PyPI - micro-users - Versions diffs - 1.7.1__tar.gz → 1.8.1__tar.gz - Mend

micro-users 1.7.1tar.gz → 1.8.1tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of micro-users might be problematic. Click here for more details.

Files changed (51) hide show

{micro_users-1.7.1 → micro_users-1.8.1}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: micro_users
-Version: 1.7.1
+Version: 1.8.1
 Summary: Arabic Django user management app with abstract user, permissions, and activity logging
 Home-page: https://github.com/debeski/micro-users
 Author: DeBeski
@@ -211,3 +211,5 @@ MICRO_USERS_THEME = {
 | v1.6.3   | • **Bug Fixes**: Fixed a crash with table tooltips "disabled" |
 | v1.7.0   | • **New Theme**: Complete visual overhaul with modern, consistent styling <br> • **Refactor**: Updated Login, Profile, and Detail templates for better UX <br> • **Feature**: Added Scope filter to Activity Logs (superuser only) <br> • **UX**: Clear button in filters now preserves current sort order |
 | v1.7.1   | • **Bug Fixes**: Fixed login/next url was not being passed correctly |
+| v1.8.0   | • **Permissions UI**: Complete redesign with App/Model-based grouping and hierarchical checkboxes<br>• **Aesthetics**: Applied modern glassmorphism theme to permission cards with interactive toggles<br>• **Security**: Implemented 3-level security logic (GM, SM, User) and "invisible" Superuser protection<br>• **Foolproofing**: Added self-editing protection for staff and scope enforcement for managers<br>• **Localization**: Fully translated system auth labels and metadata to Arabic |
+| v1.8.1   | • **UI Refinement**: Swapped `Email` and `Phone` positions across all forms, tables, and detail views<br>• **Field Logic**: Set `Email` and `Phone` as optional (not required) for all users<br>• **Security**: Added `manage_staff` custom permission to restrict `is_staff` management to authorized managers only<br>• **Bug Fix**: Reserved `manage_staff` assignment power strictly for Superusers and fixed UI grouping for custom permissions |

{micro_users-1.7.1 → micro_users-1.8.1}/README.md RENAMED Viewed

@@ -178,4 +178,6 @@ MICRO_USERS_THEME = {
 | v1.6.2   | • **UI**: Improved some tooltips for buttons and descriptions |
 | v1.6.3   | • **Bug Fixes**: Fixed a crash with table tooltips "disabled" |
 | v1.7.0   | • **New Theme**: Complete visual overhaul with modern, consistent styling <br> • **Refactor**: Updated Login, Profile, and Detail templates for better UX <br> • **Feature**: Added Scope filter to Activity Logs (superuser only) <br> • **UX**: Clear button in filters now preserves current sort order |
-| v1.7.1   | • **Bug Fixes**: Fixed login/next url was not being passed correctly |
+| v1.7.1   | • **Bug Fixes**: Fixed login/next url was not being passed correctly |
+| v1.8.0   | • **Permissions UI**: Complete redesign with App/Model-based grouping and hierarchical checkboxes<br>• **Aesthetics**: Applied modern glassmorphism theme to permission cards with interactive toggles<br>• **Security**: Implemented 3-level security logic (GM, SM, User) and "invisible" Superuser protection<br>• **Foolproofing**: Added self-editing protection for staff and scope enforcement for managers<br>• **Localization**: Fully translated system auth labels and metadata to Arabic |
+| v1.8.1   | • **UI Refinement**: Swapped `Email` and `Phone` positions across all forms, tables, and detail views<br>• **Field Logic**: Set `Email` and `Phone` as optional (not required) for all users<br>• **Security**: Added `manage_staff` custom permission to restrict `is_staff` management to authorized managers only<br>• **Bug Fix**: Reserved `manage_staff` assignment power strictly for Superusers and fixed UI grouping for custom permissions |

{micro_users-1.7.1 → micro_users-1.8.1}/micro_users.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: micro-users
-Version: 1.7.1
+Version: 1.8.1
 Summary: Arabic Django user management app with abstract user, permissions, and activity logging
 Home-page: https://github.com/debeski/micro-users
 Author: DeBeski
@@ -211,3 +211,5 @@ MICRO_USERS_THEME = {
 | v1.6.3   | • **Bug Fixes**: Fixed a crash with table tooltips "disabled" |
 | v1.7.0   | • **New Theme**: Complete visual overhaul with modern, consistent styling <br> • **Refactor**: Updated Login, Profile, and Detail templates for better UX <br> • **Feature**: Added Scope filter to Activity Logs (superuser only) <br> • **UX**: Clear button in filters now preserves current sort order |
 | v1.7.1   | • **Bug Fixes**: Fixed login/next url was not being passed correctly |
+| v1.8.0   | • **Permissions UI**: Complete redesign with App/Model-based grouping and hierarchical checkboxes<br>• **Aesthetics**: Applied modern glassmorphism theme to permission cards with interactive toggles<br>• **Security**: Implemented 3-level security logic (GM, SM, User) and "invisible" Superuser protection<br>• **Foolproofing**: Added self-editing protection for staff and scope enforcement for managers<br>• **Localization**: Fully translated system auth labels and metadata to Arabic |
+| v1.8.1   | • **UI Refinement**: Swapped `Email` and `Phone` positions across all forms, tables, and detail views<br>• **Field Logic**: Set `Email` and `Phone` as optional (not required) for all users<br>• **Security**: Added `manage_staff` custom permission to restrict `is_staff` management to authorized managers only<br>• **Bug Fix**: Reserved `manage_staff` assignment power strictly for Superusers and fixed UI grouping for custom permissions |

