diff --git a/seahub/institutions/templates/institutions/useradmin.html b/seahub/institutions/templates/institutions/useradmin.html index b28cb102f2..4b3289eac4 100644 --- a/seahub/institutions/templates/institutions/useradmin.html +++ b/seahub/institutions/templates/institutions/useradmin.html @@ -34,7 +34,9 @@ {% else %} {% trans "Inactive" %} {% endif %} + {% if not user.is_self and not user.is_staff and not user.is_institution_admin %} + {% endif %} {% trans "Active" %} @@ -53,7 +55,7 @@ {% if user.last_login %}{{user.last_login|translate_seahub_time}} {% else %} -- {% endif %} - {% if not user.is_self %} + {% if not user.is_self and not user.is_staff and not user.is_institution_admin %} {% trans "Delete" %} {% endif %} diff --git a/seahub/institutions/templates/institutions/useradmin_search.html b/seahub/institutions/templates/institutions/useradmin_search.html index 7483a86f50..55f2761c2f 100644 --- a/seahub/institutions/templates/institutions/useradmin_search.html +++ b/seahub/institutions/templates/institutions/useradmin_search.html @@ -51,7 +51,7 @@ {% if user.last_login %}{{user.last_login|translate_seahub_time}} {% else %} -- {% endif %} - {% if not user.is_self %} + {% if not user.is_self and not user.is_staff and not user.is_institution_admin %} {% trans "Delete" %} {% endif %} diff --git a/seahub/institutions/views.py b/seahub/institutions/views.py index 101e9948a8..36d8775739 100644 --- a/seahub/institutions/views.py +++ b/seahub/institutions/views.py @@ -23,7 +23,8 @@ from seahub.profile.models import Profile, DetailedProfile from seahub.utils import is_valid_username from seahub.utils.rpc import mute_seafile_api from seahub.utils.file_size import get_file_size_unit -from seahub.views.sysadmin import email_user_on_activation, populate_user_info +from seahub.views.sysadmin import email_user_on_activation +from seahub.institutions.models import InstitutionAdmin logger = logging.getLogger(__name__) @@ -42,6 +43,7 @@ def _populate_user_quota_usage(user): user.space_usage = -1 user.space_quota = -1 + @inst_admin_required def info(request): """List instituion info. @@ -52,6 +54,7 @@ def info(request): 'inst': inst, }) + @inst_admin_required def useradmin(request): """List users in the institution. @@ -71,10 +74,15 @@ def useradmin(request): page_next = True else: page_next = False - users = [User.objects.get(x) for x in usernames[:per_page]] + users = [User.objects.get(x) for x in usernames[:per_page]] + admin_emails = [user.user for user in InstitutionAdmin.objects.filter(institution=inst)] last_logins = UserLastLogin.objects.filter(username__in=[x.username for x in users]) + for u in users: + + u.is_institution_admin = u.email in admin_emails + if u.username == request.user.username: u.is_self = True @@ -94,6 +102,7 @@ def useradmin(request): 'page_next': page_next, }) + @inst_admin_required def useradmin_search(request): """Search users in the institution. @@ -107,9 +116,13 @@ def useradmin_search(request): profiles = Profile.objects.filter(institution=inst.name) usernames = [x.user for x in profiles if q in x.user] users = [User.objects.get(x) for x in usernames] - + admin_emails = [user.user for user in InstitutionAdmin.objects.filter(institution=inst)] last_logins = UserLastLogin.objects.filter(username__in=[x.username for x in users]) + for u in users: + + u.is_institution_admin = u.email in admin_emails + if u.username == request.user.username: u.is_self = True @@ -125,6 +138,7 @@ def useradmin_search(request): 'q': q, }) + @inst_admin_required @inst_admin_can_manage_user def user_info(request, email): @@ -165,18 +179,20 @@ def user_info(request, email): available_quota = get_institution_available_quota(request.user.institution) - return render(request, - 'institutions/user_info.html', { - 'owned_repos': owned_repos, - 'space_quota': space_quota, - 'space_usage': space_usage, - 'in_repos': in_repos, - 'email': email, - 'profile': profile, - 'd_profile': d_profile, - 'personal_groups': personal_groups, - 'available_quota': available_quota, - }) + return render(request, + 'institutions/user_info.html', + { + 'owned_repos': owned_repos, + 'space_quota': space_quota, + 'space_usage': space_usage, + 'in_repos': in_repos, + 'email': email, + 'profile': profile, + 'd_profile': d_profile, + 'personal_groups': personal_groups, + 'available_quota': available_quota, + }) + @require_POST @inst_admin_required @@ -189,13 +205,19 @@ def user_remove(request, email): try: user = User.objects.get(email=email) - user.delete() - messages.success(request, _('Successfully deleted %s') % user.username) except User.DoesNotExist: messages.error(request, _('Failed to delete: the user does not exist')) + return HttpResponseRedirect(next_page) + if user.is_staff: + messages.error(request, _('Failed to delete: the user is system administrator')) + return HttpResponseRedirect(next_page) + + user.delete() + messages.success(request, _('Successfully deleted %s') % user.username) return HttpResponseRedirect(next_page) + @login_required_ajax @require_POST @inst_admin_required @@ -208,14 +230,14 @@ def user_set_quota(request, email): available_quota = get_institution_available_quota(request.user.institution) if available_quota < quota: result = {} - result['error'] = _('Failed to set quota: maximum quota is %d MB' % \ - (available_quota / 10 ** 6)) + result['error'] = _('Failed to set quota: maximum quota is %d MB' % (available_quota / 10 ** 6)) return HttpResponse(json.dumps(result), status=400, content_type=content_type) seafile_api.set_user_quota(email, quota) return HttpResponse(json.dumps({'success': True}), content_type=content_type) + @login_required_ajax @require_POST @inst_admin_required @@ -257,4 +279,3 @@ def user_toggle_status(request, email): except User.DoesNotExist: return HttpResponse(json.dumps({'success': False}), status=500, content_type=content_type) -