From 19637d5e720b9ed8c257d63e10becfee210c56e7 Mon Sep 17 00:00:00 2001
From: Jorran de Wit <jorrandewit@outlook.com>
Date: Sun, 29 Oct 2017 10:27:24 +0100
Subject: [PATCH] Remove scary strings from permission-checks in template (pp)
---
scipost/templates/scipost/personal_page.html | 66 +++++++++------
scipost/templatetags/user_groups.py | 87 ++++++++++++++++++++
scipost/views.py | 1 -
3 files changed, 126 insertions(+), 28 deletions(-)
diff --git a/scipost/templates/scipost/personal_page.html b/scipost/templates/scipost/personal_page.html
index b5b567f3a..817781a38 100644
--- a/scipost/templates/scipost/personal_page.html
+++ b/scipost/templates/scipost/personal_page.html
@@ -1,6 +1,7 @@
{% extends 'scipost/base.html' %}
{% load bootstrap %}
+{% load user_groups %}
{% block pagetitle %}: personal page{% endblock pagetitle %}
@@ -17,6 +18,17 @@
</div>
{% else %}
+ {# Save all Permission groups into template variables #}
+ {% is_edcol_admin request.user as is_edcol_admin %}
+ {% is_scipost_admin request.user as is_scipost_admin %}
+ {% is_editorial_college request.user as is_editorial_college %}
+ {% is_advisory_board request.user as is_advisory_board %}
+ {% is_vetting_editor request.user as is_vetting_editor %}
+ {% is_ambassador request.user as is_ambassador %}
+ {% is_junior_ambassador request.user as is_junior_ambassador %}
+ {% is_registered_contributor request.user as is_registered_contributor %}
+ {% is_tester request.user as is_tester %}
+ {% is_production_officer request.user as is_production_officer %}
<div class="row">
<div class="col-12">
@@ -33,7 +45,7 @@
<li class="nav-item btn btn-secondary">
<a href="#account" class="nav-link active" data-toggle="tab">Account</a>
</li>
- {% if 'SciPost Administrators' in user_groups or 'Editorial Administrators' in user_groups or 'Editorial College' in user_groups or 'Advisory Board' in user_groups or 'Vetting Editors' in user_groups or 'Ambassadors' in user_groups or 'Junior Ambassadors' in user_groups %}
+ {% if is_scipost_admin or is_edcol_admin or is_editorial_college or is_advisory_board or is_vetting_editor or is_ambassador or is_junior_ambassador %}
<li class="nav-item btn btn-secondary">
<a href="#editorial-actions" class="nav-link" data-toggle="tab">Editorial Actions</a>
</li>
@@ -127,34 +139,34 @@
<hr>
{% endif %}
- {% if 'SciPost Administrators' in user_groups %}
+ {% if is_scipost_admin %}
<h3>You are a SciPost Administrator.</h3>
{% endif %}
- {% if 'Editorial Administrators' in user_groups %}
+ {% if is_edcol_admin %}
<h3>You are a SciPost Editorial Administrator.</h3>
{% endif %}
- {% if 'Advisory Board' in user_groups %}
+ {% if is_advisory_board %}
<h3>You are a member of the Advisory Board.</h3>
{% endif %}
- {% if 'Editorial College' in user_groups %}
+ {% if is_editorial_college %}
<h3>You are a member of the Editorial College.</h3>
{% endif %}
- {% if 'Vetting Editors' in user_groups %}
+ {% if is_vetting_editor %}
<h3>You are a SciPost Vetting Editor.</h3>
{% endif %}
- {% if 'Registered Contributors' in user_groups %}
+ {% if is_registered_contributor %}
<h3>You are a Registered Contributor.</h3>
{% endif %}
- {% if 'Testers' in user_groups %}
+ {% if is_tester %}
<h3>You are a SciPost Tester.</h3>
{% endif %}
- {% if 'Ambassadors' in user_groups %}
+ {% if is_ambassador %}
<h3>You are a SciPost Ambassador.</h3>
{% endif %}
- {% if 'Junior Ambassadors' in user_groups %}
+ {% if is_junior_ambassador %}
<h3>You are a SciPost Junior Ambassador.</h3>
{% endif %}
- {% if 'Production Officers' in user_groups %}
+ {% if is_production_officer %}
<h3>You are a SciPost Production Officer.</h3>
{% endif %}
