diff --git a/jarbas/dashboard/admin/__init__.py b/jarbas/dashboard/admin/__init__.py index c4cbd4f07..90e3de5a0 100644 --- a/jarbas/dashboard/admin/__init__.py +++ b/jarbas/dashboard/admin/__init__.py @@ -8,6 +8,8 @@ from django.db.models import Count, F, Sum from django.db.models.functions import Concat from django.utils.safestring import mark_safe +from public_admin.admin import PublicModelAdmin +from public_admin.sites import PublicAdminSite, PublicApp from jarbas.chamber_of_deputies.models import ( Reimbursement, @@ -18,8 +20,6 @@ from jarbas.dashboard.admin import list_filters, widgets from jarbas.dashboard.admin.paginators import CachedCountPaginator from jarbas.dashboard.admin.subquotas import Subquotas -from jarbas.public_admin.admin import PublicAdminModelAdmin -from jarbas.public_admin.sites import public_admin ALL_FIELDS = sorted(Reimbursement._meta.fields, key=lambda f: f.verbose_name) @@ -27,7 +27,7 @@ READONLY_FIELDS = (f.name for f in ALL_FIELDS if f.name not in CUSTOM_WIDGETS) -class ReimbursementModelAdmin(PublicAdminModelAdmin): +class ReimbursementModelAdmin(PublicModelAdmin): list_display = ( 'short_document_id', @@ -183,7 +183,7 @@ def get_search_results(self, request, queryset, search_term): return queryset, distinct -class ReimbursementSummaryModelAdmin(PublicAdminModelAdmin): +class ReimbursementSummaryModelAdmin(PublicModelAdmin): change_list_template = 'dashboard/reimbursement_summary_change_list.html' list_filter = ( list_filters.SuspiciousListFilter, @@ -307,5 +307,13 @@ def changelist_view(self, request, extra=None): return response +class JarbasPublicAdminSite(PublicAdminSite): + site_title = 'Dashboard' + site_header = 'Jarbas Dashboard' + index_title = 'Jarbas' + + +public_app = PublicApp('chamber_of_deputies', ('reimbursement',)) +public_admin = JarbasPublicAdminSite("dashboard", public_app) public_admin.register(Reimbursement, ReimbursementModelAdmin) public_admin.register(ReimbursementSummary, ReimbursementSummaryModelAdmin) diff --git a/jarbas/dashboard/urls.py b/jarbas/dashboard/urls.py index 19d6f4fa4..336686ebb 100644 --- a/jarbas/dashboard/urls.py +++ b/jarbas/dashboard/urls.py @@ -1,6 +1,6 @@ from django.urls import path -from jarbas.public_admin.sites import public_admin +from jarbas.dashboard.admin import public_admin urlpatterns = [ diff --git a/jarbas/public_admin/__init__.py b/jarbas/public_admin/__init__.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/jarbas/public_admin/admin.py b/jarbas/public_admin/admin.py deleted file mode 100644 index 3cd6fd5f2..000000000 --- a/jarbas/public_admin/admin.py +++ /dev/null @@ -1,30 +0,0 @@ -import re - -from django.contrib.admin import ModelAdmin - -from jarbas.public_admin.sites import public_admin - - -class PublicAdminModelAdmin(ModelAdmin): - - def has_add_permission(self, request): - return False - - def has_change_permission(self, request, obj=None): - return request.method == 'GET' - - def has_delete_permission(self, request, obj=None): - return False - - @staticmethod - def rename_change_url(url): - if 'change' in url.pattern.regex.pattern: - new_re = url.pattern.regex.pattern.replace('change', 'details') - url.regex = re.compile(new_re, re.UNICODE) - return url - - def get_urls(self): - return [ - self.rename_change_url(url) for url in super().get_urls() - if public_admin.valid_url(url) - ] diff --git a/jarbas/public_admin/sites.py b/jarbas/public_admin/sites.py deleted file mode 100644 index c4d5b7da2..000000000 --- a/jarbas/public_admin/sites.py +++ /dev/null @@ -1,61 +0,0 @@ -from functools import update_wrapper - -from django.contrib.admin.sites import AdminSite -from django.contrib.auth.models import AnonymousUser -from django.http import HttpResponseForbidden -from django.views.decorators.csrf import csrf_protect - - -class DummyUser(AnonymousUser): - def has_module_perms(self, app_label): - return app_label == 'chamber_of_deputies' - - def has_perm(self, permission, obj=None): - return permission == 'chamber_of_deputies.change_reimbursement' - - -class PublicAdminSite(AdminSite): - - site_title = 'Dashboard' - site_header = 'Jarbas Dashboard' - index_title = 'Jarbas' - - def __init__(self): - super().