entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 35 Releases Activity
5,323 Commits 190 Branches 448 Tags 29 MiB
Commit Graph

57 Commits

Author SHA1 Message Date
Nicolas Roche 8899d25376 manager: use selected ou by default in add roles form (#46643) 2020-10-14 17:46:36 +02:00
Nicolas Roche 69ec66052f manager: allow role slug edition (#46656) 2020-10-09 11:23:15 +02:00
Nicolas Roche 3ba066a70a manager: use selected ou by default in import roles form (#46642) 2020-09-29 11:51:30 +02:00
Valentin Deniaud 4f3c6a47d6 manager: add ou and role imports (#45082) 2020-08-31 10:05:59 +02:00
Valentin Deniaud 621a5e978f manager: clearer semantics and interface for export (#45082) 
CSV export is not called "export" anymore, and button is not in the
same place as real JSON export.
 2020-08-31 10:05:59 +02:00
Nicolas Roche d1dda9c392 manager: display parent roles OU on the role members page (#43269) 2020-08-04 11:26:05 +02:00
Frédéric Péters 3a13de98b5 manager: remove username column of role members table if configured so (#45423) 2020-08-01 17:38:47 +02:00
Benjamin Dauvergne 4ede4af066 manager: show indirect members of roles real roles (#44927) 2020-07-13 15:16:56 +02:00
Valentin Deniaud 0d8ea42ad2 manager: forbid changing role members when synced from ldap (#37187) 2020-06-02 12:04:02 +02:00
Valentin Deniaud 053200515b manager: add missing field validation (#37159) 2020-05-04 16:48:10 +02:00
Paul Marillonnet 8804de70b7 dj2:2: fix 'reverse' import (#41238) 2020-04-27 14:34:24 +02:00
Valentin Deniaud adaf0a7d7b manager: use new manage_members permission (#20513) 2020-04-24 11:08:09 +02:00
Valentin Deniaud d9f387a115 Revert "manager: do not use has_any_perm() to get add permission on roles (fixes #20512)" 
This reverts commit 1972076bfd.
 2020-04-24 11:08:09 +02:00
Benjamin Dauvergne c10af85aad manager: indent JSON exports (#40458) 2020-03-06 10:39:36 +01:00
Benjamin Dauvergne 9fbbf0519a spring cleaning (#32934) 
* reorganize views and forms
* add copyright headers to all .py files
* fix all style errors reported by flake8
 2019-05-14 16:19:25 +02:00
Valentin Deniaud 14361e000b manager: remove some unused code (#31222) 2019-03-18 16:55:53 +01:00
Benjamin Dauvergne 6f2b7f63bc manager: add roles export (fixes #29162) 2019-01-31 15:05:03 +01:00
Benjamin Dauvergne cc101ea394 manager: add a default implementation of ExportMixin.get_data() (#13587) 
It takes the default queryset and batches it using the new function
batch_queryset().
 2018-05-02 19:44:28 +02:00
Benjamin Dauvergne 1972076bfd manager: do not use has_any_perm() to get add permission on roles (fixes #20512) 
This is a temporary fix, the real fix would be to create a real permission to
manage members of a roles so that role's admin roles would not have the admin
permission but the manage-members permission, so that for an user which can just
manager members of a role, request.user.has_any_perm('a2_rbac.add_role') would
return False, currently it returns True but it has no meaning.
 2017-12-13 17:20:03 +01:00
Benjamin Dauvergne 57588c4e5d manager: show all role's OUs visible to user (fixes #20511) 2017-12-11 12:59:10 +01:00
Benjamin Dauvergne f33b0167ba manager: review all page titles (fixes #20126) 2017-11-21 17:00:49 +01:00
Benjamin Dauvergne c46c138e39 manager: fix typo in role_views (fixes #20183) 2017-11-21 12:11:33 +01:00
Benjamin Dauvergne c8a6d06854 manager: deprecate ROLES_SHOW_PERMISSIONS (fixes #20130) 
It's now handled through the permission a2_rbac.admin_permission which only
superusers have.
 2017-11-17 16:52:08 +01:00
Benjamin Dauvergne 94edd32e8c add global event hook (fixes #20066) 
It's called like this:

  hooks.call_hooks('event', name='event-name', **kwargs)

The hook handler must have the following open signature as you can't be sure of
the event parameters:

  def a2_hook_event(self, name, **kwargs)
    pass

The list of current event names and their kwargs:
* login: user, how
* sso-request: idp, service
* sso-success: idp, service, user

* edit-profile: user, form
* password-reset: email, users
* password-reset-confirm: user, token, form
* change-email: user, email
* change-email-confirm: user, email

