mirror of
https://gitlab.com/allianceauth/allianceauth.git
synced 2025-07-13 22:40:16 +02:00
Revamped hrapplications permissions
- new approve, reject permissions for applications - respect built-in add, delete permissions for HRApplications and HRApplicationComments - auth.hr_management permission required to view applications section Populate application APIs from user's eveapikeypair set - enforces API key validity - respects addition and removal of keys by applicant Addresses #293 and #191
This commit is contained in:
Adarnof
parent
fa60be3675
commit
3507275e9d
@ -16,8 +16,6 @@ class HRApplicationForm(forms.Form):
|
|||||||
allchoices.append((str(corp.corporation_id), str(corp.corporation_name)))
|
allchoices.append((str(corp.corporation_id), str(corp.corporation_name)))
|
||||||
|
|
||||||
character_name = forms.CharField(max_length=254, required=True, label="Main Character Name")
|
character_name = forms.CharField(max_length=254, required=True, label="Main Character Name")
|
||||||
full_api_id = forms.CharField(max_length=254, required=True, label="API ID")
|
|
||||||
full_api_key = forms.CharField(max_length=254, required=True, label="API Verification Code")
|
|
||||||
corp = forms.ChoiceField(choices=allchoices, required=True, label="Corp")
|
corp = forms.ChoiceField(choices=allchoices, required=True, label="Corp")
|
||||||
is_a_spi = forms.ChoiceField(choices=[('Yes', 'Yes'), ('No', 'No')], required=True, label='Are you a spy?')
|
is_a_spi = forms.ChoiceField(choices=[('Yes', 'Yes'), ('No', 'No')], required=True, label='Are you a spy?')
|
||||||
about = forms.CharField(widget=forms.Textarea, required=False, label="About You")
|
about = forms.CharField(widget=forms.Textarea, required=False, label="About You")
|
||||||
|
|||||||
@ -7,8 +7,6 @@ from eveonline.models import EveCorporationInfo
|
|||||||
|
|
||||||
class HRApplication(models.Model):
|
class HRApplication(models.Model):
|
||||||
character_name = models.CharField(max_length=254, default="")
|
character_name = models.CharField(max_length=254, default="")
|
||||||
full_api_id = models.CharField(max_length=254, default="")
|
|
||||||
full_api_key = models.CharField(max_length=254, default="")
|
|
||||||
is_a_spi = models.CharField(max_length=254, default="")
|
is_a_spi = models.CharField(max_length=254, default="")
|
||||||
about = models.TextField(default="")
|
about = models.TextField(default="")
|
||||||
extra = models.TextField(default="")
|
extra = models.TextField(default="")
|
||||||
@ -25,6 +23,9 @@ class HRApplication(models.Model):
|
|||||||
def __str__(self):
|
def __str__(self):
|
||||||
return self.character_name + " - Application"
|
return self.character_name + " - Application"
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
permissions = (('approve_hrapplication', 'Can approve applications'), ('reject_hrapplication', 'Can reject applications'))
|
||||||
|
|
||||||
|
|
||||||
class HRApplicationComment(models.Model):
|
class HRApplicationComment(models.Model):
|
||||||
created_on = models.DateTimeField(auto_now_add=True, null=True)
|
created_on = models.DateTimeField(auto_now_add=True, null=True)
|
||||||
|
|||||||
@ -68,8 +68,6 @@ def hr_application_create_view(request):
|
|||||||
application = HRApplication()
|
application = HRApplication()
|
||||||
application.user = request.user
|
application.user = request.user
|
||||||
application.character_name = form.cleaned_data['character_name']
|
application.character_name = form.cleaned_data['character_name']
|
||||||
application.full_api_id = form.cleaned_data['full_api_id']
|
|
||||||
application.full_api_key = form.cleaned_data['full_api_key']
|
|
||||||
application.corp = EveCorporationInfo.objects.get(corporation_id=form.cleaned_data['corp'])
|
application.corp = EveCorporationInfo.objects.get(corporation_id=form.cleaned_data['corp'])
|
||||||
application.is_a_spi = form.cleaned_data['is_a_spi']
|
application.is_a_spi = form.cleaned_data['is_a_spi']
|
||||||
application.about = form.cleaned_data['about']
|
application.about = form.cleaned_data['about']
|
||||||
@ -98,8 +96,11 @@ def hr_application_personal_view(request, app_id):
|
|||||||
else:
|
else:
|
||||||
logger.error("Unable to locate HRApplication matching id %s - returning blank application to user %s" % (app_id, request.user))
|
logger.error("Unable to locate HRApplication matching id %s - returning blank application to user %s" % (app_id, request.user))
|
||||||
application = HRApplication()
|
application = HRApplication()
|
||||||
context = {'application': application}
|
apis = request.user.eveapikeypair_set.all()
|
||||||
|
context = {
|
||||||
|
'application': application,
|
||||||
|
'apis': apis,
|
||||||
|
}
|
||||||
