VladislavOstapov/ospaz-site
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

добавил страницу ошибки Bad request и права пользователей, добавил форму регистрации

Browse Source
This commit is contained in:
VladislavOstapov 2024-01-17 19:36:35 +03:00
parent feb18af30b
commit ac8fc87753
9 changed files with 139 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
templates/400.html Normal file
View File

@ -0,0 +1,12 @@
{% extends 'base.html' %}
{% load static %}
{% block title %} Отказано в доступе {% endblock %}
{% block header %}
<h1> {% if page_name %}{{ page_name }}{% else %}400 Bad Request{% endif %} </h1>
{% endblock %}
{% block content %}
<h2>Ошибка возникла из-за неправльно сфромированного запроса.</h2>
{% endblock %}

10
templates/account/list.html
View File

@ -1,6 +1,8 @@
{% extends 'base.html' %} {% extends 'base.html' %}
{% load static %} {% load static %}
{% block title %} Просмотр аккаунтов {% endblock %}
{% block styles %} {% block styles %}
<style> <style>
.table-wrapper { .table-wrapper {
@ -26,7 +28,8 @@
{% endblock %} {% endblock %}
{% block content %} {% block content %}
{% if user.is_superuser %}
<p> Добавить нового пользователя можно <a href="{% url 'register' %}">тут</a>.</p>
<div class="table-wrapper"> <div class="table-wrapper">
<table> <table>
<thead> <thead>
@ -51,9 +54,4 @@
</tbody> </tbody>
</table> </table>
</div> </div>
{% else %}
<h2>Недостаточно прав для просмотра страницы</h2>
<p>Для просмотра списка пользователей необходимо иметь статус администратора.</p>
{% endif %}
{% endblock %} {% endblock %}

8
templates/account/login.html
View File

@ -1,6 +1,8 @@
{% extends 'base.html' %} {% extends 'base.html' %}
{% load static %} {% load static %}
{% block title %} Вход {% endblock %}
{% block styles %} {% block styles %}
<style> <style>
#form-wrapper { #form-wrapper {
@ -55,13 +57,11 @@
</style> </style>
{% endblock %} {% endblock %}
{% block header %} {% block header %}{% endblock %}
<h1> Вход </h1>
{% endblock %}
{% block content %} {% block content %}
<div id="form-wrapper"> <div id="form-wrapper">
<h1> Войти </h1> <h1> Вход </h1>
<form method="POST" id="login-form"> <form method="POST" id="login-form">
{% csrf_token %} {% csrf_token %}

89
templates/account/register.html Normal file
View File

@ -0,0 +1,89 @@
{% extends 'base.html' %}
{% load static %}
{% block title %} Регистрация {% endblock %}
{% block styles %}
<style>
#form-wrapper {
overflow: hidden;
max-width: 27em;
height: auto;
text-align: center;
}
.form-row {
padding: 4px 0;
margin: 1.5em;
}
.form-row * {
font-size: 1em;
text-align: left;
display: block;
}
.form-row label {
line-height: 2em;
font-weight: bolder;
}
.form-row input {
padding: 8px;
width: 100%;
box-sizing: border-box;
border: none;
border-bottom: var(--brand-bg) 2px solid;
background-color: var(--bg-color);
text-overflow: ellipsis;
min-height: 2em;
}
.form-row input:focus {
outline: none;
border: none;
border-bottom: var(--brand-text) 2px solid;
background-color: var(--bg-selected);
}
#submit {
border: none;
font-weight: bolder;
background: var(--bg-action);
text-align: center;
}
.errorlist > * {
border: 2px solid var(--text-bad);
border-radius: 3px;
padding: 0.5em;
margin: 0.2em;
}
.errorlist {
padding: 0;
}
</style>
{% endblock %}
{% block header-title %} Регистрация нового пользователя {% endblock %}
{% block content %}
<div id="form-wrapper">
<form method="POST">
{% csrf_token %}
{% for field in form %}
<div class="form-row">
{{ field.label_tag }} {{ field }}
{{ field.errors }}
</div>
{% endfor %}
<div class="form-row">
<input id="submit" type="submit" value="Зарегистрировать">
</div>
</form>
</div>
{% endblock %}

4
templates/base.html
View File

@ -13,11 +13,13 @@
<body> <body>
<header> <header>
{% block header %} {% block header %}
<h1> Мониторинг водозаборного узла </h1> <h1>{% block header-title %} Мониторинг водозаборного узла {% endblock %}</h1>
{% if user.is_authenticated %}
<div> <div>
<span> {{ user.login }} </span> <span> {{ user.login }} </span>
<a href="/account/logout">Выход</a> <a href="/account/logout">Выход</a>
</div> </div>
{% endif %}
{% endblock %} {% endblock %}
</header> </header>
<main id="content"> <main id="content">

7
users/forms.py
View File

@ -1,2 +1,9 @@
from django import forms from django import forms
from django.contrib.auth.forms import UserCreationForm
from .models import User
class UserRegisterForm(UserCreationForm):
class Meta(UserCreationForm.Meta):
model = User
fields = ('login', 'is_superuser')

5
users/models.py
View File

@ -36,8 +36,9 @@ class User(AbstractBaseUser):
def has_perm(self, perm, obj=None): def has_perm(self, perm, obj=None):
# управления правами пользователя # управления правами пользователя
secure_level = -1 if not self.is_authenticated:
if self.is_authenticated: return False
secure_level = 0 secure_level = 0
if self.is_superuser: if self.is_superuser:
secure_level = 1 secure_level = 1

2
users/urls.py
View File

@ -19,7 +19,7 @@ from . import views
urlpatterns = [ urlpatterns = [
path('', views.default_view, name='account'), path('', views.default_view, name='account'),
path('register', views.default_view, name='register'), path('register', views.view_register, name='register'),
path('login', views.view_login, name='login'), path('login', views.view_login, name='login'),
path('logout', views.view_logout, name='logout'), path('logout', views.view_logout, name='logout'),
path('list', views.view_list, name='accounts-list'), path('list', views.view_list, name='accounts-list'),

22
users/views.py
View File

@ -4,8 +4,9 @@ from django.http import HttpResponse, HttpResponseRedirect, HttpResponseBadReque
from django.shortcuts import render from django.shortcuts import render
# from django.db.models import Manager # from django.db.models import Manager
from django.contrib.auth import authenticate, login, logout from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required, permission_required
from .models import User from .models import User
from .forms import UserRegisterForm
def default_view(request): def default_view(request):
@ -53,10 +54,17 @@ def view_login(request):
@login_required @login_required
def view_list(request): @permission_required(perm='users.add_user', raise_exception=True)
users = [] def view_register(request):
# ограничение права на просмотр списка пользователей для непривилегированных пользователей form = UserRegisterForm(request.POST or None)
if request.user.is_superuser: if request.method == 'POST':
users = User.objects.order_by('login') if form.is_valid():
return render(request, 'account/list.html', {'users': users}) form.save()
return HttpResponseRedirect('/account/list')
return render(request, 'account/register.html', {'form': form})
@login_required
@permission_required(perm='users.view_user', raise_exception=True)
def view_list(request):
return render(request, 'account/list.html', {'users': User.objects.order_by('login')})