Fix frontend for single-orga users, improve permission management

This commit is contained in:
Kumi 2019-02-21 09:46:25 +00:00
parent bcfaaf89ef
commit 45fa971588
2 changed files with 7 additions and 9 deletions

View file

@ -388,7 +388,7 @@ def deleteorga(request, orga_id):
orga.delete()
return redirect(reverse("organizations"))
@user_passes_test(is_staff)
@login_required
def makewifi(request):
wifi_serial = request.POST.get("serial", "")
wifi_ssid = request.POST.get("ssid", "")
@ -406,7 +406,7 @@ def makewifi(request):
serial = wifi_serial,
ssid = wifi_ssid,
key = wifi_key,
organization = Organization.objects.filter(id=wifi_organization)[0]
organization = get_object_or_404(Organization, id=wifi_organization, users=request.user)
)
return redirect(reverse("wifi"))

View file

@ -3,13 +3,13 @@
{% load manager %}
{% block content %}
<p><b>Organization:</b> {% userOrgas as orgas %}{% if orgas|length > 1 %}<select id="orgaselect">{% for orga in orgas %}<option {% if request.user.userstatus.orga == orga %}selected{% endif %} value="{{ orga.id }}">{{ orga }}</option>{% endfor %}</select>{% else %}{% orgaString %}{% endif %}</p>
<p><b>Organization:</b> {% userOrgas as orgas %}<select {% if orgas|length == 1 %}style="display: none;"{% endif %} id="orgaselect">{% for orga in orgas %}<option {% if user.userstatus.orga == orga %}selected{% endif %} value="{{ orga.id }}">{{ orga }}</option>{% endfor %}</select>{% if orgas|length == 1 %}{% orgaString %}{% endif %}</p>
<p><b>User:</b> {{ user.first_name }} {{ user.last_name }} ({{ user.username }}) <a href="/users/{{ user.id }}/edit"><i class="fas fa-edit" title="Edit User"></i></a></p>
<div align="center"><b>Manage:</b>
<a id="linkdevices" href="#" onclick="showdevices();">Devices</a>
&dash; <a id="linkwifi" href="#" onclick="showwifi();">WiFi</a>
{% if user.is_staff %} &dash; <a id="linkusers" href="#" onclick="showusers();">Users</a>{% endif %}
&dash; <a id="linkusers" href="#" onclick="showusers();">Users</a>
{% if user.is_superuser %}
&dash; <a id="linknets" href="#" onclick="shownets();">Networks</a>
&dash; <a id="linkorgas" href="#" onclick="showorgas();">Organizations</a>
@ -57,7 +57,7 @@
<tr>
<th>Common Name</th>
<th>SSID</th>
<th>Options {% if user.is_staff %}<a href="/makewifi/" style="font-weight:bold;color:green;"><i class="fas fa-plus" title="Add WiFi"></i></a>{% endif %}</th>
<th>Options <a href="/makewifi/" style="font-weight:bold;color:green;"><i class="fas fa-plus" title="Add WiFi"></i></a></th>
</tr>
</thead>
<tbody>
@ -74,7 +74,6 @@
</div>
</div>
{% if request.user.is_staff %}
<div name="userpart" id="userpart">
<h2>Users</h2>
@ -95,15 +94,14 @@
<td><div style="display:inline;" {% if user.is_superuser %}title="{% directOrgaString auser %}"{% endif %}>{% if auser.is_staff %}<b>{% endif %}{{ auser.username }}{% if auser.is_staff %}</b>{% endif %}</div></td>
<td>{% if auser.is_staff %}<b>{% endif %}{{ auser.first_name }} {{ auser.last_name }}{% if auser.is_staff %}</b>{% endif %}</td>
<td>{{ auser.userstatus.last_action }}</td>
<td><a href="/users/{{ auser.id }}/edit"><i class="fas fa-edit" title="Edit User"></i></a> {% if auser.email %}<a href="mailto:{{ auser.email }}"><i class="fas fa-envelope" title="Send Email"></i></a>{% endif %}{% if user.is_superuser %} <a href="#"><i style="color: darkred;" onclick="askdeleteuser({{ auser.id }});" class="fas fa-trash-alt" title="Delete User"></i></a>{% endif %}</td>
<td>{% if user.is_staff %}<a href="/users/{{ auser.id }}/edit"><i class="fas fa-edit" title="Edit User"></i></a> {% endif %}{% if auser.email %}<a href="mailto:{{ auser.email }}"><i class="fas fa-envelope" title="Send Email"></i></a>{% endif %}{% if user.is_superuser %} <a href="#"><i style="color: darkred;" onclick="askdeleteuser({{ auser.id }});" class="fas fa-trash-alt" title="Delete User"></i></a>{% endif %}</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
</div>
{% endif %}
{% if request.user.is_superuser %}
{% if user.is_superuser %}
<div name ="netpart" id="netpart">
<h2>Networks</h2>