59 lines
1.9 KiB
Python
59 lines
1.9 KiB
Python
import logging
|
|
|
|
|
|
from django.contrib import admin
|
|
from django.contrib.auth.models import Group
|
|
|
|
from . import models
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
from django.contrib.auth.admin import GroupAdmin
|
|
|
|
# XXX: the UserAdmin must be read-only
|
|
|
|
class GroupPortailCitoyenAdmin(GroupAdmin):
|
|
fieldsets = ((None, {'fields': ('name', 'permissions')}),)
|
|
default_fieldsets = ((None, {'fields': ('name', )}),)
|
|
|
|
def get_fieldsets(self, request, obj=None):
|
|
if request.user.is_superuser:
|
|
return self.fieldsets
|
|
else:
|
|
return self.default_fieldsets
|
|
|
|
|
|
admin.site.unregister(Group)
|
|
admin.site.register(models.Role, GroupPortailCitoyenAdmin)
|
|
|
|
from authentic2.compat import get_user_model
|
|
from django.db.models.signals import m2m_changed, pre_save
|
|
from django.dispatch import receiver
|
|
|
|
@receiver(pre_save, sender=get_user_model())
|
|
def update_is_staff_for_superuser(sender, instance, raw, using, update_fields,
|
|
**kwargs):
|
|
'''Super-users have always access to the admin site'''
|
|
if raw:
|
|
return
|
|
if instance.is_superuser:
|
|
instance.is_staff = True
|
|
|
|
|
|
if hasattr(get_user_model(), 'groups'):
|
|
@receiver(m2m_changed, sender=get_user_model().groups.through)
|
|
def update_is_staff(sender, instance, action, reverse, model, pk_set,
|
|
using, **kwargs):
|
|
if not reverse:
|
|
if action.startswith('post_'):
|
|
instance.is_staff = instance.groups \
|
|
.filter(permissions__isnull=False) \
|
|
.exists() or instance.is_superuser
|
|
instance.save(update_fields=['is_staff'])
|
|
else:
|
|
for user in get_user_model().objects.filter(pk__in=pk_set):
|
|
user.is_staff = user.groups \
|
|
.filter(permissions__isnull=False) \
|
|
.exists() or user.is_superuser
|
|
user.save(update_fields=['is_staff'])
|