
|
| 455 |
|
child=role,
|
| 456 |
|
)
|
| 457 |
|
self.request.journal.record('manager.role.inheritance.removal', parent=self.object, child=role)
|
| 458 |
|
return super().form_valid(form)
|
| 459 |
|
|
| 460 |
|
def get_search_form_kwargs(self):
|
| 461 |
|
kwargs = super().get_search_form_kwargs()
|
| 462 |
|
kwargs['queryset'] = self.request.user.filter_by_perm('a2_rbac.view_role', Role.objects.all())
|
| 463 |
|
return kwargs
|
| 464 |
|
|
| 465 |
|
|
| 466 |
|
children = RoleChildrenView.as_view()
|
| 467 |
|
|
| 468 |
|
|
| 469 |
412 |
class RoleParentsView(RoleViewMixin, views.HideOUColumnMixin, views.BaseSubTableView):
|
| 470 |
413 |
title = _('Add parent role')
|
| 471 |
414 |
form_class = forms.RoleParentForm
|