mirror of
https://github.com/ae-utbm/sith.git
synced 2024-12-22 07:41:14 +00:00
Basic user permissions for user editing
This commit is contained in:
parent
d3896ad676
commit
7a65215bb5
33
core/migrations/0002_auto_20151119_1533.py
Normal file
33
core/migrations/0002_auto_20151119_1533.py
Normal file
@ -0,0 +1,33 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
from __future__ import unicode_literals
|
||||
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('core', '0001_initial'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='Page',
|
||||
fields=[
|
||||
('id', models.AutoField(serialize=False, primary_key=True, auto_created=True, verbose_name='ID')),
|
||||
('name', models.CharField(max_length=30, verbose_name='page name')),
|
||||
('full_name', models.CharField(max_length=255, verbose_name='full name')),
|
||||
('content', models.TextField(blank=True, verbose_name='page content')),
|
||||
('revision', models.PositiveIntegerField(default=1, verbose_name='current revision')),
|
||||
('is_locked', models.BooleanField(default=False, verbose_name='page mutex')),
|
||||
],
|
||||
options={
|
||||
'permissions': (('can_edit', 'Can edit the page'), ('can_view', 'Can view the page')),
|
||||
},
|
||||
),
|
||||
migrations.AlterField(
|
||||
model_name='user',
|
||||
name='date_of_birth',
|
||||
field=models.DateTimeField(default='1970-01-01T00:00:00+01:00', verbose_name='date of birth'),
|
||||
),
|
||||
]
|
@ -105,7 +105,19 @@ class User(AbstractBaseUser, PermissionsMixin):
|
||||
self.username = user_name
|
||||
return user_name
|
||||
|
||||
class Page:
|
||||
pass
|
||||
class Page(models.Model):
|
||||
name = models.CharField(_('page name'), max_length=30, blank=False)
|
||||
full_name = models.CharField(_("full name"), max_length=255, blank=False)
|
||||
content = models.TextField(_("page content"), blank=True)
|
||||
revision = models.PositiveIntegerField(_("current revision"), default=1)
|
||||
is_locked = models.BooleanField(_("page mutex"), default=False)
|
||||
|
||||
class Meta:
|
||||
permissions = (
|
||||
("can_edit", "Can edit the page"),
|
||||
("can_view", "Can view the page"),
|
||||
)
|
||||
|
||||
def __str__(self):
|
||||
return self.full_name
|
||||
|
||||
|
@ -8,11 +8,12 @@
|
||||
<body>
|
||||
<header>
|
||||
{% block header %}
|
||||
{% if user %}Hello, {{ user.username }}!{% endif %}
|
||||
{% if user.is_authenticated %}Hello, {{ user.username }}!{% endif %}
|
||||
<ul>
|
||||
<li><a href="{% url 'core:register' %}">Register</a></li>
|
||||
<li><a href="{% url 'core:login' %}">Login</a></li>
|
||||
<li><a href="{% url 'core:logout' %}">Logout</a></li>
|
||||
<li><a href="{% url 'core:user_list' %}">Users</a></li>
|
||||
</ul>
|
||||
{% endblock %}
|
||||
</header>
|
||||
|
15
core/templates/core/edit_user.html
Normal file
15
core/templates/core/edit_user.html
Normal file
@ -0,0 +1,15 @@
|
||||
{% extends "core/base.html" %}
|
||||
|
||||
{% block title %}
|
||||
{% if profile %}
|
||||
Edit {{ profile.get_display_name }}
|
||||
{% endif %}
|
||||
{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
{% if profile %}
|
||||
<h3>Edit user</h3>
|
||||
<p><a href="{% url 'core:user_profile' profile.id %}">Back to profile</a></p>
|
||||
<p>You're editing the profile of <strong>{{ profile.get_display_name }}</strong></p>
|
||||
{% endif %}
|
||||
{% endblock %}
|
@ -13,6 +13,9 @@ User list
|
||||
{% if profile %}
|
||||
<h3>User Profile</h3>
|
||||
<p><a href="{% url 'core:user_list' %}">Back to list</a></p>
|
||||
{% if user.is_superuser or user.id == profile.id %}
|
||||
<p><a href="{% url 'core:user_edit' profile.id %}">Edit</a></p>
|
||||
{% endif %}
|
||||
<p>You're seeing the profile of <strong>{{ profile.get_display_name }}</strong></p>
|
||||
{% endif %}
|
||||
|
||||
|
@ -40,6 +40,11 @@ def register(request):
|
||||
return render(request, "core/register.html", context)
|
||||
|
||||
def login(request):
|
||||
"""
|
||||
The login view
|
||||
|
||||
Needs to be improve with correct handling of form exceptions
|
||||
"""
|
||||
context = {'title': 'Login'}
|
||||
if request.method == 'POST':
|
||||
try:
|
||||
@ -57,15 +62,27 @@ def login(request):
|
||||
return render(request, "core/login.html", context)
|
||||
|
||||
def logout(request):
|
||||
"""
|
||||
The logout view:w
|
||||
"""
|
||||
auth_logout(request)
|
||||
return redirect('core:index')
|
||||
|
||||
def user(request, user_id=None):
|
||||
context = {'title': 'View a user'}
|
||||
if user_id == None:
|
||||
return render(request, "core/user.html", {'user_list': User.objects.all})
|
||||
user = get_object_or_404(User, pk=user_id)
|
||||
return render(request, "core/user.html", {'profile': user})
|
||||
context['user_list'] = User.objects.all
|
||||
return render(request, "core/user.html", context)
|
||||
context['profile'] = get_object_or_404(User, pk=user_id)
|
||||
return render(request, "core/user.html", context)
|
||||
|
||||
def user_edit(request, user_id):
|
||||
pass
|
||||
def user_edit(request, user_id=None):
|
||||
user_id = int(user_id)
|
||||
context = {'title': 'Edit a user'}
|
||||
if user_id is not None:
|
||||
user_id = int(user_id)
|
||||
if request.user.is_authenticated() and (request.user.pk == user_id or request.user.is_superuser):
|
||||
context['profile'] = get_object_or_404(User, pk=user_id)
|
||||
return render(request, "core/edit_user.html", context)
|
||||
return user(request, user_id)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user