Merge pull request #1133 from NHSDigital/add-back-admin

MatMoore · web-flow · commit 9cb2501dcf72 · 2026-03-10T13:05:39.000Z
Add back admin
diff --git a/README.md b/README.md
@@ -107,6 +107,12 @@ There is a make task to seed a non-production instance of the service with examp
 
 This command wipes the database entirely before populating it with fictitious data. The data is contained in yaml files in the [data directory](/data) and can be amended etc there as required.
 
+### Django admin
+
+Django admin is enabled at `http://localhost:8000/admin`
+
+You must be logged in as a superuser to access it.
+
 ## Design
 
 The service will be deployed as a web application, backed by a postgres database with authentication provided by NHS CIS2. In addtion to these elements we will deploy a gateway application to each breast screening unit that uses the service that will be responsible for interop with local hospital systems. The gateway will be developed in a future phase of this project and is not currently under active development.
diff --git a/manage_breast_screening/auth/demo_views.py b/manage_breast_screening/auth/demo_views.py
@@ -44,7 +44,7 @@ def persona_login(request):
             "auth/persona_login.jinja",
             context={
                 "providers_with_users": _get_providers_with_users(request.user),
-                "sysadmin_users": _get_sysadmin_users(request.user),
+                "superusers": _get_superusers(request.user),
                 "page_title": "Persona logins",
                 "next": next_path,
             },
@@ -71,7 +71,7 @@ def _user_entry(user, current_user):
 
 def _get_providers_with_users(current_user):
     providers = OrderedDict()
-    for user in _persona_users(current_user).filter(is_sysadmin=False):
+    for user in _persona_users(current_user).filter(is_superuser=False):
         entry = _user_entry(user, current_user)
         for assignment in user.assignments.all():
             provider = assignment.provider
@@ -88,9 +88,9 @@ def _get_providers_with_users(current_user):
     ).values()
 
 
-def _get_sysadmin_users(current_user):
+def _get_superusers(current_user):
     return [
         _user_entry(user, current_user)
         for user in _persona_users(current_user)
-        if user.is_sysadmin
+        if user.is_superuser
     ]
diff --git a/manage_breast_screening/auth/jinja2/auth/persona_login.jinja b/manage_breast_screening/auth/jinja2/auth/persona_login.jinja
@@ -55,9 +55,9 @@
       {% endfor %}
       {% endfor %}
 
-      {% if sysadmin_users %}
-      <h2 class="nhsuk-heading-m">Sysadmin</h2>
-      {{ persona_summary_list(sysadmin_users, "Sysadmin") }}
+      {% if superusers %}
+      <h2 class="nhsuk-heading-m">Superuser</h2>
+      {{ persona_summary_list(superusers, "Superuser") }}
       {% endif %}
     </form>
   </div>
diff --git a/manage_breast_screening/auth/management/commands/create_personas.py b/manage_breast_screening/auth/management/commands/create_personas.py
@@ -33,7 +33,8 @@ def handle(self, *args, **options):
                     defaults={
                         "first_name": persona.first_name,
                         "last_name": persona.last_name,
-                        "is_sysadmin": persona.is_sysadmin,
+                        "is_superuser": persona.is_superuser,
+                        "is_staff": persona.is_superuser,
                     },
                 )
                 UserAssignment.objects.create(
diff --git a/manage_breast_screening/auth/models.py b/manage_breast_screening/auth/models.py
@@ -19,7 +19,7 @@ class Persona:
     first_name: str
     last_name: str
     role: str
-    is_sysadmin: bool = False
+    is_superuser: bool = False
 
     @property
     def username(self):
@@ -28,7 +28,7 @@ def username(self):
 
 ADMINISTRATIVE_PERSONA = Persona("Anna", "Davies", Role.ADMINISTRATIVE)
 CLINICAL_PERSONA = Persona("Chloë", "Robinson", Role.CLINICAL)
-SYSADMIN_PERSONA = Persona("Priya", "Bains", Role.ADMINISTRATIVE, is_sysadmin=True)
+SYSADMIN_PERSONA = Persona("Priya", "Bains", Role.ADMINISTRATIVE, is_superuser=True)
 PERSONAS = [
     ADMINISTRATIVE_PERSONA,
     CLINICAL_PERSONA,
diff --git a/manage_breast_screening/auth/rules.py b/manage_breast_screening/auth/rules.py
@@ -20,9 +20,9 @@ def is_administrative(user):
 
