From 32d1054cb527e192ca5d36a7d5e500f38290355e Mon Sep 17 00:00:00 2001 From: Michael Hall Date: Fri, 7 Sep 2018 16:26:27 -0400 Subject: [PATCH] Add ability to change a member's role in a team if you are an admin --- events/models/profiles.py | 3 ++- .../get_together/teams/manage_members.html | 24 ++++++++++++++++++- get_together/urls.py | 1 + get_together/views/teams.py | 21 +++++++++++++++- 4 files changed, 46 insertions(+), 3 deletions(-) diff --git a/events/models/profiles.py b/events/models/profiles.py index ff03be8..4d617f1 100644 --- a/events/models/profiles.py +++ b/events/models/profiles.py @@ -182,10 +182,11 @@ class UserProfile(models.Model): return False if team.owner_profile == self: return True - if self in team.moderators: + if self in team.administrators: return True return False + def get_user_timezone(username): # TODO: find a smarter way to get timezone return 'UTC' diff --git a/get_together/templates/get_together/teams/manage_members.html b/get_together/templates/get_together/teams/manage_members.html index 588ce0e..b993ae1 100644 --- a/get_together/templates/get_together/teams/manage_members.html +++ b/get_together/templates/get_together/teams/manage_members.html @@ -41,7 +41,29 @@ {% endif %} - {{member.role_name}} + +
+ {% if member.role == member.ADMIN %} + + + {% elif member.role == member.MODERATOR %} + + + {% elif member.role == member.NORMAL %} + + + {% endif %} +
+ {{member.joined_date}} {% endfor %} diff --git a/get_together/urls.py b/get_together/urls.py index 17358ee..c600353 100644 --- a/get_together/urls.py +++ b/get_together/urls.py @@ -70,6 +70,7 @@ urlpatterns = [ path('team//+leave/', event_views.leave_team, name='leave-team'), path('team//+delete/', views.delete_team, name='delete-team'), path('team//+members/', views.manage_members, name='manage-members'), + path('team//+change_role//', views.change_member_role, name='change-member-role'), path('team//+invite/', views.invite_members, name='invite-members'), path('team//events.ics', feeds.TeamEventsCalendar(), name='team-event-ical'), diff --git a/get_together/views/teams.py b/get_together/views/teams.py index 989947e..73f2923 100644 --- a/get_together/views/teams.py +++ b/get_together/views/teams.py @@ -15,6 +15,7 @@ from events.models.profiles import Organization, Team, UserProfile, Member from events.models.events import Event, CommonEvent, Place, Attendee from events.forms import TeamForm, NewTeamForm, DeleteTeamForm, TeamContactForm, TeamInviteForm from events import location +from events.utils import verify_csrf from events.utils import slugify from accounts.models import EmailRecord @@ -195,7 +196,7 @@ def manage_members(request, team_id): messages.add_message(request, messages.WARNING, message=_('You can not manage this team\'s members.')) return redirect('show-team-by-slug', team.slug) - members = Member.objects.filter(team=team).order_by('user__realname') + members = Member.objects.filter(team=team).order_by('-role', 'user__realname') member_choices = [(member.id, member.user) for member in members if member.user.user.account.is_email_confirmed] default_choices = [('all', 'All Members (%s)' % len(member_choices)), ('admins', 'Only Administrators')] if request.method == 'POST': @@ -337,3 +338,21 @@ def contact_member(member, body, sender): ok=success ) + +@verify_csrf(token_key='csrftoken') +def change_member_role(request, team_id, profile_id): + membership = get_object_or_404(Member, team__id=team_id, user__id=profile_id) + + if not request.user.profile.can_edit_team(membership.team): + messages.add_message(request, messages.WARNING, message=_("You can not change member roles for this team.")) + return redirect(event.get_absolute_url()) + + if request.GET.get('role', None) == 'admin': + membership.role = Member.ADMIN + elif request.GET.get('role', None) == 'moderator': + membership.role = Member.MODERATOR + elif request.GET.get('role', None) == 'normal': + membership.role = Member.NORMAL + membership.save() + + return redirect('manage-members', team_id=membership.team.id)