return render_to_response('registered/hrapplicationview.html',
|
return render_to_response('registered/hrapplicationview.html',
|
||||||
context, context_instance=RequestContext(request))
|
context, context_instance=RequestContext(request))
|
||||||
|
|
||||||
@ -122,6 +123,7 @@ def hr_application_personal_removal(request, app_id):
|
|||||||
def hr_application_view(request, app_id):
|
def hr_application_view(request, app_id):
|
||||||
logger.debug("hr_application_view called by user %s for app id %s" % (request.user, app_id))
|
logger.debug("hr_application_view called by user %s for app id %s" % (request.user, app_id))
|
||||||
if request.method == 'POST':
|
if request.method == 'POST':
|
||||||
|
if request.user.has_perm('hrapplications.add_hrapplicationcomment'):
|
||||||
form = HRApplicationCommentForm(request.POST)
|
form = HRApplicationCommentForm(request.POST)
|
||||||
logger.debug("Request type POST contains form valid: %s" % form.is_valid())
|
logger.debug("Request type POST contains form valid: %s" % form.is_valid())
|
||||||
if form.is_valid():
|
if form.is_valid():
|
||||||
@ -134,7 +136,8 @@ def hr_application_view(request, app_id):
|
|||||||
comment.comment = form.cleaned_data['comment']
|
comment.comment = form.cleaned_data['comment']
|
||||||
comment.save()
|
comment.save()
|
||||||
logger.info("Saved comment by user %s to hrapplication %s" % (request.user, comment.application))
|
logger.info("Saved comment by user %s to hrapplication %s" % (request.user, comment.application))
|
||||||
|
else:
|
||||||
|
logger.warn("User %s does not have permission to add HRApplicationComments" % request.user)
|
||||||
else:
|
else:
|
||||||
logger.debug("Returning blank HRApplication comment form.")
|
logger.debug("Returning blank HRApplication comment form.")
|
||||||
form = HRApplicationCommentForm()
|
form = HRApplicationCommentForm()
|
||||||
@ -148,14 +151,16 @@ def hr_application_view(request, app_id):
|
|||||||
comments = []
|
comments = []
|
||||||
logger.error("HRAppllication with id %s not found - returning blank applicatin to user %s" % request.user)
|
logger.error("HRAppllication with id %s not found - returning blank applicatin to user %s" % request.user)
|
||||||
|
|
||||||
context = {'application': application, 'comments': comments, 'comment_form': form}
|
context = {
|
||||||
|
'application': application,
|
||||||
|
'comments': comments, 'comment_form': form}
|
||||||
|
|
||||||
return render_to_response('registered/hrapplicationview.html',
|
return render_to_response('registered/hrapplicationview.html',
|
||||||
context, context_instance=RequestContext(request))
|
context, context_instance=RequestContext(request))
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('auth.human_resources')
|
@permission_required('auth.human_resources')
|
||||||
|
@permission_required('hrapplications.delete_hrapplication')
|
||||||
def hr_application_remove(request, app_id):
|
def hr_application_remove(request, app_id):
|
||||||
logger.debug("hr_application_remove called by user %s for app id %s" % (request.user, app_id))
|
logger.debug("hr_application_remove called by user %s for app id %s" % (request.user, app_id))
|
||||||
if HRApplication.objects.filter(id=app_id).exists():
|
if HRApplication.objects.filter(id=app_id).exists():
|
||||||
@ -174,6 +179,7 @@ def hr_application_remove(request, app_id):
|
|||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('auth.human_resources')
|
@permission_required('auth.human_resources')
|
||||||
|
@permission_required('hrapplications.approve_hrapplication')
|
||||||
def hr_application_approve(request, app_id):
|
def hr_application_approve(request, app_id):
|
||||||
logger.debug("hr_application_approve called by user %s for app id %s" % (request.user, app_id))
|
logger.debug("hr_application_approve called by user %s for app id %s" % (request.user, app_id))
|
||||||
if HRApplication.objects.filter(id=app_id).exists():
|
if HRApplication.objects.filter(id=app_id).exists():
|
||||||
@ -193,6 +199,7 @@ def hr_application_approve(request, app_id):
|
|||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('auth.human_resources')
|
@permission_required('auth.human_resources')
|
||||||
|
@permission_required('hrapplications.reject_hrapplication')
|
||||||
def hr_application_reject(request, app_id):
|
def hr_application_reject(request, app_id):
|
||||||
logger.debug("hr_application_reject called by user %s for app id %s" % (request.user, app_id))
|
logger.debug("hr_application_reject called by user %s for app id %s" % (request.user, app_id))
|
||||||
if HRApplication.objects.filter(id=app_id).exists():
|
if HRApplication.objects.filter(id=app_id).exists():
|
||||||
|
|||||||
@ -56,20 +56,22 @@
|
|||||||
