manager: provide a human-friendly rbac inheritance terminology (#56638)
This commit is contained in:
parent
12fe40c0ae
commit
5ad1949b2d
|
@ -73,35 +73,7 @@
|
|||
{% endif %}
|
||||
|
||||
<div class="section">
|
||||
<h3>{% trans "Child roles" %}
|
||||
{% if view.can_manage_members %}
|
||||
<a href="{% url "a2-manager-role-children" pk=object.pk %}" class="button">{% trans "Edit" %}</a>
|
||||
{% else %}
|
||||
<a title="{% trans "Permission denied" %}" class="button disabled">{% trans "Edit" %}</a>
|
||||
{% endif %}
|
||||
</h3>
|
||||
<div>
|
||||
{% if children %}
|
||||
<ul class="objects-list single-links">
|
||||
{% for child in children|slice:":10" %}
|
||||
<li>
|
||||
<a class="role-inheritance-child" href="{% url "a2-manager-role-members" pk=child.pk %}">{% if child.ou and has_multiple_ou %}{{ child.ou }} - {% endif %}{{ child }}</a>
|
||||
{% if not child.direct %}
|
||||
<span class="badge">{% trans "Indirect" %}</span>
|
||||
{% endif %}
|
||||
</li>
|
||||
{% endfor %}
|
||||
{% if children|length > 10 %}
|
||||
<li><a class="role-inheritance-view-all" href="{% url "a2-manager-role-children" pk=object.pk %}">({% trans "view all roles" %})</a></li>
|
||||
{% endif %}
|
||||
</ul>
|
||||
{% else %}
|
||||
<p>{% trans "This role has no children." %}</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
<div class="section">
|
||||
<h3>{% trans "Parent roles" %}
|
||||
<h3>{% trans "Contains permissions of roles:" %}
|
||||
{% if not object.is_internal %}
|
||||
<a href="{% url "a2-manager-role-parents" pk=object.pk %}" class="button">{% trans "Edit" %}</a>
|
||||
{% else %}
|
||||
|
@ -124,7 +96,35 @@
|
|||
{% endif %}
|
||||
</ul>
|
||||
{% else %}
|
||||
<p>{% trans "This role has no parents." %}</p>
|
||||
<p>{% trans "This role doesn't contain permissions of any other role." %}</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
<div class="section">
|
||||
<h3>{% trans "Grants its permissions to roles:" %}
|
||||
{% if view.can_manage_members %}
|
||||
<a href="{% url "a2-manager-role-children" pk=object.pk %}" class="button">{% trans "Edit" %}</a>
|
||||
{% else %}
|
||||
<a title="{% trans "Permission denied" %}" class="button disabled">{% trans "Edit" %}</a>
|
||||
{% endif %}
|
||||
</h3>
|
||||
<div>
|
||||
{% if children %}
|
||||
<ul class="objects-list single-links">
|
||||
{% for child in children|slice:":10" %}
|
||||
<li>
|
||||
<a class="role-inheritance-child" href="{% url "a2-manager-role-members" pk=child.pk %}">{% if child.ou and has_multiple_ou %}{{ child.ou }} - {% endif %}{{ child }}</a>
|
||||
{% if not child.direct %}
|
||||
<span class="badge">{% trans "Indirect" %}</span>
|
||||
{% endif %}
|
||||
</li>
|
||||
{% endfor %}
|
||||
{% if children|length > 10 %}
|
||||
<li><a class="role-inheritance-view-all" href="{% url "a2-manager-role-children" pk=object.pk %}">({% trans "view all roles" %})</a></li>
|
||||
{% endif %}
|
||||
</ul>
|
||||
{% else %}
|
||||
<p>{% trans "This role doesn't grant its permissions to any other role." %}</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -353,8 +353,8 @@ def test_role_members_display_inheritance_info(app, superuser, settings, simple_
|
|||
url = reverse('a2-manager-role-members', kwargs={'pk': simple_role.pk})
|
||||
|
||||
resp = login(app, superuser, url)
|
||||
assert 'This role has no children.' in resp.text
|
||||
assert 'This role has no parents.' in resp.text
|
||||
assert "This role doesn't grant its permissions to any other role." in resp.text
|
||||
assert "This role doesn't contain permissions of any other role." in resp.text
|
||||
|
||||
for i in range(10):
|
||||
role = Role.objects.create(name=f'Role {i}', ou=get_default_ou())
|
||||
|
@ -362,11 +362,11 @@ def test_role_members_display_inheritance_info(app, superuser, settings, simple_
|
|||
|
||||
resp = app.get(url)
|
||||
if relation == 'child':
|
||||
assert 'This role has no children.' not in resp.text
|
||||
assert 'This role has no parents.' in resp.text
|
||||
assert "This role doesn't grant its permissions to any other role." not in resp.text
|
||||
assert "This role doesn't contain permissions of any other role." in resp.text
|
||||
elif relation == 'parent':
|
||||
assert 'This role has no children.' in resp.text
|
||||
assert 'This role has no parents.' not in resp.text
|
||||
assert "This role doesn't grant its permissions to any other role." in resp.text
|
||||
assert "This role doesn't contain permissions of any other role." not in resp.text
|
||||
|
||||
for i, el in enumerate(resp.pyquery.find('a.role-inheritance-%s' % relation)):
|
||||
assert el.text == f'Role {i}'
|
||||
|
|
Loading…
Reference in New Issue