From df347b8b30545ea23d9ad38964d51d2c95e4d4f6 Mon Sep 17 00:00:00 2001 From: Emmanuel Viennet Date: Mon, 31 Jan 2022 21:44:59 +0100 Subject: [PATCH] =?UTF-8?q?Modif=20=C3=A9dition=20roles/permissions?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/views/users.py | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/app/views/users.py b/app/views/users.py index 0655da501..06f49979b 100644 --- a/app/views/users.py +++ b/app/views/users.py @@ -149,7 +149,7 @@ def user_info(user_name, format="json"): @scodoc @permission_required(Permission.ScoUsersAdmin) @scodoc7func -def create_user_form(user_name=None, edit=0, all_roles=1): +def create_user_form(user_name=None, edit=0, all_roles=False): "form. création ou édition utilisateur" if user_name is not None: # scodoc7func converti en int ! user_name = str(user_name) @@ -218,9 +218,11 @@ def create_user_form(user_name=None, edit=0, all_roles=1): } if current_user.is_administrator(): editable_roles_set |= { - (Role.get_named_role(r), "") + (Role.get_named_role(r), None) for r in sco_roles_default.ROLES_ATTRIBUABLES_SCODOC } + # Un super-admin peut nommer d'autres super-admin: + editable_roles_set |= {(Role.get_named_role("SuperAdmin"), None)} # if not edit: submitlabel = "Créer utilisateur" @@ -251,16 +253,23 @@ def create_user_form(user_name=None, edit=0, all_roles=1): orig_roles_strings = {r.name + "_" + (dept or "") for (r, dept) in orig_roles} # add existing user roles displayed_roles = list(editable_roles_set.union(orig_roles)) - displayed_roles.sort(key=lambda x: (x[1] or "", x[0].name or "")) + displayed_roles.sort( + key=lambda x: ( + x[1] or "", + (x[0].name or "") if x[0].name != "SuperAdmin" else "A", + ) + ) displayed_roles_strings = [ r.name + "_" + (dept or "") for (r, dept) in displayed_roles ] - displayed_roles_labels = [f"{dept}: {r.name}" for (r, dept) in displayed_roles] + displayed_roles_labels = [ + f"{dept or 'tout dépt.'}: {r.name}" for (r, dept) in displayed_roles + ] disabled_roles = {} # pour désactiver les roles que l'on ne peut pas éditer for i in range(len(displayed_roles_strings)): if displayed_roles_strings[i] not in editable_roles_strings: disabled_roles[i] = True - + breakpoint() descr = [ ("edit", {"input_type": "hidden", "default": edit}), ("nom", {"title": "Nom", "size": 20, "allow_null": False}),