Commit 9c2b7f18 authored by Claude Paroz's avatar Claude Paroz

Allow members of ADMIN_GROUP to edit all team's details

parent 7b7b25d3
......@@ -50,8 +50,8 @@ Installation
1 - Create a local_settings.py and overwrite settings to match your requirements
and your configuration layouts. Typical settings to customize include:
DATABASES, DEBUG, TEMPLATE_DEBUG, STATIC_SERVE, ADMINS, MANAGERS, SCRATCHDIR and
various EMAIL settings.
DATABASES, DEBUG, TEMPLATE_DEBUG, STATIC_SERVE, ADMINS, MANAGERS, ADMIN_GROUP,
SCRATCHDIR and various EMAIL settings.
(please refer to Database configuration below for more
informations).
SCRATCHDIR should point to an existing directory, writable by
......
......@@ -20,6 +20,7 @@
# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
import operator
from django.conf import settings
from django.utils.translation import ugettext as _, get_language
try:
import PyICU
......@@ -162,6 +163,9 @@ def imerge_sorted_by_field(object_list1, object_list2, field):
yield el1
el1 = iter1.next()
def is_site_admin(user):
return user.is_superuser or settings.ADMIN_GROUP in [g.name for g in user.groups.all()]
if __name__ == "__main__":
import doctest
doctest.testmod()
......@@ -140,6 +140,9 @@ INTERNAL_IPS=('127.0.0.1',)
MESSAGE_STORAGE = 'django.contrib.messages.storage.fallback.FallbackStorage'
LOGIN_REDIRECT_URL = '/'
# Members of this group can edit all team's details
ADMIN_GROUP = ''
try:
from local_settings import *
except ImportError:
......
......@@ -69,4 +69,4 @@ class Command(BaseCommand):
print >> sys.stderr, traceback.format_exc()
print "Error while updating stats for %s (branch '%s')" % (mod.name, branch.name)
return "Update completed."
return "Update completed.\n"
......@@ -33,6 +33,7 @@ from django.utils.datastructures import SortedDict
from django.db import models, connection
from common.fields import DictionaryField
from common.utils import is_site_admin
from stats import utils, signals
from stats.doap import update_doap_infos
from people.models import Person
......@@ -145,9 +146,7 @@ class Module(models.Model):
def can_edit_branches(self, user):
""" Returns True for superusers, users with adequate permissions or maintainers of the module """
if user.is_superuser or \
user.has_perms(['stats.delete_branch', 'stats.add_branch', 'stats.change_branch']) or \
user.username in [ p.username for p in self.maintainers.all() ]:
if is_site_admin(user) or user.username in [ p.username for p in self.maintainers.all() ]:
return True
return False
......
# -*- coding: utf-8 -*-
#
# Copyright (c) 2008 Claude Paroz <claude@2xlibre.net>.
# Copyright (c) 2008-2011 Claude Paroz <claude@2xlibre.net>.
# Copyright (c) 2008 Stéphane Raimbault <stephane.raimbault@gmail.com>.
#
# This file is part of Damned Lies.
......@@ -19,12 +19,13 @@
# along with Damned Lies; if not, write to the Free Software Foundation, Inc.,
# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
from django.utils.translation import ugettext_lazy as _
from django.conf import settings
from django.core.urlresolvers import reverse
from django.http import HttpResponseRedirect, HttpResponseForbidden
from django.shortcuts import render_to_response, get_object_or_404
from django.core.urlresolvers import reverse
from django.template import RequestContext
from django.conf import settings
from django.utils.translation import ugettext_lazy as _
from common import utils
from teams.models import Team, FakeTeam, Role
from teams.forms import EditMemberRoleForm, EditTeamDetailsForm
......@@ -117,11 +118,12 @@ def team(request, team_slug):
context['can_edit_team'] = True
context['mem_groups'] = mem_groups
context['can_edit_details'] = context['can_edit_team'] or utils.is_site_admin(request.user)
return render_to_response('teams/team_detail.html', context, context_instance=RequestContext(request))
def team_edit(request, team_slug):
team = get_object_or_404(Team, name=team_slug)
if not team.can_edit(request.user):
if not (team.can_edit(request.user) or utils.is_site_admin(request.user)):
return HttpResponseForbidden("You are not allowed to edit this team.")
form = EditTeamDetailsForm(request.POST or None, instance=team)
if request.method == 'POST':
......@@ -133,4 +135,3 @@ def team_edit(request, team_slug):
'form': form
}
return render_to_response('teams/team_edit.html', context, context_instance=RequestContext(request))
......@@ -5,7 +5,7 @@
<table width="100%"><tr><td valign="top" width="50%">
<h2>{% trans "Details" %}
{% if can_edit_team %}<a href="{% url team_edit team.name %}">
{% if can_edit_details %}<a href="{% url team_edit team.name %}">
<img src="{{ MEDIA_URL }}img/edit_small.png" alt="Edit"/></a>
{% endif %}
</h2>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment