manager: show only roles user is a member of (#55542)
This commit is contained in:
parent
9b6e2e465f
commit
426705531e
|
@ -531,17 +531,20 @@ class RoleSearchForm(ServiceRoleSearchForm, OUSearchForm):
|
|||
|
||||
class UserRoleSearchForm(OUSearchForm, ServiceRoleSearchForm):
|
||||
ou_permission = 'a2_rbac.change_role'
|
||||
field_order = ['text', 'internals', 'limit_to_user', 'ou']
|
||||
|
||||
limit_to_user = forms.BooleanField(initial=False, label=_('Show only direct user roles'), required=False)
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
request = kwargs['request']
|
||||
user = kwargs.pop('user')
|
||||
self.user = kwargs.pop('user')
|
||||
role_members_from_ou = kwargs.pop('role_members_from_ou')
|
||||
|
||||
if role_members_from_ou:
|
||||
assert user
|
||||
assert self.user
|
||||
# limit ou to target user ou
|
||||
ou_qs = request.user.ous_with_perm(self.ou_permission).order_by('name')
|
||||
if user.ou_id:
|
||||
if self.user.ou_id:
|
||||
ou_qs = ou_qs.filter(id=user.ou_id)
|
||||
else:
|
||||
ou_qs = ou_qs.none()
|
||||
|
@ -551,6 +554,12 @@ class UserRoleSearchForm(OUSearchForm, ServiceRoleSearchForm):
|
|||
def filter_no_ou(self, qs):
|
||||
return qs
|
||||
|
||||
def filter(self, qs):
|
||||
qs = super().filter(qs)
|
||||
if self.cleaned_data['limit_to_user']:
|
||||
qs = qs.filter(members=self.user)
|
||||
return qs
|
||||
|
||||
|
||||
class UserSearchForm(OUSearchForm, CssClass, PrefixFormMixin, FormWithRequest):
|
||||
ou_permission = 'custom_user.search_user'
|
||||
|
|
|
@ -389,6 +389,12 @@ def test_manager_one_ou(app, superuser, admin, simple_role, settings):
|
|||
for elt in q('table tbody td.name a'):
|
||||
assert 'Manager' in elt.text or elt.text == 'simple role'
|
||||
|
||||
form.set('search-limit_to_user', True)
|
||||
response = form.submit()
|
||||
q = response.pyquery.remove_namespaces()
|
||||
assert len(q('table tbody tr')) == 1
|
||||
assert q('table tbody tr').text() == 'Manager'
|
||||
|
||||
# test role listing
|
||||
response = app.get('/manage/roles/')
|
||||
assert [x.text for x in response.pyquery('td.slug')] == ['simple-role']
|
||||
|
|
Loading…
Reference in New Issue