mirror of
https://github.com/cisagov/manage.get.gov.git
synced 2025-08-16 06:24:12 +02:00
Progress save
This commit is contained in:
zandercymatics
parent
bd0edf7203
commit
fc101e8676
6 changed files with 60 additions and 28 deletions
|
|
@ -19,7 +19,7 @@
|
||||||
|
|
||||||
<div class="tablet:grid-col-9">
|
<div class="tablet:grid-col-9">
|
||||||
<main id="main-content" class="grid-container">
|
<main id="main-content" class="grid-container">
|
||||||
{% if not is_analyst_or_superuser %}
|
{% if not is_analyst_or_superuser or is_original_creator %}
|
||||||
<a href="{% url 'home' %}" class="breadcrumb__back">
|
<a href="{% url 'home' %}" class="breadcrumb__back">
|
||||||
<svg class="usa-icon" aria-hidden="true" focusable="false" role="img">
|
<svg class="usa-icon" aria-hidden="true" focusable="false" role="img">
|
||||||
<use xlink:href="{% static 'img/sprite.svg' %}#arrow_back"></use>
|
<use xlink:href="{% static 'img/sprite.svg' %}#arrow_back"></use>
|
||||||
|
|
@ -35,9 +35,9 @@
|
||||||
<svg class="usa-icon" aria-hidden="true" focusable="false" role="img">
|
<svg class="usa-icon" aria-hidden="true" focusable="false" role="img">
|
||||||
<use xlink:href="{% static 'img/sprite.svg' %}#arrow_back"></use>
|
<use xlink:href="{% static 'img/sprite.svg' %}#arrow_back"></use>
|
||||||
</svg>
|
</svg>
|
||||||
|
{# Q: should this be 'Back to .gov admin' or 'Back to manage your domains'? #}
|
||||||
<p class="margin-left-05 margin-top-0 margin-bottom-0 line-height-sans-1">
|
<p class="margin-left-05 margin-top-0 margin-bottom-0 line-height-sans-1">
|
||||||
Back to manage your domains
|
Back to change domain
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
</a>
|
</a>
|
||||||
|
|
|
||||||
|
|
@ -34,7 +34,7 @@
|
||||||
{% if is_original_creator %}
|
{% if is_original_creator %}
|
||||||
{% include "includes/summary_item.html" with title='Your contact information' value=request.user.contact contact='true' edit_link=url %}
|
{% include "includes/summary_item.html" with title='Your contact information' value=request.user.contact contact='true' edit_link=url %}
|
||||||
{% else %}
|
{% else %}
|
||||||
{% include "includes/summary_item.html" with title='Contact information' value=request.user.contact contact='true' %}
|
{% include "includes/summary_item.html" with title='Contact information' value=request.user.contact contact='true' edit_link=url %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% url 'domain-security-email' pk=domain.id as url %}
|
{% url 'domain-security-email' pk=domain.id as url %}
|
||||||
|
|
|
||||||
|
|
@ -8,8 +8,11 @@
|
||||||
{% include "includes/form_errors.html" with form=form %}
|
{% include "includes/form_errors.html" with form=form %}
|
||||||
|
|
||||||
<h1>Organization name and mailing address </h1>
|
<h1>Organization name and mailing address </h1>
|
||||||
|
{% if is_original_creator %}
|
||||||
<p>The name of your organization will be publicly listed as the domain registrant.</p>
|
<p>The name of your organization will be publicly listed as the domain registrant.</p>
|
||||||
|
{% else %}
|
||||||
|
<p>The name of the organization will be publicly listed as the domain registrant.</p>
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
{% include "includes/required_fields.html" %}
|
{% include "includes/required_fields.html" %}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -39,16 +39,19 @@
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</li>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if is_original_creator %}
|
|
||||||
<li class="usa-sidenav__item">
|
<li class="usa-sidenav__item">
|
||||||
{% url 'domain-your-contact-information' pk=domain.id as url %}
|
{% url 'domain-your-contact-information' pk=domain.id as url %}
|
||||||
<a href="{{ url }}"
|
<a href="{{ url }}"
|
||||||
{% if request.path == url %}class="usa-current"{% endif %}
|
{% if request.path == url %}class="usa-current"{% endif %}
|
||||||
>
|
>
|
||||||
|
{% if is_original_creator %}
|
||||||
Your contact information
|
Your contact information
|
||||||
|
{% else %}
|
||||||
|
Contact information
|
||||||
|
{% endif %}
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</li>
|
||||||
{% endif %}
|
|
||||||
<li class="usa-sidenav__item">
|
<li class="usa-sidenav__item">
|
||||||
{% url 'domain-security-email' pk=domain.id as url %}
|
{% url 'domain-security-email' pk=domain.id as url %}
|
||||||
<a href="{{ url }}"
|
<a href="{{ url }}"
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,12 @@
|
||||||
"""Permissions-related mixin classes."""
|
"""Permissions-related mixin classes."""
