Merge pull request #204 from editorsnotes/account-creation-fixes

Account creation fixes-- adding projects; creating roles; assigning permissions

Author: ptgolden

editorsnotes/admin_custom/forms/projects.py

@@ -1,9 +1,11 @@
 from django import forms
 from django.contrib.auth.models import Group
 from django.forms.models import (
-    BaseModelFormSet, ModelForm, modelformset_factory)
+    BaseModelFormSet, ModelForm, modelformset_factory, ValidationError)
 
-from editorsnotes.main.models import User, Project, ProjectInvitation
+from editorsnotes.main.management import get_all_project_permissions
+from editorsnotes.main.models import (
+    User, Project, ProjectInvitation, ProjectRole)
 
 class ProjectRoleField(forms.ModelChoiceField):
     def label_from_instance(self, obj):
@@ -21,7 +23,9 @@ def make_project_invitation_formset(project):
     if not isinstance(project, Project):
         raise ValueError('{} is not a project.'.format(project))
 
-    project_invitations = ProjectInvitation.objects.filter(project_id=project.id)
+    project_invitations = ProjectInvitation.objects\
+            .select_related('user', 'role')\
+            .filter(project_id=project.id)
 
     class ProjectInvitationFormSet(BaseModelFormSet):
         def __init__(self, *args, **kwargs):
@@ -75,7 +79,7 @@ def clean_email(self):
 
 def make_project_roster_formset(project):
     """
-    Returns a formset for editing project roles.
+    Returns a formset for editing project members' roles.
     """
     if not isinstance(project, Project):
         raise ValueError('{} is not a project.'.format(project))
@@ -117,8 +121,93 @@ def save(self, commit=True):
         extra=0
     )
 
+def make_project_permissions_formset(project):
+    roles = project.roles.all()
+    project_perms= get_all_project_permissions().order_by('content_type')
+
+    class ProjectRoleFormSet(BaseModelFormSet):
+        def __init__(self, *args, **kwargs):
+            kwargs['queryset'] = roles
+            super(ProjectRoleFormSet, self).__init__(*args, **kwargs)
+
+    class ProjectRoleForm(ModelForm):
+        permissions = forms.ModelMultipleChoiceField(
+            required=False,
+            queryset=project_perms,
+            widget=forms.CheckboxSelectMultiple)
+        class Meta:
+            model = ProjectRole
+            fields = ('role', 'permissions',)
+        def __init__(self, *args, **kwargs):
+            super(ProjectRoleForm, self).__init__(*args, **kwargs)
+            if self.instance and self.instance.is_super_role:
+                self.fields['permissions'].widget.attrs['readonly'] = True
+                self.fields['permissions'].widget.attrs['checked'] = True
+            elif self.instance and self.instance.id:
+                self.fields['permissions'].initial = self.instance.group.permissions.all()
+        def save(self, *args, **kwargs):
+            # We are NOT committing the change here, because we only save the
+            # form if the object already exists. This is because it was
+            # difficult to deal with the M2M relations (permissions => the new
+            # group which is created along with the project role) when doing
+            # that. We are calling save, however, to bound this form to an
+            # instance if it exists, so that we can proceed in the right way
+            # afterwards (create a ProjectRole manually if no existing instance;
+            # save form otherwise).
+            kwargs['commit'] = False
+            obj = super(ProjectRoleForm, self).save(*args, **kwargs)
+
+            perms = self.cleaned_data['permissions']
+            if not obj.id:
+                new_role = ProjectRole.objects.create_project_role(
+                    project, self.cleaned_data['role'])
+                new_role.group.permissions.add(*perms)
+            else:
+                obj.save()
+                obj.group.permissions.clear()
+                obj.group.permissions.add(*perms)
+            return obj
+
+    formset = modelformset_factory(ProjectRole,
+                                   formset=ProjectRoleFormSet,
+                                   form=ProjectRoleForm,
+                                   can_delete=True,
+                                   extra=1)
+    formset.all_perms = project_perms
+    return formset
+
+
+BANNED_PROJECT_SLUGS = (
+    'add',
+)
+
 class ProjectForm(ModelForm):
     class Meta:
         model = Project
         exclude = ('slug',)
 
+class ProjectCreationForm(ModelForm):
+    """
+    Form for creating a project. Must be passed a user.
+    """
+    join_project = forms.BooleanField(initial=True,
+                                      help_text='Join project after creation?')
+    class Meta:
+        model = Project
+    def __init__(self, *args, **kwargs):
+        user = kwargs.pop('user')
+        super(ProjectCreationForm, self).__init__(*args, **kwargs)
+        self.user = user
+    def clean_slug(self):
+        data = self.cleaned_data['slug']
+        if data in BANNED_PROJECT_SLUGS:
+            raise ValidationError('This slug is a reserved word.')
+        return data
+    def save(self, *args, **kwargs):
+        obj = super(ProjectCreationForm, self).save()
+        if self.cleaned_data['join_project']:
+            role = obj.roles.get(role='Editor')
+            role.users.add(self.user)
+        return obj
+
+