{micro_users-1.7.1 → micro_users-1.8.1}/micro_users.egg-info/SOURCES.txt RENAMED Viewed

@@ -27,10 +27,12 @@ users/static/img/default_profile.webp
 users/static/img/login_logo.webp
 users/static/users/css/detail.css
 users/static/users/css/login.css
+users/static/users/css/permissions.css
 users/static/users/css/profile.css
 users/static/users/css/style.css
 users/static/users/js/anime.min.js
 users/static/users/js/login.js
+users/static/users/js/permissions.js
 users/templates/registration/login.html
 users/templates/users/manage_users.html
 users/templates/users/user_activity_log.html

{micro_users-1.7.1 → micro_users-1.8.1}/pyproject.toml RENAMED Viewed

@@ -8,7 +8,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "micro_users"
-version = "1.7.1"
+version = "1.8.1"
 description = "Arabic Django user management app with abstract user, permissions, and activity logging"
 readme = "README.md"
 requires-python = ">=3.11"

{micro_users-1.7.1 → micro_users-1.8.1}/setup.py RENAMED Viewed

@@ -5,7 +5,7 @@ with open("README.md", "r", encoding="utf-8") as fh:
 setup(
     name="micro_users",
-    version="1.7.1",
+    version="1.8.1",
     author="DeBeski",
     author_email="debeski1@gmail.com",
     description="Arabic django user management app with abstract user, permissions, and activity logging",

micro_users-1.8.1/users/apps.py ADDED Viewed

@@ -0,0 +1,44 @@
+# Imports of the required python modules and libraries
+######################################################
+from django.apps import AppConfig
+def custom_permission_str(self):
+    """Custom Arabic translations for Django permissions"""
+    permission_name = str(self.name)
+    # Translation map for keywords
+    replacements = {
+        "Can add": "إضافة",
+        "Can change": "تعديل",
+        "Can delete": "حذف",
+        "Can view": "عرض",
+        "permission": "الصلاحيات",
+    }
+    for en, ar in replacements.items():
+        permission_name = permission_name.replace(en, ar)
+    return permission_name.strip()
+class UsersConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'users'
+    verbose_name = "المستخدمين"
+    def ready(self):
+        from django.contrib.auth.models import Permission
+        from django.apps import apps
+        # Set Arabic verbose names for Auth app and Permission model
+        try:
+            auth_config = apps.get_app_config('auth')
+            auth_config.verbose_name = "نظام المصادقة" # "Auth" -> Identity/Authentication
+            Permission.__str__ = custom_permission_str
+            Permission._meta.verbose_name = "ادارة الصلاحيات"
+            Permission._meta.verbose_name_plural = "الصلاحيات"
+        except (LookupError, AttributeError):
+            pass
+        import users.signals