__init__('dashboard') - self._actions, self._global_actions = {}, {} - - @staticmethod - def valid_url(url): - forbidden = ( - 'auth', - 'login', - 'logout', - 'password', - 'add', - 'delete', - ) - return all( - label not in url.pattern.regex.pattern for label in forbidden) - - @property - def urls(self): - urls = (url for url in self.get_urls() if self.valid_url(url)) - return list(urls), 'admin', self.name - - def has_permission(self, request): - return request.method == 'GET' - - def admin_view(self, view, cacheable=False): - def inner(request, *args, **kwargs): - request.user = DummyUser() - if not self.has_permission(request): - return HttpResponseForbidden() - return view(request, *args, **kwargs) - - if not getattr(view, 'csrf_exempt', False): - inner = csrf_protect(inner) - - return update_wrapper(inner, view) - - -public_admin = PublicAdminSite() diff --git a/jarbas/public_admin/tests/__init__.py b/jarbas/public_admin/tests/__init__.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/jarbas/public_admin/tests/test_dummy_user.py b/jarbas/public_admin/tests/test_dummy_user.py deleted file mode 100644 index ab09a3f42..000000000 --- a/jarbas/public_admin/tests/test_dummy_user.py +++ /dev/null @@ -1,21 +0,0 @@ -from django.test import TestCase - -from jarbas.public_admin.sites import DummyUser - - -class TestDummyUser(TestCase): - - def setUp(self): - self.user = DummyUser() - - def test_has_module_perms(self): - self.assertTrue(self.user.has_module_perms('chamber_of_deputies')) - self.assertFalse(self.user.has_module_perms('core')) - self.assertFalse(self.user.has_module_perms('api')) - self.assertFalse(self.user.has_module_perms('dashboard')) - self.assertFalse(self.user.has_module_perms('layers')) - - def test_has_perm(self): - self.assertTrue(self.user.has_perm('chamber_of_deputies.change_reimbursement')) - self.assertFalse(self.user.has_perm('chamber_of_deputies.add_reimbursement')) - self.assertFalse(self.user.has_perm('chamber_of_deputies.delete_reimbursement')) diff --git a/jarbas/public_admin/tests/test_public_admin_site.py b/jarbas/public_admin/tests/test_public_admin_site.py deleted file mode 100644 index 2534a2ed7..000000000 --- a/jarbas/public_admin/tests/test_public_admin_site.py +++ /dev/null @@ -1,44 +0,0 @@ -from unittest.mock import MagicMock, patch - -from django.contrib.auth import get_user_model -from django.test import TestCase - -from jarbas.public_admin.sites import PublicAdminSite, public_admin - -User = get_user_model() - - -class TestPublicAdminSite(TestCase): - - def setUp(self): - self.site = public_admin - - def test_init(self): - self.assertEqual({}, dict(self.site.actions)) - self.assertEqual({}, dict(self.site._global_actions)) - self.assertEqual('dashboard', self.site.name) - - def test_valid_url(self): - valid, invalid = MagicMock(), MagicMock() - valid.pattern.regex.pattern = '/whatever/' - invalid.pattern.regex.pattern = '/whatever/add/' - self.assertTrue(self.site.valid_url(valid)) - self.assertFalse(self.site.valid_url(invalid)) - - @patch.object(PublicAdminSite, 'get_urls') - @patch.object(PublicAdminSite, 'valid_url') - def test_urls(self, valid_url, get_urls): - valid_url.side_effect = (True, False, True) - get_urls.return_value = range(3) - expected = [0, 2], 'admin', 'dashboard' - self.assertEqual(expected, self.site.urls) - - def test_has_permission_get(self): - request = MagicMock() - request.method = 'GET' - self.assertTrue(self.site.has_permission(request)) - - def test_has_permission_post(self): - request = MagicMock() - request.method = 'POST' - self.assertFalse(self.site.has_permission(request)) diff --git a/requirements.txt b/requirements.txt index e0b970731..9d90d4413 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,6 +7,7 @@ django-bulk-update==2.2.0 django-cors-middleware==1.3.1 django-debug-toolbar==1.11 django-extensions==2.1.6 +django-public-admin==0.0.2 django-test-without-migrations==0.6 djangorestframework==3.9.1 freezegun==0.3.11