|
||||||
|
|
||||||
from django.contrib.auth.mixins import PermissionRequiredMixin
|
from django.contrib.auth.mixins import PermissionRequiredMixin
|
||||||
|
from django.http import Http404
|
||||||
|
|
||||||
from registrar.models import UserDomainRole, DomainApplication, DomainInvitation
|
from registrar.models import DomainApplication, DomainInvitation
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
|
from registrar.models.domain_information import DomainInformation
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
class PermissionsLoginMixin(PermissionRequiredMixin):
|
class PermissionsLoginMixin(PermissionRequiredMixin):
|
||||||
|
|
@ -24,35 +27,49 @@ class DomainPermission(PermissionsLoginMixin):
|
||||||
|
|
||||||
The user is in self.request.user and the domain needs to be looked
|
The user is in self.request.user and the domain needs to be looked
|
||||||
up from the domain's primary key in self.kwargs["pk"]
|
up from the domain's primary key in self.kwargs["pk"]
|
||||||
|
|
||||||
analysts and superusers are exempt
|
|
||||||
"""
|
"""
|
||||||
|
|
||||||
# ticket 806
|
|
||||||
# if self.request.user is staff or admin and
|
|
||||||
# domain.application__status = 'approved' or 'rejected' or 'action needed'
|
|
||||||
# return True
|
|
||||||
|
|
||||||
if not self.request.user.is_authenticated:
|
if not self.request.user.is_authenticated:
|
||||||
return False
|
return False
|
||||||
|
|
||||||
# user needs to be the creator of the application
|
pk = self.kwargs["pk"]
|
||||||
# this query is empty if there isn't a domain application with this
|
if pk is None:
|
||||||
# id and this user as creator
|
raise ValueError("Primary key is null for Domain")
|
||||||
user_is_creator: bool = DomainApplication.objects.filter(
|
|
||||||
creator=self.request.user, id=self.kwargs["pk"]
|
requested_domain = None
|
||||||
).exists()
|
|
||||||
user_is_analyst_or_superuser = self.request.user.is_staff or self.request.user.is_superuser
|
try:
|
||||||
|
requested_domain = DomainInformation.objects.get(
|
||||||
|
id=pk
|
||||||
|
)
|
||||||
|
|
||||||
|
# This should never happen in normal flow.
|
||||||
|
# If it does, then it likely means something bad happened...
|
||||||
|
except DomainInformation.DoesNotExist:
|
||||||
|
raise Http404()
|
||||||
|
|
||||||
|
# Checks if the creator is the user requesting this item
|
||||||
|
user_is_creator: bool = requested_domain.creator.username == self.request.user.username
|
||||||
|
|
||||||
# user needs to have a role on the domain
|
# user needs to have a role on the domain
|
||||||
if not user_is_creator and not user_is_analyst_or_superuser:
|
if user_is_creator:
|
||||||
return False
|
return True
|
||||||
|
|
||||||
|
# ticket 806
|
||||||
|
# Analysts may manage domains, when they are in these statuses:
|
||||||
|
valid_domain_statuses = [DomainApplication.APPROVED, DomainApplication.IN_REVIEW, DomainApplication.REJECTED, DomainApplication.ACTION_NEEDED]
|
||||||
|
# Check if the user is permissioned...
|
||||||
|
user_is_analyst_or_superuser = self.request.user.is_staff or self.request.user.is_superuser
|
||||||
|
|
||||||
|
if user_is_analyst_or_superuser and requested_domain.domain_application.status in valid_domain_statuses:
|
||||||
|
return True
|
||||||
|
|
||||||
# ticket 796
|
# ticket 796
|
||||||
# if domain.application__status != 'approved'
|
# if domain.application__status != 'approved'
|
||||||
# return false
|
# return false
|
||||||
|
|
||||||
# if we need to check more about the nature of role, do it here.
|
# if we need to check more about the nature of role, do it here.
|
||||||
return True
|
return False
|
||||||
|
|
||||||
|
|
||||||
class DomainApplicationPermission(PermissionsLoginMixin):
|
class DomainApplicationPermission(PermissionsLoginMixin):
|
||||||
|
|
|
||||||
|
|
@ -31,11 +31,20 @@ class DomainPermissionView(DomainPermission, DetailView, abc.ABC):
|
||||||
def get_context_data(self, **kwargs):
|
def get_context_data(self, **kwargs):
|
||||||
context = super().get_context_data(**kwargs)
|
context = super().get_context_data(**kwargs)
|
||||||
user = self.request.user
|
user = self.request.user
|
||||||
|
# Q: is there a more efficent way to do this?
|
||||||
|
# Searches by creator_id instead of creator,
|
||||||
|
# should be slightly faster than by creator...
|
||||||
|
is_original_creator = DomainInformation.objects.filter(
|
||||||
|
creator_id=self.request.user.id, id=self.kwargs["pk"]
|
||||||
|
).exists()
|
||||||
|
|
||||||
context['primary_key'] = self.kwargs["pk"]
|
context['primary_key'] = self.kwargs["pk"]
|
||||||
context['is_analyst_or_superuser'] = user.is_superuser or user.is_staff
|
context['is_analyst_or_superuser'] = user.is_superuser or user.is_staff
|
||||||
context['is_original_creator'] = DomainInformation.objects.filter(
|
context['is_original_creator'] = is_original_creator
|
||||||
creator=self.request.user, id=self.kwargs["pk"]
|
context['is_active_user'] = DomainInformation.objects.filter(
|
||||||
).exists()
|
id=self.kwargs["pk"]
|
||||||
|
)
|
||||||
|
|
||||||
return context
|
return context
|
||||||
|
|
||||||
# Abstract property enforces NotImplementedError on an attribute.
|
# Abstract property enforces NotImplementedError on an attribute.
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue