Skip to content

Commit

Permalink
View role assignement in role if view_rbac
Browse files Browse the repository at this point in the history
  • Loading branch information
@a-belhadj
a-belhadj committed Sep 19, 2023
1 parent 87c7631 commit d1ec732
Show file tree
Hide file tree
Showing 7 changed files with 94 additions and 9 deletions.
14 changes: 13 additions & 1 deletion profiles/models/role.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,4 +24,16 @@ def __str__(self):


class Role(AbstractRole):
pass

def get_role_assignment_user_dict(self):
from django.contrib.auth.models import User
from profiles.models import AbstractScope
rbac = self.rbac_set.prefetch_related("user_set", "scope").values_list("user__id", "scope__id")
user_dict_id = {x.id: x for x in User.objects.all()}
scope_dict_id = {x.id: {"name": x.name, "url": x.get_absolute_url()} for x in AbstractScope.objects.all()}
return [{"username": user_dict_id[user_id], "scope": scope_dict_id[scope_id]} for user_id, scope_id in rbac]

def get_role_assignment_scope_dict(self):
from profiles.models import AbstractScope
return [{"scope": {"name": x.name, "url": x.get_absolute_url()}} for x in
AbstractScope.objects.filter(id__in=self.scopes.values_list('id', flat=True))]
6 changes: 5 additions & 1 deletion profiles/models/scope.py
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
from django.contrib.auth.models import User
from django.db.models import CharField, ManyToManyField, Prefetch, Q
from django.urls import reverse_lazy

from Squest.utils.squest_model import SquestModel
from profiles.models import Role
Expand Down Expand Up @@ -95,9 +96,12 @@ def get_users_in_role(self, role):
def get_potential_users(self):
return self.get_object().get_potential_users()

def get_absolute_url(self):
def get_url(self):
return self.get_object().get_absolute_url()

def get_absolute_url(self):
return reverse_lazy("profiles:scope_detail", kwargs={"pk": self.pk})


class Scope(AbstractScope):
class Meta:
Expand Down
18 changes: 18 additions & 0 deletions profiles/tables/role_table.py
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
from django.utils.html import format_html
from django_tables2 import tables, TemplateColumn, Column

from profiles.models import Role
Expand All @@ -20,3 +21,20 @@ class Meta:
model = Role
attrs = {"id": "role_table", "class": "table squest-pagination-tables"}
fields = ("name",)


class RoleAssignementUserTable(tables.Table):
scope = Column(orderable=False)
username = Column(orderable=False)

def render_scope(self, value, record):
return format_html(
f'<a title={record["scope"]["name"]} href="{record["scope"]["url"]}">{record["scope"]["name"]}</a>')


class RoleAssignementScopeTable(tables.Table):
scope = Column(orderable=False)

def render_scope(self, value, record):
return format_html(
f'<a title={record["scope"]["name"]} href="{record["scope"]["url"]}">{record["scope"]["name"]}</a>')
3 changes: 3 additions & 0 deletions profiles/urls.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,9 @@
path('team/<int:pk>/role/<int:role_id>/user/<int:user_id>/delete/', views.ScopeRBACDeleteView.as_view(), name="team_rbac_delete"),
path('team/<int:pk>/user/<int:user_id>/delete/', views.ScopeRBACDeleteUserView.as_view(), name="team_rbac_delete"),

# Redirect view for AbstractScope
path('scope/<int:pk>/', views.ScopeRedirectView.as_view(), name="scope_detail"),

# Permission
path('permission/', views.PermissionListView.as_view(), name="permission_list"),
path('permission/create/', views.PermissionCreateView.as_view(), name="permission_create"),
Expand Down
6 changes: 4 additions & 2 deletions profiles/views/role.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
from profiles.filters import RoleFilter
from profiles.forms import RoleForm
from profiles.models import Role
from profiles.tables import RoleTable, PermissionTable
from profiles.tables import RoleTable, PermissionTable, RoleAssignementUserTable, RoleAssignementScopeTable


class RoleListView(SquestListView):
Expand All @@ -17,9 +17,11 @@ class RoleDetailView(SquestDetailView):

def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
permission_table = PermissionTable(self.object.permissions.all())
permission_table = PermissionTable(self.object.permissions.prefetch_related("content_type"))
permission_table.exclude = ("actions",)
context['permissions_table'] = permission_table
context['rbac_assignement_user_table'] = RoleAssignementUserTable(self.object.get_role_assignment_user_dict())
context['rbac_assignement_scope_table'] = RoleAssignementScopeTable(self.object.get_role_assignment_scope_dict())
return context


Expand Down
11 changes: 11 additions & 0 deletions profiles/views/scope.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
from django.shortcuts import get_object_or_404
from django.urls import reverse
from django.utils.safestring import mark_safe
from django.views.generic import RedirectView

from Squest.utils.squest_views import SquestFormView, SquestDeleteView
from profiles.forms.scope_form import ScopeCreateRBACForm
Expand All @@ -28,6 +29,15 @@ def get_breadcrumbs_for_scope(scope):
return breadcrumbs


class ScopeRedirectView(RedirectView):
permanent = False
query_string = True

def get_redirect_url(self, *args, **kwargs):
scope = get_object_or_404(AbstractScope, pk=kwargs["pk"])
return scope.get_url()


class ScopeRBACCreateView(SquestFormView):
model = AbstractScope
form_class = ScopeCreateRBACForm
Expand Down Expand Up @@ -91,6 +101,7 @@ def delete(self, request, *args, **kwargs):
protected_objects=e.protected_objects)
return self.render_to_response(context)


class ScopeRBACDeleteUserView(SquestDeleteView):
model = AbstractScope

Expand Down
45 changes: 40 additions & 5 deletions templates/profiles/role_detail.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@
{% endblock %}

{% block main %}
{% has_perm request.user "profiles.view_rbac" as can_view_rbac %}

<div class="container-fluid">
<div class="row">
<section class="col-lg-3">
Expand All @@ -29,16 +31,49 @@ <h3 class="card-title"><b>{{ object.name }}</b></h3>
</section>
<section class="col-lg-9">
<div class="card">
<div class="card-header">
<h3 class="card-title">
Permissions
</h3>
<div class="card-header p-2">
<ul class="nav nav-pills squest-default-active" id="tabs">
<li class="nav-item">
<a class="nav-link" href="#permissions" data-toggle="tab">Permissions</a>
</li>
{% if can_view_rbac %}
<li class="nav-item">
<a class="nav-link" href="#rbac" data-toggle="tab">RBAC usage</a>
</li>
<li class="nav-item">
<a class="nav-link" href="#default-roles" data-toggle="tab">Default role usage</a>
</li>
{% endif %}
</ul>
</div>
<div class="card-body">
{% render_table permissions_table %}
<div class="tab-content">
<div class="tab-pane" id="permissions">
{% render_table permissions_table %}
</div>
{% if can_view_rbac %}
<div class="tab-pane" id="rbac">
<div class="callout callout-info">
Assignment trough Org/Team RBAC
</div>
{% if rbac_assignement_user_table %}
{% render_table rbac_assignement_user_table %}
{% endif %}
</div>
<div class="tab-pane" id="default-roles">
<div class="callout callout-info">
Used in default roles
</div>
{% if rbac_assignement_scope_table %}
{% render_table rbac_assignement_scope_table %}
{% endif %}
</div>
{% endif %}
</div>
</div>
</div>
</section>

</div>
</div>
{% endblock %}
Expand Down

0 comments on commit d1ec732

Please sign in to comment.