misc: add possibility of internal roles (#36485)
This commit is contained in:
parent
bd7ae65c8e
commit
776db6d218
|
@ -629,6 +629,17 @@ def test_form_submitter_roles(pub):
|
|||
resp = resp.follow()
|
||||
assert FormDef.get(formdef.id).required_authentication_contexts == ['fedict']
|
||||
|
||||
# check internal roles are not advertised
|
||||
role2 = Role(name='internal')
|
||||
role2.internal = True
|
||||
role2.store()
|
||||
|
||||
resp = app.get('/backoffice/forms/1/')
|
||||
resp = resp.click(href=re.compile('^roles$'))
|
||||
assert len(resp.form['roles$element0'].options) == 3 # None, Logged users, foobar
|
||||
with pytest.raises(ValueError):
|
||||
resp.form['roles$element0'] = str(role2.id)
|
||||
|
||||
def test_form_workflow_role(pub):
|
||||
create_superuser(pub)
|
||||
role = create_role()
|
||||
|
|
|
@ -159,6 +159,32 @@ def test_process_notification_role(pub):
|
|||
assert Role.select()[0].emails == ['petite-enfance@example.com']
|
||||
assert Role.select()[0].emails_to_members is True
|
||||
|
||||
def test_process_notification_internal_role(pub):
|
||||
Role.wipe()
|
||||
|
||||
notification = {
|
||||
'@type': u'provision',
|
||||
'audience': [u'test'],
|
||||
'full': True,
|
||||
'objects': {
|
||||
'@type': 'role',
|
||||
'data': [
|
||||
{
|
||||
'name': u'Service enfance',
|
||||
'slug': u'_service-enfance',
|
||||
'details': u'Rôle du service petite enfance',
|
||||
'uuid': u'12345',
|
||||
'emails': [u'petite-enfance@example.com'],
|
||||
'emails_to_members': False,
|
||||
},
|
||||
]
|
||||
}
|
||||
}
|
||||
CmdHoboNotify.process_notification(notification)
|
||||
assert Role.count() == 1
|
||||
role = Role.select()[0]
|
||||
assert role.is_internal()
|
||||
|
||||
def test_process_notification_role_description(pub):
|
||||
User = pub.user_class
|
||||
|
||||
|
|
|
@ -570,6 +570,8 @@ class SettingsDirectory(QommonSettingsDirectory):
|
|||
value = []
|
||||
roles = list(Role.select(order_by='name'))
|
||||
for role in roles:
|
||||
if role.is_internal():
|
||||
continue
|
||||
rows.append(role.name)
|
||||
value.append([role.allows_backoffice_access])
|
||||
for k in permission_keys:
|
||||
|
|
|
@ -63,7 +63,7 @@ class UserUI(object):
|
|||
add_element_label = _('Add Role'),
|
||||
element_kwargs = {
|
||||
'render_br': False,
|
||||
'options': [(None, '---', None)] + [(x.id, x.name, x.id) for x in roles]})
|
||||
'options': [(None, '---', None)] + [(x.id, x.name, x.id) for x in roles if not x.is_internal()]})
|
||||
|
||||
for klass in [x for x in ident.get_method_classes() if x.key in ident_methods]:
|
||||
if klass.method_admin_widget:
|
||||
|
|
|
@ -827,7 +827,8 @@ class ApiDirectory(Directory):
|
|||
list_roles = []
|
||||
charset = get_publisher().site_charset
|
||||
for role in Role.select():
|
||||
list_roles.append(role.get_json_export_dict())
|
||||
if not role.is_internal():
|
||||
list_roles.append(role.get_json_export_dict())
|
||||
get_response().set_content_type('application/json')
|
||||
return json.dumps({'err': 0, 'data': list_roles})
|
||||
|
||||
|
|
|
@ -133,6 +133,8 @@ class CmdHoboNotify(Command):
|
|||
role.emails = emails
|
||||
role.details = details
|
||||
role.emails_to_members = emails_to_members
|
||||
if role.slug.startswith('_'):
|
||||
role.internal = True
|
||||
role.store()
|
||||
elif action == 'deprovision':
|
||||
# Deprovision
|
||||
|
|
|
@ -26,6 +26,7 @@ class Role(StorableObject):
|
|||
name = None
|
||||
uuid = None
|
||||
slug = None
|
||||
internal = False
|
||||
details = None
|
||||
emails = None
|
||||
emails_to_members = False
|
||||
|
@ -72,6 +73,9 @@ class Role(StorableObject):
|
|||
emails.extend([x.email for x in users_with_roles if x.email])
|
||||
return emails
|
||||
|
||||
def is_internal(self):
|
||||
return self.internal
|
||||
|
||||
def get_substitution_variables(self, prefix=''):
|
||||
data = {}
|
||||
data[prefix + 'name'] = self.name
|
||||
|
@ -125,6 +129,5 @@ def logged_users_role():
|
|||
|
||||
|
||||
def get_user_roles():
|
||||
t = sorted([(misc.simplify(x.name), x.id, x.name, x.id) for x in Role.select()])
|
||||
t = sorted([(misc.simplify(x.name), x.id, x.name, x.id) for x in Role.select() if not x.is_internal()])
|
||||
return [x[1:] for x in t]
|
||||
|
||||
|
|
Loading…
Reference in New Issue