Skip to content
Snippets Groups Projects
Commit 64759642 authored by James Graham's avatar James Graham
Browse files

Use admin interface for edit views on Application

parent 53c3a522
Branches
Tags
No related merge requests found
......@@ -5,6 +5,8 @@ from . import models
@admin.register(models.Application)
class ApplicationAdmin(admin.ModelAdmin):
readonly_fields = ['owner']
def has_change_permission(self, request, obj=None) -> bool:
"""
Does the user have permission to change this object?
......@@ -16,6 +18,17 @@ class ApplicationAdmin(admin.ModelAdmin):
return permission
def has_delete_permission(self, request, obj=None) -> bool:
"""
Does the user have permission to delete this object?
"""
permission = super().has_delete_permission(request, obj)
if obj is not None:
permission &= obj.owner == request.user
return permission
def save_model(self, request, obj, form, change):
"""
Set missing fields when model is saved.
......
......@@ -3,7 +3,10 @@ from django.contrib import admin
from . import models
@admin.register(models.DataSource)
class DataSourceAdmin(admin.ModelAdmin):
readonly_fields = ['owner']
def has_change_permission(self, request, obj=None) -> bool:
"""
Does the user have permission to change this object?
......@@ -15,5 +18,24 @@ class DataSourceAdmin(admin.ModelAdmin):
return permission
def has_delete_permission(self, request, obj=None) -> bool:
"""
Does the user have permission to delete this object?
"""
permission = super().has_delete_permission(request, obj)
if obj is not None:
permission &= obj.owner == request.user
return permission
def save_model(self, request, obj, form, change):
"""
Set missing fields when model is saved.
"""
try:
owner = form.instance.owner
except models.DataSource.owner.RelatedObjectDoesNotExist:
form.instance.owner = request.user
admin.site.register(models.DataSource, DataSourceAdmin)
super().save_model(request, obj, form, change)
......@@ -43,19 +43,21 @@ class DataSource(models.Model):
users_group = models.ForeignKey(Group,
on_delete=models.SET_NULL,
related_name='datasource',
editable=False,
blank=True, null=True)
#: Groups of users who have requested explicit permission to use this data source
users_group_requested = models.ForeignKey(Group,
on_delete=models.SET_NULL,
related_name='datasource_requested',
editable=False,
blank=True, null=True)
#: Do users require explicit permission to use this data source?
access_control = models.BooleanField(default=False,
blank=False, null=False)
def has_permission(self, user: settings.AUTH_USER_MODEL) -> bool:
def has_view_permission(self, user: settings.AUTH_USER_MODEL) -> bool:
"""
Does a user have permission to use this data source?
......
{% extends "base.html" %}
{% load bootstrap4 %}
{% block content %}
<nav aria-label="breadcrumb">
<ol class="breadcrumb">
<li class="breadcrumb-item" aria-current="page">
<a href="{% url 'datasources:datasource.list' %}">Data Sources</a>
</li>
<li class="breadcrumb-item active" aria-current="page">
New
</li>
</ol>
</nav>
<h2>Create New Data Source</h2>
<form role="form" method="post">
{% csrf_token %}
{% bootstrap_form form %}
{% buttons submit='OK' reset='Cancel' %}{% endbuttons %}
</form>
{% endblock %}
\ No newline at end of file
{% extends "base.html" %}
{% load bootstrap4 %}
{% block content %}
<nav aria-label="breadcrumb">
<ol class="breadcrumb">
<li class="breadcrumb-item" aria-current="page">
<a href="{% url 'datasources:datasource.list' %}">Data Sources</a>
</li>
<li class="breadcrumb-item" aria-current="page">
<a href="{% url 'datasources:datasource.detail' pk=datasource.pk %}">{{ datasource.name }}</a>
</li>
<li class="breadcrumb-item active" aria-current="page">
Delete
</li>
</ol>
</nav>
<h2>Delete Data Source - {{ datasource.name }}</h2>
<div class="alert alert-danger">
Are you sure you want to delete this data source?
</div>
<form role="form" method="post">
{% csrf_token %}
{% buttons submit='OK' reset='Cancel' %}{% endbuttons %}
</form>
{% endblock %}
\ No newline at end of file
......@@ -15,13 +15,17 @@
<h2>View Data Source - {{ datasource.name }}</h2>
<p>
Owner: <a href="#" role="link">{{ datasource.owner }}</a>
</p>
{% if datasource.description %}
<p>{{ datasource.description }}</p>
{% endif %}
<a href="{% url 'datasources:datasource.update' pk=datasource.pk %}"
<a href="{% url 'admin:datasources_datasource_change' datasource.id %}"
class="btn btn-success" role="button">Edit</a>
<a href="{% url 'datasources:datasource.delete' pk=datasource.pk %}"
<a href="{% url 'admin:datasources_datasource_delete' datasource.id %}"
class="btn btn-danger" role="button">Delete</a>
{% if datasource.access_control %}
<a href="{% url 'datasources:datasource.manage-access' pk=datasource.pk %}"
......
......@@ -12,7 +12,7 @@
<h2>Data Sources</h2>
<a href="{% url 'datasources:datasource.create' %}"
<a href="{% url 'admin:datasources_datasource_add' %}"
class="btn btn-success" role="button">Create Data Source</a>
<div class="mt-3"></div>
......
{% extends "base.html" %}
{% load bootstrap4 %}
{% block content %}
<nav aria-label="breadcrumb">
<ol class="breadcrumb">
<li class="breadcrumb-item" aria-current="page">
<a href="{% url 'datasources:datasource.list' %}">Data Sources</a>
</li>
<li class="breadcrumb-item" aria-current="page">
<a href="{% url 'datasources:datasource.detail' pk=datasource.pk %}">{{ datasource.name }}</a>
</li>
<li class="breadcrumb-item active" aria-current="page">
Update
</li>
</ol>
</nav>
<h2>Update Data Source - {{ datasource.name }}</h2>
<form role="form" method="post">
{% csrf_token %}
{% bootstrap_form form %}
{% buttons submit='OK' reset='Cancel' %}{% endbuttons %}
</form>
{% endblock %}
\ No newline at end of file
......@@ -9,22 +9,10 @@ urlpatterns = [
views.DataSourceListView.as_view(),
name='datasource.list'),
path('create/',
views.DataSourceCreateView.as_view(),
name='datasource.create'),
path('<int:pk>/',
views.DataSourceDetailView.as_view(),
name='datasource.detail'),
path('<int:pk>/update',
views.DataSourceUpdateView.as_view(),
name='datasource.update'),
path('<int:pk>/delete',
views.DataSourceDeleteView.as_view(),
name='datasource.delete'),
path('<int:pk>/manage-access',
views.DataSourceManageAccessView.as_view(),
name='datasource.manage-access'),
......
from django.contrib.auth.mixins import PermissionRequiredMixin
from django.urls import reverse_lazy
from django.views.generic.detail import DetailView
from django.views.generic.edit import CreateView, UpdateView, DeleteView
from django.views.generic.list import ListView
from . import models
from profiles.permissions import OwnerPermissionRequiredMixin
from . import models
class DataSourceListView(ListView):
......@@ -14,44 +11,17 @@ class DataSourceListView(ListView):
context_object_name = 'datasources'
class DataSourceCreateView(PermissionRequiredMixin, CreateView):
model = models.DataSource
fields = '__all__'
template_name = 'datasources/datasource/create.html'
context_object_name = 'datasource'
permission_required = 'datasources.add_datasource'
class DataSourceDetailView(DetailView):
model = models.DataSource
template_name = 'datasources/datasource/detail.html'
context_object_name = 'datasource'
def get_template_names(self):
if not self.object.has_permission(self.request.user):
if not self.object.has_view_permission(self.request.user):
return ['datasources/datasource/detail-no-access.html']
return super().get_template_names()
class DataSourceUpdateView(OwnerPermissionRequiredMixin, UpdateView):
model = models.DataSource
fields = '__all__'
template_name = 'datasources/datasource/update.html'
context_object_name = 'datasource'
permission_required = 'datasources.change_datasource'
class DataSourceDeleteView(OwnerPermissionRequiredMixin, DeleteView):
model = models.DataSource
template_name = 'datasources/datasource/delete.html'
context_object_name = 'datasource'
success_url = reverse_lazy('datasources:datasource.list')
permission_required = 'datasources.delete_datasource'
class DataSourceManageAccessView(OwnerPermissionRequiredMixin, DetailView):
model = models.DataSource
template_name = 'datasources/datasource/manage_access.html'
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment