diff --git a/groups/migrations/0003_auto__add_field_groupinformation_parent.py b/groups/migrations/0003_auto__add_field_groupinformation_parent.py new file mode 100644 index 0000000..695e6e0 --- /dev/null +++ b/groups/migrations/0003_auto__add_field_groupinformation_parent.py @@ -0,0 +1,82 @@ +# encoding: utf-8 +import datetime +from south.db import db +from south.v2 import SchemaMigration +from django.db import models + +class Migration(SchemaMigration): + + def forwards(self, orm): + + # Adding field 'GroupInformation.parent' + db.add_column('groups_groupinformation', 'parent', self.gf('django.db.models.fields.related.ForeignKey')(related_name='children', null=True, to=orm['auth.Group']), keep_default=False) + + + def backwards(self, orm): + + # Deleting field 'GroupInformation.parent' + db.delete_column('groups_groupinformation', 'parent_id') + + + models = { + 'auth.group': { + 'Meta': {'object_name': 'Group'}, + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}), + 'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}) + }, + 'auth.permission': { + 'Meta': {'ordering': "('content_type__app_label', 'content_type__model', 'codename')", 'unique_together': "(('content_type', 'codename'),)", 'object_name': 'Permission'}, + 'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['contenttypes.ContentType']"}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '50'}) + }, + 'auth.user': { + 'Meta': {'object_name': 'User'}, + 'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}), + 'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}), + 'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}), + 'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'}) + }, + 'contenttypes.contenttype': { + 'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"}, + 'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '100'}) + }, + 'groups.groupinformation': { + 'Meta': {'ordering': "['group']", 'object_name': 'GroupInformation'}, + 'admins': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.User']", 'symmetrical': 'False', 'blank': 'True'}), + 'description': ('django.db.models.fields.TextField', [], {'blank': 'True'}), + 'group': ('django.db.models.fields.related.OneToOneField', [], {'to': "orm['auth.Group']", 'unique': 'True'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'parent': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'children'", 'null': 'True', 'to': "orm['auth.Group']"}), + 'public': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'requestable': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'type': ('django.db.models.fields.IntegerField', [], {'default': '2'}) + }, + 'groups.grouprequest': { + 'Meta': {'ordering': "['created_date']", 'object_name': 'GroupRequest'}, + 'changed_by': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['auth.User']"}), + 'changed_date': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'}), + 'created_date': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}), + 'group': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'requests'", 'to': "orm['auth.Group']"}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'reason': ('django.db.models.fields.TextField', [], {}), + 'status': ('django.db.models.fields.IntegerField', [], {'default': '0'}), + 'user': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'grouprequests'", 'to': "orm['auth.User']"}) + } + } + + complete_apps = ['groups'] diff --git a/groups/models.py b/groups/models.py index 35ac41b..c8d4cfc 100644 --- a/groups/models.py +++ b/groups/models.py @@ -13,6 +13,7 @@ class GroupInformation(models.Model): admins = models.ManyToManyField(User, blank=True) public = models.BooleanField("Public", default=False, help_text="Indicates if the group is visible to all") requestable = models.BooleanField("Requestable", default=False, help_text="Indicates if people can request to join this group") + parent = models.ForeignKey(Group, related_name="children", null=True, blank=True) description = models.TextField(help_text="Description of the group and its permissions", blank=True) diff --git a/groups/views.py b/groups/views.py index f42b817..2907cb7 100644 --- a/groups/views.py +++ b/groups/views.py @@ -41,10 +41,10 @@ def group_list(request): else: status = None + requestable = False if group.groupinformation and group.groupinformation.requestable and not group.groupinformation.type == GROUP_TYPE_MANAGED: - requestable = True - else: - requestable = False + if not group.groupinformation.parent or group.groupinformation.parent in request.user.groups.all(): + requestable = True fixed = not group.groupinformation.type == GROUP_TYPE_PERMISSION pending = group.requests.filter(status=REQUEST_PENDING,user=request.user).count() diff --git a/sso/tasks.py b/sso/tasks.py index 7bb123a..843c35e 100644 --- a/sso/tasks.py +++ b/sso/tasks.py @@ -3,6 +3,7 @@ from eve_api.models import EVEAccount, EVEPlayerCorporation, EVEPlayerAlliance from sso.models import ServiceAccount from django.contrib.auth.models import User from django.db.models import signals +from utils import installed # Signals that the tasks need to listen for @@ -45,6 +46,13 @@ def update_user_access(user, **kwargs): delgroups = set(set(user.groups.all()) & set(corpgroups)) - set(chargroups) addgroups = set(chargroups) - set(set(user.groups.all()) & set(corpgroups)) + # Check that user's groups fufil requirements + if installed('groups'): + for g in user.groups.filter(groupinformation__parent__isnull=False): + print g + if not g in delgroups and not g.groupinformation.parent in user.groups.all(): + delgroups.add(g) + for g in delgroups: if g in user.groups.all(): user.groups.remove(g)