summaryrefslogtreecommitdiff
path: root/coip/apps/membership
diff options
context:
space:
mode:
Diffstat (limited to 'coip/apps/membership')
-rw-r--r--coip/apps/membership/forms.py29
-rw-r--r--coip/apps/membership/models.py40
-rw-r--r--coip/apps/membership/views.py57
3 files changed, 82 insertions, 44 deletions
diff --git a/coip/apps/membership/forms.py b/coip/apps/membership/forms.py
index 512647f..d9f7fe8 100644
--- a/coip/apps/membership/forms.py
+++ b/coip/apps/membership/forms.py
@@ -3,14 +3,29 @@ Created on Jun 23, 2010
@author: leifj
'''
-from django import forms
from coip.apps.membership.models import Membership
+from form_utils.forms import BetterModelForm
+from django.forms.fields import ChoiceField
+from django.forms.widgets import Select, TextInput
-class MembershipForm(forms.ModelForm):
+class MembershipForm(BetterModelForm):
+ type = ChoiceField(choices=(("user","I'm adding a user to the group"),("entity","I'm adding a relying party (SP or IdP) to the group")), label="", widget=Select(attrs={'class':'link'}), required=False, initial="user")
class Meta:
model = Membership
-
-class InvitationForm(forms.ModelForm):
- class Meta:
- model = Membership
- fields = ['email'] \ No newline at end of file
+ fields = ['entity','user']
+ widgets = {
+ 'user': TextInput()
+ }
+ fieldsets = [('type', {'fields': ['type'],
+ 'legend': 'Which type of member are you adding to the group?',
+ 'description': 'Groups can consist of users and/or relying partys. Adding a relying party to a group limits can be useful if you want to limit the visibility of your group. This is an advanced option and you should know what you are doing.',
+ 'classes': ['step']}),
+ ('entity', {'fields': ['entity'],
+ 'legend': 'Adding a federation entity to the group',
+ 'description': 'Select the relying party you wish to add to the group.',
+ 'classes': ['step','submit_step']}),
+ ('user', {'fields': ['user'],
+ 'legend': 'Adding a user to the group',
+ 'description': 'Provide the federation identifier of the user you wish to join. That user must have already logged in at least once. To add a user that has not yet logged in, send an invitation instead.',
+ 'classes': ['step','submit_step']})
+ ] \ No newline at end of file
diff --git a/coip/apps/membership/models.py b/coip/apps/membership/models.py
index 0bb1185..0dc06ca 100644
--- a/coip/apps/membership/models.py
+++ b/coip/apps/membership/models.py
@@ -9,14 +9,14 @@ from coip.apps.name.models import Name
import datetime
from pprint import pformat
import logging
-from coip.apps.service.models import Service
+from coip.apps.entity.models import Entity
class Membership(models.Model):
'''
Membership in a namespace/group
'''
user = models.ForeignKey(User,blank=True,null=True,related_name='user')
- service = models.ForeignKey(Service,blank=True,null=True,related_name='service')
+ entity = models.ForeignKey(Entity,blank=True,null=True,related_name='entity')
name = models.ForeignKey(Name,related_name='memberships')
enabled = models.BooleanField()
hidden = models.BooleanField()
@@ -39,39 +39,39 @@ class Membership(models.Model):
def is_user(self):
return self.user != None
- def is_service(self):
- return self.service != None
+ def is_entity(self):
+ return self.entity != None
-def add_member(name,userorservice,hidden=False):
- if isinstance(userorservice,User):
- (m,created) = Membership.objects.get_or_create(user=userorservice,name=name)
+def add_member(name,member_name,hidden=False):
+ if isinstance(member_name,User):
+ (m,created) = Membership.objects.get_or_create(user=member_name,name=name)
else:
- (m,created) = Membership.objects.get_or_create(service=userorservice,name=name)
+ (m,created) = Membership.objects.get_or_create(entity=member_name,name=name)
if created or not m.enabled or m.hidden != hidden:
m.enabled = True
m.hidden = hidden
m.save()
-def disable_member(name,userorservice):
- if isinstance(userorservice,User):
- m = Membership.objects.get(name=name,user=userorservice)