* registration: user, view, form, token
* delete-account: user

* manager-add-user: user, instance, form
* manager-edit-user: user, instance, form
* manager-delete-user: user, instance, form
* manager-action: user, action, instance
* manager-change-password: user, instance, form
* manager-add-role: user, instance, form
* manager-edit-role: user, instance, form
* manager-delete-role: user, role
* manager-add-role-member: user, role, member
* manager-remove-role-member: user, role, member
* manager-add-child-role: user, parent, child
* manager-remove-child-role: user, parent, child
* manager-add-permission: user, role, permission
* manager-remove-permission: user, role, permission
* manager-add-admin-role: user, role, admin_role
* manager-remove-admin-role: user, role, admin_role
* manager-add-admin-role-user: user, role, admin
* manager-remove-admin-role-user: user, role, admin
 2017-11-14 16:09:56 +01:00
Benjamin Dauvergne eef12bc564 manager: add all and none OU filters to the user search form (fixes #19228) 
Also show the search form on role members page (fixes #19645, #19627).
 2017-11-08 10:51:37 +01:00
Benjamin Dauvergne 765c0a9795 manager: move initialization of detail form in BaseDetailView (#18901) 2017-09-21 17:35:11 +02:00
Benjamin Dauvergne 5653873106 manager: change permission of RolesView to a2_rbac.search_role (#18901) 2017-09-21 17:35:11 +02:00
Benjamin Dauvergne bcafb07f53 manager: fix permission on role permission page (#18901) 2017-09-21 17:35:10 +02:00
Benjamin Dauvergne bd83285587 manager: implement removal of permissions from roles (#18901) 2017-09-21 17:35:10 +02:00
Benjamin Dauvergne e104a97407 manager: allow forcing role members to be in the role's ou (fixes #16712) 2017-09-21 17:35:10 +02:00
Benjamin Dauvergne 195df772b1 manager: fix view permissions (fixes #15614) 
View.permissions must be a list.
 2017-06-19 15:28:04 +02:00
Benjamin Dauvergne 3e53986075 prevent removing parents of internal roles (fixes #10732) 2016-04-23 00:42:09 +02:00
Serghei Mihai eb2d04800c typo fix in parent role add view (#9915) 2016-02-08 19:20:31 +01:00
Benjamin Dauvergne 76b070f482 refactor role's user and role managers views (fixes #9731) 2016-01-29 14:12:23 +01:00
Benjamin Dauvergne 15d386b373 use RolesFormForChange in RoleAddParentView (#9731) 2016-01-29 14:12:23 +01:00
Benjamin Dauvergne f16689df35 use RolesForm inr RoleAddChildView (#9731) 2016-01-29 14:12:23 +01:00
Benjamin Dauvergne 47adf06d5b add get_title to RoleMembersView (#9731) 2016-01-29 14:12:23 +01:00
Benjamin Dauvergne 21e7f93db0 managre: use role.has_self_administration() as condition for the Managers link (#9250) 2015-12-08 19:41:54 +01:00
Benjamin Dauvergne 52ce6fcdce manager: add AjaxFormViewMixin to parent/child add views 2015-10-13 20:16:49 +02:00
Benjamin Dauvergne b65365ef53 manager: use the same form class for RoleEditView and RoleAddView (fixes #8379) 2015-09-25 15:52:21 +02:00
Benjamin Dauvergne c1bc52e2eb manager: add direct management of role children and parents on the role members page (#8280) 2015-09-18 16:25:52 +02:00
Benjamin Dauvergne 2a7bab646b manager: normalize labels and fix appbar for ous and roles (#8280) 2015-09-18 16:25:49 +02:00
Benjamin Dauvergne 403f987e89 manager: hide the role's permissions view (fixes #8130) 
This part of the UI is not finalized, we will hide it for now, it's
controlled by setting, A2_MANAGER_ROLES_SHOW_PERMISSIONS which defaults
to False.
 2015-09-17 13:56:46 +02:00
Benjamin Dauvergne 51781c235f manager: allow overrding role form class (fixes #8253) 2015-09-11 23:53:20 +02:00
Benjamin Dauvergne ff649b5839 manager: improve user's experience when there is 1 OU (fixes #7788) 
- hide the OU column
- select the first OU (it also improves the case of OU administrators)
- set the OU selector to readonly and disabled
- remove OU selectors from search forms
 2015-07-07 17:28:41 +02:00
Benjamin Dauvergne c22f34cca4 manager: add permission restriction to all service's roles view and all role members and administrators views (fixes #7758) 2015-07-07 17:28:41 +02:00
Benjamin Dauvergne 3333e0a699 manager/role_views: fix ou field in RoleAddView and RoleEdit view (fixes #7730) 
Also use common authorization code from BaseAddView and BaseEditView.
 2015-07-03 11:53:45 +02:00
Benjamin Dauvergne d2a0571bfe manager: fix role members export (fixes #7752) 2015-07-03 11:53:45 +02:00
Benjamin Dauvergne 21826ae582 Show service roles in the role management views (fixes #7662) 2015-06-23 15:09:47 +02:00
Benjamin Dauvergne 9cc366b4fd manager/service_views: add flag to allow service roles in role views (fixes #7530) 
Default is to filter out service role in the general role view. But in
service role views they are precisely the role we want.
 2015-06-12 08:18:59 +02:00