Added permission to see participants also to the manager group. See #1150.

2013-12-23 19:14:11 +01:00 · 2013-12-23 19:14:11 +01:00 · 22960748a3
commit 22960748a3
parent 1e52959f70
3 changed files with 20 additions and 1 deletions
--- a/2
+++ b/2
@ -8,6 +8,8 @@ Version 1.5.1 (unreleased)
 ==========================
 [https://github.com/OpenSlides/OpenSlides/issues?milestone=15]

+Participant:
+- Added permission to see participants also to the manager group.
 Files:
 - Fixed error when a file was removed from filesystem.
 Other:
--- a/openslides/participant/signals.py
+++ b/openslides/participant/signals.py
@ -118,6 +118,7 @@ def create_builtin_groups_and_admin(sender, **kwargs):

    group_staff = Group.objects.create(name=ugettext_noop('Staff'), pk=4)
    group_staff.permissions.add(perm_7, perm_9, perm_10, perm_10a, perm_11, perm_12, perm_13, perm_14, perm_15, perm_15a, perm_16)
+    group_staff.permissions.add(perm_6)  # TODO: Remove this redundancy after cleanup of the permission system

    # Admin user
    create_or_reset_admin_user()
--- a/tests/participant/test_views.py
+++ b/tests/participant/test_views.py
@ -2,9 +2,12 @@

 import re

+from django.contrib.auth.models import Permission
+from django.contrib.contenttypes.models import ContentType
 from django.test.client import Client

 from openslides.config.api import config
+from openslides.participant.api import get_registered_group
 from openslides.participant.models import get_protected_perm, Group, User
 from openslides.utils.test import TestCase

@ -93,7 +96,9 @@ class GroupViews(TestCase):
 class LockoutProtection(TestCase):
    """
    Tests that a manager user can not lockout himself by doing
-    something that removes his last permission to manage participants.
+    something that removes his last permission to manage participants. Tests
+    also that he can see the participant app (although there is no absolute
+    protection).
    """
    def setUp(self):
        self.user = User.objects.get(pk=1)
@ -159,6 +164,17 @@ class LockoutProtection(TestCase):
            field=None,
            errors='You can not remove the permission to manage participants from the last group you are in.')

+    def test_remove_permission_can_see_participant_from_registered(self):
+        self.assertTrue(self.user.has_perm('participant.can_see_participant'))
+        # Remove perm from registered group
+        can_see_perm = Permission.objects.get(
+            content_type=ContentType.objects.get(app_label='participant', model='user'),
+            codename='can_see_participant')
+        get_registered_group().permissions.remove(can_see_perm)
+        # Reload user
+        self.user = User.objects.get(pk=1)
+        self.assertTrue(self.user.has_perm('participant.can_see_participant'))
+

 class TestUserSettings(TestCase):
    def setUp(self):