{micro_users-1.7.1 → micro_users-1.8.1}/users/forms.py RENAMED Viewed

@@ -49,6 +49,25 @@ class GroupedPermissionWidget(ChoiceWidget):
         for perm in qs:
             app_label = perm.content_type.app_label
+            model_name = perm.content_type.model
+            codename = perm.codename
+            # --- Mapping manage_staff to auth.Permission UI ---
+            if app_label == 'users' and codename == 'manage_staff':
+                app_label = 'auth'
+                model_name = 'permission'
+            # -------------------------------------------------
+            # Use real verbose name from model class if available
+            if app_label == 'auth' and model_name == 'permission':
+                # Special case: use the verbose name of the Permission model
+                model_verbose_name = "الصلاحيات" # Or fetch from apps.get_model('auth', 'Permission')._meta.verbose_name
+            else:
+                model_class = perm.content_type.model_class()
+                if model_class:
+                    model_verbose_name = str(model_class._meta.verbose_name)
+                else:
+                    model_verbose_name = perm.content_type.name
             # Fetch verbose app name
             try:
@@ -57,7 +76,7 @@ class GroupedPermissionWidget(ChoiceWidget):
             except LookupError:
                 app_verbose_name = app_label.title()
-            # Determine action
+            # Determine action for CSS/JS filtering if needed (legacy or utility)
             action = 'other'
             codename = perm.codename
             if codename.startswith('view_'): action = 'view'
@@ -71,29 +90,37 @@ class GroupedPermissionWidget(ChoiceWidget):
             option = {
                 'name': name,
                 'value': perm.pk,
-                'label': str(perm), # Force string conversion to use custom __str__ method
+                'label': str(perm),
+                'codename': codename,
                 'selected': str(perm.pk) in str_values,
                 'attrs': {
                     'id': f"{current_id}_{perm.pk}",
-                    'data_action': action  # Critical for JS global select
+                    'data_action': action,
+                    'data_model': model_name
                 }
             }
             if app_label not in grouped_perms:
                 grouped_perms[app_label] = {
                     'name': app_verbose_name,
-                    'actions': {}
+                    'models': {}
+                }
+            if model_name not in grouped_perms[app_label]['models']:
+                grouped_perms[app_label]['models'][model_name] = {
+                    'name': model_verbose_name.title(),
+                    'permissions': []
                 }
-            grouped_perms[app_label]['actions'].setdefault(action, []).append(option)
+            grouped_perms[app_label]['models'][model_name]['permissions'].append(option)
-        # Sort actions within each app: View -> Add -> Change -> Delete -> Other
+        # Sort permissions within each model: View -> Add -> Change -> Delete -> Other
         action_order = {'view': 1, 'add': 2, 'change': 3, 'delete': 4, 'other': 5}
         for app_label, app_data in grouped_perms.items():
-            app_data['actions'] = dict(sorted(
-                app_data['actions'].items(),
-                key=lambda item: action_order.get(item[0], 99)
-            ))
+            for model_name, model_data in app_data['models'].items():
+                model_data['permissions'].sort(
+                    key=lambda x: action_order.get(x['attrs']['data_action'], 99)
+                )
         context['widget']['grouped_perms'] = grouped_perms
         return context
@@ -113,12 +140,12 @@ class CustomUserCreationForm(UserCreationForm):
             Q(codename__regex=r'^(delete_)') |
             Q(content_type__app_label__in=[
                 'admin',
-                'auth',
                 'contenttypes',
                 'sessions',
                 'django_celery_beat',
-                'users'
-            ])
+            ]) |
+            (Q(content_type__app_label='users') & ~Q(codename='manage_staff')) |
+            Q(content_type__app_label='auth', content_type__model__in=['group', 'user'])
         ),
         required=False,
         widget=GroupedPermissionWidget,
@@ -127,15 +154,34 @@ class CustomUserCreationForm(UserCreationForm):
     class Meta:
         model = User
-        fields = ["username", "email", "password1", "password2", "first_name", "last_name", "phone", "scope", "is_staff", "permissions", "is_active"]
+        fields = ["username", "phone", "password1", "password2", "first_name", "last_name", "email", "scope", "is_staff", "permissions", "is_active"]
     def __init__(self, *args, **kwargs):
         self.user = kwargs.pop('user', None)
         super().__init__(*args, **kwargs)
+        # Permission check: Non-superusers can only assign permissions they already have
+        if self.user and not self.user.is_superuser:
+            user_perms = self.user.user_permissions.all() | Permissions.objects.filter(group__user=self.user)
+            self.fields['permissions'].queryset = self.fields['permissions'].queryset.filter(id__in=user_perms.values_list('id', flat=True))
         if self.user and not self.user.is_superuser and self.user.scope:
             self.fields['scope'].initial = self.user.scope
             self.fields['scope'].disabled = True
+        # Security Fix: Hide manage_staff from the selection list for all non-superusers
+            self.fields['permissions'].queryset = self.fields['permissions'].queryset.exclude(codename='manage_staff')
+        # --- Field Requirements ---
+        self.fields["email"].required = False
+        self.fields["phone"].required = False
+        # --- can_manage_staff logic ---
+        if self.user and not self.user.is_superuser:
+            if not self.user.has_perm('users.manage_staff'):
+                self.fields['is_staff'].disabled = True
+                self.fields['is_staff'].initial = False
+                self.fields['is_staff'].help_text = "ليس لديك صلاحية لتعيين هذا المستخدم كمسؤول."
         self.fields["username"].label = "اسم المستخدم"
         self.fields["email"].label = "البريد الإلكتروني"
@@ -158,7 +204,7 @@ class CustomUserCreationForm(UserCreationForm):
         self.helper = FormHelper()
         self.helper.layout = Layout(
             "username",
-            "email",
+            "phone",
             "password1",
             "password2",
             HTML("<hr>"),
@@ -168,7 +214,7 @@ class CustomUserCreationForm(UserCreationForm):
                 css_class="row"
             ),
             Div(
-                Div(Field("phone", css_class="col-md-6"), css_class="col-md-6"),
+                Div(Field("email", css_class="col-md-6"), css_class="col-md-6"),
                 Div(Field("scope", css_class="col-md-6"), css_class="col-md-6"),
                 css_class="row"
             ),
@@ -211,12 +257,12 @@ class CustomUserChangeForm(UserChangeForm):
             Q(codename__regex=r'^(delete_)') |
             Q(content_type__app_label__in=[
                 'admin',
-                'auth',
                 'contenttypes',
                 'sessions',
                 'django_celery_beat',
-                'users'
-            ])
+            ]) |
+            (Q(content_type__app_label='users') & ~Q(codename='manage_staff')) |
+            Q(content_type__app_label='auth', content_type__model__in=['group', 'user'])
         ),
         required=False,
         widget=GroupedPermissionWidget,
@@ -225,16 +271,18 @@ class CustomUserChangeForm(UserChangeForm):
     class Meta:
         model = User
-        fields = ["username", "email", "first_name", "last_name", "phone", "scope", "is_staff",  "permissions", "is_active"]
+        fields = ["username", "phone", "first_name", "last_name", "email", "scope", "is_staff",  "permissions", "is_active"]
     def __init__(self, *args, **kwargs):
         self.user = kwargs.pop('user', None)
         user_instance = kwargs.get('instance')
         super().__init__(*args, **kwargs)
-        if self.user and not self.user.is_superuser and self.user.scope:
-            self.fields['scope'].disabled = True
+        # Permission check: Non-superusers can only assign permissions they already have
+        if self.user and not self.user.is_superuser:
+            user_perms = self.user.user_permissions.all() | Permissions.objects.filter(group__user=self.user)
+            self.fields['permissions'].queryset = self.fields['permissions'].queryset.filter(id__in=user_perms.values_list('id', flat=True))
         # Labels
         self.fields["username"].label = "اسم المستخدم"
         self.fields["email"].label = "البريد الإلكتروني"
@@ -248,16 +296,47 @@ class CustomUserChangeForm(UserChangeForm):
         self.fields["email"].help_text = "أدخل عنوان البريد الإلكتروني الصحيح"
         self.fields["is_staff"].help_text = "يحدد ما إذا كان بإمكان المستخدم الوصول إلى قسم ادارة المستخدمين."
         self.fields["is_active"].help_text = "يحدد ما إذا كان يجب اعتبار هذا الحساب نشطًا. قم بإلغاء تحديد هذا الخيار بدلاً من الحذف."
         if user_instance:
             self.fields["permissions"].initial = user_instance.user_permissions.all()
+        # --- Foolproofing & Role-based logic ---
+        if self.user and not self.user.is_superuser:
+            # 1. Self-Editing Protection (Prevents accidental demotion)
+            if self.user == user_instance:
+                if self.user.is_staff:
+                    self.fields['scope'].disabled = True
+                    self.fields['is_staff'].disabled = True
+                    self.fields['is_active'].disabled = True
+                    # Optional: Add help text to explain why it's disabled
+                    self.fields['scope'].help_text = "لا يمكنك تغيير نطاقك الخاص لمنع تجريد نفسك من صلاحيات المدير العام."
+                    # Security Fix: Hide manage_staff from the selection list for all non-superusers
+                    self.fields['permissions'].queryset = self.fields['permissions'].queryset.exclude(codename='manage_staff')
+            # 2. Scope Manager Restrictions (Staff with a scope)
+            elif self.user.scope:
+                # SMs cannot change the scope of anyone (they only manage their own scope)
+                self.fields['scope'].disabled = True
+                self.fields['scope'].initial = self.user.scope
+        # --- Field Requirements ---
+        self.fields["email"].required = False
+        self.fields["phone"].required = False
+        # --- can_manage_staff logic ---
+        if self.user and not self.user.is_superuser:
+            if not self.user.has_perm('users.manage_staff'):
+                self.fields['is_staff'].disabled = True
+                # Initial value remains instance.is_staff unless we want to force something else
+                self.fields['is_staff'].help_text = "ليس لديك صلاحية لتغيير وضع هذا المستخدم لمسؤول ."
+        # ----------------------------------------
         # Use Crispy Forms Layout helper
         self.helper = FormHelper()
         self.helper.form_tag = False
         self.helper.layout = Layout(
             "username",
-            "email",
+            "phone",
             HTML("<hr>"),
             Div(
                 Div(Field("first_name", css_class="col-md-6"), css_class="col-md-6"),
@@ -265,7 +344,7 @@ class CustomUserChangeForm(UserChangeForm):
                 css_class="row"
             ),
             Div(
-                Div(Field("phone", css_class="col-md-6"), css_class="col-md-6"),
+                Div(Field("email", css_class="col-md-6"), css_class="col-md-6"),
                 Div(Field("scope", css_class="col-md-6"), css_class="col-md-6"),
                 css_class="row"
             ),
@@ -339,16 +418,20 @@ class ResetPasswordForm(SetPasswordForm):
 class UserProfileEditForm(forms.ModelForm):
     class Meta:
         model = User
-        fields = ['username', 'email', 'first_name', 'last_name', 'phone', 'profile_picture']
+        fields = ['username', 'phone', 'first_name', 'last_name', 'email', 'profile_picture']
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
         self.fields['username'].disabled = True  # Prevent the user from changing their username
-        self.fields['email'].label = "البريد الالكتروني"  # Prevent the user from changing their email
+        self.fields['phone'].label = "رقم الهاتف"
         self.fields['first_name'].label = "الاسم الاول"
         self.fields['last_name'].label = "اللقب"
-        self.fields['phone'].label = "رقم الهاتف"
+        self.fields['email'].label = "البريد الالكتروني"
         self.fields['profile_picture'].label = "الصورة الشخصية"
+        # --- Field Requirements ---
+        self.fields["email"].required = False
+        self.fields["phone"].required = False
     def clean_profile_picture(self):
         profile_picture = self.cleaned_data.get('profile_picture')