 
 @rules.predicate
-def is_sysadmin(user):
-    return getattr(user, "is_sysadmin", False)
+def is_superuser(user):
+    return getattr(user, "is_superuser", False)
 
 
 rules.add_perm(Permission.VIEW_PARTICIPANT_DATA, is_clinical | is_administrative)
-rules.add_perm(Permission.MANAGE_PROVIDER_SETTINGS, is_sysadmin)
+rules.add_perm(Permission.MANAGE_PROVIDER_SETTINGS, is_superuser)
diff --git a/manage_breast_screening/auth/tests/test_rules.py b/manage_breast_screening/auth/tests/test_rules.py
@@ -4,7 +4,7 @@
 from manage_breast_screening.auth.rules import (
     is_administrative,
     is_clinical,
-    is_sysadmin,
+    is_superuser,
 )
 from manage_breast_screening.clinics.tests.factories import UserAssignmentFactory
 from manage_breast_screening.users.tests.factories import UserFactory
@@ -91,25 +91,25 @@ def test_returns_false_if_no_provider_given(self):
 @pytest.mark.django_db
 class TestIsSysadmin:
     def test_returns_true_for_sysadmin_user(self):
-        user = UserFactory.create(is_sysadmin=True)
+        user = UserFactory.create(is_superuser=True)
 
-        assert is_sysadmin(user)
+        assert is_superuser(user)
 
     def test_returns_false_for_non_sysadmin_user(self):
-        user = UserFactory.create(is_sysadmin=False)
+        user = UserFactory.create(is_superuser=False)
 
-        assert not is_sysadmin(user)
+        assert not is_superuser(user)
 
 
 @pytest.mark.django_db
 class TestManageProviderSettingsPermission:
     def test_returns_true_for_sysadmin(self):
-        user = UserFactory.create(is_sysadmin=True)
+        user = UserFactory.create(is_superuser=True)
 
         assert user.has_perm(Permission.MANAGE_PROVIDER_SETTINGS)
 
     def test_returns_false_for_non_sysadmin(self):
-        user = UserFactory.create(is_sysadmin=False)
+        user = UserFactory.create(is_superuser=False)
 
         assert not user.has_perm(Permission.MANAGE_PROVIDER_SETTINGS)
 
diff --git a/manage_breast_screening/clinics/admin.py b/manage_breast_screening/clinics/admin.py
@@ -0,0 +1,22 @@
+from django.contrib import admin
+
+from manage_breast_screening.core.admin import admin_site
+
+from .models import Clinic, ClinicSlot, Provider, Setting
+
+
+class ClinicAdmin(admin.ModelAdmin):
+    readonly_fields = [
+        "current_status_display",
+    ]
+
+    def current_status_display(self, obj):
+        return obj.current_status.state
+
+    current_status_display.short_description = "Current Status"
+
+
+admin_site.register(Clinic, ClinicAdmin)
+admin_site.register(ClinicSlot)
+admin_site.register(Provider)
+admin_site.register(Setting)
diff --git a/manage_breast_screening/clinics/tests/test_views.py b/manage_breast_screening/clinics/tests/test_views.py
@@ -83,7 +83,7 @@ def login_with_provider(client, user, provider):
 class TestProviderSettings:
     @pytest.mark.django_db
     def test_requires_sysadmin(self, client):
-        user = UserFactory(is_sysadmin=False)
+        user = UserFactory(is_superuser=False)
         provider = ProviderFactory()
         UserAssignmentFactory(user=user, provider=provider, administrative=True)
 
@@ -96,7 +96,7 @@ def test_requires_sysadmin(self, client):
 
     @pytest.mark.django_db
     def test_accessible_to_sysadmin(self, client):
-        user = UserFactory(is_sysadmin=True)
+        user = UserFactory(is_superuser=True)
         provider = ProviderFactory()
         UserAssignmentFactory(user=user, provider=provider)
 
@@ -109,7 +109,7 @@ def test_accessible_to_sysadmin(self, client):
 
     @pytest.mark.django_db
     def test_displays_provider_name(self, client):
-        user = UserFactory(is_sysadmin=True)
+        user = UserFactory(is_superuser=True)
         provider = ProviderFactory(name="Test Hospital Trust")
         UserAssignmentFactory(user=user, provider=provider)
 
