VladislavOstapov/ospaz-site
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

сделал возможность добавлять разные уровни доступа (сейчас 3: оператор, инженер, администратор)

Browse Source
This commit is contained in:
VladislavOstapov 2024-01-25 17:51:40 +03:00
parent e42fd37a14
commit 1c16ba2889
5 changed files with 25 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
templates/account/list.html
View File

@ -35,7 +35,7 @@
<thead> <thead>
<tr> <tr>
<td>Логин</td> <td>Логин</td>
<td>Админ</td> <td>Уровень доступа</td>
<td>Последний вход</td> <td>Последний вход</td>
<td>Последнее обновление пароля</td> <td>Последнее обновление пароля</td>
<td>Зарегистрирован</td> <td>Зарегистрирован</td>
@ -45,7 +45,7 @@
{% for u in users %} {% for u in users %}
<tr> <tr>
<td><a href="{% url 'account-view' u.login %}"> {{ u.login }} </a></td> <td><a href="{% url 'account-view' u.login %}"> {{ u.login }} </a></td>
<td>{{ u.is_superuser }}</td> <td>{{ u.access_level }}</td>
<td>{{ u.last_login }}</td> <td>{{ u.last_login }}</td>
<td>{{ u.last_password_change }}</td> <td>{{ u.last_password_change }}</td>
<td>{{ u.registered }}</td> <td>{{ u.registered }}</td>

9
templates/account/register.html
View File

@ -28,7 +28,7 @@
font-weight: bolder; font-weight: bolder;
} }
.form-row input { .form-row input, .form-row select {
padding: 8px; padding: 8px;
width: 100%; width: 100%;
box-sizing: border-box; box-sizing: border-box;
@ -39,7 +39,7 @@
min-height: 2em; min-height: 2em;
} }
.form-row input:focus { .form-row input:focus, .form-row select:focus {
outline: none; outline: none;
border: none; border: none;
border-bottom: var(--brand-text) 2px solid; border-bottom: var(--brand-text) 2px solid;
@ -59,11 +59,6 @@
padding: 0.5em; padding: 0.5em;
margin: 0.2em; margin: 0.2em;
} }
.errorlist {
padding: 0;
}
</style> </style>
{% endblock %} {% endblock %}

2
templates/account/view.html
View File

@ -16,7 +16,7 @@
{% block content %} {% block content %}
<p><a href="{% url 'index' %}" class="value-good">Вернуться на главную</a></p> <p><a href="{% url 'index' %}" class="value-good">Вернуться на главную</a></p>
<p>Статус администратора: {{ view_user.is_superuser }}</p> <p>Уровень доступа: {{ view_user.access_level }}</p>
<p>Последний вход: {{ view_user.last_login }}</p> <p>Последний вход: {{ view_user.last_login }}</p>
<p>Последнее обновление пароля: {{ view_user.last_password_change }} <p>Последнее обновление пароля: {{ view_user.last_password_change }}
{% if perms.users.change_user or view_user.login == user.login %} {% if perms.users.change_user or view_user.login == user.login %}

2
users/forms.py
View File

@ -6,4 +6,4 @@ from .models import User
class UserRegisterForm(UserCreationForm): class UserRegisterForm(UserCreationForm):
class Meta(UserCreationForm.Meta): class Meta(UserCreationForm.Meta):
model = User model = User
fields = ('login', 'is_superuser') fields = ('login', 'access_level')

36
users/models.py
View File

@ -6,15 +6,21 @@ import ospaz_site.settings as settings
from .managers import CustomUserManager from .managers import CustomUserManager
class UserAccessLevel(models.IntegerChoices):
BASIC = 0, 'Оператор'
ENGINEER = 10, 'Инженер'
ADMIN = 100, 'Администратор'
class User(AbstractBaseUser): class User(AbstractBaseUser):
login = models.CharField(max_length=16, validators=[MinLengthValidator(3)], verbose_name="Логин", unique=True) login = models.CharField(max_length=16, validators=[MinLengthValidator(3)], verbose_name="Логин", unique=True)
last_login = models.DateTimeField(verbose_name="Последний вход", blank=True, null=True) last_login = models.DateTimeField(verbose_name="Последний вход", blank=True, null=True)
is_superuser = models.BooleanField(default=False, verbose_name="Администратор") access_level = models.IntegerField(choices=UserAccessLevel, default=UserAccessLevel.BASIC,
verbose_name="Уровень доступа")
registered = models.DateTimeField(default=timezone.now, editable=False, verbose_name="Время регистрации") registered = models.DateTimeField(default=timezone.now, editable=False, verbose_name="Время регистрации")
def __init__(self, *args, **kwargs): def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs) super().__init__(*args, **kwargs)
self.is_staff = self.is_superuser
last_password_change = models.DateTimeField(default=timezone.now, verbose_name="Последняя смена пароля") last_password_change = models.DateTimeField(default=timezone.now, verbose_name="Последняя смена пароля")
@ -38,25 +44,21 @@ class User(AbstractBaseUser):
if not self.is_authenticated: if not self.is_authenticated:
return False return False
secure_level = 0
if self.is_superuser:
secure_level = 1
permissions = { permissions = {
'users.add_user': 1, 'users.add_user': UserAccessLevel.ADMIN,
'users.change_user': 1, 'users.change_user': UserAccessLevel.ADMIN,
'users.delete_user': 1, 'users.delete_user': UserAccessLevel.ADMIN,
'users.view_user': 1, 'users.view_user': UserAccessLevel.ADMIN,
'logs_service.add_mbtankrecord': 1, 'logs_service.add_mbtankrecord': UserAccessLevel.ADMIN,
'logs_service.change_mbtankrecord': 1, 'logs_service.change_mbtankrecord': UserAccessLevel.ADMIN,
'logs_service.delete_mbtankrecord': 1, 'logs_service.delete_mbtankrecord': UserAccessLevel.ADMIN,
'logs_service.view_mbtankrecord': 0, 'logs_service.view_mbtankrecord': UserAccessLevel.BASIC,
'logs_service.view_pump_stats': 1 'logs_service.view_pump_stats': UserAccessLevel.ENGINEER
} }
if perm in permissions: if perm in permissions:
if permissions[perm] <= secure_level: if permissions[perm] <= self.access_level:
return True return True
elif settings.DEBUG: elif settings.DEBUG:
print(f"User.has_perm: unknown permission - '{perm}'") print(f"User.has_perm: unknown permission - '{perm}'")
@ -69,4 +71,4 @@ class User(AbstractBaseUser):
return True return True
def has_module_perms(self, package_name): def has_module_perms(self, package_name):
return self.is_superuser return self.access_level == UserAccessLevel.ADMIN