Further working on Permission Rulesets

2025-12-23 14:49:31 +00:00 · 2011-07-03 15:35:36 +01:00
parent b90074f89b
commit 92db874fcf
2 changed files with 36 additions and 7 deletions
--- a/app/sso/admin.py
+++ b/app/sso/admin.py
@@ -1,7 +1,9 @@
 from django.contrib import admin
 from django.contrib.auth.models import User
 from django.contrib.auth.admin import UserAdmin
-from sso.models import Service, ServiceAccount, SSOUser, SSOUserNote
+from django.contrib.contenttypes import generic
+
+from sso.models import Service, ServiceAccount, SSOUser, SSOUserNote, PermissionRule, PermissionRuleset


 class ServiceAdmin(admin.ModelAdmin):
@@ -32,8 +34,28 @@ class SSOUserNoteAdmin(admin.ModelAdmin):
    search_fields = ['user__username']


+class PermissionRuleInline(generic.GenericTabularInline):
+    model = PermissionRule
+    extra = 1
+    ct_field = '
+    ct_fk_field = '
+
+class PermissionRuleAdmin(admin.ModelAdmin):
+    pass
+
+class PermissionRulesetAdmin(admin.ModelAdmin):
+    list_display = ('name', 'group', 'active')
+    list_filter = ('active',)
+    search_fields = ('name', 'group__name')
+    inlines = [PermissionRuleInline,]
+
+
+
+
 admin.site.register(Service, ServiceAdmin)
 admin.site.register(ServiceAccount, ServiceAccountAdmin)
 admin.site.unregister(User)
 admin.site.register(User, SSOUserAdmin)
 admin.site.register(SSOUserNote, SSOUserNoteAdmin)
+admin.site.register(PermissionRuleset, PermissionRulesetAdmin)
+admin.site.register(PermissionRule, PermissionRuleAdmin)
--- a/app/sso/models.py
+++ b/app/sso/models.py
@@ -202,9 +202,9 @@ signals.pre_delete.connect(ServiceAccount.pre_delete_listener, sender=ServiceAcc
 class PermissionRuleset(models.Model):
    """ A group of rules to assign a Group to a user """

-    name = models.CharField("Name", max_length=200)
-    active = models.BooleanField()
-    group = models.ForeignKey(Group)
+    name = models.CharField("Name", max_length=200, help_text="Name of the ruleset")
+    active = models.BooleanField("Active", help_text="Indicates if the rule will be used during permissions processing")
+    group = models.ForeignKey(Group, help_text="Group that will be added to the user's profile if they match the listed rules")

    check_type = models.BooleanField()

@@ -220,6 +220,9 @@ class PermissionRuleset(models.Model):
                    return True
        return False

+    def __unicode__(self):
+        return self.name
+
    class Meta:
        verbose_name = u'Ruleset'
        verbose_name_plural = u'Rulesets'
@@ -228,11 +231,11 @@ class PermissionRuleset(models.Model):
 class PermissionRule(models.Model):
    ruleset = models.ForeignKey(PermissionRuleset, related_name='rules')

-    obj_type = models.ForeignKey(ContentType)
-    obj_id = models.IntegerField()
+    obj_type = models.ForeignKey(ContentType, verbose_name="Object Type", help_text="Type of object you want to check for")
+    obj_id = models.IntegerField("Object ID")
    related_obj = generic.GenericForeignKey(obj_type, obj_id)

-    check_type = models.IntegerField()
+    check_type = models.IntegerField("Check Type")

    def check_rule(self, user):

@@ -243,6 +246,10 @@ class PermissionRule(models.Model):

        return False

+    def __unicode__(self):
+        #return self.related_obj
+        return "%s %s-%s" % (self.ruleset.name, self.obj_type, self.obj_id)
+
    class Meta:
        verbose_name = u'Rule'
        verbose_name_plural = u'Rules'