Permissions Auditing Tool (#698)

* Added block for page_title as title fragment * Add permissions auditing tool * Added tests for permissions audit tool * Added documentation for permissions tool * Add permissions tool to coverage
2026-02-11 01:26:22 +01:00 · 2017-02-10 21:25:09 +10:00
parent 489b9a601d
commit b636262e0c
19 changed files with 430 additions and 3 deletions
--- a/permissions_tool/templates/permissions_tool/audit.html
+++ b/permissions_tool/templates/permissions_tool/audit.html
@@ -0,0 +1,39 @@
+{% extends "public/base.html" %}
+{% load bootstrap %}
+{% load staticfiles %}
+{% load i18n %}
+
+{% block page_title %}{{ permission.permission.codename }} - {% trans "Permissions Audit" %}{% endblock page_title %}
+
+{% block content %}
+    <div>
+        <h1 class="page-header">{% trans "Permissions Audit" %}: {{ permission.permission.codename }}</h1>
+        <a href="{% url 'permissions_overview' %}" class="btn btn-default">
+            <i class="glyphicon glyphicon-chevron-left"></i> {% trans "Back" %}
+        </a>
+        <table class="table table-hover">
+            <thead>
+                <tr>
+                    <th class="col-md-3">
+                        {% trans "Group" %}
+                    </th>
+                    <th class="col-md-3">
+                        {% trans "User" %}
+                    </th>
+                </tr>
+            </thead>
+            <tbody>
+            {% for user in permission.users %}
+                <tr>
+                    {% include 'permissions_tool/audit_row.html' with group="Permission Granted Directly (No Group)" %}
+                </tr>
+            {% endfor %}
+            {% for group in permission.groups %}
+                {% for user in group.user_set.all %}
+                    {% include 'permissions_tool/audit_row.html' %}
+                {% endfor %}
+            {% endfor %}
+            </tbody>
+        </table>
+    </div>
+{% endblock content %}
--- a/permissions_tool/templates/permissions_tool/audit_row.html
+++ b/permissions_tool/templates/permissions_tool/audit_row.html
@@ -0,0 +1,10 @@
+<tr>
+    <td>
+        {% if forloop.first %}
+            <b>{{ group }}</b>
+        {% endif %}
+    </td>
+    <td>
+        {{ user }}
+    </td>
+</tr>
--- a/permissions_tool/templates/permissions_tool/overview.html
+++ b/permissions_tool/templates/permissions_tool/overview.html
@@ -0,0 +1,79 @@
+{% extends "public/base.html" %}
+{% load bootstrap %}
+{% load staticfiles %}
+{% load i18n %}
+
+{% block page_title %}{% trans "Permissions Overview" %}{% endblock page_title %}
+
+{% block content %}
+    <div>
+        <h1 class="page-header">{% trans "Permissions Overview" %}</h1>
+        {% if request.GET.all != 'yes' %}
+            <span class="pull-right">
+                {% blocktrans %}Showing only applied permissions{% endblocktrans %}
+                <a href="{% url 'permissions_overview' %}?all=yes" class="btn btn-primary">{% trans "Show All" %}</a>
+            </span>
+        {% else %}
+            <span class="pull-right">
+                {% blocktrans %}Showing all permissions{% endblocktrans %}
+                <a href="{% url 'permissions_overview' %}?all=no" class="btn btn-primary">{% trans "Show Applied" %}</a>
+            </span>
+        {% endif %}
+        <table class="table table-hover">
+            <thead>
+                <tr>
+                    <th>
+                        {% trans "App" %}
+                    </th>
+                    <th>
+                        {% trans "Model" %}
+                    </th>
+                    <th>
+                        {% trans "Code Name" %}
+                    </th>
+                    <th>
+                        {% trans "Name" %}
+                    </th>
+                    <th class="col-md-1">
+                        {% trans "Users" %}
+                    </th>
+                    <th class="col-md-1">
+                        {% trans "Groups" %}
+                    </th>
+                    <th class="col-md-1">
+                        {% trans "Groups Users" %}
+                    </th>
+                </tr>
+            </thead>
+            <tbody>
+            {% for perm in permissions %}
+                <tr>
+                    <td>
+                        {{ perm.permission.content_type.app_label }}
+                    </td>
+                    <td>
+                        {{ perm.permission.content_type.model }}
+                    </td>
+                    <td>
+                        <a href="{% url "permissions_audit" app_label=perm.permission.content_type.app_label model=perm.permission.content_type.model codename=perm.permission.codename %}">
+                            {{ perm.permission.codename }}
+                        </a>
+                    </td>
+                    <td>
+                        {{ perm.permission.name }}
+                    </td>
+                    <td class="{% if perm.users > 0 %}info {% endif %}text-right">
+                        {{ perm.users }}
+                    </td>
+                    <td class="{% if perm.groups > 0 %}info {% endif %}text-right">
+                        {{ perm.groups }}
+                    </td>
+                    <td class="{% if perm.group_users > 0 %}info {% endif %}text-right">
+                        {{ perm.group_users }}
+                    </td>
+                </tr>
+            {% endfor %}
+            </tbody>
+        </table>
+    </div>
+{% endblock content %}