From 5580c8b4781e706d8cb14bd1ebc2ca6b337e8ccb Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Mon, 12 Oct 2015 13:08:03 +0200 Subject: [PATCH] a2_rbac: modify Role.to_json() to list all roles visible to the service Service can usually see roles linked to them but also linked to their ou. --- src/authentic2/custom_user/models.py | 4 ++-- src/authentic2/models.py | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/authentic2/custom_user/models.py b/src/authentic2/custom_user/models.py index 45bc058..e3d750c 100644 --- a/src/authentic2/custom_user/models.py +++ b/src/authentic2/custom_user/models.py @@ -148,7 +148,7 @@ class User(AbstractBaseUser, PermissionMixin): 'first_name': self.first_name, 'last_name': self.last_name, 'is_superuser': self.is_superuser, - 'roles': [role.to_json() for role in self.roles_and_parents().filter(service__isnull=True)], - 'services': [service.to_json(user=self) for service in Service.objects.all()], + 'roles': [role.to_json() for role in self.roles_and_parents()], + 'services': [service.to_json(roles=self.roles_and_parents()) for service in Service.objects.all()], }) return d diff --git a/src/authentic2/models.py b/src/authentic2/models.py index 93c25dd..88280ac 100644 --- a/src/authentic2/models.py +++ b/src/authentic2/models.py @@ -3,6 +3,7 @@ import urlparse from django.utils.http import urlquote from django.conf import settings from django.db import models +from django.db.models.query import Q from django.utils.translation import ugettext_lazy as _ from django.core.exceptions import ValidationError @@ -278,11 +279,10 @@ class Service(models.Model): def __unicode__(self): return self.name - def to_json(self, user=None): - if user: - roles = user.roles_and_parents().filter(service=self) - else: - roles = self.roles.all() + def to_json(self, roles=None): + if not roles: + roles = Role.objects.all() + roles = roles.filter(Q(service=self)|Q(ou=self.ou, service__isnull=True)) return { 'name': self.name, 'slug': self.slug, -- 2.1.4