Expose/honor per-role session timeouts

2017-02-21 13:12:23 -06:00 · 2017-02-21 13:12:23 -06:00 · 75c73aad13
commit 75c73aad13
parent 7ef4ebcda8
2 changed files with 42 additions and 40 deletions
--- a/tailbone/views/roles.py
+++ b/tailbone/views/roles.py
@ -31,7 +31,8 @@ from sqlalchemy import orm
 from rattail.db import model
 from rattail.db.auth import has_permission, administrator_role, guest_role, authenticated_role

-import formalchemy
+import formalchemy as fa
+from formalchemy.fields import IntegerFieldRenderer
 from webhelpers.html import HTML, tags

 from tailbone import forms
@ -41,40 +42,38 @@ from tailbone.views.continuum import VersionView, version_defaults
 from tailbone.newgrids import AlchemyGrid, GridAction


-class PermissionsField(formalchemy.Field):
-    """
-    Custom field for role permissions.
-    """
-
-    def sync(self):
-        if not self.is_readonly():
-            role = self.model
-            role.permissions = self.renderer.deserialize()
-
-
 class RolesView(PrincipalMasterView):
    """
    Master view for the Role model.
    """
    model_class = model.Role

-    def configure_grid(self, g):
+    def _preconfigure_grid(self, g):
        g.filters['name'].default_active = True
        g.filters['name'].default_verb = 'contains'
        g.default_sortkey = 'name'
+
+    def configure_grid(self, g):
        g.configure(
            include=[
                g.name,
+                g.session_timeout,
            ],
            readonly=True)

-    def configure_fieldset(self, fs):
+    def _preconfigure_fieldset(self, fs):
        fs.append(PermissionsField('permissions'))
        permissions = self.request.registry.settings.get('tailbone_permissions', {})
        fs.permissions.set(renderer=forms.renderers.PermissionsFieldRenderer(permissions))
+        fs.session_timeout.set(renderer=SessionTimeoutRenderer)
+        if (self.viewing or self.editing) and fs.model is guest_role(self.Session()):
+            fs.session_timeout.set(readonly=True, attrs={'applicable': False})
+
+    def configure_fieldset(self, fs):
        fs.configure(
            include=[
                fs.name,
+                fs.session_timeout,
                fs.permissions,
            ])

@ -122,6 +121,25 @@ class RolesView(PrincipalMasterView):
        return roles


+class SessionTimeoutRenderer(IntegerFieldRenderer):
+
+    def render_readonly(self, **kwargs):
+        if not kwargs.pop('applicable', True):
+            return "(not applicable)"
+        return super(SessionTimeoutRenderer, self).render_readonly(**kwargs)
+
+
+class PermissionsField(fa.Field):
+    """
+    Custom field for role permissions.
+    """
+
+    def sync(self):
+        if not self.is_readonly():
+            role = self.model
+            role.permissions = self.renderer.deserialize()
+
+
 class RoleVersionView(VersionView):
    """
    View which shows version history for a role.