WIP: éditeur de rôles/permissions

This commit is contained in:
Emmanuel Viennet 2023-09-04 21:34:23 +02:00
parent 0c166d90d7
commit 9edca65294
5 changed files with 133 additions and 3 deletions

View File

@ -0,0 +1,42 @@
.help {
margin-bottom: 24px;
}
section#roles {
background-color: #fffaf4;
}
.role {
display: flex;
flex-wrap: wrap;
gap: 4px;
margin-bottom: 32px;
}
.role>div, .role span {
display: block;
padding: 4px 8px;
border: 1px solid #aaa;
border-radius: 4px;
}
.role input {
display: none;
}
.role input:checked:not([value=aucun])+span {
background: rgb(165, 6, 59);
border-color: rgb(165, 6, 59);
color: #fff;
}
.role>:nth-child(1) {
background: #09c;
border-color: #09c;
color: #fff;
}
.permission-roles label {
font-weight: normal;
}

View File

@ -72,9 +72,12 @@
</p> </p>
</section> </section>
<h2>Utilisateurs et CAS</h2> <h2>Utilisateurs, Rôles et CAS</h2>
<section> <section>
<div> <div>
🎎 <a class="stdlink" href="{{url_for('scodoc.config_roles')}}">Définition des rôles et permissions</a>
</div>
<div style="margin-top: 16px;">
🏰 <a class="stdlink" href="{{url_for('scodoc.config_cas')}}">Configuration du service CAS</a> 🏰 <a class="stdlink" href="{{url_for('scodoc.config_cas')}}">Configuration du service CAS</a>
</div> </div>
<div style="margin-top: 16px;"> <div style="margin-top: 16px;">

View File

@ -0,0 +1,69 @@
{# -*- mode: jinja-html -*- #}
{# -*- Edition des rôles/permissions -- inspiré de partition_editor -*- #}
{% extends "base.j2" %}
{% import 'bootstrap/wtf.html' as wtf %}
{% block styles %}
{{super()}}
<link rel="stylesheet" href="{{ scu.STATIC_DIR }}/css/partition_editor.css">
<link rel="stylesheet" href="{{ scu.STATIC_DIR }}/css/role_editor.css">
{% endblock %}
{% block app_content %}
<h1>Définition des rôles et leurs permissions</h1>
<div class="help">Les rôles sont associés à un ensemble de permissions. Chaque
utilisateur peut avoir un nombre quelconque de rôles <em>dans chaque
département</em>.
Sur cette page vous pouvez modifier les permissions associée à chaque rôle, ou créer de nouveaux rôles.
</div>
{# <div class="links">
<a class="stdlink" href="{{ url_for('scodoc.users') }}">liste des comptes utilisateurs</a>
</div> #}
<main>
<section id="roles">
<div class="permission-roles">
{% for role in roles %}
<div class="role">
<div>{{role.name}}</div>
<label title="Aucune permission">
<input type="checkbox" name="{{role.id}}" value="aucun" checked="" class="">
<span class="aucun"> - </span>
</label>
{% for permission_name in permissions_names %}
<label>
<input type="checkbox"
name="{{role.id}}-{{Permission.get_by_name(permission_name)}}"
value="{{role.id}}-{{Permission.get_by_name(permission_name)}}"
{{"checked" if role.has_permission(Permission.get_by_name(permission_name)) else ''}}
>
<span data-permission="{{
Permission.get_by_name(permission_name)
}}">{{permission_name}}</span>
</label>
{% endfor %}
</div>
{% endfor %}
</div>
</section>
</main>
<script>
function associe_role_permission() {
alert("toto");
}
document.querySelectorAll("label").forEach(btn => {
btn.addEventListener("mousedown", (event) => { event.preventDefault() })
});
document.querySelectorAll(".role input").forEach(input => {
input.addEventListener("input", associe_role_permission)
});
</script>
{% endblock %}

View File

@ -53,7 +53,7 @@ from werkzeug.exceptions import BadRequest, NotFound
from app import db from app import db
from app.auth.models import User from app.auth.models import User, Role
from app.auth.cas import set_cas_configuration from app.auth.cas import set_cas_configuration
from app.decorators import ( from app.decorators import (
admin_required, admin_required,
@ -144,6 +144,20 @@ def toggle_dept_vis(dept_id):
return redirect(url_for("scodoc.index")) return redirect(url_for("scodoc.index"))
@bp.route("/ScoDoc/config_roles", methods=["GET", "POST"])
@admin_required
def config_roles():
"""Form associations rôles / permissions"""
permissions_names = sorted(Permission.permission_by_value.values())
roles = Role.query.order_by(Role.name).all()
return render_template(
"role_editor.j2",
Permission=Permission,
permissions_names=permissions_names,
roles=roles,
)
@bp.route("/ScoDoc/config_cas", methods=["GET", "POST"]) @bp.route("/ScoDoc/config_cas", methods=["GET", "POST"])
@admin_required @admin_required
def config_cas(): def config_cas():

View File

@ -39,7 +39,7 @@ from enum import auto, IntEnum
from xml.etree import ElementTree from xml.etree import ElementTree
import flask import flask
from flask import g, url_for, request, current_app, flash from flask import g, url_for, request, flash
from flask import redirect, render_template from flask import redirect, render_template
from flask_login import current_user from flask_login import current_user
from flask_wtf import FlaskForm from flask_wtf import FlaskForm
@ -74,6 +74,8 @@ from app.scodoc.sco_import_users import generate_password
from app.scodoc.sco_permissions_check import can_handle_passwd from app.scodoc.sco_permissions_check import can_handle_passwd
from app.scodoc.TrivialFormulator import TrivialFormulator, tf_error_message from app.scodoc.TrivialFormulator import TrivialFormulator, tf_error_message
from app.views import users_bp as bp from app.views import users_bp as bp
from app.views import scodoc_bp
_ = lambda x: x # sans babel _ = lambda x: x # sans babel
_l = _ _l = _