zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-08-14 05:29:43 +02:00
Code Issues Projects Releases Packages Wiki Activity

wip

Browse source
This commit is contained in:
David Kennedy 2025-02-21 20:01:58 -05:00
parent ac826c9e05
commit 260d2e587f
No known key found for this signature in database
GPG key ID: 6528A5386E66B96B
2 changed files with 107 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

110
src/registrar/admin.py
View file

@ -193,19 +193,107 @@ class MyUserAdminForm(UserChangeForm):
class UserPortfolioPermissionsForm(forms.ModelForm): class UserPortfolioPermissionsForm(forms.ModelForm):
REQUEST_PERMISSIONS = [
UserPortfolioPermissionChoices.VIEW_ALL_REQUESTS,
UserPortfolioPermissionChoices.EDIT_REQUESTS,
]
DOMAIN_PERMISSIONS = [
UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS,
UserPortfolioPermissionChoices.VIEW_MANAGED_DOMAINS,
]
MEMBER_PERMISSIONS = [
UserPortfolioPermissionChoices.VIEW_MEMBERS,
]
user = forms.ModelChoiceField(
queryset=models.User.objects.all(),
label="User"
)
portfolio = forms.ModelChoiceField(
queryset=models.Portfolio.objects.all(),
label="Portfolio"
)
role = forms.ChoiceField(
choices=UserPortfolioRoleChoices.choices,
required=True,
widget=forms.Select(attrs={"class": "admin-dropdown"}),
label="Member access"
)
request_permissions = forms.ChoiceField(
choices=[(perm.value, perm.label) for perm in REQUEST_PERMISSIONS],
required=False,
widget=forms.Select(attrs={"class": "admin-dropdown"}),
label="Domain requests"
)
domain_permissions = forms.ChoiceField(
choices=[(perm.value, perm.label) for perm in DOMAIN_PERMISSIONS],
required=False,
widget=forms.Select(attrs={"class": "admin-dropdown"}),
label="Domains"
)
member_permissions = forms.ChoiceField(
choices=[(perm.value, perm.label) for perm in MEMBER_PERMISSIONS],
required=False,
widget=forms.Select(attrs={"class": "admin-dropdown"}),
label="Members"
)
class Meta: class Meta:
model = models.UserPortfolioPermission model = models.UserPortfolioPermission
fields = "__all__" fields = ["user", "portfolio", "role", "domain_permissions", "request_permissions", "member_permissions"]
widgets = {
"roles": FilteredSelectMultipleArrayWidget( def __init__(self, *args, **kwargs):
"roles", is_stacked=False, choices=UserPortfolioRoleChoices.choices super().__init__(*args, **kwargs)
),
"additional_permissions": FilteredSelectMultipleArrayWidget( logger.debug("Initializing form")
"additional_permissions",
is_stacked=False, # Populate roles
choices=UserPortfolioPermissionChoices.choices, if self.instance and self.instance.pk:
), if self.instance.roles:
} logger.debug(f"Setting role: {self.instance.roles[0]}")
self.fields["role"].initial = self.instance.roles[0] # Assuming single role per user
if self.instance.additional_permissions:
logger.debug(f"Existing permissions: {self.instance.additional_permissions}")
for perm in self.instance.additional_permissions:
logger.debug(f"Processing permission: {perm}")
if perm in self.REQUEST_PERMISSIONS:
logger.debug("Assigning request permission")
self.fields["request_permissions"].initial = perm
elif perm in self.DOMAIN_PERMISSIONS:
logger.debug("Assigning domain permission")
self.fields["domain_permissions"].initial = perm
elif perm in self.MEMBER_PERMISSIONS:
logger.debug("Assigning member permission")
self.fields["member_permissions"].initial = perm
def clean(self):
cleaned_data = super().clean()
self.instance.roles = [cleaned_data.get("role")] if cleaned_data.get("role") else []
logger.debug(f"Cleaned roles: {self.instance.roles}")
if self.instance.roles == [UserPortfolioRoleChoices.ORGANIZATION_MEMBER]:
self.instance.additional_permissions = list(
filter(None, [
cleaned_data.get("request_permissions"),
cleaned_data.get("domain_permissions"),
cleaned_data.get("member_permissions"),
])
)
else:
self.instance.additional_permissions = []
logger.debug(f"Final saved permissions: {self.instance.additional_permissions}")
return cleaned_data
class PortfolioInvitationAdminForm(UserChangeForm): class PortfolioInvitationAdminForm(UserChangeForm):

16
src/registrar/models/utility/portfolio_helper.py
View file

@ -16,7 +16,7 @@ class UserPortfolioRoleChoices(models.TextChoices):
""" """
ORGANIZATION_ADMIN = "organization_admin", "Admin" ORGANIZATION_ADMIN = "organization_admin", "Admin"
ORGANIZATION_MEMBER = "organization_member", "Member" ORGANIZATION_MEMBER = "organization_member", "Basic"
@classmethod @classmethod
def get_user_portfolio_role_label(cls, user_portfolio_role): def get_user_portfolio_role_label(cls, user_portfolio_role):
@ -30,17 +30,17 @@ class UserPortfolioRoleChoices(models.TextChoices):
class UserPortfolioPermissionChoices(models.TextChoices): class UserPortfolioPermissionChoices(models.TextChoices):
""" """ """ """
VIEW_ALL_DOMAINS = "view_all_domains", "View all domains and domain reports" VIEW_ALL_DOMAINS = "view_all_domains", "Viewer"
VIEW_MANAGED_DOMAINS = "view_managed_domains", "View managed domains" VIEW_MANAGED_DOMAINS = "view_managed_domains", "Viewer, limited (domains they manage)"
VIEW_MEMBERS = "view_members", "View members" VIEW_MEMBERS = "view_members", "View members"
EDIT_MEMBERS = "edit_members", "Create and edit members" EDIT_MEMBERS = "edit_members", "Manager"
VIEW_ALL_REQUESTS = "view_all_requests", "View all requests" VIEW_ALL_REQUESTS = "view_all_requests", "Viewer"
EDIT_REQUESTS = "edit_requests", "Create and edit requests" EDIT_REQUESTS = "edit_requests", "Creator"
VIEW_PORTFOLIO = "view_portfolio", "View organization" VIEW_PORTFOLIO = "view_portfolio", "Viewer"
EDIT_PORTFOLIO = "edit_portfolio", "Edit organization" EDIT_PORTFOLIO = "edit_portfolio", "Manager"
@classmethod @classmethod
def get_user_portfolio_permission_label(cls, user_portfolio_permission): def get_user_portfolio_permission_label(cls, user_portfolio_permission):