{micro_users-1.7.1 → micro_users-1.8.1}/users/migrations/0003_scope_alter_customuser_options_and_more.py RENAMED Viewed

@@ -1,4 +1,4 @@
-# Generated by Django 5.2.8 on 2026-01-26 11:53
+# Generated by Django 5.2.8 on 2026-01-27 23:46
 import django.db.models.deletion
 from django.db import migrations, models
@@ -24,7 +24,7 @@ class Migration(migrations.Migration):
         ),
         migrations.AlterModelOptions(
             name='customuser',
-            options={'verbose_name': 'مستخدم', 'verbose_name_plural': 'المستخدمين'},
+            options={'permissions': [('manage_staff', 'صلاحية إنشاء مسؤول')], 'verbose_name': 'مستخدم', 'verbose_name_plural': 'المستخدمين'},
         ),
         migrations.AlterModelOptions(
             name='useractivitylog',

{micro_users-1.7.1 → micro_users-1.8.1}/users/models.py RENAMED Viewed

@@ -28,6 +28,9 @@ class CustomUser(AbstractUser):
     class Meta:
         verbose_name = "مستخدم"
         verbose_name_plural = "المستخدمين"
+        permissions = [
+            ("manage_staff", "صلاحية إنشاء مسؤول"),
+        ]
 class UserActivityLog(models.Model):
     ACTION_TYPES = [

