Add ability to change a member's role in a team if you are an admin

2018-09-07 16:26:27 -04:00 · 2018-09-07 16:26:27 -04:00 · 32d1054cb5
commit 32d1054cb5
parent 9f09405ecd
4 changed files with 46 additions and 3 deletions
--- a/events/models/profiles.py
+++ b/events/models/profiles.py
@ -182,10 +182,11 @@ class UserProfile(models.Model):
            return False
        if team.owner_profile == self:
            return True
-        if self in team.moderators:
+        if self in team.administrators:
            return True
        return False

+
 def get_user_timezone(username):
    # TODO: find a smarter way to get timezone
    return 'UTC'
--- a/get_together/templates/get_together/teams/manage_members.html
+++ b/get_together/templates/get_together/teams/manage_members.html
@ -41,7 +41,29 @@
                    <a href="javascript:contact_member({{member.id}});" class="fa fa-envelope" title="Contact"></a>
                    {% endif %}
                </td>
-                <td>{{member.role_name}}</td>
+                <td>
+                    <div style="position: relative">
+                {% if member.role == member.ADMIN %}
+                  <span class="btn btn-sm btn-success dropdown-toggle align-top" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">{{ member.role_name }}</span>
+                  <div class="dropdown-menu">
+                    <a class="dropdown-item" href="{% url 'change-member-role' team.id member.user.id %}?role=moderator&csrftoken={{csrf_token}}">Moderator</a>
+                    <a class="dropdown-item" href="{% url 'change-member-role' team.id member.user.id %}?role=normal&csrftoken={{csrf_token}}">Normal</a>
+                  </div>
+                {% elif member.role == member.MODERATOR %}
+                  <span class="btn btn-sm btn-default dropdown-toggle align-top" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">{{ member.role_name }}</span>
+                  <div class="dropdown-menu">
+                    <a class="dropdown-item" href="{% url 'change-member-role' team.id member.user.id %}?role=admin&csrftoken={{csrf_token}}">Administrator</a>
+                    <a class="dropdown-item" href="{% url 'change-member-role' team.id member.user.id %}?role=normal&csrftoken={{csrf_token}}">Normal</a>
+                  </div>
+                {% elif member.role == member.NORMAL %}
+                  <span class="btn btn-sm btn-secondary dropdown-toggle align-top" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">{{ member.role_name }}</span>
+                  <div class="dropdown-menu">
+                    <a class="dropdown-item" href="{% url 'change-member-role' team.id member.user.id %}?role=admin&csrftoken={{csrf_token}}">Administrator</a>
+                    <a class="dropdown-item" href="{% url 'change-member-role' team.id member.user.id %}?role=moderator&csrftoken={{csrf_token}}">Moderator</a>
+                  </div>
+                {% endif %}
+                    </div>
+                </td>
                <td>{{member.joined_date}}</td>
            </tr>
            {% endfor %}
--- a/get_together/urls.py
+++ b/get_together/urls.py
@ -70,6 +70,7 @@ urlpatterns = [
    path('team/<int:team_id>/+leave/', event_views.leave_team, name='leave-team'),
    path('team/<int:team_id>/+delete/', views.delete_team, name='delete-team'),
    path('team/<int:team_id>/+members/', views.manage_members, name='manage-members'),
+    path('team/<int:team_id>/+change_role/<int:profile_id>/', views.change_member_role, name='change-member-role'),
    path('team/<int:team_id>/+invite/', views.invite_members, name='invite-members'),
    path('team/<int:team_id>/events.ics', feeds.TeamEventsCalendar(), name='team-event-ical'),

--- a/get_together/views/teams.py
+++ b/get_together/views/teams.py
@ -15,6 +15,7 @@ from events.models.profiles import Organization, Team, UserProfile, Member
 from events.models.events import Event, CommonEvent, Place, Attendee
 from events.forms import TeamForm, NewTeamForm, DeleteTeamForm, TeamContactForm, TeamInviteForm
 from events import location
+from events.utils import verify_csrf
 from events.utils import slugify

 from accounts.models import EmailRecord
@ -195,7 +196,7 @@ def manage_members(request, team_id):
        messages.add_message(request, messages.WARNING, message=_('You can not manage this team\'s members.'))
        return redirect('show-team-by-slug', team.slug)

-    members = Member.objects.filter(team=team).order_by('user__realname')
+    members = Member.objects.filter(team=team).order_by('-role', 'user__realname')
    member_choices = [(member.id, member.user) for member in members if member.user.user.account.is_email_confirmed]
    default_choices = [('all', 'All Members (%s)' % len(member_choices)), ('admins', 'Only Administrators')]
    if request.method == 'POST':
@ -337,3 +338,21 @@ def contact_member(member, body, sender):
        ok=success
    )

+
+@verify_csrf(token_key='csrftoken')
+def change_member_role(request, team_id, profile_id):
+    membership = get_object_or_404(Member, team__id=team_id, user__id=profile_id)
+
+    if not request.user.profile.can_edit_team(membership.team):
+        messages.add_message(request, messages.WARNING, message=_("You can not change member roles for this team."))
+        return redirect(event.get_absolute_url())
+
+    if request.GET.get('role', None) == 'admin':
+        membership.role = Member.ADMIN
+    elif request.GET.get('role', None) == 'moderator':
+        membership.role = Member.MODERATOR
+    elif request.GET.get('role', None) == 'normal':
+        membership.role = Member.NORMAL
+    membership.save()
+
+    return redirect('manage-members', team_id=membership.team.id)