From 65cfe7ff2b67ed9d640ad4f294e92a3c7f23e1b3 Mon Sep 17 00:00:00 2001 From: Samuel Paccoud - DINUM Date: Mon, 15 Jan 2024 09:14:49 +0100 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8(admin)=20configure=20a=20minimum=20ad?= =?UTF-8?q?min=20with=20users=20and=20teams?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We added identities and team accesses as inlines. --- src/backend/core/admin.py | 111 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 111 insertions(+) create mode 100644 src/backend/core/admin.py diff --git a/src/backend/core/admin.py b/src/backend/core/admin.py new file mode 100644 index 0000000..5318b29 --- /dev/null +++ b/src/backend/core/admin.py @@ -0,0 +1,111 @@ +"""Admin classes and registrations for People's core app.""" +from django import forms +from django.contrib import admin +from django.contrib.auth import admin as auth_admin +from django.utils.translation import gettext_lazy as _ + +from . import models + + +class IdentityFormSet(forms.BaseInlineFormSet): + """ + Make the "is_main" field readonly when it is True so that declaring another identity + works in the admin. + """ + + def add_fields(self, form, index): + """Disable the "is_main" field when it is set to True""" + super().add_fields(form, index) + is_main_value = form.instance.is_main if form.instance else False + form.fields["is_main"].disabled = is_main_value + + +class IdentityInline(admin.TabularInline): + """Inline admin class for user identities.""" + + fields = ( + "sub", + "email", + "is_main", + "created_at", + "updated_at", + ) + formset = IdentityFormSet + model = models.Identity + extra = 0 + readonly_fields = ("email", "created_at", "sub", "updated_at") + + def has_add_permission(self, request, obj): + """ + Identities are automatically created on successful OIDC logins. + Disable creating identities via the admin. + """ + return False + + +class TeamAccessInline(admin.TabularInline): + """Inline admin class for team accesses.""" + + extra = 0 + autocomplete_fields = ["user", "team"] + model = models.TeamAccess + readonly_fields = ("created_at", "updated_at") + + +@admin.register(models.User) +class UserAdmin(auth_admin.UserAdmin): + """Admin class for the User model""" + + fieldsets = ( + ( + None, + { + "fields": ( + "id", + "password", + ) + }, + ), + (_("Personal info"), {"fields": ("email", "language", "timezone")}), + ( + _("Permissions"), + { + "fields": ( + "is_active", + "is_device", + "is_staff", + "is_superuser", + "groups", + "user_permissions", + ), + }, + ), + (_("Important dates"), {"fields": ("created_at", "updated_at")}), + ) + inlines = (IdentityInline, TeamAccessInline) + list_display = ( + "email", + "created_at", + "updated_at", + "is_active", + "is_device", + "is_staff", + "is_superuser", + ) + list_filter = ("is_staff", "is_superuser", "is_device", "is_active") + ordering = ("is_active", "-is_superuser", "-is_staff", "-is_device", "-updated_at") + readonly_fields = ("id", "created_at", "updated_at") + search_fields = ("id", "email", "identities__sub", "identities__email") + + +@admin.register(models.Team) +class TeamAdmin(admin.ModelAdmin): + """Team admin interface declaration.""" + + inlines = (TeamAccessInline,) + list_display = ( + "name", + "created_at", + "updated_at", + ) + search_fields = ("name",)