From 5c8fa1b9e7c58f54863511cc72f2bd8497941fa0 Mon Sep 17 00:00:00 2001 From: Bartuccio Antoine Date: Sun, 24 Nov 2019 19:23:43 +0100 Subject: [PATCH] core: add UserIsRootMixin and an admin delete view for memberships --- club/urls.py | 5 +++++ club/views.py | 14 ++++++++++++++ core/templates/core/user_clubs.jinja | 6 ++++++ core/views/__init__.py | 10 ++++++++++ doc/overlay/rights.rst | 3 ++- 5 files changed, 37 insertions(+), 1 deletion(-) diff --git a/club/urls.py b/club/urls.py index ca7bdf96..ed08472f 100644 --- a/club/urls.py +++ b/club/urls.py @@ -91,6 +91,11 @@ urlpatterns = [ MembershipSetOldView.as_view(), name="membership_set_old", ), + re_path( + r"^membership/(?P[0-9]+)/delete$", + MembershipDeleteView.as_view(), + name="membership_delete", + ), re_path( r"^(?P[0-9]+)/poster$", PosterListView.as_view(), name="poster_list" ), diff --git a/club/views.py b/club/views.py index 1f26b76e..5a69df7e 100644 --- a/club/views.py +++ b/club/views.py @@ -43,6 +43,7 @@ from core.views import ( CanViewMixin, CanEditMixin, CanEditPropMixin, + UserIsRootMixin, TabedViewMixin, PageEditViewBase, DetailFormView, @@ -493,6 +494,19 @@ class MembershipSetOldView(CanEditMixin, DetailView): ) +class MembershipDeleteView(UserIsRootMixin, DeleteView): + """ + Delete a membership (for admins only) + """ + + model = Membership + pk_url_kwarg = "membership_id" + template_name = "core/delete_confirm.jinja" + + def get_success_url(self): + return reverse_lazy("core:user_clubs", kwargs={"user_id": self.object.user.id}) + + class ClubStatView(TemplateView): template_name = "club/stats.jinja" diff --git a/core/templates/core/user_clubs.jinja b/core/templates/core/user_clubs.jinja index 1ca5eb4e..a972ff6f 100644 --- a/core/templates/core/user_clubs.jinja +++ b/core/templates/core/user_clubs.jinja @@ -28,6 +28,9 @@ {% if m.can_be_edited_by(user) %} {% trans %}Mark as old{% endtrans %} {% endif %} + {% if user.is_root %} + {% trans %}Delete{% endtrans %} + {% endif %} {% endfor %} @@ -54,6 +57,9 @@ {{ m.description }} {{ m.start_date }} {{ m.end_date }} + {% if user.is_root %} + {% trans %}Delete{% endtrans %} + {% endif %} {% endfor %} diff --git a/core/views/__init__.py b/core/views/__init__.py index a99a768a..62dd1581 100644 --- a/core/views/__init__.py +++ b/core/views/__init__.py @@ -242,6 +242,16 @@ class CanViewMixin(GenericContentPermissionMixinBuilder): permission_function = can_view +class UserIsRootMixin(GenericContentPermissionMixinBuilder): + """ + This view check if the user is root + + :raises: PermissionDenied + """ + + permission_function = lambda obj, user: user.is_root + + class FormerSubscriberMixin(View): """ This view check if the user was at least an old subscriber diff --git a/doc/overlay/rights.rst b/doc/overlay/rights.rst index 2328ef63..a7e34e56 100644 --- a/doc/overlay/rights.rst +++ b/doc/overlay/rights.rst @@ -87,7 +87,7 @@ Voici maintenant comment faire en définissant des fonctions personnalisées. Ce # Donne ou non les droits de vue de l'objet # Ici, l'objet n'est visible que par un utilisateur connecté def can_be_viewed_by(self, user): - return not user.user.is_anonymous + return not user.is_anonymous .. note:: @@ -154,5 +154,6 @@ Le système de permissions de propose plusieurs mixins différents, les voici da .. autoclass:: core.views.CanEditPropMixin .. autoclass:: core.views.CanEditMixin .. autoclass:: core.views.CanViewMixin +.. autoclass:: core.views.UserIsRootMixin .. autoclass:: core.views.FormerSubscriberMixin .. autoclass:: core.views.UserIsLoggedMixin \ No newline at end of file