Skip to content
This repository has been archived by the owner on Jun 24, 2024. It is now read-only.

Commit

Permalink
yc-832
Browse files Browse the repository at this point in the history
  • Loading branch information
@AlexandreJunod
AlexandreJunod committed Sep 11, 2023
1 parent fc4ab28 commit b4e5b08
Show file tree
Hide file tree
Showing 2 changed files with 36 additions and 6 deletions.
25 changes: 22 additions & 3 deletions geocity/apps/accounts/admin.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -201,15 +201,21 @@ def is_sociallogin(self, obj):
change_form_template = "accounts/admin/user_change.html"

def get_readonly_fields(self, request, obj=None):
# Get the user being updated
user_being_updated = User.objects.get(
id=(int(request.resolver_match.kwargs["object_id"]))
)
userprofile_being_updated = UserProfile.objects.get(user=user_being_updated)

# limit editable fields to protect user data, superuser creation must be done using django shell
if request.user.is_superuser:
return [
readonly_fields = [
"is_superuser",
"is_sociallogin",
"user_permissions",
]
else:
return [
readonly_fields = [
"email",
"username",
"user_permissions",
Expand All @@ -220,6 +226,17 @@ def get_readonly_fields(self, request, obj=None):
"date_joined",
]

if userprofile_being_updated.is_anonymous:
readonly_fields += [
"is_active",
"is_staff",
"is_superuser",
"groups",
]

# Set only has unique values, then cast to list
return list(set(readonly_fields))

def formfield_for_manytomany(self, db_field, request, **kwargs):
user_being_updated = User.objects.get(
id=(int(request.resolver_match.kwargs["object_id"]))
Expand Down Expand Up @@ -490,7 +507,9 @@ class UserInline(admin.TabularInline):

def formfield_for_foreignkey(self, db_field, request, **kwargs):
if db_field.name == "user":
kwargs["queryset"] = get_users_list_for_integrator_admin(request.user)
kwargs["queryset"] = get_users_list_for_integrator_admin(
request.user, remove_anonymous=True
)

return super().formfield_for_foreignkey(db_field, request, **kwargs)

Expand Down
17 changes: 14 additions & 3 deletions geocity/apps/accounts/users.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,10 +51,19 @@ def get_integrator_permissions():
)


def get_users_list_for_integrator_admin(user):
def get_users_list_for_integrator_admin(user, remove_anonymous=False):
# Integrators can only view users for restricted email domains.
if user.is_superuser:
return User.objects.all()
qs = User.objects.all()

# Used to remove anonymous users from the list
anonymous_users = []
for user in qs:
if remove_anonymous and user.userprofile.is_anonymous:
anonymous_users.append(user.pk)
qs = qs.exclude(pk__in=anonymous_users)

return qs

user_integrator_group = user.groups.get(permit_department__is_integrator_admin=True)

Expand Down Expand Up @@ -95,7 +104,9 @@ def get_users_list_for_integrator_admin(user):
# Used to remove anonymous users from the list
anonymous_users = []
for user in qs:
if (
if remove_anonymous and user.userprofile.is_anonymous:
anonymous_users.append(user.pk)
elif (
user.userprofile.is_anonymous
and user.userprofile.administrative_entity.pk
not in integrator_administrative_entities_list
Expand Down

0 comments on commit b4e5b08

Please sign in to comment.