0001-manager-service_views-add-flag-to-allow-service-role.patch
src/authentic2/manager/role_views.py | ||
---|---|---|
15 | 15 | |
16 | 16 | |
17 | 17 |
class RolesMixin(object): |
18 |
service_roles = False |
|
19 |
admin_roles = False |
|
20 | ||
18 | 21 |
def get_queryset(self): |
19 | 22 |
qs = super(RolesMixin, self).get_queryset() |
20 | 23 |
qs = qs.select_related('ou') |
... | ... | |
26 | 29 |
.values_list('id', flat=True) |
27 | 30 |
# only non role-admin roles, they are accessed through the |
28 | 31 |
# RoleManager views |
29 |
return qs.filter(Q(admin_scope_ct__isnull=True) | |
|
30 |
Q(admin_scope_ct=permission_ct, |
|
31 |
admin_scope_id__in=permission_qs), service__isnull=True) |
|
32 |
if not self.admin_roles: |
|
33 |
qs = qs.filter(Q(admin_scope_ct__isnull=True) | |
|
34 |
Q(admin_scope_ct=permission_ct, |
|
35 |
admin_scope_id__in=permission_qs)) |
|
36 |
if not self.service_roles: |
|
37 |
qs = qs.filter(service__isnull=True) |
|
38 |
return qs |
|
32 | 39 | |
33 | 40 | |
34 | 41 |
class RolesView(RolesMixin, views.BaseTableView): |
src/authentic2/manager/service_views.py | ||
---|---|---|
46 | 46 | |
47 | 47 | |
48 | 48 |
class ServiceRoleMixin(object): |
49 |
service_roles = True |
|
50 | ||
49 | 51 |
def dispatch(self, request, *args, **kwargs): |
50 | 52 |
self.service = get_object_or_404(Service, pk=kwargs['service_pk']) |
51 | 53 |
return super(ServiceRoleMixin, self).dispatch(request, *args, **kwargs) |
52 |
- |