Include vote_delegated_from_users_id in required users (#5706)

* Include vote_delegated_from_users_id in required users * Fix restrictors if users do not have base perms * Fix from username building in the projector
2020-11-18 08:14:33 +01:00 · 2020-11-18 08:14:33 +01:00 · 38534d4e01
parent 6c35e225a5
commit 38534d4e01
5 changed files with 29 additions and 10 deletions
--- a/.gitignore
+++ b/.gitignore
@ -27,6 +27,7 @@ server/.venv
 /openslides-*/
 /haproxy/
 /docker/keys/
+/docs/
 # Plugin development
 openslides_*
 # Old OS3 stuff
--- a/server/openslides/motions/access_permissions.py
+++ b/server/openslides/motions/access_permissions.py
@ -99,7 +99,7 @@ class MotionChangeRecommendationAccessPermissions(BaseAccessPermissions):
        the can_see permission.
        """
        # Parse data.
-        if await async_has_perm(user_id, "motions.can_see"):
+        if await async_has_perm(user_id, self.base_permission):
            has_manage_perms = await async_has_perm(user_id, "motions.can_manage")
            data = []
            for full in full_data:
@ -128,11 +128,13 @@ class MotionCommentSectionAccessPermissions(BaseAccessPermissions):
        data: List[Dict[str, Any]] = []
        if await async_has_perm(user_id, "motions.can_manage"):
            data = full_data
-        else:
+        elif await async_has_perm(user_id, self.base_permission):
            for full in full_data:
                read_groups = full.get("read_groups_id", [])
                if await async_in_some_groups(user_id, read_groups):
                    data.append(full)
+        else:
+            data = []
        return data


@ -168,8 +170,10 @@ class MotionBlockAccessPermissions(BaseAccessPermissions):
        data: List[Dict[str, Any]] = []
        if await async_has_perm(user_id, "motions.can_manage"):
            data = full_data
-        else:
+        elif await async_has_perm(user_id, self.base_permission):
            data = [full for full in full_data if not full["internal"]]
+        else:
+            data = []

        return data

--- a/server/openslides/poll/access_permissions.py
+++ b/server/openslides/poll/access_permissions.py
@ -25,7 +25,7 @@ class BaseVoteAccessPermissions(BaseAccessPermissions):

        if await async_has_perm(user_id, self.manage_permission):
            data = full_data
-        else:
+        elif await async_has_perm(user_id, self.base_permission):
            data = [
                vote
                for vote in full_data
@ -33,6 +33,8 @@ class BaseVoteAccessPermissions(BaseAccessPermissions):
                or vote["user_id"] == user_id
                or vote["delegated_user_id"] == user_id
            ]
+        else:
+            data = []
        return data


@ -45,7 +47,7 @@ class BaseOptionAccessPermissions(BaseAccessPermissions):

        if await async_has_perm(user_id, self.manage_permission):
            data = full_data
-        else:
+        elif await async_has_perm(user_id, self.base_permission):
            data = []
            for option in full_data:
                if option["pollstate"] != BasePoll.STATE_PUBLISHED:
@ -56,6 +58,8 @@ class BaseOptionAccessPermissions(BaseAccessPermissions):
                    del option["no"]
                    del option["abstain"]
                data.append(option)
+        else:
+            data = []
        return data


@ -98,7 +102,7 @@ class BasePollAccessPermissions(BaseAccessPermissions):

        if await async_has_perm(user_id, self.manage_permission):
            data = full_data
-        else:
+        elif await async_has_perm(user_id, self.base_permission):
            data = []
            for poll in full_data:
                if poll["state"] != BasePoll.STATE_PUBLISHED:
@ -112,4 +116,6 @@ class BasePollAccessPermissions(BaseAccessPermissions):
                    for field in self.additional_fields:
                        del poll[field]
                data.append(poll)
+        else:
+            data = []
        return data
--- a/server/openslides/users/access_permissions.py
+++ b/server/openslides/users/access_permissions.py
@ -90,19 +90,27 @@ class UserAccessPermissions(BaseAccessPermissions):
                ):
                    can_see_collection_strings.add(collection_string)

-            user_ids = await required_user.get_required_users(
+            required_user_ids = await required_user.get_required_users(
                can_see_collection_strings
            )

            # Add oneself.
            if user_id:
-                user_ids.add(user_id)
+                required_user_ids.add(user_id)
+
+            # add vote delegations
+            # Find our model in full_data and get vote_delegated_from_users_id from it.
+            for user in full_data:
+                if user["id"] == user_id:
+                    if len(user["vote_delegated_from_users_id"]) > 0:
+                        required_user_ids.add(*user["vote_delegated_from_users_id"])
+                    break

            # Parse data.
            data = [
                filtered_data(full, little_data_fields, own_data_fields)
                for full in full_data
-                if full["id"] in user_ids
+                if full["id"] in required_user_ids
            ]

        return data
--- a/server/openslides/users/projector.py
+++ b/server/openslides/users/projector.py
@ -33,7 +33,7 @@ async def get_user_name(
    for name_part in ("title", "first_name", "last_name"):
        if user[name_part]:
            name_parts.append(user[name_part])
-    if not name_part:
+    if not name_parts:
        name_parts.append(user["username"])
    if user["structure_level"]:
        name_parts.append(f"({user['structure_level']})")