utils: permettre de lier un rôle comme fils du même rôle dans l'OU avec le plus long préfixe commun
This commit is contained in:
parent
b42082d71a
commit
829cb055f3
|
@ -100,7 +100,7 @@ ROLE_TEMPLATES = [
|
|||
'operations': [ADMIN_OP],
|
||||
'target': 'user_ct',
|
||||
'scope': 'self',
|
||||
'child': 'ou_territoire',
|
||||
'child_of_ou': ['ou_territoire', '__prefix__'],
|
||||
},
|
||||
{
|
||||
'name': u'Rôles',
|
||||
|
@ -108,7 +108,7 @@ ROLE_TEMPLATES = [
|
|||
'operations': [ADMIN_OP],
|
||||
'target': 'role_ct',
|
||||
'scope': 'self',
|
||||
'child': 'ou_territoire',
|
||||
'child_of_ou': ['ou_territoire', '__prefix__'],
|
||||
},
|
||||
{
|
||||
'name': u'Administrateur lecteur',
|
||||
|
@ -116,7 +116,7 @@ ROLE_TEMPLATES = [
|
|||
'operations': [VIEW_OP],
|
||||
'target': 'user_ct',
|
||||
'scope': 'self',
|
||||
'child': 'ou_territoire',
|
||||
'child_of_ou': ['ou_territoire', '__prefix__'],
|
||||
},
|
||||
{
|
||||
'name': u'Administrateur',
|
||||
|
@ -166,6 +166,8 @@ def update_roles():
|
|||
|
||||
roles = {}
|
||||
|
||||
ous = OU.objects.all()
|
||||
|
||||
def handle_ou(ou, ou_usagers, ou_territoire, user_ct, role_ct, ou_ct, **kwargs):
|
||||
ou_ct = ContentType.objects.get_for_model(OU)
|
||||
if ou.slug == 'usagers':
|
||||
|
@ -204,12 +206,22 @@ def update_roles():
|
|||
else:
|
||||
role.permissions.clear()
|
||||
role.add_self_administration()
|
||||
if tpl.get('child') and ou.slug != tpl.get('child'):
|
||||
child_ou = vars()[tpl['child']]
|
||||
child_role = Role.objects.get(
|
||||
ou=child_ou,
|
||||
slug=tpl['slug'])
|
||||
role.add_child(child_role)
|
||||
child_of_ou = tpl.get('child_of_ou', [])
|
||||
for child in child_of_ou:
|
||||
child_ou = None
|
||||
if child == '__prefix__':
|
||||
# find the longest matching ou
|
||||
candidates = [o for o in ous if o != ou and ou.slug.startswith(o.slug)]
|
||||
candidates.sort(key=lambda o: len(o.slug), reverse=True)
|
||||
if candidates:
|
||||
child_ou = candidates[0]
|
||||
elif ou.slug != child:
|
||||
child_ou = vars()[child]
|
||||
if child_ou:
|
||||
child_role = Role.objects.get(
|
||||
ou=child_ou,
|
||||
slug=tpl['slug'])
|
||||
role.add_child(child_role)
|
||||
if 'role_parents' in tpl:
|
||||
for role_parent in tpl['role_parents']:
|
||||
role.add_parent(roles[(ou, role_parent)])
|
||||
|
|
Loading…
Reference in New Issue