diff --git a/core/migrations/0018_auto_20151208_1558.py b/core/migrations/0018_auto_20151208_1558.py new file mode 100644 index 00000000..fefc5881 --- /dev/null +++ b/core/migrations/0018_auto_20151208_1558.py @@ -0,0 +1,18 @@ +# -*- coding: utf-8 -*- +from __future__ import unicode_literals + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('core', '0017_auto_20151203_1530'), + ] + + operations = [ + migrations.AlterModelOptions( + name='user', + options={'permissions': (('can_change_prop', "Can change the user's properties (groups, ...)"),), 'verbose_name': 'user', 'verbose_name_plural': 'users'}, + ), + ] diff --git a/core/migrations/0019_auto_20151208_1604.py b/core/migrations/0019_auto_20151208_1604.py new file mode 100644 index 00000000..8d8b98ae --- /dev/null +++ b/core/migrations/0019_auto_20151208_1604.py @@ -0,0 +1,18 @@ +# -*- coding: utf-8 -*- +from __future__ import unicode_literals + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('core', '0018_auto_20151208_1558'), + ] + + operations = [ + migrations.AlterModelOptions( + name='user', + options={'permissions': (('change_prop', "Can change the user's properties (groups, ...)"),), 'verbose_name_plural': 'users', 'verbose_name': 'user'}, + ), + ] diff --git a/core/migrations/0020_auto_20151208_1621.py b/core/migrations/0020_auto_20151208_1621.py new file mode 100644 index 00000000..6f3b2777 --- /dev/null +++ b/core/migrations/0020_auto_20151208_1621.py @@ -0,0 +1,18 @@ +# -*- coding: utf-8 -*- +from __future__ import unicode_literals + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('core', '0019_auto_20151208_1604'), + ] + + operations = [ + migrations.AlterModelOptions( + name='user', + options={'verbose_name_plural': 'users', 'permissions': (('change_prop_user', "Can change the user's properties (groups, ...)"),), 'verbose_name': 'user'}, + ), + ] diff --git a/core/models.py b/core/models.py index 16b7289d..b030b6e3 100644 --- a/core/models.py +++ b/core/models.py @@ -72,6 +72,9 @@ class User(AbstractBaseUser, PermissionsMixin): class Meta: verbose_name = _('user') verbose_name_plural = _('users') + permissions = ( + ("change_prop_user", "Can change the user's properties (groups, ...)"), + ) def get_absolute_url(self): """ @@ -139,11 +142,14 @@ class User(AbstractBaseUser, PermissionsMixin): """ Determine if the object is owned by the user """ - # TODO: add permission scale validation, to allow some groups other than superuser to manipulate + # TODO: add permission (class) scale validation, to allow some groups other than superuser to manipulate # all objects of a class if they are in the right group + # example: something like user.has_perm("change_"+obj.__class__) if not hasattr(obj, "owner_group"): return False - if self.is_superuser or self.groups.filter(name=obj.owner_group.name).exists(): + print(str(obj.__class__)) + print(str(obj.__class__).lower().split('.')[-1]) + if self.is_superuser or self.groups.filter(name=obj.owner_group.name).exists() or self.has_perm("change_prop_"+str(obj.__class__).lower().split('.')[-1]): return True return False @@ -158,6 +164,8 @@ class User(AbstractBaseUser, PermissionsMixin): for g in obj.edit_group.all(): if self.groups.filter(name=g.name).exists(): return True + if isinstance(obj, User) and obj == self: + return True return False def can_view(self, obj): @@ -171,8 +179,6 @@ class User(AbstractBaseUser, PermissionsMixin): for g in obj.view_group.all(): if self.groups.filter(name=g.name).exists(): return True - if isinstance(obj, User) and obj == self: - return True return False class LockError(Exception): @@ -212,7 +218,6 @@ class Page(models.Model): class Meta: unique_together = ('name', 'parent') permissions = ( - #("can_edit", "Can edit the page"), ("can_view", "Can view the page"), ) diff --git a/core/templates/core/base.html b/core/templates/core/base.html index cbb7b8a2..eeec42e9 100644 --- a/core/templates/core/base.html +++ b/core/templates/core/base.html @@ -10,12 +10,20 @@ {% block header %} {% if user.is_authenticated %}Hello, {{ user.username }}!{% endif %}
+ {% if user.is_authenticated %} + + {% endif %} {% endblock %} diff --git a/core/templates/core/user_detail.html b/core/templates/core/user_detail.html index dcc4649f..685cd80c 100644 --- a/core/templates/core/user_detail.html +++ b/core/templates/core/user_detail.html @@ -8,12 +8,18 @@
You're seeing the profile of {{ profile.get_full_name }}
diff --git a/core/templates/core/user_tools.html b/core/templates/core/user_tools.html
new file mode 100644
index 00000000..670e75dd
--- /dev/null
+++ b/core/templates/core/user_tools.html
@@ -0,0 +1,20 @@
+{% extends "core/base.html" %}
+
+{% block title %}
+ {{ user.get_display_name }}'s tools
+{% endblock %}
+
+{% block content %}
+