From c6699686ad53ee6e53626b46c4ac1a52871a7d0c Mon Sep 17 00:00:00 2001 From: Adarnof Date: Sat, 25 Mar 2017 20:19:44 -0400 Subject: [PATCH] Prevent altering user states on admin site --- authentication/admin.py | 34 ++++++++++++------- .../migrations/0015_user_profiles.py | 2 +- authentication/models.py | 1 + 3 files changed, 24 insertions(+), 13 deletions(-) diff --git a/authentication/admin.py b/authentication/admin.py index f493ced7..9017e7f5 100644 --- a/authentication/admin.py +++ b/authentication/admin.py @@ -5,12 +5,9 @@ from django.contrib.auth.admin import UserAdmin as BaseUserAdmin from django.contrib.auth.models import User from django.utils.text import slugify from django import forms -from django.db.models.signals import post_save from authentication.models import State, get_guest_state, CharacterOwnership, UserProfile -from authentication.signals import reassess_on_profile_save from alliance_auth.hooks import get_hooks from services.hooks import ServicesHook -from services.tasks import validate_services def make_service_hooks_update_groups_action(service): @@ -107,8 +104,7 @@ class StateAdmin(admin.ModelAdmin): filter_horizontal = ['member_characters', 'member_corporations', 'member_alliances', 'permissions'] - @staticmethod - def has_delete_permission(request, obj=None): + def has_delete_permission(self, request, obj=None): if obj == get_guest_state(): return False @@ -117,15 +113,29 @@ admin.site.register(CharacterOwnership) class UserProfileAdminForm(forms.ModelForm): - def save(self, *args, **kwargs): - # prevent state reassessment to allow manually overriding states - post_save.disconnect(reassess_on_profile_save, sender=UserProfile) - model = super(UserProfileAdminForm, self).save(*args, **kwargs) - post_save.connect(reassess_on_profile_save, sender=UserProfile) - validate_services(model.user) - return model + def __init__(self, *args, **kwargs): + super(UserProfileAdminForm, self).__init__(*args, **kwargs) + self.fields['state'].widget.attrs['disabled'] = True + instance = getattr(self, 'instance', None) + if instance and instance.pk: + self.fields['state'].queryset = State.objects.filter(pk=instance.state.pk) + else: + self.fields['state'].queryset = State.objects.filter(pk=get_guest_state().pk) + + def clean_state(self): + instance = getattr(self, 'instance', None) + if instance and instance.pk: + return UserProfile.objects.get(pk=instance.pk).state + else: + return get_guest_state() @admin.register(UserProfile) class UserProfileAdmin(admin.ModelAdmin): form = UserProfileAdminForm + + def has_add_permission(self, request): + return False + + def has_delete_permission(self, request, obj=None): + return False diff --git a/authentication/migrations/0015_user_profiles.py b/authentication/migrations/0015_user_profiles.py index 1ad439d0..06bf2d48 100644 --- a/authentication/migrations/0015_user_profiles.py +++ b/authentication/migrations/0015_user_profiles.py @@ -132,7 +132,7 @@ def create_profiles(apps, schema_editor): # carry states and mains forward state = State.objects.get(name=auth.state if auth.state else 'Guest') char = EveCharacter.objects.get(character_id=auth.main_char_id) - profile = UserProfile.objects.create(user=auth.user, state=state, main_character=char) + UserProfile.objects.create(user=auth.user, state=state, main_character=char) for auth in AuthServicesInfo.objects.exclude(main_char_id__in=unique_mains).select_related('user'): # prepare empty profiles state = State.objects.get(name='Guest') diff --git a/authentication/models.py b/authentication/models.py index 80b4b9d6..26d2a933 100755 --- a/authentication/models.py +++ b/authentication/models.py @@ -30,6 +30,7 @@ class State(models.Model): class Meta: ordering = ['-priority'] + default_permissions = ('change',) def __str__(self): return self.name