@@ -121,7 +121,7 @@ def test_displays_provider_name(self, client):
 
     @pytest.mark.django_db
     def test_saves_settings(self, client):
-        user = UserFactory(is_sysadmin=True)
+        user = UserFactory(is_superuser=True)
         provider = ProviderFactory()
         UserAssignmentFactory(user=user, provider=provider)
         config = provider.get_config()
@@ -140,7 +140,7 @@ def test_saves_settings(self, client):
 
     @pytest.mark.django_db
     def test_enables_manual_image_collection(self, client):
-        user = UserFactory(is_sysadmin=True)
+        user = UserFactory(is_superuser=True)
         provider = ProviderFactory()
         UserAssignmentFactory(user=user, provider=provider)
         config = provider.get_config()
diff --git a/manage_breast_screening/config/settings.py b/manage_breast_screening/config/settings.py
@@ -66,6 +66,7 @@ def list_env(key):
 # Application definition
 
 INSTALLED_APPS = [
+    "django.contrib.admin",
     "django.contrib.auth",
     "django.contrib.contenttypes",
     "django.contrib.postgres",
diff --git a/manage_breast_screening/core/admin.py b/manage_breast_screening/core/admin.py
@@ -0,0 +1,35 @@
+from django.conf import settings
+from django.contrib.admin import AdminSite
+from django.contrib.auth.decorators import login_not_required
+from django.core.exceptions import PermissionDenied
+from django.http import HttpResponseRedirect
+from django.shortcuts import redirect
+from django.urls import reverse
+from django.utils.decorators import method_decorator
+from django.views.decorators.cache import never_cache
+from django.views.decorators.http import require_GET
+
+from .models import AuditLog
+
+
+class AdminSiteWithDefaultLogin(AdminSite):
+    @method_decorator(require_GET)
+    @method_decorator(never_cache)
+    @login_not_required
+    def login(self, request, extra_context=None):
+        """
+        Bypass Django admin's username/password login form.
+        """
+        if self.has_permission(request):
+            # Already logged-in, redirect to admin index
+            index_path = reverse("admin:index", current_app=self.name)
+            return HttpResponseRedirect(index_path)
+        elif request.user.is_authenticated:
+            raise PermissionDenied
+        else:
+            return redirect(reverse(settings.LOGIN_URL, query=request.GET))
+
+
+admin_site = AdminSiteWithDefaultLogin()
+
+admin_site.register(AuditLog)
diff --git a/manage_breast_screening/core/tests/views/test_generic.py b/manage_breast_screening/core/tests/views/test_generic.py
@@ -98,7 +98,7 @@ def test_audits_if_form_valid(self):
             "is_active": True,
             "last_login": None,
             "nhs_uid": "create_uid",
-            "is_sysadmin": False,
+            "is_superuser": False,
         }
         assert last_audit.system_update_id is None
 
@@ -144,6 +144,6 @@ def test_audits_if_form_valid(self):
             "is_active": True,
             "last_login": None,
             "nhs_uid": "update_uid",
-            "is_sysadmin": False,
+            "is_superuser": False,
         }
         assert last_audit.system_update_id is None
diff --git a/manage_breast_screening/core/urls.py b/manage_breast_screening/core/urls.py
@@ -25,6 +25,7 @@
 from manage_breast_screening.core.decorators import basic_auth_exempt
 
 from ..clinics import views as clinic_views
+from .admin import admin_site
 from .api import api
 
 handler403 = "manage_breast_screening.core.views.errors.permission_denied"
@@ -59,6 +60,7 @@ def robots_txt(request):
 
 
 urlpatterns = [
+    path("admin/", admin_site.urls),
     path("robots.txt", robots_txt),
     path("api/v1/", api.urls),
     path(
diff --git a/manage_breast_screening/nonprod/management/commands/seed_demo_data.py b/manage_breast_screening/nonprod/management/commands/seed_demo_data.py
@@ -4,63 +4,20 @@
 
 import yaml
 from django.core.management.base import BaseCommand
+from django.db import connection
 from django.test import override_settings
 