<input class=" form-control" value="{{ application.character_name }}" disabled>
|
<input class=" form-control" value="{{ application.character_name }}" disabled>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
{% for api in apis %}
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label class="control-label" for="id_full_api_id">API ID</label>
|
<label class="control-label" for="id_full_api_id">API ID</label>
|
||||||
|
|
||||||
<div class=" ">
|
<div class=" ">
|
||||||
<input class=" form-control" value="{{ application.full_api_id }}" disabled>
|
<input class=" form-control" value="{{ api.api_id }}" disabled>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label class="control-label " for="id_full_api_key">API Verification Code</label>
|
<label class="control-label " for="id_full_api_key">API Verification Code</label>
|
||||||
|
|
||||||
<div class=" ">
|
<div class=" ">
|
||||||
<input class=" form-control" value="{{ application.full_api_key }}" disabled>
|
<input class=" form-control" value="{{ api.api_key }}" disabled>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
{% endfor %}
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label class="control-label " for="id_corp">Corp</label>
|
<label class="control-label " for="id_corp">Corp</label>
|
||||||
|
|
||||||
@ -114,17 +116,21 @@
|
|||||||
|
|
||||||
<div class="row text-center">
|
<div class="row text-center">
|
||||||
{% if application.reviewer_inprogress_character != None %}
|
{% if application.reviewer_inprogress_character != None %}
|
||||||
|
{% if perms.hrapplications.approve_hrapplication %}
|
||||||
<a href="/hr_application_approve/{{ application.id }}">
|
<a href="/hr_application_approve/{{ application.id }}">
|
||||||
<button type="button" class="btn btn-lg btn-success">Approve</button>
|
<button type="button" class="btn btn-lg btn-success">Approve</button>
|
||||||
</a>
|
</a>
|
||||||
|
{% endif %}
|
||||||
|
{% if perms.hrapplications.reject_hrapplication %}
|
||||||
<a href="/hr_application_reject/{{ application.id }}">
|
<a href="/hr_application_reject/{{ application.id }}">
|
||||||
<button type="button" class="btn btn-lg btn-info">Reject</button>
|
<button type="button" class="btn btn-lg btn-info">Reject</button>
|
||||||
</a>
|
</a>
|
||||||
|
{% endif %}
|
||||||
|
{% if perms.hrapplications.delete_hrapplication %}
|
||||||
<a href="/hr_application_remove/{{ application.id }}">
|
<a href="/hr_application_remove/{{ application.id }}">
|
||||||
<button type="button" class="btn btn-lg btn-danger">Delete</button>
|
<button type="button" class="btn btn-lg btn-danger">Delete</button>
|
||||||
</a>
|
</a>
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
{% else %}
|
{% else %}
|
||||||
<a href="/hr_mark_in_progress/{{ application.id }}">
|
<a href="/hr_mark_in_progress/{{ application.id }}">
|
||||||
@ -136,14 +142,18 @@
|
|||||||
<br/>
|
<br/>
|
||||||
|
|
||||||
<div class="row text-center">
|
<div class="row text-center">
|
||||||
<a href="{{ JACK_KNIFE_URL }}?usid={{ application.full_api_id }}&apik={{ application.full_api_key }}"
|
{% for api in apis %}
|
||||||
|
<a href="{{ JACK_KNIFE_URL }}?usid={{ api._api_id }}&apik={{ api.api__key }}"
|
||||||
target="_blank">
|
target="_blank">
|
||||||
<button type="button" class="btn btn-lg btn-primary">API Jack Knife</button>
|
<button type="button" class="btn btn-lg btn-primary">API {{ api.api_id }}</button>
|
||||||
</a>
|
</a>
|
||||||
|
{% endfor %}
|
||||||
|
{% if perms.hrapplications.add_hrapplicationcomment %}
|
||||||
<button type="button" class="btn btn-primary btn-lg" data-toggle="modal"
|
<button type="button" class="btn btn-primary btn-lg" data-toggle="modal"
|
||||||
data-target="#myModal">
|
data-target="#myModal">
|
||||||
Comment
|
Comment
|
||||||
</button>
|
</button>
|
||||||
|
{% endif %}
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
@ -188,6 +198,7 @@
|
|||||||
</div>
|
</div>
|
||||||
|
|
||||||
{% if perms.auth.human_resources %}
|
{% if perms.auth.human_resources %}
|
||||||
|
{% if perms.hrapplications.add_hrapplicationcomment %}
|
||||||
<div class="modal fade" id="myModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel"
|
<div class="modal fade" id="myModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel"
|
||||||
aria-hidden="true">
|
aria-hidden="true">
|
||||||
<div class="modal-dialog">
|
<div class="modal-dialog">
|
||||||
@ -212,6 +223,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
{% endif %}
|
||||||
{% endblock content %}
|
{% endblock content %}
|
||||||
{% block extra_script %}
|
{% block extra_script %}
|
||||||
$(document).ready(function(){
|
$(document).ready(function(){
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user