Merge pull request #3326 from akvo/release/candidate

Post 3.39 release merge back into develop
akvo · Jul 26, 2018 · 41e932b · 41e932b
2 parents 5d01974 + b02ff94
commit 41e932b
Show file tree

Hide file tree

Showing 7 changed files with 44 additions and 23 deletions.
diff --git a/akvo/iati/exports/elements/result.py b/akvo/iati/exports/elements/result.py
@@ -62,12 +62,12 @@ def result(project):
 def add_indicator_element(result_element, indicator, is_dgis_project):
     indicator_element = etree.SubElement(result_element, "indicator")
 
-    if indicator.measure:
-        indicator_element.attrib['measure'] = indicator.measure
-
-    elif indicator.type == QUALITATIVE:
+    if indicator.type == QUALITATIVE:
         indicator_element.attrib['measure'] = '5'
 
+    elif indicator.measure:
+        indicator_element.attrib['measure'] = indicator.measure
+
     if indicator.ascending is not None:
         indicator_element.attrib['ascending'] = '1' if indicator.ascending else '0'
 

diff --git a/akvo/rsr/static/scripts-src/my-user-management.js b/akvo/rsr/static/scripts-src/my-user-management.js
@@ -72,7 +72,7 @@ function initReact() {
                 );
             });
 
-            var roles = roles.map(function(role) {
+            var all_roles = roles.map(function(role) {
                 return (
                     React.createElement("option", {key: role.id, value: role.id}, 
                         role.name
@@ -109,7 +109,7 @@ function initReact() {
                     React.createElement("td", null, 
                         React.createElement("select", {className: "form-control role-select", defaultValue: ""}, 
                             React.createElement("option", {value: ""}, i18n.select_role_text), 
-                            roles
+                            all_roles
                         )
                     ), 
                     React.createElement("td", null, thisButton)

diff --git a/akvo/rsr/static/scripts-src/my-user-management.jsx b/akvo/rsr/static/scripts-src/my-user-management.jsx
@@ -72,7 +72,7 @@ function initReact() {
                 );
             });
 
-            var roles = roles.map(function(role) {
+            var all_roles = roles.map(function(role) {
                 return (
                     <option key={role.id} value={role.id}>
                         {role.name}
@@ -109,7 +109,7 @@ function initReact() {
                     <td>
                         <select className="form-control role-select" defaultValue="">
                             <option value="">{i18n.select_role_text}</option>
-                            {roles}
+                            {all_roles}
                         </select>
                     </td>
                     <td>{thisButton}</td>

diff --git a/akvo/rsr/tests/iati_export/test_iati_export.py b/akvo/rsr/tests/iati_export/test_iati_export.py
@@ -423,6 +423,7 @@ def test_complete_project_export(self):
             result=result,
             title="Qualitative indicator",
             description="Qualitative Indicator Description",
+            measure='1',
             type=QUALITATIVE,
         )
         IndicatorReference.objects.create(

diff --git a/akvo/rsr/views/my_rsr.py b/akvo/rsr/views/my_rsr.py
@@ -450,6 +450,16 @@ def user_management(request):
 
     :param request; a Django request.
     """
+
+    def _restrictions_turned_on(user):
+        # "Feature flag" for access restrictions
+        restricting_orgs = settings.ACCESS_RESTRICTIONS_ORGS
+
+        if ('ALL' in restricting_orgs or
+                user.approved_organisations().filter(pk__in=restricting_orgs).exists()):
+            return True
+        return False
+
     user = request.user
 
     if not user.has_perm('rsr.user_management'):
@@ -507,21 +517,24 @@ def user_management(request):
                 'id', 'first_name', 'last_name', 'email'
             ])
 
-            # determine if this user's project access can be restricted
-            if employment.user.has_perm('rsr.user_management'):
-                can_be_restricted = False
-            else:
-                can_be_restricted = True
-                #  We cannot limit project access to users that are employed by more than one
-                # organisation
-                if employment.user.approved_organisations().distinct().count() != 1:
+            if _restrictions_turned_on(user):
+                # determine if this user's project access can be restricted
+                if employment.user.has_perm('rsr.user_management'):
                     can_be_restricted = False
                 else:
-                    user_projects = UserProjects.objects.filter(user=employment.user)
-                    if user_projects.exists():
-                        user_dict['is_restricted'] = user_projects[0].is_restricted
-                        user_dict['restricted_count'] = user_projects[0].projects.count()
-            user_dict['can_be_restricted'] = can_be_restricted
+                    can_be_restricted = True
+                    #  We cannot limit project access to users that are employed by more than one
+                    # organisation
+                    if employment.user.approved_organisations().distinct().count() != 1:
+                        can_be_restricted = False
+                    else:
+                        user_projects = UserProjects.objects.filter(user=employment.user)
+                        if user_projects.exists():
+                            user_dict['is_restricted'] = user_projects[0].is_restricted
+                            user_dict['restricted_count'] = user_projects[0].projects.count()
+                user_dict['can_be_restricted'] = can_be_restricted
+            else:
+                user_dict['can_be_restricted'] = False
 
             employment_dict["user"] = user_dict
         employments_array.append(employment_dict)

diff --git a/akvo/settings/30-rsr.conf b/akvo/settings/30-rsr.conf
@@ -111,3 +111,10 @@ SINGLE_PERIOD_INDICATORS = {
         'period_end': datetime.date(2025, 12, 31),
     },
 }
+
+# List of organisations for which the access restrictions are accessible.
+# Set to "ALL" to apply restrictions to all of RSR
+ACCESS_RESTRICTIONS_ORGS = [
+    #3394, #EUTF
+    #42, #Akvo
+]
diff --git a/akvo/templates/myrsr/user_projects.html b/akvo/templates/myrsr/user_projects.html
@@ -39,8 +39,8 @@ <h4>
       "project_title": "{% trans 'Project title'|escapejs %}",
       {# The following three strings have tags, they require special treatment in the React code #}
       "restricted_info": "{% trans '<strong>Important:</strong> New projects added to RSR are not automatically accessible to your organisation’s users. Once the project has been created, the project team must be granted access individually by the organisation’s administrator.'|escapejs %}",
-      "user_access_restricted": "{% trans 'This user has restricted access, limited to <strong>only</strong> the projects checked below. Click to restrict access.'|escapejs %}",
-      "user_access_unrestricted": "{% trans 'This user has access to <strong>all</strong> projects. Click to change.'|escapejs %}",
+      "user_access_restricted": "{% trans 'This user has restricted access, limited to <strong>only</strong> the projects checked below.'|escapejs %}",
+      "user_access_unrestricted": "{% trans 'This user has access to <strong>all</strong> projects. Click to restrict access.'|escapejs %}",
       "uncheck_all_projects": "{% trans 'Uncheck all projects'|escapejs %}"
     }
   </script>