manager: provide a human-friendly rbac inheritance terminology (#56638)

2021-09-30 16:20:08 +02:00 · 2021-09-30 16:20:08 +02:00 · 5ad1949b2d
parent 12fe40c0ae
commit 5ad1949b2d
2 changed files with 36 additions and 36 deletions
--- a/src/authentic2/manager/templates/authentic2/manager/role_members.html
+++ b/src/authentic2/manager/templates/authentic2/manager/role_members.html
@ -73,35 +73,7 @@
 {% endif %}

 <div class="section">
-   <h3>{% trans "Child roles" %}
-     {% if view.can_manage_members %}
-     <a href="{% url "a2-manager-role-children" pk=object.pk %}" class="button">{% trans "Edit" %}</a>
-     {% else %}
-     <a title="{% trans "Permission denied" %}" class="button disabled">{% trans "Edit" %}</a>
-     {% endif %}
-   </h3>
-   <div>
-     {% if children %}
-     <ul class="objects-list single-links">
-       {% for child in children|slice:":10" %}
-       <li>
-         <a  class="role-inheritance-child" href="{% url "a2-manager-role-members" pk=child.pk %}">{% if child.ou and has_multiple_ou %}{{ child.ou }} - {% endif %}{{ child }}</a>
-         {% if not child.direct %}
-         <span class="badge">{% trans "Indirect" %}</span>
-         {% endif %}
-       </li>
-       {% endfor %}
-       {% if children|length > 10 %}
-       <li><a class="role-inheritance-view-all" href="{% url "a2-manager-role-children" pk=object.pk %}">({% trans "view all roles" %})</a></li>
-       {% endif %}
-     </ul>
-     {% else %}
-     <p>{% trans "This role has no children." %}</p>
-     {% endif %}
-   </div>
- </div>
- <div class="section">
-   <h3>{% trans "Parent roles" %}
+   <h3>{% trans "Contains permissions of roles:" %}
     {% if not object.is_internal %}
     <a href="{% url "a2-manager-role-parents" pk=object.pk %}" class="button">{% trans "Edit" %}</a>
     {% else %}
@ -124,7 +96,35 @@
       {% endif %}
     </ul>
     {% else %}
-     <p>{% trans "This role has no parents." %}</p>
+     <p>{% trans "This role doesn't contain permissions of any other role." %}</p>
+     {% endif %}
+   </div>
+ </div>
+ <div class="section">
+   <h3>{% trans "Grants its permissions to roles:" %}
+     {% if view.can_manage_members %}
+     <a href="{% url "a2-manager-role-children" pk=object.pk %}" class="button">{% trans "Edit" %}</a>
+     {% else %}
+     <a title="{% trans "Permission denied" %}" class="button disabled">{% trans "Edit" %}</a>
+     {% endif %}
+   </h3>
+   <div>
+     {% if children %}
+     <ul class="objects-list single-links">
+       {% for child in children|slice:":10" %}
+       <li>
+         <a  class="role-inheritance-child" href="{% url "a2-manager-role-members" pk=child.pk %}">{% if child.ou and has_multiple_ou %}{{ child.ou }} - {% endif %}{{ child }}</a>
+         {% if not child.direct %}
+         <span class="badge">{% trans "Indirect" %}</span>
+         {% endif %}
+       </li>
+       {% endfor %}
+       {% if children|length > 10 %}
+       <li><a class="role-inheritance-view-all" href="{% url "a2-manager-role-children" pk=object.pk %}">({% trans "view all roles" %})</a></li>
+       {% endif %}
+     </ul>
+     {% else %}
+     <p>{% trans "This role doesn't grant its permissions to any other role." %}</p>
     {% endif %}
   </div>
 </div>
--- a/tests/test_role_manager.py
+++ b/tests/test_role_manager.py
@ -353,8 +353,8 @@ def test_role_members_display_inheritance_info(app, superuser, settings, simple_
    url = reverse('a2-manager-role-members', kwargs={'pk': simple_role.pk})

    resp = login(app, superuser, url)
-    assert 'This role has no children.' in resp.text
-    assert 'This role has no parents.' in resp.text
+    assert "This role doesn't grant its permissions to any other role." in resp.text
+    assert "This role doesn't contain permissions of any other role." in resp.text

    for i in range(10):
        role = Role.objects.create(name=f'Role {i}', ou=get_default_ou())
@ -362,11 +362,11 @@ def test_role_members_display_inheritance_info(app, superuser, settings, simple_

    resp = app.get(url)
    if relation == 'child':
-        assert 'This role has no children.' not in resp.text
-        assert 'This role has no parents.' in resp.text
+        assert "This role doesn't grant its permissions to any other role." not in resp.text
+        assert "This role doesn't contain permissions of any other role." in resp.text
    elif relation == 'parent':
-        assert 'This role has no children.' in resp.text
-        assert 'This role has no parents.' not in resp.text
+        assert "This role doesn't grant its permissions to any other role." in resp.text
+        assert "This role doesn't contain permissions of any other role." not in resp.text

    for i, el in enumerate(resp.pyquery.find('a.role-inheritance-%s' % relation)):
        assert el.text == f'Role {i}'