micro_users-1.8.1/users/static/users/css/permissions.css ADDED Viewed

@@ -0,0 +1,105 @@
+.permissions-card {
+    background: rgba(255, 255, 255, 0.95);
+    border: 1px solid rgba(0, 0, 0, 0.1);
+    border-radius: 12px;
+    transition: transform 0.2s ease, box-shadow 0.2s ease;
+    overflow: hidden;
+    margin-bottom: 1.5rem;
+}
+.permissions-card:hover {
+    box-shadow: 0 4px 15px rgba(0, 0, 0, 0.1);
+    transform: translateY(-2px);
+}
+.permissions-card-header {
+    background: rgba(var(--primal-rgb, 13, 110, 253), 0.03);
+    padding: 0.75rem 1.25rem;
+    cursor: pointer;
+    display: flex;
+    align-items: center;
+    justify-content: space-between;
+    user-select: none;
+    transition: background 0.2s ease;
+}
+.permissions-card-header:hover {
+    background: rgba(var(--primal-rgb, 13, 110, 253), 0.1);
+}
+.bg-soft-primary {
+    background-color: rgba(var(--primal-rgb, 13, 110, 253), 0.1) !important;
+}
+.text-primary {
+    color: var(--primal_dark, #0d6efd) !important;
+}
+.permissions-card-header .app-title {
+    font-size: 1.1rem;
+    font-weight: 600;
+    margin: 0;
+    color: var(--primal_dark, #212529);
+}
+.permissions-card-body {
+    padding: 1.25rem;
+}
+.model-group {
+    background: rgba(255, 255, 255, 0.5);
+    border-radius: 8px;
+    padding: 1rem;
+    margin-bottom: 1rem;
+    border: 1px solid rgba(0, 0, 0, 0.05);
+}
+.model-group:last-child {
+    margin-bottom: 0;
+}
+.model-header {
+    display: flex;
+    align-items: center;
+    margin-bottom: 0.75rem;
+    padding-bottom: 0.5rem;
+    border-bottom: 1px dashed rgba(0, 0, 0, 0.1);
+}
+.model-title {
+    font-size: 0.95rem;
+    font-weight: 600;
+    margin: 0;
+}
+.permission-item {
+    padding: 0.25rem 0.5rem;
+    border-radius: 4px;
+    transition: background 0.2s ease;
+}
+.permission-item:hover {
+    background: rgba(var(--primal-rgb, 13, 110, 253), 0.05);
+}
+.toggle-icon {
+    transition: transform 0.3s ease;
+}
+.collapsed .toggle-icon {
+    transform: rotate(-90deg);
+}
+[data-bs-theme="dark"] .permissions-card {
+    background: rgba(43, 48, 53, 0.7);
+    border: 1px solid rgba(255, 255, 255, 0.1);
+}
+[data-bs-theme="dark"] .permissions-card-header {
+    background: rgba(255, 255, 255, 0.05);
+}
+[data-bs-theme="dark"] .model-group {
+    background: rgba(0, 0, 0, 0.2);
+    border: 1px solid rgba(255, 255, 255, 0.05);
+}

micro_users-1.8.1/users/static/users/js/permissions.js ADDED Viewed

@@ -0,0 +1,85 @@
+document.addEventListener('DOMContentLoaded', function() {
+    console.log('Permissions Widget JS Loaded');
+    // Handle Card Header Clicks for Toggle
+    document.querySelectorAll('.permissions-card-header').forEach(header => {
+        header.addEventListener('click', function(e) {
+            // Prevent toggle if clicking directly on the checkbox
+            if (e.target.closest('.form-check')) return;
+            const targetId = this.getAttribute('data-bs-target');
+            const target = document.querySelector(targetId);
+            if (target) {
+                const isCollapsed = target.classList.contains('show');
+                if (isCollapsed) {
+                    this.classList.add('collapsed');
+                    bootstrap.Collapse.getOrCreateInstance(target).hide();
+                } else {
+                    this.classList.remove('collapsed');
+                    bootstrap.Collapse.getOrCreateInstance(target).show();
+                }
+            }
+        });
+    });
+    // Master Checkbox Logic: App Level
+    document.querySelectorAll('.app-master-checkbox').forEach(master => {
+        master.addEventListener('change', function() {
+            const isChecked = this.checked;
+            const card = this.closest('.permissions-card');
+            card.querySelectorAll('.permission-checkbox, .model-master-checkbox').forEach(cb => {
+                cb.checked = isChecked;
+                cb.indeterminate = false;
+            });
+            updateGlobalStatus();
+        });
+    });
+    // Master Checkbox Logic: Model Level
+    document.querySelectorAll('.model-master-checkbox').forEach(master => {
+        master.addEventListener('change', function() {
+            const isChecked = this.checked;
+            const modelGroup = this.closest('.model-group');
+            modelGroup.querySelectorAll('.permission-checkbox').forEach(cb => {
+                cb.checked = isChecked;
+            });
+            updateAppMasterStatus(this.closest('.permissions-card'));
+            updateGlobalStatus();
+        });
+    });
+    // Individual Permission Checkbox Logic
+    document.querySelectorAll('.permission-checkbox').forEach(cb => {
+        cb.addEventListener('change', function() {
+            updateModelMasterStatus(this.closest('.model-group'));
+            updateAppMasterStatus(this.closest('.permissions-card'));
+            updateGlobalStatus();
+        });
+    });
+    function updateModelMasterStatus(modelGroup) {
+        const master = modelGroup.querySelector('.model-master-checkbox');
+        const children = modelGroup.querySelectorAll('.permission-checkbox');
+        const checkedCount = Array.from(children).filter(c => c.checked).length;
+        master.checked = checkedCount === children.length && children.length > 0;
+        master.indeterminate = checkedCount > 0 && checkedCount < children.length;
+    }
+    function updateAppMasterStatus(card) {
+        const master = card.querySelector('.app-master-checkbox');
+        const children = card.querySelectorAll('.permission-checkbox');
+        const checkedCount = Array.from(children).filter(c => c.checked).length;
+        master.checked = checkedCount === children.length && children.length > 0;
+        master.indeterminate = checkedCount > 0 && checkedCount < children.length;
+    }
+    function updateGlobalStatus() {
+        // Optional: Update top-level "Global" selectors if any remain
+    }
+    // Initial State Sync
+    document.querySelectorAll('.model-group').forEach(group => updateModelMasterStatus(group));
+    document.querySelectorAll('.permissions-card').forEach(card => updateAppMasterStatus(card));
+});