+def disable_member(name,member_name):
+ if isinstance(member_name,User):
+ m = Membership.objects.get(name=name,user=member_name)
else:
- m = Membership.objects.get(name=name,service=userorservice)
+ m = Membership.objects.get(name=name,entity=member_name)
if m:
m.enabled = False
m.save()
-def remove_member(name,userorservice):
- if isinstance(userorservice,User):
- m = Membership.objects.get(name=name,user=userorservice)
+def remove_member(name,member_name):
+ if isinstance(member_name,User):
+ m = Membership.objects.get(name=name,user=member_name)
else:
- m = Membership.objects.get(name=name,service=userorservice)
+ m = Membership.objects.get(name=name,entity=member_name)
if m:
m.delete()
-def has_member(name,userorservice):
- if isinstance(userorservice,User):
- return Membership.objects.filter(name=name,user=userorservice)
+def has_member(name,member_name):
+ if isinstance(member_name,User):
+ return Membership.objects.filter(name=name,user=member_name)
else:
- return Membership.objects.filter(name=name,service=userorservice) \ No newline at end of file
+ return Membership.objects.filter(name=name,entity=member_name) \ No newline at end of file
diff --git a/coip/apps/membership/views.py b/coip/apps/membership/views.py
index 2f96251..fd7036e 100644
--- a/coip/apps/membership/views.py
+++ b/coip/apps/membership/views.py
@@ -9,6 +9,10 @@ from coip.multiresponse import render403, respond_to
from django.contrib.auth.models import User
from coip.apps.name.models import Name
from django.http import HttpResponseRedirect
+from django.core.exceptions import ObjectDoesNotExist
+from coip.apps.entity.models import Entity
+from django.contrib.auth.decorators import login_required
+from coip.apps.membership.forms import MembershipForm
def show(request,id):
membership = get_object_or_404(Membership,pk=id)
@@ -16,24 +20,43 @@ def show(request,id):
if not name.has_permission(request.user,'r'):
return render403("You do not have permission to view membership information for %s" % (name))
- return respond_to(request,{'text/html': 'apps/membership/membership.html'},
- {'membership': membership,
- 'render': {'edit': name.has_permission(request.user,'w'),
- 'delete': name.has_permission(request.user,'d'),
- 'disable': name.has_permission(request.user,'d')}})
+ return respond_to(request,
+ {'text/html': 'apps/membership/membership.html'},
+ {'membership': membership})
-def join(request,id,member=None):
+@login_required
+def join(request,id,membername=None):
name = get_object_or_404(Name,pk=id)
- user = request.user
- if member:
- user = User.objects.get(username=member)
- add_member(name, user)
- return HttpResponseRedirect(name.url())
+ if not name.has_permission(request.user,'i'):
+ return render403("You do not have permission to add members to %s" % (name))
+
+ if request.method == "POST":
+ m = Membership(name=name,enabled=True)
+ form = MembershipForm(request.POST,instance=m)
+ if form.is_valid():
+ m = form.save()
+ return HttpResponseRedirect(name.url())
+ else:
+ if membername:
+ try:
+ member = User.objects.get(username=membername)
+ except ObjectDoesNotExist:
+ member = Entity.objects.get(entityId=name)
+ add_member(name, member)
+ return HttpResponseRedirect(name.url())
+ else:
+ form = MembershipForm()
+ return respond_to(request,
+ {'text/html': 'apps/membership/edit.html'},
+ {'form': form,'name': name, 'formtitle': 'Add a member to %s' % name.short})
-def leave(request,id,member=None):
+@login_required
+def leave(request,id,membername=None):
name = get_object_or_404(Name,pk=id)
- user = request.user
- if member:
- user = User.objects.get(username=member)
- remove_member(name, user)
- return HttpResponseRedirect(name.url()) \ No newline at end of file
+ if membername:
+ try:
+ member = User.objects.get(username=membername)
+ except ObjectDoesNotExist:
+ member = Entity.objects.get(entityId=name)
+ remove_member(name, member)
+ return HttpResponseRedirect(name.url())
generated by cgit v1.1 at 2025-07-15 03:52:09 +0000