From 9edca65294b2105b55056aa03109c10325e25031 Mon Sep 17 00:00:00 2001 From: Emmanuel Viennet Date: Mon, 4 Sep 2023 21:34:23 +0200 Subject: [PATCH] =?UTF-8?q?WIP:=20=C3=A9diteur=20de=20r=C3=B4les/permissio?= =?UTF-8?q?ns?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/static/css/role_editor.css | 42 +++++++++++++++++++++ app/templates/configuration.j2 | 5 ++- app/templates/role_editor.j2 | 69 ++++++++++++++++++++++++++++++++++ app/views/scodoc.py | 16 +++++++- app/views/users.py | 4 +- 5 files changed, 133 insertions(+), 3 deletions(-) create mode 100644 app/static/css/role_editor.css create mode 100644 app/templates/role_editor.j2 diff --git a/app/static/css/role_editor.css b/app/static/css/role_editor.css new file mode 100644 index 0000000000..2c3d87dcb6 --- /dev/null +++ b/app/static/css/role_editor.css @@ -0,0 +1,42 @@ + +.help { + margin-bottom: 24px; +} + +section#roles { + background-color: #fffaf4; +} + +.role { + display: flex; + flex-wrap: wrap; + gap: 4px; + margin-bottom: 32px; +} + +.role>div, .role span { + display: block; + padding: 4px 8px; + border: 1px solid #aaa; + border-radius: 4px; +} + +.role input { + display: none; +} + +.role input:checked:not([value=aucun])+span { + background: rgb(165, 6, 59); + border-color: rgb(165, 6, 59); + color: #fff; +} + +.role>:nth-child(1) { + background: #09c; + border-color: #09c; + color: #fff; +} + +.permission-roles label { + font-weight: normal; +} \ No newline at end of file diff --git a/app/templates/configuration.j2 b/app/templates/configuration.j2 index 5eaa73b577..88b3118d3f 100644 --- a/app/templates/configuration.j2 +++ b/app/templates/configuration.j2 @@ -72,9 +72,12 @@

-

Utilisateurs et CAS

+

Utilisateurs, R么les et CAS

+ 馃帋 D茅finition des r么les et permissions +
+
馃彴 Configuration du service CAS
diff --git a/app/templates/role_editor.j2 b/app/templates/role_editor.j2 new file mode 100644 index 0000000000..bc4ea948ff --- /dev/null +++ b/app/templates/role_editor.j2 @@ -0,0 +1,69 @@ +{# -*- mode: jinja-html -*- #} +{# -*- Edition des r么les/permissions -- inspir茅 de partition_editor -*- #} +{% extends "base.j2" %} +{% import 'bootstrap/wtf.html' as wtf %} + +{% block styles %} + {{super()}} + + +{% endblock %} + +{% block app_content %} + +

D茅finition des r么les et leurs permissions

+ +
Les r么les sont associ茅s 脿 un ensemble de permissions. Chaque +utilisateur peut avoir un nombre quelconque de r么les dans chaque +d茅partement. +Sur cette page vous pouvez modifier les permissions associ茅e 脿 chaque r么le, ou cr茅er de nouveaux r么les. +
+ +{# #} + +
+
+
+ {% for role in roles %} +
+
{{role.name}}
+ + {% for permission_name in permissions_names %} + + {% endfor %} +
+ {% endfor %} +
+
+
+ + + +{% endblock %} \ No newline at end of file diff --git a/app/views/scodoc.py b/app/views/scodoc.py index 214ea42611..ca2ec09650 100644 --- a/app/views/scodoc.py +++ b/app/views/scodoc.py @@ -53,7 +53,7 @@ from werkzeug.exceptions import BadRequest, NotFound from app import db -from app.auth.models import User +from app.auth.models import User, Role from app.auth.cas import set_cas_configuration from app.decorators import ( admin_required, @@ -144,6 +144,20 @@ def toggle_dept_vis(dept_id): return redirect(url_for("scodoc.index")) +@bp.route("/ScoDoc/config_roles", methods=["GET", "POST"]) +@admin_required +def config_roles(): + """Form associations r么les / permissions""" + permissions_names = sorted(Permission.permission_by_value.values()) + roles = Role.query.order_by(Role.name).all() + return render_template( + "role_editor.j2", + Permission=Permission, + permissions_names=permissions_names, + roles=roles, + ) + + @bp.route("/ScoDoc/config_cas", methods=["GET", "POST"]) @admin_required def config_cas(): diff --git a/app/views/users.py b/app/views/users.py index 6f60b090fa..acee92a35b 100644 --- a/app/views/users.py +++ b/app/views/users.py @@ -39,7 +39,7 @@ from enum import auto, IntEnum from xml.etree import ElementTree import flask -from flask import g, url_for, request, current_app, flash +from flask import g, url_for, request, flash from flask import redirect, render_template from flask_login import current_user from flask_wtf import FlaskForm @@ -74,6 +74,8 @@ from app.scodoc.sco_import_users import generate_password from app.scodoc.sco_permissions_check import can_handle_passwd from app.scodoc.TrivialFormulator import TrivialFormulator, tf_error_message from app.views import users_bp as bp +from app.views import scodoc_bp + _ = lambda x: x # sans babel _l = _