409 |
409 |
members_export = RoleMembersExportView.as_view()
|
410 |
410 |
|
411 |
411 |
|
412 |
|
class RoleChildrenView(RoleViewMixin, views.HideOUColumnMixin, views.BaseSubTableView):
|
413 |
|
title = _('Add child role')
|
414 |
|
form_class = forms.ChooseRoleForm
|
415 |
|
table_class = tables.InheritanceRolesTable
|
416 |
|
search_form_class = forms.RoleSearchForm
|
417 |
|
template_name = 'authentic2/manager/roles_inheritance.html'
|
418 |
|
permissions = ['a2_rbac.manage_members_role']
|
419 |
|
success_url = '.'
|
420 |
|
slug_field = 'uuid'
|
421 |
|
|
422 |
|
def get_table_queryset(self):
|
423 |
|
qs = super().get_table_queryset()
|
424 |
|
qs = qs.exclude(pk=self.object.pk)
|
425 |
|
children = self.object.children(annotate=True, include_self=False)
|
426 |
|
children = children.annotate(is_direct=Cast('direct', output_field=BooleanField()))
|
427 |
|
qs = qs.annotate(
|
428 |
|
checked=ExpressionWrapper(Q(pk__in=children.filter(is_direct=True)), output_field=BooleanField())
|
429 |
|
)
|
430 |
|
qs = qs.annotate(
|
431 |
|
indeterminate=ExpressionWrapper(
|
432 |
|
Q(pk__in=children.filter(is_direct=False)), output_field=BooleanField()
|
433 |
|
)
|
434 |
|
)
|
435 |
|
rp_qs = RoleParenting.objects.filter(parent__in=children).annotate(name=F('parent__name'))
|
436 |
|
qs = qs.prefetch_related(Prefetch('parent_relation', queryset=rp_qs, to_attr='via'))
|
437 |
|
return qs
|
438 |
|
|
439 |
|
def form_valid(self, form):
|
440 |
|
role = form.cleaned_data['role']
|
441 |
|
action = form.cleaned_data['action']
|
442 |
|
if action == 'add':
|
443 |
|
self.object.add_child(role)
|
444 |
|
hooks.call_hooks(
|
445 |
|
'event', name='manager-add-child-role', user=self.request.user, parent=self.object, child=role
|
446 |
|
)
|
447 |
|
self.request.journal.record('manager.role.inheritance.addition', parent=self.object, child=role)
|
448 |
|
elif action == 'remove':
|
449 |
|
self.object.remove_child(role)
|
450 |
|
hooks.call_hooks(
|
451 |
|
'event',
|
452 |
|
name='manager-remove-child-role',
|
453 |
|
user=self.request.user,
|
454 |
|
parent=self.object,
|
455 |
|
child=role,
|
456 |
|
)
|
457 |
|
self.request.journal.record('manager.role.inheritance.removal', parent=self.object, child=role)
|
458 |
|
return super().form_valid(form)
|
459 |
|
|
460 |
|
def get_search_form_kwargs(self):
|
461 |
|
kwargs = super().get_search_form_kwargs()
|
462 |
|
kwargs['queryset'] = self.request.user.filter_by_perm('a2_rbac.view_role', Role.objects.all())
|
463 |
|
return kwargs
|
464 |
|
|
465 |
|
|
466 |
|
children = RoleChildrenView.as_view()
|
467 |
|
|
468 |
|
|
469 |
412 |
class RoleParentsView(RoleViewMixin, views.HideOUColumnMixin, views.BaseSubTableView):
|
470 |
413 |
title = _('Add parent role')
|
471 |
414 |
form_class = forms.RoleParentForm
|