Only show granted permissions when viewing role details

Hopefully a little easier on the eyes..still could use more improvements
though I'm sure.

tailbone/static/css/perms.css

@@ -3,6 +3,10 @@
  * Permission Lists
  ******************************/
 
+div.field-wrapper.permissions {
+    overflow: visible;
+}
+
 div.field-wrapper.permissions div.field div.group {
     margin-bottom: 10px;
 }

tailbone/views/roles.py

@@ -74,10 +74,12 @@ def PermissionsFieldRenderer(permissions, *args, **kwargs):
                 for groupkey in sorted(permissions, key=lambda k: permissions[k]['label'].lower()):
                     inner = HTML.tag('p', c=permissions[groupkey]['label'])
                     perms = permissions[groupkey]['perms']
+                    rendered = False
                     for key in sorted(perms, key=lambda p: perms[p]['label'].lower()):
                         checked = has_permission(Session(), role, key,
                                                  include_guest=False,
                                                  include_authenticated=False)
+                        if checked or not readonly:
                             label = perms[key]['label']
                             if readonly:
                                 span = HTML.tag('span', c="[X]" if checked else "[ ]")
@@ -85,7 +87,11 @@ def PermissionsFieldRenderer(permissions, *args, **kwargs):
                             else:
                                 inner += tags.checkbox(self.name + '-' + key,
                                                        checked=checked, label=label)
+                            rendered = True
+                    if rendered:
                         html += HTML.tag('div', class_='group', c=inner)
+                if not html:
+                    return "(none granted)"
             return html
 
         def render(self, **kwargs):