mirror of
https://gitlab.com/allianceauth/allianceauth.git
synced 2025-07-09 12:30:15 +02:00
a33c8c14ee
* Add service access permissions and migration `ENABLE_AUTH_<servicename> = True` will have the new permission applied to the settings configured `DEFAULT_AUTH_GROUP` group or `Member` if none is configured. `ENABLE_BLUE_<servicename> = True` will have the new permission applied to the settings configured `DEFAULT_BLUE_GROUP` group or `Blue` if none is configured. * Move views and hooks to permissions based access * Remove access restriction to services view Hypothetically non-member/blues could be granted permission to access services manually as desired now. A user that has no permissions to access any services will see a blank services list. * Remove obsolete service settings * Remove references to obsolete settings * Adjusted tests to support permissions based access * Fix incorrectly named permissions * Add simple get_services generator function * Added signals for user and groups perm changes * Update validate_services to support permissions deactivate_services removed as its surplus to requirements. * Removed state parameter from validate_services calls * Update tests to support signals changes * Fix incorrect call to validate_services task * Fix validate_services and test * Add validate_user to changed user groups signal * Added tests for new signals * Remove unnecessary post_add signals * Added documentation for service permissions * Added detection for members with service active If there are any service users in the Member or Blue groups active, then the permission will be added to the respective Member or Blue group. This means its no longer necessary to maintain the service enablesettings to migrate to permissions based service. Remove obsolete state based status checking
122 lines
3.4 KiB
Python
122 lines
3.4 KiB
Python
from __future__ import unicode_literals
|
|
|
|
from django.template.loader import render_to_string
|
|
from django.utils.safestring import mark_safe
|
|
|
|
from alliance_auth.hooks import get_hooks
|
|
from authentication.states import MEMBER_STATE, BLUE_STATE
|
|
from authentication.models import AuthServicesInfo
|
|
|
|
|
|
class ServicesHook:
|
|
"""
|
|
Abstract base class for creating a compatible services
|
|
hook. Decorate with @register('services_hook') to have the
|
|
services module registered for callbacks. Must be in
|
|
auth_hook(.py) sub module
|
|
"""
|
|
def __init__(self):
|
|
self.name = 'Undefined'
|
|
self.urlpatterns = []
|
|
self.service_ctrl_template = 'registered/services_ctrl.html'
|
|
self.access_perm = None
|
|
|
|
@property
|
|
def title(self):
|
|
"""
|
|
A nicely formatted title of the service, for client facing
|
|
display.
|
|
:return: str
|
|
"""
|
|
return self.name.title()
|
|
|
|
def delete_user(self, user, notify_user=False):
|
|
"""
|
|
Delete the users service account, optionally notify them
|
|
that the service has been disabled
|
|
:param user: Django.contrib.auth.models.User
|
|
:param notify_user: Whether the service should sent a
|
|
notification to the user about the disabling of their
|
|
service account.
|
|
:return: True if the service account has been disabled,
|
|
or False if it doesnt exist.
|
|
"""
|
|
pass
|
|
|
|
def validate_user(self, user):
|
|
pass
|
|
|
|
def sync_nickname(self, user):
|
|
"""
|
|
Sync the users nickname
|
|
:param user: Django.contrib.auth.models.User
|
|
:return: None
|
|
"""
|
|
pass
|
|
|
|
def update_groups(self, user):
|
|
"""
|
|
Update the users group membership
|
|
:param user: Django.contrib.auth.models.User
|
|
:return: None
|
|
"""
|
|
pass
|
|
|
|
def update_all_groups(self):
|
|
"""
|
|
Iterate through and update all users groups
|
|
:return: None
|
|
"""
|
|
pass
|
|
|
|
def service_active_for_user(self, user):
|
|
pass
|
|
|
|
def show_service_ctrl(self, user, state):
|
|
"""
|
|
Whether the service control should be displayed to the given user
|
|
who has the given service state. Usually this function wont
|
|
require overloading.
|
|
:param user: django.contrib.auth.models.User
|
|
:param state: auth user state
|
|
:return: bool True if the service should be shown
|
|
"""
|
|
return self.service_active_for_user(user) or user.is_superuser
|
|
|
|
def render_services_ctrl(self, request):
|
|
"""
|
|
Render the services control template row
|
|
:param request:
|
|
:return:
|
|
"""
|
|
return ''
|
|
|
|
def __str__(self):
|
|
return self.name or 'Unknown Service Module'
|
|
|
|
class Urls:
|
|
def __init__(self):
|
|
self.auth_activate = ''
|
|
self.auth_set_password = ''
|
|
self.auth_reset_password = ''
|
|
self.auth_deactivate = ''
|
|
|
|
@staticmethod
|
|
def get_services():
|
|
for fn in get_hooks('services_hook'):
|
|
yield fn()
|
|
|
|
|
|
class MenuItemHook:
|
|
def __init__(self, text, classes, url_name, order=None):
|
|
self.text = text
|
|
self.classes = classes
|
|
self.url_name = url_name
|
|
self.template = 'public/menuitem.html'
|
|
self.order = order if order is not None else 9999
|
|
|
|
def render(self, request):
|
|
return render_to_string(self.template,
|
|
{'item': self},
|
|
request=request)
|