User authorisation/authentication

Issue #16 resolved
Ed McDonagh created an issue

Needed to restrict access to all or some functions, particularly advanced functions such as direct import of data or deleting data.

Comments (19)

  1. Ed McDonagh reporter

    Authentication system now has login link in nav bar, very basic login page, users name displayed when logged in with logout link, ctfiltered template. Refs #16.

    → <<cset 906de14c22ca>>

  2. Ed McDonagh reporter

    Base template now displays login or logout depending on is_authenticated, and links back to current page when authenticated including search strings. Propose to ditch the auth version of each page and incorporate in original instead. Refs #16.

    → <<cset 12d973bfe423>>

  3. Ed McDonagh reporter

    Need to have four levels of authorisation:

    • Not logged in - home page only
    • View level - modality filtered pages and study details pages (radiographer view)
    • Export level - as view, but allowed to export to spreadsheet and import pt size data (physics or researcher view)
    • Admin level - as export, but allowed to delete data (physics administrator view)
  4. Ed McDonagh reporter

    Added export function to standard CT filter template with if user.is_authenticated. Removed auth versions of templates, urls and views. Limited functionality now for a single authorisation level - need to introduce groups. Refs #16.

    → <<cset 01d6fd58242c>>

  5. Ed McDonagh reporter

    CT filter page functionality now depends on two variables admin.exportperms and admin.adminperms that get passed from the view. The setup of the variables is curretly a bit cluncky, but it does the job. Refs #16.

    → <<cset f72bc9f150a8>>

  6. Log in to comment