Modif édition roles/permissions

2022-01-31 21:44:59 +01:00 · 2022-01-31 21:44:59 +01:00 · df347b8b30
commit df347b8b30
parent 89d5c383b6
1 changed files with 14 additions and 5 deletions
--- a/app/views/users.py
+++ b/app/views/users.py
@ -149,7 +149,7 @@ def user_info(user_name, format="json"):
@scodoc
@permission_required(Permission.ScoUsersAdmin)
@scodoc7func
-def create_user_form(user_name=None, edit=0, all_roles=1):
+def create_user_form(user_name=None, edit=0, all_roles=False):
    "form. création ou édition utilisateur"
    if user_name is not None:  # scodoc7func converti en int !
        user_name = str(user_name)
@ -218,9 +218,11 @@ def create_user_form(user_name=None, edit=0, all_roles=1):
    }
    if current_user.is_administrator():
        editable_roles_set |= {
-            (Role.get_named_role(r), "")
+            (Role.get_named_role(r), None)
            for r in sco_roles_default.ROLES_ATTRIBUABLES_SCODOC
        }
+        # Un super-admin peut nommer d'autres super-admin:
+        editable_roles_set |= {(Role.get_named_role("SuperAdmin"), None)}
    #
    if not edit:
        submitlabel = "Créer utilisateur"
@ -251,16 +253,23 @@ def create_user_form(user_name=None, edit=0, all_roles=1):
    orig_roles_strings = {r.name + "_" + (dept or "") for (r, dept) in orig_roles}
    # add existing user roles
    displayed_roles = list(editable_roles_set.union(orig_roles))
-    displayed_roles.sort(key=lambda x: (x[1] or "", x[0].name or ""))
+    displayed_roles.sort(
+        key=lambda x: (
+            x[1] or "",
+            (x[0].name or "") if x[0].name != "SuperAdmin" else "A",
+        )
+    )
    displayed_roles_strings = [
        r.name + "_" + (dept or "") for (r, dept) in displayed_roles
    ]
-    displayed_roles_labels = [f"{dept}: {r.name}" for (r, dept) in displayed_roles]
+    displayed_roles_labels = [
+        f"{dept or '<em>tout dépt.</em>'}: {r.name}" for (r, dept) in displayed_roles
+    ]
    disabled_roles = {}  # pour désactiver les roles que l'on ne peut pas éditer
    for i in range(len(displayed_roles_strings)):
        if displayed_roles_strings[i] not in editable_roles_strings:
            disabled_roles[i] = True
-
+    breakpoint()
    descr = [
        ("edit", {"input_type": "hidden", "default": edit}),
        ("nom", {"title": "Nom", "size": 20, "allow_null": False}),