AD primary user removal and readdition

coldfront/core/project/forms.py

@@ -46,6 +46,16 @@ class ProjectAddUserForm(forms.Form):
     selected = forms.BooleanField(initial=False, required=False)
 
 
+class ProjectReactivateUserForm(forms.Form):
+    username = forms.CharField(max_length=150, disabled=True)
+    first_name = forms.CharField(max_length=150, required=False, disabled=True)
+    last_name = forms.CharField(max_length=150, required=False, disabled=True)
+    email = forms.EmailField(max_length=100, required=False, disabled=True)
+    role = forms.ModelChoiceField(
+        queryset=ProjectUserRoleChoice.objects.all(), required=False, empty_label=None)
+    selected = forms.BooleanField(initial=False, required=False)
+
+
 class ProjectAddUsersToAllocationForm(forms.Form):
     allocation = forms.MultipleChoiceField(
         widget=forms.CheckboxSelectMultiple(attrs={'checked': 'checked'}), required=False)
@@ -55,9 +65,17 @@ def __init__(self, request_user, project_pk, *args, **kwargs):
         project_obj = get_object_or_404(Project, pk=project_pk)
 
         allocation_query_set = project_obj.allocation_set.filter(
-            resources__is_allocatable=True, is_locked=False, status__name__in=PENDING_ACTIVE_ALLOCATION_STATUSES).distinct()
-        allocation_choices = [(allocation.id, "%s (%s) %s" % (allocation.get_parent_resource.name, allocation.get_parent_resource.resource_type.name,
-                                                              allocation.description if allocation.description else '')) for allocation in allocation_query_set]
+            resources__is_allocatable=True, is_locked=False,
+            status__name__in=PENDING_ACTIVE_ALLOCATION_STATUSES
+        ).distinct()
+        allocation_choices = [(
+            allocation.id, "%s (%s) %s" % (
+                allocation.get_parent_resource.name,
+                allocation.get_parent_resource.resource_type.name,
+                allocation.description if allocation.description else ''
+            )
+        ) for allocation in allocation_query_set]
+
         allocation_choices_sorted = []
         allocation_choices_sorted = sorted(allocation_choices, key=lambda x: x[1][0].lower())
         allocation_choices.insert(0, ('__select_all__', 'Select All'))
@@ -74,6 +92,7 @@ class ProjectRemoveUserForm(forms.Form):
     last_name = forms.CharField(max_length=150, required=False, disabled=True)
     email = forms.EmailField(max_length=100, required=False, disabled=True)
     role = forms.CharField(max_length=30, disabled=True)
+    primary_group = forms.BooleanField(required=False, disabled=True)
     selected = forms.BooleanField(initial=False, required=False)
 
 

coldfront/core/project/management/commands/add_default_project_choices.py

@@ -21,7 +21,9 @@ def handle(self, *args, **options):
         for choice in ['User', 'General Manager', 'Storage Manager', 'Access Manager', 'PI']:
             ProjectUserRoleChoice.objects.get_or_create(name=choice)
 
-        for choice in ['Active', 'Pending - Add', 'Pending - Remove', 'Denied', 'Removed', ]:
+        for choice in [
+            'Active', 'Pending - Add', 'Pending - Remove', 'Denied', 'Removed', 'Deactivated'
+        ]:
             ProjectUserStatusChoice.objects.get_or_create(name=choice)
 
         for attribute_type in ('Date', 'Float', 'Int', 'Text', 'Yes/No'):

coldfront/core/project/signals.py

@@ -1,5 +1,9 @@
+import logging
 import django.dispatch
 
+log = logging.getLogger(__name__)
+
+
 project_create = django.dispatch.Signal()
     #providing_args=["project_title"]
 project_post_create = django.dispatch.Signal()
@@ -11,6 +15,8 @@
 project_preremove_projectuser = django.dispatch.Signal()
     #providing_args=["user_name", "group_name"]
 
+project_reactivate_projectuser = django.dispatch.Signal()
+
 project_filter_users_to_remove = django.dispatch.Signal()
     #providing_args=["project_user_list"]
     # return tuple of (no_removal, can_remove)

coldfront/core/project/templates/project/project_add_users.html

@@ -44,6 +44,51 @@ <h2>Add users to project: {{project.title}}</h2>
       </div>
   </div>
 </div>
+
+{% if deactivated_formset %}
+<br>
+<p>
+  The following users, which had this lab's AD Group as their primary group, are currently disabled.
+  You can reenable them by selecting them and clicking "Reactivate Users" below.
+</p>
+<div class="row">
+  <div class="col" id="deactivated_formset">
+    <form action="{% url 'project-add-users' project.pk %}" method="post">
+      {% csrf_token %}
+      <table class="table table-sm table-hover">
+        <thead>
+          <tr>
+            <th><input type="checkbox" class="check" id="selectAll"></th>
+            <th scope="col">Username</th>
+            <th scope="col">First Name</th>
+            <th scope="col">Last Name</th>
+            <th scope="col">Email</th>
+            <th scope="col">Role</th>
+          </tr>
+        </thead>
+        <tbody>
+          {% for form in deactivated_formset %}
+              <tr>
+                <td>{{ form.selected }}</td>
+                <td>{{ form.username.value }}</td>
+                <td>{{ form.first_name.value }}</td>
+                <td>{{ form.last_name.value }}</td>
+                <td>{{ form.email.value }}</td>
+                <td>{{ form.role.value }}</td>
+              </tr>
+          {% endfor %}
+        </tbody>
+      </table>
+      {{ deactivated_formset.management_form }}
+      <button type="submit" class="btn btn-primary">
+        <i class="fas fa-user-plus" aria-hidden="true"></i> Reactivate Selected Users
+      </button>
+    </form>
+  </div>
+</div>
+{% endif %}
+
+
 {% endblock %}
 
 

coldfront/core/project/templates/project/project_remove_users.html

@@ -8,7 +8,7 @@
 <h2>Remove users from project: {{project.title}}</h2>
 <hr>
 
-{% if formset or users_no_removal %}
+{% if formset or primary_group_users %}
   <div class="card border-light">
     <div class="card-body">
       <p>
@@ -17,10 +17,17 @@ <h2>Remove users from project: {{project.title}}</h2>
         remove that user's data from the allocations.
       </p>
       <p>
-        To be removed from a lab, the user must not have the lab as their primary
-        group. If you would like to remove a user that has your lab as their primary
-        group, please <a href="mailto:{{ EMAIL_TICKET_SYSTEM_ADDRESS }}?subject=User removal request for Project {{ project.title }}">
-        contact FASRC support</a>.
+        {% if request.user.is_superuser %}
+          As a superuser, you can remove any user from the project. Please be aware that
+          removing a user from their primary group will cause their account to be deactivated and
+          prevent access to computational resources. If you are unsure, please
+          contact FASRC support or the ColdFront system administrator.
+        {% else %}
+          To be removed from a lab, the user must not have the lab as their primary
+          group. If you would like to remove a user that has your lab as their primary
+          group, please <a href="mailto:{{ EMAIL_TICKET_SYSTEM_ADDRESS }}?subject=User removal request for Project {{ project.title }}">
+          contact FASRC support</a>.
+        {% endif %}
       </p>
       <form action="{% url 'project-remove-users' project.pk %}" method="post">
         {% csrf_token %}
@@ -32,6 +39,7 @@ <h2>Remove users from project: {{project.title}}</h2>
                   <input type="checkbox" class="check" id="selectAll">
                 </th>
                 <th scope="col">#</th>
+                <th scope="col">Is Primary</th>
                 <th scope="col">Username</th>
                 <th scope="col">First Name</th>
                 <th scope="col">Last Name</th>
@@ -40,27 +48,43 @@ <h2>Remove users from project: {{project.title}}</h2>
               </tr>
             </thead>
             <tbody>
-              {% for user in users_no_removal %}
-              <tr>
-                <td></td>
-                <td></td>
-                <td style="color: gray;">{{ user.username }}</td>
-                <td style="color: gray;">{{ user.first_name }}</td>
-                <td style="color: gray;">{{ user.last_name }}</td>
-                <td style="color: gray;">{{ user.email }}</td>
-                <td style="color: gray;">{{ user.role }}</td>
-              </tr>
-              {% endfor %}
               {% for form in formset %}
-                <tr>
-                  <td>{{ form.selected }}</td>
-                  <td>{{ forloop.counter }}</td>
-                  <td>{{ form.username.value }}</td>
-                  <td>{{ form.first_name.value }}</td>
-                  <td>{{ form.last_name.value }}</td>
-                  <td>{{ form.email.value }}</td>
-                  <td>{{ form.role.value }}</td>
-                </tr>
+                {% if form.primary_group.value %}
+                  {% if request.user.is_superuser %}
+                    <tr class="font-weight-bold">
+                      <td>{{ form.selected }}</td>
+                      <td>{{ forloop.counter }}</td>
+                      <td><i class="fas fa-check" aria-hidden="true"></i></td>
+                      <td>{{ form.username.value }}</td>
+                      <td>{{ form.first_name.value }}</td>
+                      <td>{{ form.last_name.value }}</td>
+                      <td>{{ form.email.value }}</td>
+                      <td>{{ form.role.value }}</td>
+                    </tr>
+                  {% else %}
+                    <tr>
+                      <td></td>
+                      <td>{{ forloop.counter }}</td>
+                      <td><i class="fas fa-check" aria-hidden="true"></i></td>
+                      <td style="color: gray;">{{ form.username }}</td>
+                      <td style="color: gray;">{{ form.first_name }}</td>
+                      <td style="color: gray;">{{ form.last_name }}</td>
+                      <td style="color: gray;">{{ form.email }}</td>
+                      <td style="color: gray;">{{ form.role }}</td>
+                    </tr>
+                  {% endif %}
+                {% else %}
+                  <tr>
+                    <td>{{ form.selected }}</td>
+                    <td>{{ forloop.counter }}</td>
+                    <td></td>
+                    <td>{{ form.username.value }}</td>
+                    <td>{{ form.first_name.value }}</td>
+                    <td>{{ form.last_name.value }}</td>
+                    <td>{{ form.email.value }}</td>
+                    <td>{{ form.role.value }}</td>
+                  </tr>
+                {% endif %}
               {% endfor %}
             </tbody>
           </table>