@@ -249,7 +261,7 @@
{% endif %}
</div><!-- End tab -->
- {% if 'SciPost Administrators' in user_groups or 'Editorial Administrators' in user_groups or 'Editorial College' in user_groups or 'Advisory Board' in user_groups or 'Vetting Editors' in user_groups or 'Ambassadors' in user_groups or 'Junior Ambassadors' in user_groups %}
+ {% if is_scipost_admin or is_edcol_admin or is_editorial_college or is_advisory_board or is_vetting_editor or is_ambassador or is_junior_ambassador %}
<!-- Tab: Editorial Actions -->
<div class="tab-pane" id="editorial-actions" role="tabpanel">
<div class="row">
@@ -263,7 +275,7 @@
</div>
<div class="row">
- {% if 'SciPost Administrators' in user_groups or 'Advisory Board' in user_groups or 'Ambassadors' in user_groups or 'Junior Ambassadors' in user_groups %}
+ {% if is_scipost_admin or is_advisory_board or is_ambassador or is_junior_ambassador %}
<div class="col-md-4">
<h3>Registration actions</h3>
<ul>
@@ -288,7 +300,7 @@
</ul>
{% endif %}
- {% if 'SciPost Administrators' in user_groups %}
+ {% if is_scipost_admin %}
<h3>Email communications</h3>
<ul>
{% if perms.scipost.can_email_group_members %}
@@ -314,7 +326,7 @@
{% endif %}
<div class="col-md-4">
- {% if 'Vetting Editors' in user_groups or perms.scipost.can_vet_submitted_reports %}
+ {% if is_vetting_editor or perms.scipost.can_vet_submitted_reports %}
<h3>Vetting actions</h3>
<ul>
{% if perms.scipost.can_vet_commentary_requests %}
@@ -335,7 +347,7 @@
</ul>
{% endif %}
- {% if 'Editorial Administrators' in user_groups %}
+ {% if is_edcol_admin %}
<h3>Editorial Admin actions</h3>
<ul>
<li><a href="{% url 'submissions:reports_accepted_list' %}">Accepted Reports</a>{% if nr_reports_without_pdf %} ({{nr_reports_without_pdf}} unfinished){% endif %}</li>
@@ -358,7 +370,7 @@
{% endif %}
</div>
- {% if 'Editorial Administrators' in user_groups or 'Editorial College' in user_groups %}
+ {% if is_edcol_admin or is_editorial_college %}
<div class="col-md-4">
<h3>Info</h3>
<ul>
@@ -379,16 +391,16 @@
{% endif %}
</ul>
- {% if 'Editorial Administrators' in user_groups %}
- <h3>Refereeing overview</h3>
- <ul>
- <li>View (and act on) outstanding refereeing invitations in the <a href="{% url 'submissions:refereeing_overview' %}">refereeing overview</a></li>
- <li><a href="{% url 'stats:statistics' %}">View statistics</a> for submissions, refereeing, publishing</li>
- </ul>
- <h3>Voting</h3>
- <ul>
- <li>Prepare Editorial Recommendations for voting via the <a href="{% url 'submissions:pool' %}">Submissions Pool</a> ({{ nr_recommendations_to_prepare_for_voting }})</li>
- </ul>
+ {% if is_edcol_admin %}
+ <h3>Refereeing overview</h3>
+ <ul>
+ <li>View (and act on) outstanding refereeing invitations in the <a href="{% url 'submissions:refereeing_overview' %}">refereeing overview</a></li>
+ <li><a href="{% url 'stats:statistics' %}">View statistics</a> for submissions, refereeing, publishing</li>
+ </ul>
+ <h3>Voting</h3>
+ <ul>
+ <li>Prepare Editorial Recommendations for voting via the <a href="{% url 'submissions:pool' %}">Submissions Pool</a> ({{ nr_recommendations_to_prepare_for_voting }})</li>
+ </ul>
{% endif %}
</div>
{% endif %}
diff --git a/scipost/templatetags/user_groups.py b/scipost/templatetags/user_groups.py
index 8cd171dea..21a1f0ff5 100644
--- a/scipost/templatetags/user_groups.py
+++ b/scipost/templatetags/user_groups.py
@@ -12,6 +12,93 @@ def is_edcol_admin(user):
return user.groups.filter(name='Editorial Administrators').exists() or user.is_superuser
+@register.simple_tag
+def is_scipost_admin(user):
+ """
+ Assign template variable (boolean) to check if user is SciPost Administrator.
