diff --git a/app/groups/migrations/0005_auto.py b/app/groups/migrations/0005_auto.py new file mode 100644 index 0000000..6419e9d --- /dev/null +++ b/app/groups/migrations/0005_auto.py @@ -0,0 +1,89 @@ +# encoding: utf-8 +import datetime +from south.db import db +from south.v2 import SchemaMigration +from django.db import models + +class Migration(SchemaMigration): + + def forwards(self, orm): + + # Adding M2M table for field parent_groups on 'GroupInformation' + db.create_table('groups_groupinformation_parent_groups', ( + ('id', models.AutoField(verbose_name='ID', primary_key=True, auto_created=True)), + ('groupinformation', models.ForeignKey(orm['groups.groupinformation'], null=False)), + ('group', models.ForeignKey(orm['auth.group'], null=False)) + )) + db.create_unique('groups_groupinformation_parent_groups', ['groupinformation_id', 'group_id']) + + + def backwards(self, orm): + + # Removing M2M table for field parent_groups on 'GroupInformation' + db.delete_table('groups_groupinformation_parent_groups') + + + models = { + 'auth.group': { + 'Meta': {'object_name': 'Group'}, + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}), + 'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}) + }, + 'auth.permission': { + 'Meta': {'ordering': "('content_type__app_label', 'content_type__model', 'codename')", 'unique_together': "(('content_type', 'codename'),)", 'object_name': 'Permission'}, + 'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['contenttypes.ContentType']"}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '50'}) + }, + 'auth.user': { + 'Meta': {'object_name': 'User'}, + 'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}), + 'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}), + 'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}), + 'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'}) + }, + 'contenttypes.contenttype': { + 'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"}, + 'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '100'}) + }, + 'groups.groupinformation': { + 'Meta': {'ordering': "['group']", 'object_name': 'GroupInformation'}, + 'admins': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.User']", 'symmetrical': 'False', 'blank': 'True'}), + 'description': ('django.db.models.fields.TextField', [], {'blank': 'True'}), + 'group': ('django.db.models.fields.related.OneToOneField', [], {'to': "orm['auth.Group']", 'unique': 'True'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'moderated': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'parent': ('django.db.models.fields.related.ForeignKey', [], {'blank': 'True', 'related_name': "'children'", 'null': 'True', 'to': "orm['auth.Group']"}), + 'parent_groups': ('django.db.models.fields.related.ManyToManyField', [], {'symmetrical': 'False', 'related_name': "'+'", 'blank': 'True', 'to': "orm['auth.Group']"}), + 'public': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'requestable': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'type': ('django.db.models.fields.IntegerField', [], {'default': '2'}) + }, + 'groups.grouprequest': { + 'Meta': {'ordering': "['created_date']", 'object_name': 'GroupRequest'}, + 'changed_by': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['auth.User']"}), + 'changed_date': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'}), + 'created_date': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}), + 'group': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'requests'", 'to': "orm['auth.Group']"}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'reason': ('django.db.models.fields.TextField', [], {}), + 'status': ('django.db.models.fields.IntegerField', [], {'default': '0'}), + 'user': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'grouprequests'", 'to': "orm['auth.User']"}) + } + } + + complete_apps = ['groups'] diff --git a/app/groups/migrations/0006_move_to_multigroups.py b/app/groups/migrations/0006_move_to_multigroups.py new file mode 100644 index 0000000..fcb12c9 --- /dev/null +++ b/app/groups/migrations/0006_move_to_multigroups.py @@ -0,0 +1,80 @@ +# encoding: utf-8 +import datetime +from south.db import db +from south.v2 import DataMigration +from django.db import models + +class Migration(DataMigration): + + def forwards(self, orm): + for obj in orm.GroupInformation.objects.all(): + if obj.parent is not None: + obj.parent_groups.add(obj.parent) + + def backwards(self, orm): + raise RuntimeError("Cannot reverse this migration, manually select parent groups for each groupinformation.") + + models = { + 'auth.group': { + 'Meta': {'object_name': 