remove OS user-side UI for product / product-type members

Drop the user-side /user/<uid>/add_product_member and /user/<uid>/add_product_type_member routes (URL names add_product_member_user, add_product_type_member_user), the two view functions in dojo/user/views.py, and the Add_Product_Member_UserForm + Add_Product_Type_Member_UserForm classes. Both the Tailwind and Bootstrap (templates_classic) copies of new_product_member_user.html and new_product_type_member_user.html are removed. Pro takes ownership of these classic screens via pro/product_members/* and pro/product_type_members/* (committed separately in dojo-pro).

The Authorize_User_For_Products / Authorize_User_For_ProductTypes flow stays — it manipulates the legacy product.authorized_users M2M, not Product_Member rows.

Author: devGregA

dojo/forms.py

@@ -323,22 +323,6 @@ def __init__(self, *args, product_type=None, **kwargs):
         )
 
 
-class Add_Product_Type_Member_UserForm(forms.ModelForm):
-    product_types = forms.ModelMultipleChoiceField(queryset=Product_Type.objects.none(), required=True,
-                                                   label=labels.ORG_PLURAL_LABEL)
-
-    def __init__(self, *args, **kwargs):
-        super().__init__(*args, **kwargs)
-        current_members = Product_Type_Member.objects.filter(user=self.initial["user"]).values_list("product_type", flat=True)
-        self.fields["product_types"].queryset = get_authorized_product_types("staff_only") \
-            .exclude(id__in=current_members)
-        self.fields["user"].disabled = True
-
-    class Meta:
-        model = Product_Type_Member
-        fields = ["product_types", "user", "role"]
-
-
 class Delete_Product_Type_MemberForm(Edit_Product_Type_MemberForm):
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
@@ -537,22 +521,6 @@ def __init__(self, *args, user=None, **kwargs):
         )
 
 
-class Add_Product_Member_UserForm(forms.ModelForm):
-    products = forms.ModelMultipleChoiceField(queryset=Product.objects.none(), required=True,
-                                              label=labels.ASSET_PLURAL_LABEL)
-
-    def __init__(self, *args, **kwargs):
-        super().__init__(*args, **kwargs)
-        current_members = Product_Member.objects.filter(user=self.initial["user"]).values_list("product", flat=True)
-        self.fields["products"].queryset = get_authorized_products("staff_only") \
-            .exclude(id__in=current_members)
-        self.fields["user"].disabled = True
-
-    class Meta:
-        model = Product_Member
-        fields = ["products", "user", "role"]
-
-
 class Delete_Product_MemberForm(Edit_Product_MemberForm):
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)

dojo/templates/dojo/new_product_member_user.html

@@ -21,8 +21,6 @@
     re_path(r"^user/(?P<uid>\d+)$", views.view_user, name="view_user"),
     re_path(r"^user/(?P<uid>\d+)/edit$", views.edit_user, name="edit_user"),
     re_path(r"^user/(?P<uid>\d+)/delete", views.delete_user, name="delete_user"),
-    re_path(r"^user/(?P<uid>\d+)/add_product_type_member$", views.add_product_type_member, name="add_product_type_member_user"),
-    re_path(r"^user/(?P<uid>\d+)/add_product_member$", views.add_product_member, name="add_product_member_user"),
     re_path(r"^user/(?P<uid>\d+)/authorize_products$",
             views.authorize_user_for_products, name="authorize_user_for_products"),
     re_path(r"^user/(?P<uid>\d+)/authorize_product_types$",

dojo/templates/dojo/new_product_type_member_user.html

@@ -28,12 +28,10 @@
 from rest_framework.exceptions import ValidationError as RFValidationError
 
 from dojo.authorization.authorization import user_is_superuser_or_global_owner
-from dojo.authorization.models import Global_Role, Product_Member, Product_Type_Member
+from dojo.authorization.models import Global_Role
 from dojo.decorators import dojo_ratelimit
 from dojo.filters import UserFilter
 from dojo.forms import (
-    Add_Product_Member_UserForm,
-    Add_Product_Type_Member_UserForm,
     AddDojoUserForm,
     APIKeyForm,
     Authorize_User_For_ProductsForm,
@@ -484,66 +482,6 @@ def delete_user(request, uid):
                    })
 
 
-@user_passes_test(lambda u: u.is_superuser)
-def add_product_type_member(request, uid):
-    page_name = str(labels.ORG_USERS_ADD_LABEL)
-    user = get_object_or_404(Dojo_User, id=uid)
-    memberform = Add_Product_Type_Member_UserForm(initial={"user": user.id})
-    if request.method == "POST":
-        memberform = Add_Product_Type_Member_UserForm(request.POST, initial={"user": user.id})
-        if memberform.is_valid():
-            if "product_types" in memberform.cleaned_data and len(memberform.cleaned_data["product_types"]) > 0:
-                for product_type in memberform.cleaned_data["product_types"]:
-                    existing_members = Product_Type_Member.objects.filter(product_type=product_type, user=user)
-                    if existing_members.count() == 0:
-                        product_type_member = Product_Type_Member()
-                        product_type_member.product_type = product_type
-                        product_type_member.user = user
-                        product_type_member.role = memberform.cleaned_data["role"]
-                        product_type_member.save()
-                messages.add_message(request,
-                                    messages.SUCCESS,
-                                    labels.ORG_USERS_ADD_SUCCESS_MESSAGE,
-                                    extra_tags="alert-success")
-                return HttpResponseRedirect(reverse("view_user", args=(uid, )))
-    add_breadcrumb(title=page_name, top_level=False, request=request)
-    return render(request, "dojo/new_product_type_member_user.html", {
-        "name": page_name,
-        "user": user,
-        "form": memberform,
-    })
-
-
-@user_passes_test(lambda u: u.is_superuser)
-def add_product_member(request, uid):
-    page_name = str(labels.ASSET_USERS_MEMBER_ADD_LABEL)
-    user = get_object_or_404(Dojo_User, id=uid)
-    memberform = Add_Product_Member_UserForm(initial={"user": user.id})
-    if request.method == "POST":
-        memberform = Add_Product_Member_UserForm(request.POST, initial={"user": user.id})
-        if memberform.is_valid():
-            if "products" in memberform.cleaned_data and len(memberform.cleaned_data["products"]) > 0:
-                for product in memberform.cleaned_data["products"]:
-                    existing_members = Product_Member.objects.filter(product=product, user=user)
-                    if existing_members.count() == 0:
-                        product_member = Product_Member()
-                        product_member.product = product
-                        product_member.user = user
-                        product_member.role = memberform.cleaned_data["role"]
-                        product_member.save()
-            messages.add_message(request,
-                                messages.SUCCESS,
-                                labels.ASSET_USERS_MEMBER_ADD_SUCCESS_MESSAGE,
-                                extra_tags="alert-success")
-            return HttpResponseRedirect(reverse("view_user", args=(uid, )))
-    add_breadcrumb(title=page_name, top_level=False, request=request)
-    return render(request, "dojo/new_product_member_user.html", {
-        "name": page_name,
-        "user": user,
-        "form": memberform,
-    })
-
-
 @user_passes_test(lambda u: u.is_staff)
 def authorize_user_for_products(request, uid):
     """OS legacy: add this user to one or more products' authorized_users."""