+ This assignment is limited to a certain context block!
+ """
+ return user.groups.filter(name='SciPost Administrators').exists() or user.is_superuser
+
+
+@register.simple_tag
+def is_editorial_college(user):
+ """
+ Assign template variable (boolean) to check if user is member of Editorial College group.
+
+ !!!
+ This filter should actually be dynamic, not checking the permissions group but the current
+ active Fellowship instances for the user.
+ !!!
+
+ This assignment is limited to a certain context block!
+ """
+ return user.groups.filter(name='Editorial College').exists() or user.is_superuser
+
+
+@register.simple_tag
+def is_advisory_board(user):
+ """
+ Assign template variable (boolean) to check if user is in Advisory Board.
+ This assignment is limited to a certain context block!
+ """
+ return user.groups.filter(name='Advisory Board').exists() or user.is_superuser
+
+
+@register.simple_tag
+def is_vetting_editor(user):
+ """
+ Assign template variable (boolean) to check if user is in Vetting Editor.
+ This assignment is limited to a certain context block!
+ """
+ return user.groups.filter(name='Vetting Editors').exists() or user.is_superuser
+
+
+@register.simple_tag
+def is_ambassador(user):
+ """
+ Assign template variable (boolean) to check if user is Ambassador.
+ This assignment is limited to a certain context block!
+ """
+ return user.groups.filter(name='Ambassadors').exists() or user.is_superuser
+
+
+@register.simple_tag
+def is_junior_ambassador(user):
+ """
+ Assign template variable (boolean) to check if user is Junior Ambassador.
+ This assignment is limited to a certain context block!
+ """
+ return user.groups.filter(name='Junior Ambassadors').exists() or user.is_superuser
+
+
+@register.simple_tag
+def is_registered_contributor(user):
+ """
+ Assign template variable (boolean) to check if user is Registered Contributor.
+ This assignment is limited to a certain context block!
+ """
+ return user.groups.filter(name='Registered Contributors').exists() or user.is_superuser
+
+
+@register.simple_tag
+def is_tester(user):
+ """
+ Assign template variable (boolean) to check if user is Tester.
+ This assignment is limited to a certain context block!
+ """
+ return user.groups.filter(name='Testers').exists() or user.is_superuser
+
+
+@register.simple_tag
+def is_production_officer(user):
+ """
+ Assign template variable (boolean) to check if user is Production Officer.
+ This assignment is limited to a certain context block!
+ """
+ return user.groups.filter(name='Production Officers').exists() or user.is_superuser
+
+
@register.simple_tag
def is_editor_in_charge(user, submission):
"""
diff --git a/scipost/views.py b/scipost/views.py
index fb5ff5b6c..9b222806a 100644
--- a/scipost/views.py
+++ b/scipost/views.py
@@ -719,7 +719,6 @@ def personal_page(request):
context['needs_validation'] = contributor.status != CONTRIBUTOR_NORMAL
except Contributor.DoesNotExist:
contributor = None
- context['user_groups'] = request.user.groups.values_list('name', flat=True)
if contributor:
# Compile the unavailability periods:
--
GitLab