'Group'}, + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}), + 'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}) + }, + 'auth.permission': { + 'Meta': {'ordering': "('content_type__app_label', 'content_type__model', 'codename')", 'unique_together': "(('content_type', 'codename'),)", 'object_name': 'Permission'}, + 'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['contenttypes.ContentType']"}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '50'}) + }, + 'auth.user': { + 'Meta': {'object_name': 'User'}, + 'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}), + 'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}), + 'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}), + 'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'}) + }, + 'contenttypes.contenttype': { + 'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"}, + 'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '100'}) + }, + 'groups.groupinformation': { + 'Meta': {'ordering': "['group']", 'object_name': 'GroupInformation'}, + 'admins': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.User']", 'symmetrical': 'False', 'blank': 'True'}), + 'description': ('django.db.models.fields.TextField', [], {'blank': 'True'}), + 'group': ('django.db.models.fields.related.OneToOneField', [], {'to': "orm['auth.Group']", 'unique': 'True'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'moderated': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'parent': ('django.db.models.fields.related.ForeignKey', [], {'blank': 'True', 'related_name': "'children'", 'null': 'True', 'to': "orm['auth.Group']"}), + 'parent_groups': ('django.db.models.fields.related.ManyToManyField', [], {'symmetrical': 'False', 'related_name': "'+'", 'blank': 'True', 'to': "orm['auth.Group']"}), + 'public': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'requestable': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'type': ('django.db.models.fields.IntegerField', [], {'default': '2'}) + }, + 'groups.grouprequest': { + 'Meta': {'ordering': "['created_date']", 'object_name': 'GroupRequest'}, + 'changed_by': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['auth.User']"}), + 'changed_date': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'}), + 'created_date': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}), + 'group': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'requests'", 'to': "orm['auth.Group']"}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'reason': ('django.db.models.fields.TextField', [], {}), + 'status': ('django.db.models.fields.IntegerField', [], {'default': '0'}), + 'user': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'grouprequests'", 'to': "orm['auth.User']"}) + } + } + + complete_apps = ['groups'] diff --git a/app/groups/migrations/0007_remove_old_parent_field.py b/app/groups/migrations/0007_remove_old_parent_field.py new file mode 100644 index 0000000..218f2eb --- /dev/null +++ b/app/groups/migrations/0007_remove_old_parent_field.py @@ -0,0 +1,83 @@ +# encoding: utf-8 +import datetime +from south.db import db +from south.v2 import SchemaMigration +from django.db import models + +class Migration(SchemaMigration): + + def forwards(self, orm): + + # Deleting field 'GroupInformation.parent' + db.delete_column('groups_groupinformation', 'parent_id') + + + def backwards(self, orm): + + # Adding field 'GroupInformation.parent' + db.add_column('groups_groupinformation', 'parent', self.gf('django.db.models.fields.related.ForeignKey')(related_name='children', null=True, to=orm['auth.Group'], blank=True), keep_default=False) + + + models = { + 'auth.group': { + 'Meta': {'object_name': 'Group'}, + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}), + 'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}) + }, + 'auth.permission': { + 'Meta': {'ordering': "('content_type__app_label', 'content_type__model', 'codename')", 'unique_together': "(('content_type', 'codename'),)", 'object_name': 'Permission'}, + 'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['contenttypes.ContentType']"}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '50'}) + }, + 'auth.user': { + 'Meta': {'object_name': 'User'}, + 'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}), + 'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}), + 'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}), + 'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'}) + }, + 'contenttypes.contenttype': { + 'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"}, + 'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '100'}) + }, + 'groups.groupinformation': { + 'Meta': {'ordering': "['group']", 