-from manage_breast_screening.clinics.models import (
-    Clinic,
-    ClinicSlot,
-    ClinicStatus,
-    Provider,
-    Setting,
-    UserAssignment,
-)
+from manage_breast_screening.clinics.models import ClinicStatus
 from manage_breast_screening.clinics.tests.factories import (
     ClinicFactory,
     ClinicSlotFactory,
     ProviderFactory,
     SettingFactory,
 )
-from manage_breast_screening.gateway.models import GatewayAction
-from manage_breast_screening.manual_images.models import Series, Study
 from manage_breast_screening.manual_images.tests.factories import (
     SeriesFactory,
     StudyFactory,
 )
-from manage_breast_screening.participants.models import (
-    Appointment,
-    AppointmentNote,
-    AppointmentStatus,
-    BenignLumpHistoryItem,
-    BreastAugmentationHistoryItem,
-    BreastCancerHistoryItem,
-    CystHistoryItem,
-    ImplantedMedicalDeviceHistoryItem,
-    MastectomyOrLumpectomyHistoryItem,
-    OtherProcedureHistoryItem,
-    Participant,
-    ParticipantAddress,
-    ParticipantReportedMammogram,
-    ScreeningEpisode,
-)
-from manage_breast_screening.participants.models.appointment import (
-    AppointmentWorkflowStepCompletion,
-)
-from manage_breast_screening.participants.models.breast_features import (
-    BreastFeatureAnnotation,
-)
-from manage_breast_screening.participants.models.medical_information_review import (
-    MedicalInformationReview,
-)
-from manage_breast_screening.participants.models.other_information.hormone_replacement_therapy import (
-    HormoneReplacementTherapy,
-)
-from manage_breast_screening.participants.models.other_information.other_medical_information import (
-    OtherMedicalInformation,
-)
-from manage_breast_screening.participants.models.other_information.pregnancy_and_breastfeeding import (
-    PregnancyAndBreastfeeding,
-)
-from manage_breast_screening.participants.models.symptom import Symptom
 from manage_breast_screening.participants.tests.factories import (
     AppointmentFactory,
     AppointmentStatusFactory,
@@ -350,33 +307,7 @@ def create_study(self, appointment, study_key):
             )
 
     def reset_db(self):
-        OtherMedicalInformation.objects.all().delete()
-        PregnancyAndBreastfeeding.objects.all().delete()
-        HormoneReplacementTherapy.objects.all().delete()
-        AppointmentWorkflowStepCompletion.objects.all().delete()
-        Series.objects.all().delete()
-        Study.objects.all().delete()
-        MedicalInformationReview.objects.all().delete()
-        AppointmentNote.objects.all().delete()
-        UserAssignment.objects.all().delete()
-        Symptom.objects.all().delete()
-        BreastAugmentationHistoryItem.objects.all().delete()
-        BreastCancerHistoryItem.objects.all().delete()
-        BreastFeatureAnnotation.objects.all().delete()
-        MastectomyOrLumpectomyHistoryItem.objects.all().delete()
-        CystHistoryItem.objects.all().delete()
-        ImplantedMedicalDeviceHistoryItem.objects.all().delete()
-        OtherProcedureHistoryItem.objects.all().delete()
-        BenignLumpHistoryItem.objects.all().delete()
-        AppointmentStatus.objects.all().delete()
-        ParticipantReportedMammogram.objects.all().delete()
-        GatewayAction.objects.all().delete()
-        Appointment.objects.all().delete()
-        ScreeningEpisode.objects.all().delete()
-        ParticipantAddress.objects.all().delete()
-        Participant.objects.all().delete()
-        ClinicSlot.objects.all().delete()
-        ClinicStatus.objects.all().delete()
-        Clinic.objects.all().delete()
-        Setting.objects.all().delete()
-        Provider.objects.all().delete()
+        with connection.cursor() as c:
+            c.execute("TRUNCATE TABLE users_user CASCADE")
+            c.execute("TRUNCATE TABLE clinics_provider CASCADE")
+            c.execute("TRUNCATE TABLE participants_participant CASCADE")
diff --git a/manage_breast_screening/participants/admin.py b/manage_breast_screening/participants/admin.py
diff --git a/manage_breast_screening/users/admin.py b/manage_breast_screening/users/admin.py
diff --git a/manage_breast_screening/users/migrations/0005_rename_is_sysadmin_user_is_superuser.py b/manage_breast_screening/users/migrations/0005_rename_is_sysadmin_user_is_superuser.py
diff --git a/manage_breast_screening/users/migrations/max_migration.txt b/manage_breast_screening/users/migrations/max_migration.txt
diff --git a/manage_breast_screening/users/models.py b/manage_breast_screening/users/models.py
