from django import forms from django.db.models import Q from django.utils.translation import ugettext as _ from django.utils.translation import ugettext_lazy, ugettext_noop from openslides.config.api import ConfigGroup, ConfigGroupedCollection, ConfigVariable from .models import Group, Permission, User def setup_users_config(sender, **kwargs): """ Receiver function to setup all users config variables. It is connected to the signal openslides.config.signals.config_signal during app loading. """ # General users_sort_users_by_first_name = ConfigVariable( name='users_sort_users_by_first_name', default_value=False, form_field=forms.BooleanField( required=False, label=ugettext_lazy('Sort users by first name'), help_text=ugettext_lazy('Disable for sorting by last name'))) group_general = ConfigGroup( title=ugettext_lazy('Sorting'), variables=(users_sort_users_by_first_name,)) # PDF users_pdf_welcometitle = ConfigVariable( name='users_pdf_welcometitle', default_value=_('Welcome to OpenSlides!'), translatable=True, form_field=forms.CharField( widget=forms.Textarea(), required=False, label=ugettext_lazy('Title for access data and welcome PDF'))) users_pdf_welcometext = ConfigVariable( name='users_pdf_welcometext', default_value=_('[Place for your welcome and help text.]'), translatable=True, form_field=forms.CharField( widget=forms.Textarea(), required=False, label=ugettext_lazy('Help text for access data and welcome PDF'))) users_pdf_url = ConfigVariable( name='users_pdf_url', default_value='http://example.com:8000', form_field=forms.CharField( widget=forms.TextInput(), required=False, label=ugettext_lazy('System URL'), help_text=ugettext_lazy('Used for QRCode in PDF of access data.'))) users_pdf_wlan_ssid = ConfigVariable( name='users_pdf_wlan_ssid', default_value='', form_field=forms.CharField( widget=forms.TextInput(), required=False, label=ugettext_lazy('WLAN name (SSID)'), help_text=ugettext_lazy('Used for WLAN QRCode in PDF of access data.'))) users_pdf_wlan_password = ConfigVariable( name='users_pdf_wlan_password', default_value='', form_field=forms.CharField( widget=forms.TextInput(), required=False, label=ugettext_lazy('WLAN password'), help_text=ugettext_lazy('Used for WLAN QRCode in PDF of access data.'))) users_pdf_wlan_encryption = ConfigVariable( name='users_pdf_wlan_encryption', default_value='', form_field=forms.ChoiceField( widget=forms.Select(), required=False, label=ugettext_lazy('WLAN encryption'), help_text=ugettext_lazy('Used for WLAN QRCode in PDF of access data.'), choices=( ('', '---------'), ('WEP', 'WEP'), ('WPA', 'WPA/WPA2'), ('nopass', ugettext_lazy('No encryption'))))) group_pdf = ConfigGroup( title=ugettext_lazy('PDF'), variables=(users_pdf_welcometitle, users_pdf_welcometext, users_pdf_url, users_pdf_wlan_ssid, users_pdf_wlan_password, users_pdf_wlan_encryption)) return ConfigGroupedCollection( title=ugettext_noop('Users'), url='users', weight=50, groups=(group_general, group_pdf)) def create_builtin_groups_and_admin(**kwargs): """ Creates the builtin groups: Anonymous, Registered, Delegates and Staff. Creates the builtin user: admin. """ # Check whether the group pks 1 to 4 are free if Group.objects.filter(pk__in=range(1, 5)).exists(): # Do completely nothing if there are already some of our groups in the database. return permission_strings = ( 'agenda.can_be_speaker', 'agenda.can_manage_agenda', 'agenda.can_see_agenda', 'agenda.can_see_orga_items', 'assignment.can_manage_assignments', 'assignment.can_nominate_other', 'assignment.can_nominate_self', 'assignment.can_see_assignments', 'config.can_manage', 'core.can_manage_projector', 'core.can_manage_tags', 'core.can_see_dashboard', 'core.can_see_projector', 'core.can_use_chat', 'mediafile.can_manage', 'mediafile.can_see', 'mediafile.can_upload', 'motion.can_create_motion', 'motion.can_manage_motion', 'motion.can_see_motion', 'motion.can_support_motion', 'users.can_manage', 'users.can_see_extra_data', 'users.can_see_name', ) permission_dict = {} permission_query = Q() for permission_string in permission_strings: app_label, codename = permission_string.split('.') query_part = Q(content_type__app_label=app_label) & Q(codename=codename) permission_query = permission_query | query_part for permission in Permission.objects.select_related('content_type').filter(permission_query): permission_string = '.'.join((permission.content_type.app_label, permission.codename)) permission_dict[permission_string] = permission # Anonymous (pk 1) and Registered (pk 2) base_permissions = ( permission_dict['agenda.can_see_agenda'], permission_dict['agenda.can_see_orga_items'], permission_dict['assignment.can_see_assignments'], permission_dict['core.can_see_dashboard'], permission_dict['core.can_see_projector'], permission_dict['mediafile.can_see'], permission_dict['motion.can_see_motion'], permission_dict['users.can_see_extra_data'], permission_dict['users.can_see_name'], ) group_anonymous = Group.objects.create(name=ugettext_noop('Anonymous'), pk=1) group_anonymous.permissions.add(*base_permissions) group_registered = Group.objects.create(name=ugettext_noop('Registered'), pk=2) group_registered.permissions.add( permission_dict['agenda.can_be_speaker'], *base_permissions) # Delegates (pk 3) delegates_permissions = ( permission_dict['assignment.can_nominate_other'], permission_dict['assignment.can_nominate_self'], permission_dict['mediafile.can_upload'], permission_dict['motion.can_create_motion'], permission_dict['motion.can_support_motion'], ) group_delegates = Group.objects.create(name=ugettext_noop('Delegates'), pk=3) group_delegates.permissions.add(*delegates_permissions) # Staff (pk 4) staff_permissions = ( permission_dict['agenda.can_manage_agenda'], permission_dict['assignment.can_manage_assignments'], permission_dict['assignment.can_nominate_other'], permission_dict['assignment.can_nominate_self'], permission_dict['config.can_manage'], permission_dict['core.can_manage_projector'], permission_dict['core.can_manage_tags'], permission_dict['core.can_use_chat'], permission_dict['mediafile.can_manage'], permission_dict['mediafile.can_upload'], permission_dict['motion.can_create_motion'], permission_dict['motion.can_manage_motion'], permission_dict['users.can_manage'], ) group_staff = Group.objects.create(name=ugettext_noop('Staff'), pk=4) group_staff.permissions.add(*staff_permissions) # Add users.can_see_name and users.can_see_extra_data permissions # TODO: Remove this redundancy after cleanup of the permission system. group_staff.permissions.add( permission_dict['users.can_see_extra_data'], permission_dict['users.can_see_name']) # Admin user User.objects.create_or_reset_admin_user()