[user-role] Select role when add a user / change role at user admin page;

Limit guest user's operation: can not create group and library.
2025-09-20 10:58:33 +00:00 · 2014-07-07 16:05:14 +08:00
parent 94268403e8
commit 1683a73e4e
20 changed files with 208 additions and 37 deletions
--- a/seahub/views/sysadmin.py
+++ b/seahub/views/sysadmin.py
@@ -495,6 +495,29 @@ def user_toggle_status(request, user_id):
        return HttpResponse(json.dumps({'success': False}), status=500,
                            content_type=content_type)

+@login_required_ajax
+@sys_staff_required
+def user_toggle_role(request, user_id):
+    content_type = 'application/json; charset=utf-8'
+
+    from seahub import constants
+    DEFAULT_USER = getattr(constants, 'DEFAULT_USER', 'default')
+
+    try:
+        user_role = request.GET.get('r', DEFAULT_USER)
+    except ValueError:
+        user_role = DEFAULT_USER
+
+    try:
+        user = User.objects.get(id=int(user_id))
+        User.objects.update_role(user.email, user_role)
+
+        return HttpResponse(json.dumps({'success': True}),
+                            content_type=content_type)
+    except User.DoesNotExist:
+        return HttpResponse(json.dumps({'success': False}), status=500,
+                            content_type=content_type)
+
 def send_user_reset_email(request, email, password):
    """
    Send email when reset user password.
@@ -569,15 +592,23 @@ def user_add(request):

    post_values = request.POST.copy()
    post_email = request.POST.get('email', '')
-    post_values.update({'email': post_email.lower()})
+    post_role = request.POST.get('role', '')
+    post_values.update({
+                        'email': post_email.lower(),
+                        'role': post_role,
+                      })

    form = AddUserForm(post_values)
    if form.is_valid():
        email = form.cleaned_data['email']
+        role = form.cleaned_data['role']
        password = form.cleaned_data['password1']

        user = User.objects.create_user(email, password, is_staff=False,
                                        is_active=True)
+        if user:
+            User.objects.update_role(email, role)
+
        if request.user.org:
            org_id = request.user.org.org_id
            url_prefix = request.user.org.url_prefix