Added PersonFingerprints to show and edit fingerprints

cb3b878c · Enrico Zini · 62bf4506 · cb3b878c · cb3b878c · cb3b878c
Commit cb3b878c authored Aug 29, 2015 by Enrico Zini
--- a/backend/mixins.py
+++ b/backend/mixins.py
@@ -74,6 +74,10 @@ class VisitPersonMixin(VisitorMixin):
    Visit a person record. Adds self.person and self.vperms with the
    permissions the visitor has over the person
    """
+    # Define to "edit_bio" "edit_ldap" or "view_person_audit_log" to raise
+    # PermissionDenied if the given test on the person-visitor fails
+    require_vperms = None
+
    def pre_dispatch(self):
        super(VisitPersonMixin, self).pre_dispatch()
        key = self.kwargs.get("key", None)
@@ -83,6 +87,9 @@ class VisitPersonMixin(VisitorMixin):
            self.person = bmodels.Person.lookup_or_404(key)
        self.vperms = self.person.permissions_of(self.visitor)

+        if self.require_vperms and self.require_vperms not in self.vperms.perms:
+            raise PermissionDenied
+
    def get_context_data(self, **kw):
        ctx = super(VisitPersonMixin, self).get_context_data(**kw)
        ctx["person"] = self.person

--- a/restricted/templates/restricted/person_fingerprints.html
+++ b/restricted/templates/restricted/person_fingerprints.html
+{% extends "restricted/base.html" %}
+{% load nm %}
+
+{% block head_resources %}
+{{block.super}}
+<style type="text/css">
+.errorlist { color: red; }
+</style>
+{% endblock %}
+
+{% block breadcrumbs %}{{block.super}}
+/ <a href="{{ person.get_absolute_url }}">{{person.lookup_key}}</a>
+{% endblock %}
+
+{% block content %}
+
+<h1>Edit fingerprints for {{person.fullname}}</h1>
+
+<form action="{% url 'restricted_person_fingerprints' key=person.lookup_key %}" method="post">{% csrf_token %}
+  {% for hidden in form.hidden_fields %} {{hidden}} {% endfor %}
+  {{ form.non_field_errors }}
+  {% for f in form.visible_fields %}
+    <p>{{f.label_tag}}<br>{{f}}<br><small>{{f.help_text}}</small></p>{{f.errors}}
+  {% endfor %}
+  <input type="submit" value="Add key">
+</form>
+
+<table>
+  <thead>
+    <tr>
+      <th>Key</th>
+      <th>Active</th>
+      <th>Actions</th>
+    </tr>
+  </thead>
+  <tbody>
+  {% for fpr in person.fprs.all %}
+  <tr>
+      <td>{{fpr.fpr}}</td>
+      <td>{{fpr.is_active}}</td>
+      <td></td>
+  </tr>
+  {% endfor %}
+  </tbody>
+</table>
+
+{% endblock %}
+
--- a/restricted/urls.py
+++ b/restricted/urls.py
@@ -31,6 +31,7 @@ urlpatterns = patterns('restricted.views',
    url(r'^amprofile(?:/(?P<key>[^/]+))?$', views.AMProfile.as_view(), name="restricted_amprofile"),
    # Edit personal info
    url(r'^person/(?P<key>[^/]+)$', views.Person.as_view(), name="restricted_person"),
+    url(r'^person/(?P<key>[^/]+)/fingerprints$', views.PersonFingerprints.as_view(), name="restricted_person_fingerprints"),
    # Create new process for a person (advocate)
    url(r'^advocate/(?P<applying_for>[^/]+)/(?P<key>[^/]+)$', views.NewProcess.as_view(), name="restricted_advocate"),
    # Show changelogs (minechangelogs)

--- a/restricted/views.py
+++ b/restricted/views.py
@@ -27,11 +27,13 @@ from django.utils.translation import ugettext as _
 from django.core.urlresolvers import reverse
 from django.core.exceptions import PermissionDenied
 from django.views.generic import View
+from django.views.generic.edit import FormView
 from django.utils.timezone import now
+from django.db import transaction
 import backend.models as bmodels
 import minechangelogs.models as mmodels
 from backend import const
-from backend.mixins import VisitorMixin, VisitorTemplateView, VisitPersonTemplateView
+from backend.mixins import VisitorMixin, VisitPersonMixin, VisitorTemplateView, VisitPersonTemplateView
 import backend.email
 import json
 import datetime
@@ -564,3 +566,27 @@ class MailboxStats(VisitorTemplateView):
            emails=sorted(stats["emails"].items()),
        )
        return ctx
+
+
+class NewFingerprintForm(forms.ModelForm):
+    class Meta:
+        model = bmodels.Fingerprint
+        fields = ["fpr"]
+
+
+class PersonFingerprints(VisitPersonMixin, FormView):
+    template_name = "restricted/person_fingerprints.html"
+    require_vperms = "edit_ldap"
+    form_class = NewFingerprintForm
+
+    # TODO: add template
+
+    @transaction.atomic
+    def form_valid(self, form):
+        fpr = form.save(commit=False)
+        fpr.user = self.person
+        fpr.is_active = True
+        fpr.save(audit_author=self.visitor, audit_notes="added new fingerprint")
+        # Ensure that only the new fingerprint is the active one
+        self.person.fprs.exclude(pk=fpr.pk).update(is_active=False)
+        return redirect("restricted_person_fingerprints", key=self.person.lookup_key)