editorsnotes/admin_custom/templates/featured_items_admin.html

@@ -38,7 +38,7 @@ <h5>Add an item</h5>
     <option value="documents">Document</option>
     <option value="topics">Topic</option>
   </select>
-  <input type="text" placeholder="Type to search" search-project-id={{ project.id }} class="span5 search-autocomplete autocomplete-no-redirect"></input>
+  <input type="text" placeholder="Type to search" data-project-slug={{ project.slug }} class="span5 search-autocomplete autocomplete-no-redirect"></input>
   {% else %}
     <p>You can only designate up to five featured items. Remove at least one item to add another.</p>
   {% endif %}

editorsnotes/admin_custom/templates/project_roles.html

@@ -0,0 +1,161 @@
+{% extends "base.html" %}
+
+{% block js %}
+<script type="text/javascript">
+(function () {
+
+  function addFormToTable($el, $table) {
+    var $input = $el.find('input[type="text"]')
+      , $checkboxes = $el.find('input[type="checkbox"][name*="permissions"]')
+      , $deleteBox = $el.find('input[name*="DELETE"]')
+      , $rows = $table.find('tbody tr')
+      , $header
+      , $footer
+
+    $header = $('<th>')
+      .append($input.hide())
+      .append($input.val())
+      .appendTo( $table.find('thead tr') )
+
+    if ( $input.val() == 'Editor' ) {
+      $header.addClass('editor-role');
+    }
+
+    $footer = $header.clone().appendTo( $table.find('tfoot tr') );
+
+    $footer.find('input').remove();
+
+    $('tfoot th:last:not(.editor-role)')
+      .append('<button class="btn btn-danger" type="button">Delete</button>')
+      .find('button')
+      .css({
+        'display': 'block',
+        'position': 'relative',
+        'margin': '16px auto -44px'
+      })
+      .on('click', function () {
+        var $tds = $checkboxes.closest('td').add($footer).add($header);
+
+        if ($deleteBox.prop('checked')) {
+          $tds.removeClass('to-delete');
+          $deleteBox.prop('checked', false)
+          $(this).text('Delete');
+        } else {
+          $tds.addClass('to-delete');
+          $deleteBox.prop('checked', true)
+          $(this).text('Undo');
+        }
+      })
+
+
+    $checkboxes.each(function (idx, el) { 
+      $('<td>').append(el).appendTo( $rows.eq(idx) );
+    });
+
+  }
+
+  $(document).ready(function () {
+    var $table = $('table')
+
+    $('.permission-form').each(function (idx, el) {
+      addFormToTable($(el), $table);
+    });
+
+    $('<button class="btn btn-primary">Add role</button>')
+      .appendTo('body')
+      .css({ 'padding': '7px 16px', 'width': '100px' })
+      .position({
+        'my': 'left+12 top+12',
+        'at': 'right',
+        'of': $table.find('thead')
+      })
+      .on('click', function () {
+        $(this).remove();
+        $table.find('th:last-of-type, th:last-of-type input, td:last-of-type').show();
+      });
+
+  });
+  
+})()
+</script>
+{% endblock %}
+
+{% block css %}
+<style type="text/css">
+  #perms-table {
+    width: auto;
+  }
+  td:first-of-type {
+    width: 180px;
+  }
+  td:not(:first-of-type), th:not(:first-of-type) {
+    text-align: center;
+    min-width: 100px;
+  }
+  th input[type="text"] {
+    margin: 0;
+    text-align: center;
+  }
+  #perms-table tr:hover td {
+    background: #fffacd;
+  }
+  #perms-table th {
+    vertical-align: middle;
+  }
+  .hide-extra td:last-of-type, .hide-extra th:last-of-type {
+    display: none;
+  }
+
+  td.to-delete, th.to-delete {
+    background: #fa8072 !important;
+  }
+</style>
+{% endblock %}
+
+{% block content %}
+
+  <ul class="breadcrumb-top">
+    <li>
+      <a href="{% url "project_view" project_slug=project.slug %}">{{ project }}</a>
+      <span class="divider">&gt;</span>
+    </li>
+    <li>
+      <a href="{% url "admin:main_project_roster_change" project_slug=project.slug %}">Roster</a>
+      <span class="divider">&gt;</span>
+    </li>
+    <li class="active">Roles</li>
+  </ul>
+
+<h1>Change project roles</h1>
+{% include "includes/bootstrap_errors.html" with errors=formset.errors %}
+<form method="post">
+  {% csrf_token %}
+  <table id="perms-table" class="table table-condensed table-bordered table-striped hide-extra">
+    <thead>
+      <tr>
+        <th></th>
+      </tr>
+    </thead>
+    <tbody>
+      {% for perm in formset.all_perms %}
+      <tr>
+        <td>{{ perm.name }}</td>
+      </tr>
+      {% endfor %}
+    </tbody>
+    <tfoot>
+      <tr>
+        <th></th>
+      </tr>
+    </tfoot>
+  </table>
+  <div style="display: none;">
+    {{ formset.management_form }}
+    {% for form in formset.forms %}
+    <div class="permission-form">{{ form }}</div>
+    {% endfor %}
+  </div>
+  <button type="submit" class="btn">Save roles</button>
+</form>
+
+{% endblock %}