{micro_users-1.7.1 → micro_users-1.8.1}/users/tables.py RENAMED Viewed

@@ -6,6 +6,7 @@ User = get_user_model()  # Use custom user model
 class UserTable(tables.Table):
     username = tables.Column(verbose_name="اسم المستخدم")
+    phone = tables.Column(verbose_name="رقم الهاتف")
     email = tables.Column(verbose_name="البريد الالكتروني")
     scope = tables.Column(verbose_name="النطاق", accessor='scope.name', default='-')
     full_name = tables.Column(
@@ -28,7 +29,7 @@ class UserTable(tables.Table):
     class Meta:
         model = User
         template_name = "django_tables2/bootstrap5.html"
-        fields = ("username", "email", "full_name", "phone", "scope", "is_staff", "is_active","last_login", "actions")
+        fields = ("username", "phone", "email", "full_name", "scope", "is_staff", "is_active","last_login", "actions")
         attrs = {'class': 'table table-hover align-middle'}
 class UserActivityLogTable(tables.Table):

{micro_users-1.7.1 → micro_users-1.8.1}/users/templates/users/user_detail.html RENAMED Viewed

@@ -46,15 +46,15 @@
                             <div class="info-value-lg">{{ object.get_full_name }}</div>
                         </div>
                         <div class="info-group">
-                            <div class="info-label-sm">رقم الهاتف</div>
-                            <div class="info-value-lg">{{ object.phone|default:"-" }}</div>
+                            <div class="info-label-sm">البريد الإلكتروني</div>
+                            <div class="info-value-lg">{{ object.email|default:"-" }}</div>
                         </div>
                     </div>
                     <div class="col-md-6 pe-md-4">
                         <div class="info-group">
-                            <div class="info-label-sm">البريد الإلكتروني</div>
-                            <div class="info-value-lg">{{ object.email }}</div>
+                            <div class="info-label-sm">رقم الهاتف</div>
+                            <div class="info-value-lg">{{ object.phone|default:"-" }}</div>
                         </div>
                         <div class="info-group">
                             <div class="info-label-sm">نوع الصلاحيات</div>

micro_users-1.8.1/users/templates/users/widgets/grouped_permissions.html ADDED Viewed

@@ -0,0 +1,75 @@
+{% load static %}
+{% with id=widget.attrs.id %}
+<div class="grouped-permissions-widget" id="{{ id }}_container">
+    <link rel="stylesheet" href="{% static 'users/css/permissions.css' %}">
+    <div class="detailed-list mt-3">
+        {% for app_label, app_data in widget.grouped_perms.items %}
+        <div class="permissions-card">
+            <!-- Header serves as both master checkbox and toggle -->
+            <div class="permissions-card-header collapsed"
+                 data-bs-toggle="collapse"
+                 data-bs-target="#collapse_{{ app_label }}"
+                 aria-expanded="false">
+                <div class="d-flex align-items-center">
+                    <div class="form-check me-3" onclick="event.stopPropagation()">
+                        <input class="form-check-input app-master-checkbox" type="checkbox" id="master_{{ app_label }}">
+                        <label class="form-check-label d-none" for="master_{{ app_label }}">تحديد الكل</label>
+                    </div>
+                    <h5 class="app-title">{{ app_data.name|title }}</h5>
+                </div>
+                <div class="d-flex align-items-center">
+                    <span class="badge bg-soft-primary text-primary border-primary me-3 px-2 py-1">
+                        {{ app_data.models|length }} وحدة
+                    </span>
+                    <i class="bi bi-chevron-down toggle-icon"></i>
+                </div>
+            </div>
+            <!-- Body contains models and permissions -->
+            <div id="collapse_{{ app_label }}" class="collapse">
+                <div class="permissions-card-body">
+                    <div class="row g-3">
+                        {% for model_name, model_data in app_data.models.items %}
+                        <div class="col-md-6 col-lg-4">
+                            <div class="model-group">
+                                <div class="model-header">
+                                    <div class="form-check me-2">
+                                        <input class="form-check-input model-master-checkbox" type="checkbox" id="master_{{ app_label }}_{{ model_name }}">
+                                        <label class="form-check-label d-none" for="master_{{ app_label }}_{{ model_name }}">تحديد الكل</label>
+                                    </div>
+                                    <h6 class="model-title">{{ model_data.name }}</h6>
+                                </div>
+                                <div class="model-permissions">
+                                    {% for option in model_data.permissions %}
+                                    <div class="permission-item">
+                                        <div class="form-check">
+                                            <input type="checkbox" name="{{ option.name }}" value="{{ option.value }}"
+                                                   class="form-check-input permission-checkbox"
+                                                   id="{{ option.attrs.id }}"
+                                                   data-action="{{ option.attrs.data_action }}"
+                                                   data-model="{{ option.attrs.data_model }}"
+                                                   {% if option.selected %}checked{% endif %}>
+                                            <label class="form-check-label small" for="{{ option.attrs.id }}">
+                                                {{ option.label }}
+                                            </label>
+                                        </div>
+                                    </div>
+                                    {% endfor %}
+                                </div>
+                            </div>
+                        </div>
+                        {% endfor %}
+                    </div>
+                </div>
+            </div>
+        </div>
+        {% endfor %}
+    </div>
+</div>
+<script src="{% static 'users/js/permissions.js' %}"></script>
+{% endwith %}

{micro_users-1.7.1 → micro_users-1.8.1}/users/views.py RENAMED Viewed

@@ -126,7 +126,8 @@ def edit_user(request, pk):
     # 🚫 Block staff users from editing superuser accounts
     if user.is_superuser and not request.user.is_superuser:
-        messages.error(request, "لا يمكن تعديل هذا الحساب!")
+        messages.error(request, "ليس لديك صلاحية لتعديل هذا الحساب!")
+        return redirect('manage_users')
     # Restrict to same scope
@@ -235,6 +236,11 @@ class UserDetailView(LoginRequiredMixin, UserPassesTestMixin, DetailView):
 def reset_password(request, pk):
     user = get_object_or_404(User, id=pk)
+    # 🚫 Block staff users from resetting superuser passwords
+    if user.is_superuser and not request.user.is_superuser:
+        messages.error(request, "ليس لديك صلاحية لتعديل هذا الحساب!")
+        return redirect('manage_users')
     # Restrict to same scope
     if not request.user.is_superuser:
         if request.user.scope and user.scope != request.user.scope:

micro_users-1.7.1/users/apps.py DELETED Viewed

@@ -1,31 +0,0 @@
-# Imports of the required python modules and libraries
-######################################################
-from django.apps import AppConfig
-def custom_permission_str(self):
-    """Custom Arabic translations for Django permissions"""
-    model_name = str(self.content_type)
-    permission_name = str(self.name)
-    # Translate default permissions
-    if "Can add" in permission_name:
-        permission_name = permission_name.replace("Can add", " إضافة ")
-    elif "Can change" in permission_name:
-        permission_name = permission_name.replace("Can change", " تعديل ")
-    elif "Can delete" in permission_name:
-        permission_name = permission_name.replace("Can delete", " حذف ")
-    elif "Can view" in permission_name:
-        permission_name = permission_name.replace("Can view", " عرض ")
-    return f"{permission_name}"
-class UsersConfig(AppConfig):
-    default_auto_field = 'django.db.models.BigAutoField'
-    name = 'users'
-    verbose_name = "المستخدمين"
-    def ready(self):
-        from django.contrib.auth.models import Permission
-        Permission.__str__ = custom_permission_str
-        import users.signals

micro_users-1.7.1/users/templates/users/widgets/grouped_permissions.html DELETED Viewed

@@ -1,210 +0,0 @@
-{% with id=widget.attrs.id %}
-<div class="grouped-permissions-widget" id="{{ id }}_container">
-    <!-- Top Bar: Global Controls -->
-    <div class="card mb-3 shadow-sm">
-        <div class="card-body d-flex justify-content-between align-items-center flex-wrap gap-2">
-            <div class="form-check form-check-inline">
-                <input class="form-check-input global-select" type="checkbox" id="{{ id }}_global_view" data-action-target="view">
-                <label class="form-check-label fw-bold" for="{{ id }}_global_view">عرض الكل</label>
-            </div>
-            <div class="form-check form-check-inline">
-                <input class="form-check-input global-select" type="checkbox" id="{{ id }}_global_add" data-action-target="add">
-                <label class="form-check-label fw-bold" for="{{ id }}_global_add">إضافة الكل</label>
-            </div>
-            <div class="form-check form-check-inline">
-                <input class="form-check-input global-select" type="checkbox" id="{{ id }}_global_change" data-action-target="change">
-                <label class="form-check-label fw-bold" for="{{ id }}_global_change">تعديل الكل</label>
-            </div>
-            <div class="form-check form-check-inline">
-                <input class="form-check-input global-select" type="checkbox" id="{{ id }}_global_other" data-action-target="other">
-                <label class="form-check-label fw-bold" for="{{ id }}_global_other">الـأخرى</label>
-            </div>
-            <button type="button" class="btn btn-outline-primary ms-auto" data-bs-toggle="collapse"
-                    data-bs-target="#{{ id }}_detailed_list" aria-expanded="false" aria-controls="{{ id }}_detailed_list">
-                <i class="bi bi-list-check" title="إظهار قائمة تحتوي على كل الصلاحيات"></i> إظهار كل الصلاحيات
-            </button>
-        </div>
-    </div>
-    <!-- Collapsible Detailed List -->
-    <div class="collapse" id="{{ id }}_detailed_list">
-        {% for app_label, app_data in widget.grouped_perms.items %}
-        <div class="card mb-3">
-            <div class="card-header bg-light">
-                <h5 class="mb-0 text-capitalize">{{ app_data.name }}</h5>
-            </div>
-            <div class="card-body">
-                {% for action_name, options in app_data.actions.items %}
-                <div class="permission-group mb-2 pb-2 border-bottom">
-                    <div class="d-flex align-items-center mb-2">
-                        <div class="form-check">
-                            <input type="checkbox" class="form-check-input group-checkbox"
-                                   id="{{ id }}_{{ app_label }}_{{ action_name }}_all"
-                                   data-group-target="{{ id }}_{{ app_label }}_{{ action_name }}_group">
-                            <label class="form-check-label fw-bold" for="{{ id }}_{{ app_label }}_{{ action_name }}_all">
-                            {% if action_name == 'view' %}
-                                عرض الكل ({{ options|length }})
-                            {% elif action_name == 'change' %}
-                                تعديل الكل ({{ options|length }})
-                            {% elif action_name == 'add' %}
-                                إضافة الكل ({{ options|length }})
-                            {% elif action_name == 'delete' %}
-                                حذف الكل ({{ options|length }})
-                            {% else %}
-                                {{ action_name|title }} الكل ({{ options|length }})
-                            {% endif %}
-                            </label>
-                        </div>
-                    </div>
-                    <div class="row row-cols-1 row-cols-md-2 g-2 ps-4 {{ id }}_{{ app_label }}_{{ action_name }}_group">
-                        {% for option in options %}
-                        <div class="col">
-                            <div class="form-check">
-                                <input type="checkbox" name="{{ option.name }}" value="{{ option.value }}"
-                                       class="form-check-input permission-checkbox"
-                                       id="{{ option.attrs.id }}"
-                                       data-action="{{ option.attrs.data_action }}"
-                                       {% if option.selected %}checked{% endif %}>
-                                <label class="form-check-label" for="{{ option.attrs.id }}">
-                                    {{ option.label }}
-                                </label>
-                            </div>
-                        </div>
-                        {% endfor %}
-                    </div>
-                </div>
-                {% endfor %}
-            </div>
-        </div>
-        {% endfor %}
-    </div>
-</div>
-<script>
-document.addEventListener('DOMContentLoaded', function() {
-    const container = document.getElementById('{{ id }}_container');
-    console.log('Grouped Permissions Widget Initialized');
-    // --- Helper Functions ---
-    // Update a specific App-level Master checkbox (e.g. Users->View All)
-    function updateAppGroupMaster(groupContainer) {
-        if (!groupContainer) return;
-        const parentGroupDiv = groupContainer.closest('.permission-group');
-        if (!parentGroupDiv) return;
-        const masterCb = parentGroupDiv.querySelector('.group-checkbox');
-        if (masterCb) {
-            const allChildren = groupContainer.querySelectorAll('.permission-checkbox');
-            const total = allChildren.length;
-            let checkedCount = 0;
-            for (let i = 0; i < total; i++) {
-                if (allChildren[i].checked) checkedCount++;
-            }
-            masterCb.checked = (total > 0 && checkedCount === total);
-            masterCb.indeterminate = (checkedCount > 0 && checkedCount < total);
-        }
-    }
-    // Update ALL App-level Masters (useful after a global bulk change)
-    function updateAllAppMasters() {
-        const allGroupContainers = container.querySelectorAll('div[class*="_group"]');
-        allGroupContainers.forEach(groupContainer => {
-            updateAppGroupMaster(groupContainer);
-        });
-    }
-    // Update Global Masters (Top Bar)
-    function updateGlobalMasters() {
-        const globalSelectors = container.querySelectorAll('.global-select');
-        globalSelectors.forEach(globalCb => {
-            const actionTarget = globalCb.getAttribute('data-action-target');
-            const allTargets = container.querySelectorAll(`.permission-checkbox[data-action="${actionTarget}"]`);
-            if (allTargets.length > 0) {
-                 const total = allTargets.length;
-                 let checkedCount = 0;
-                 for (let i = 0; i < total; i++) {
-                     if (allTargets[i].checked) checkedCount++;
-                 }
-                 globalCb.checked = (checkedCount === total);
-                 globalCb.indeterminate = (checkedCount > 0 && checkedCount < total);
-            }
-        });
-    }
-    // --- Global Selectors (Top Bar) Logic ---
-    const globalSelectors = container.querySelectorAll('.global-select');
-    globalSelectors.forEach(globalCb => {
-        globalCb.addEventListener('change', function() {
-            try {
-                const actionTarget = this.getAttribute('data-action-target');
-                const isChecked = this.checked;
-                console.log('Global Click:', actionTarget, isChecked);
-                // 1. Bulk update all target children directly (No event dispatch)
-                const targetCheckboxes = container.querySelectorAll(`.permission-checkbox[data-action="${actionTarget}"]`);
-                targetCheckboxes.forEach(cb => {
-                    cb.checked = isChecked;
-                });
-                // 2. Update all App-level masters to reflect the change
-                updateAllAppMasters();
-            } catch (e) {
-                console.error('Error in Global Select:', e);
-            }
-        });
-    });
-    // --- Sub-Group Masters (App Level) Logic ---
-    const groupCheckboxes = container.querySelectorAll('.group-checkbox');
-    groupCheckboxes.forEach(cb => {
-        cb.addEventListener('change', function() {
-            try {
-                const isChecked = this.checked;
-                const permissionGroup = this.closest('.permission-group');
-                if (!permissionGroup) return;
-                const targetGroup = permissionGroup.querySelector('div[class*="_group"]');
-                if (targetGroup) {
-                    // 1. Bulk update children directly
-                    const childCheckboxes = targetGroup.querySelectorAll('.permission-checkbox');
-                    childCheckboxes.forEach(child => {
-                        child.checked = isChecked;
-                    });
-                    // 2. Update Global Masters since the counts changed
-                    updateGlobalMasters();
-                }
-            } catch (e) {
-                console.error('Error in SubGroup Select:', e);
-            }
-        });
-    });
-    // --- Individual Permission Logic ---
-    const permissionCheckboxes = container.querySelectorAll('.permission-checkbox');
-    permissionCheckboxes.forEach(cb => {
-        cb.addEventListener('change', function() {
-            // Update the specific App Group Master this belongs to
-            const groupContainer = this.closest('div[class*="_group"]');
-            updateAppGroupMaster(groupContainer);
-            // Update Global Masters
-            updateGlobalMasters();
-        });
-    });
-    // --- Initial State Hydration ---
-    updateAllAppMasters();
-    updateGlobalMasters();
-});
-</script>
-{% endwith %}