Let any 'admin' user elevate to 'root' for full system access
But otherwise, let the Administrator role be "normal" and have perms of its own. Hopefully cuts down on unwanted screen noise for admins.
This commit is contained in:
Lance Edgar
parent
4599eaad97
commit
6bf60365ba
6 changed files with 102 additions and 48 deletions
|
|
@ -2,7 +2,7 @@
|
|||
################################################################################
|
||||
#
|
||||
# Rattail -- Retail Software Framework
|
||||
# Copyright © 2010-2015 Lance Edgar
|
||||
# Copyright © 2010-2016 Lance Edgar
|
||||
#
|
||||
# This file is part of Rattail.
|
||||
#
|
||||
|
|
@ -24,20 +24,19 @@
|
|||
Auth Views
|
||||
"""
|
||||
|
||||
from __future__ import unicode_literals
|
||||
from __future__ import unicode_literals, absolute_import
|
||||
|
||||
from rattail.db.auth import authenticate_user, set_user_password
|
||||
|
||||
import formencode
|
||||
from pyramid.httpexceptions import HTTPFound
|
||||
from pyramid.security import remember, forget, authenticated_userid
|
||||
|
||||
from pyramid_simpleform import Form
|
||||
from webhelpers.html import literal
|
||||
from webhelpers.html import tags
|
||||
|
||||
import formencode
|
||||
from pyramid_simpleform import Form
|
||||
from ..forms.simpleform import FormRenderer
|
||||
|
||||
from ..db import Session
|
||||
from rattail.db.auth import authenticate_user, set_user_password
|
||||
from tailbone.db import Session
|
||||
from tailbone.forms.simpleform import FormRenderer
|
||||
|
||||
|
||||
def forbidden(request):
|
||||
|
|
@ -104,6 +103,24 @@ def logout(request):
|
|||
return HTTPFound(location=referrer, headers=headers)
|
||||
|
||||
|
||||
def become_root(request):
|
||||
"""
|
||||
Elevate the current request to 'root' for full system access.
|
||||
"""
|
||||
request.session['is_root'] = True
|
||||
request.session.flash("You have been elevated to 'root' and now have full system access", 'error')
|
||||
return HTTPFound(location=request.get_referrer())
|
||||
|
||||
|
||||
def stop_root(request):
|
||||
"""
|
||||
Lower the current request from 'root' back to normal access.
|
||||
"""
|
||||
request.session['is_root'] = False
|
||||
request.session.flash("Your normal system access has been restored")
|
||||
return HTTPFound(location=request.get_referrer())
|
||||
|
||||
|
||||
class CurrentPasswordCorrect(formencode.validators.FancyValidator):
|
||||
|
||||
def _to_python(self, value, state):
|
||||
|
|
@ -148,6 +165,8 @@ def change_password(request):
|
|||
def add_routes(config):
|
||||
config.add_route('login', '/login')
|
||||
config.add_route('logout', '/logout')
|
||||
config.add_route('become_root', '/root/yes')
|
||||
config.add_route('stop_root', '/root/no')
|
||||
config.add_route('change_password', '/change-password')
|
||||
|
||||
|
||||
|
|
@ -161,5 +180,8 @@ def includeme(config):
|
|||
|
||||
config.add_view(logout, route_name='logout')
|
||||
|
||||
config.add_view(become_root, route_name='become_root')
|
||||
config.add_view(stop_root, route_name='stop_root')
|
||||
|
||||
config.add_view(change_password, route_name='change_password',
|
||||
renderer='/change_password.mako')
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue