visibilité des rôles d'admin (#77243) #86
|
@ -515,6 +515,8 @@ class OUSearchForm(FormWithRequest):
|
|||
class RoleSearchForm(ServiceRoleSearchForm, OUSearchForm):
|
||||
ou_permission = 'a2_rbac.search_role'
|
||||
|
||||
admin_roles = forms.BooleanField(label=_('Show admin roles of other roles'), required=False)
|
||||
|
||||
|
||||
class UserRoleSearchForm(OUSearchForm, ServiceRoleSearchForm):
|
||||
ou_permission = 'a2_rbac.change_role'
|
||||
|
|
|
@ -179,6 +179,7 @@ class RoleMembersView(views.HideOUColumnMixin, RoleViewMixin, views.BaseSubTable
|
|||
search_form_class = forms.RoleMembersSearchForm
|
||||
permissions = ['a2_rbac.view_role']
|
||||
slug_field = 'uuid'
|
||||
admin_roles = True
|
||||
|
||||
@property
|
||||
def table_class(self):
|
||||
|
@ -420,6 +421,12 @@ class RoleParentsView(RoleViewMixin, views.HideOUColumnMixin, views.BaseSubTable
|
|||
success_url = '.'
|
||||
slug_field = 'uuid'
|
||||
|
||||
@property
|
||||
def admin_roles(self):
|
||||
if not hasattr(self, 'search_form'):
|
||||
return False
|
||||
return self.search_form.cleaned_data.get('admin_roles', False)
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
if self.get_object().is_internal():
|
||||
raise PermissionDenied
|
||||
|
|
|
@ -10,6 +10,17 @@
|
|||
{% block extrascripts %}
|
||||
{{ block.super }}
|
||||
<script src="{% static "authentic2/manager/js/roles_ajax_checkbox.js" %}"></script>
|
||||
<script>
|
||||
$(function () {
|
||||
$('input[type=checkbox][name=search-internals]').change(function() {
|
||||
if(this.checked)
|
||||
$('#id_search-admin_roles_p').show();
|
||||
else
|
||||
$('#id_search-admin_roles_p').hide();
|
||||
return;
|
||||
}).change();
|
||||
});
|
||||
</script>
|
||||
{% endblock %}
|
||||
|
||||
{% block main %}
|
||||
|
|
|
@ -435,6 +435,30 @@ def test_role_members_display_role_parents(app, superuser, settings, simple_role
|
|||
]
|
||||
|
||||
|
||||
def test_role_members_display_role_parents_search(app, superuser, simple_role):
|
||||
Role.objects.create(name='Role 1', ou=get_default_ou())
|
||||
|
||||
url = reverse('a2-manager-role-members', kwargs={'pk': simple_role.pk})
|
||||
resp = login(app, superuser, url)
|
||||
|
||||
resp = resp.click('Edit', href='parents')
|
||||
assert [el.text_content() for el in resp.pyquery.find('tbody td.name')] == ['Role 1']
|
||||
|
||||
resp.form['search-internals'] = True
|
||||
resp = resp.form.submit()
|
||||
roles = [el.text_content() for el in resp.pyquery.find('tbody td.name')]
|
||||
assert 'Role 1' in roles
|
||||
assert 'Manager' in roles
|
||||
assert 'Managers of role "simple role"' not in roles
|
||||
|
||||
resp.form['search-admin_roles'] = True
|
||||
resp = resp.form.submit()
|
||||
roles = [el.text_content() for el in resp.pyquery.find('tbody td.name')]
|
||||
assert 'Role 1' in roles
|
||||
assert 'Manager' in roles
|
||||
assert 'Managers of role "simple role"' in roles
|
||||
|
||||
|
||||
def test_role_members_user_role_mixed_table(app, superuser, settings, simple_role, simple_user):
|
||||
simple_user.roles.add(simple_role)
|
||||
|
||||
|
@ -665,3 +689,11 @@ def test_role_table_ordering(app, admin):
|
|||
'É role',
|
||||
'Z role',
|
||||
]
|
||||
|
||||
|
||||
def test_manager_view_admin_role(app, admin, simple_role):
|
||||
login(app, admin)
|
||||
|
||||
resp = app.get('/manage/roles/%s/' % simple_role.get_admin_role().pk)
|
||||
assert 'Managers of role "simple role"' in resp.text
|
||||
assert 'This role is technical, you cannot delete it.' in resp.text
|
||||
|
|
Loading…
Reference in New Issue