Commit 3a8ded48 authored by felix.herrmann's avatar felix.herrmann
Browse files

feat(access): create and delete access request instances

parent 524d8313
......@@ -31,6 +31,7 @@ from discuss_data.dddatasets.models import (
DataSet,
DataSetManagementObject,
DataFile,
DataSetAccessRequest,
)
from discuss_data.dddatasets.utils import check_published, create_pdf
......@@ -179,17 +180,27 @@ def dataset_access_request(request, uuid):
comment.content_type = ContentType.objects.get_for_model(ds)
comment.object_id = ds.id
comment.save()
access_request = DataSetAccessRequest(dataset=ds, user=request.user)
access_request.save()
return HttpResponse(
'<button class="btn btn-secondary" disabled>{}</button>'.format(
_("Access request sent to the Datasets administrators")
access_request
)
)
else:
messages.warning(request, form.errors)
else:
initial = {"text": "Please grant me access to this Dataset"}
form = AccessRequestForm(initial=initial)
access_request = ds.get_access_request(request.user)
if access_request:
return HttpResponse(
'<button class="btn btn-secondary" disabled>{}</button>'.format(
access_request
)
)
else:
initial = {"text": "Please grant me access to this Dataset"}
form = AccessRequestForm(initial=initial)
return render(
request,
"ddcomments/_notification_add.html",
......
......@@ -536,8 +536,10 @@ def prep_dataset_edit_access_user(request, ds_uuid):
public=False,
)
elif perm_code == "acc":
access_request = ds.get_access_request(user)
logger.debug("assigning perms for", user)
ds.assign_user_permissions(user, "ra_view_dataset")
ds.save()
action.send(
request.user,
verb="granted access",
......@@ -545,7 +547,9 @@ def prep_dataset_edit_access_user(request, ds_uuid):
target=user,
public=False,
)
ds.save()
if access_request:
access_request.delete()
else:
logger.error("requested non existing perm_code", perm_code, exc_info=1)
if feed:
......
{% extends request.is_intercooler|yesno:"blank.html,dddatasets/_base_datasets_edit.html" %}
{% load static i18n crispy_forms_tags %}
{% load static i18n crispy_forms_tags core_tags humanize %}
{% block ic-content %}
......@@ -116,6 +116,31 @@
{% endif %}
<h4>{% trans "Grant users access to the published dataset" %}</h4>
<h5>{% trans 'Access requests' %}</h5>
{% if ds.get_all_access_requests %}
<ul class="list-unstyled">
{% for access_request in ds.get_all_access_requests %}
<li>
<a href="{% url 'ddusers:detail' access_request.user.uuid %}">{{ access_request.user }}</a> {% trans 'requested access to this dataset' %} {{ access_request.created_at | naturaltime }}
{% if ds|user_has_restricted_access:access_request.user %}
<button class="btn btn-secondary" disabled>{% trans 'Access granted' %}</button>
{% elif ds|user_has_admin_right:request.user %}
<form class="form-inline">
{% csrf_token %}
<input type="hidden" value="{{ access_request.user.uuid }}" name="userid">
<input type="hidden" value="acc" name="perm">
<button type="button" class="btn btn-primary" ic-post-to="{% url 'dddatasets:prep_edit_access_user' ds.uuid %}" ic-target="#ds-content" ic-include="">{% trans 'Grant access' %}</button>
</form>
{% endif %}
</li>
{% endfor %}
</ul>
{% else %}
<p>{% trans 'No access requests pending at this time' %}
{% endif %}
<h5>{% trans 'Search for users' %}</h5>
<input class="w-50 form-control smallskip" type="text" placeholder="Search" name="q" ic-get-from="{% url 'dddatasets:prep_edit_access_user_search' ds.uuid %}" ic-target="#search-list" aria-label="{% trans "Search" %}">
<div id="search-list"></div>
</div>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment