Basic user permissions for user editing

This commit is contained in:
Skia 2015-11-19 16:28:49 +01:00
parent d3896ad676
commit 7a65215bb5
6 changed files with 89 additions and 8 deletions

View File

@ -0,0 +1,33 @@
# -*- coding: utf-8 -*-
from __future__ import unicode_literals
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('core', '0001_initial'),
]
operations = [
migrations.CreateModel(
name='Page',
fields=[
('id', models.AutoField(serialize=False, primary_key=True, auto_created=True, verbose_name='ID')),
('name', models.CharField(max_length=30, verbose_name='page name')),
('full_name', models.CharField(max_length=255, verbose_name='full name')),
('content', models.TextField(blank=True, verbose_name='page content')),
('revision', models.PositiveIntegerField(default=1, verbose_name='current revision')),
('is_locked', models.BooleanField(default=False, verbose_name='page mutex')),
],
options={
'permissions': (('can_edit', 'Can edit the page'), ('can_view', 'Can view the page')),
},
),
migrations.AlterField(
model_name='user',
name='date_of_birth',
field=models.DateTimeField(default='1970-01-01T00:00:00+01:00', verbose_name='date of birth'),
),
]

View File

@ -105,7 +105,19 @@ class User(AbstractBaseUser, PermissionsMixin):
self.username = user_name
return user_name
class Page:
pass
class Page(models.Model):
name = models.CharField(_('page name'), max_length=30, blank=False)
full_name = models.CharField(_("full name"), max_length=255, blank=False)
content = models.TextField(_("page content"), blank=True)
revision = models.PositiveIntegerField(_("current revision"), default=1)
is_locked = models.BooleanField(_("page mutex"), default=False)
class Meta:
permissions = (
("can_edit", "Can edit the page"),
("can_view", "Can view the page"),
)
def __str__(self):
return self.full_name

View File

@ -8,11 +8,12 @@
<body>
<header>
{% block header %}
{% if user %}Hello, {{ user.username }}!{% endif %}
{% if user.is_authenticated %}Hello, {{ user.username }}!{% endif %}
<ul>
<li><a href="{% url 'core:register' %}">Register</a></li>
<li><a href="{% url 'core:login' %}">Login</a></li>
<li><a href="{% url 'core:logout' %}">Logout</a></li>
<li><a href="{% url 'core:user_list' %}">Users</a></li>
</ul>
{% endblock %}
</header>

View File

@ -0,0 +1,15 @@
{% extends "core/base.html" %}
{% block title %}
{% if profile %}
Edit {{ profile.get_display_name }}
{% endif %}
{% endblock %}
{% block content %}
{% if profile %}
<h3>Edit user</h3>
<p><a href="{% url 'core:user_profile' profile.id %}">Back to profile</a></p>
<p>You're editing the profile of <strong>{{ profile.get_display_name }}</strong></p>
{% endif %}
{% endblock %}

View File

@ -13,6 +13,9 @@ User list
{% if profile %}
<h3>User Profile</h3>
<p><a href="{% url 'core:user_list' %}">Back to list</a></p>
{% if user.is_superuser or user.id == profile.id %}
<p><a href="{% url 'core:user_edit' profile.id %}">Edit</a></p>
{% endif %}
<p>You're seeing the profile of <strong>{{ profile.get_display_name }}</strong></p>
{% endif %}

View File

@ -40,6 +40,11 @@ def register(request):
return render(request, "core/register.html", context)
def login(request):
"""
The login view
Needs to be improve with correct handling of form exceptions
"""
context = {'title': 'Login'}
if request.method == 'POST':
try:
@ -57,15 +62,27 @@ def login(request):
return render(request, "core/login.html", context)
def logout(request):
"""
The logout view:w
"""
auth_logout(request)
return redirect('core:index')
def user(request, user_id=None):
context = {'title': 'View a user'}
if user_id == None:
return render(request, "core/user.html", {'user_list': User.objects.all})
user = get_object_or_404(User, pk=user_id)
return render(request, "core/user.html", {'profile': user})
context['user_list'] = User.objects.all
return render(request, "core/user.html", context)
context['profile'] = get_object_or_404(User, pk=user_id)
return render(request, "core/user.html", context)
def user_edit(request, user_id):
pass
def user_edit(request, user_id=None):
user_id = int(user_id)
context = {'title': 'Edit a user'}
if user_id is not None:
user_id = int(user_id)
if request.user.is_authenticated() and (request.user.pk == user_id or request.user.is_superuser):
context['profile'] = get_object_or_404(User, pk=user_id)
return render(request, "core/edit_user.html", context)
return user(request, user_id)