'object_name': 'GroupInformation'}, + 'admins': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.User']", 'symmetrical': 'False', 'blank': 'True'}), + 'description': ('django.db.models.fields.TextField', [], {'blank': 'True'}), + 'group': ('django.db.models.fields.related.OneToOneField', [], {'to': "orm['auth.Group']", 'unique': 'True'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'moderated': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'parent_groups': ('django.db.models.fields.related.ManyToManyField', [], {'symmetrical': 'False', 'related_name': "'children'", 'blank': 'True', 'to': "orm['auth.Group']"}), + 'public': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'requestable': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'type': ('django.db.models.fields.IntegerField', [], {'default': '2'}) + }, + 'groups.grouprequest': { + 'Meta': {'ordering': "['created_date']", 'object_name': 'GroupRequest'}, + 'changed_by': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['auth.User']"}), + 'changed_date': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'}), + 'created_date': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}), + 'group': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'requests'", 'to': "orm['auth.Group']"}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'reason': ('django.db.models.fields.TextField', [], {}), + 'status': ('django.db.models.fields.IntegerField', [], {'default': '0'}), + 'user': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'grouprequests'", 'to': "orm['auth.User']"}) + } + } + + complete_apps = ['groups'] diff --git a/app/groups/models.py b/app/groups/models.py index 82b6b6b..ae880f4 100644 --- a/app/groups/models.py +++ b/app/groups/models.py @@ -14,7 +14,8 @@ class GroupInformation(models.Model): public = models.BooleanField("Public", default=False, help_text="Indicates if the group is visible to all") requestable = models.BooleanField("Requestable", default=False, help_text="Indicates if people can request to join this group") moderated = models.BooleanField("Moderated", default=True, help_text="Indicates if the group requires new members to be accepted by a group admin") - parent = models.ForeignKey(Group, related_name="children", null=True, blank=True) + parent = models.ForeignKey(Group, related_name="children_old", null=True, blank=True) + parent_groups = models.ManyToManyField(Group, blank=True, related_name='children') description = models.TextField(help_text="Description of the group and its permissions", blank=True) diff --git a/app/groups/views.py b/app/groups/views.py index 9e90ac2..d549c56 100644 --- a/app/groups/views.py +++ b/app/groups/views.py @@ -43,8 +43,8 @@ def group_list(request): requestable = False if group.groupinformation and group.groupinformation.requestable: - if group.groupinformation.parent: - if group.groupinformation.parent in request.user.groups.all(): + if group.groupinformation.parent_groups.count(): + if bool(set(group.groupinformation.parent_groups.all()) & set(request.user.groups.all())): requestable = True else: requestable = True @@ -70,7 +70,7 @@ def create_request(request, groupid, email_text_template='groups/email/request.t if request.user in group.user_set.all() or not group.groupinformation.requestable: return HttpResponseRedirect(reverse('groups.views.group_list')) - if group.groupinformation.parent and not group.groupinformation.parent in request.user.groups.all(): + if group.groupinformation.parent_groups.count() and not set(group.groupinformation.parent_groups.all()) & set(request.user.groups.all()): return HttpResponseRedirect(reverse('groups.views.group_list')) if group.requests.filter(status=REQUEST_PENDING,user=request.user).count(): diff --git a/app/sso/tasks.py b/app/sso/tasks.py index bdf6e6f..afb027a 100644 --- a/app/sso/tasks.py +++ b/app/sso/tasks.py @@ -74,17 +74,17 @@ def update_user_access(user, **kwargs): # Check that user's groups fufil requirements if installed('groups'): - for g in user.groups.filter(groupinformation__parent__isnull=False): - if not g in delgroups and not g.groupinformation.parent in user.groups.all(): + ugroups = set(user.groups.all()) + for g in user.groups.all(): + if g in delgroups or not g.groupinformation.parent_groups.count(): continue + if not bool(set(g.groupinformation.parent_groups.all()) & ugroups): delgroups.add(g) for g in delgroups: - if g in user.groups.all(): - user.groups.remove(g) + user.groups.remove(g) for g in addgroups: - if not g in user.groups.all(): - user.groups.add(g) + user.groups.add(g) # For users set to not active, delete all accounts if not user.is_active: