Include vote_delegated_from_users_id in required users (#5706)

* Include vote_delegated_from_users_id in required users

* Fix restrictors if users do not have base perms

* Fix from username building in the projector
This commit is contained in:
Finn Stutzenstein 2020-11-18 08:14:33 +01:00 committed by GitHub
parent 6c35e225a5
commit 38534d4e01
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 29 additions and 10 deletions

1
.gitignore vendored
View File

@ -27,6 +27,7 @@ server/.venv
/openslides-*/ /openslides-*/
/haproxy/ /haproxy/
/docker/keys/ /docker/keys/
/docs/
# Plugin development # Plugin development
openslides_* openslides_*
# Old OS3 stuff # Old OS3 stuff

View File

@ -99,7 +99,7 @@ class MotionChangeRecommendationAccessPermissions(BaseAccessPermissions):
the can_see permission. the can_see permission.
""" """
# Parse data. # Parse data.
if await async_has_perm(user_id, "motions.can_see"): if await async_has_perm(user_id, self.base_permission):
has_manage_perms = await async_has_perm(user_id, "motions.can_manage") has_manage_perms = await async_has_perm(user_id, "motions.can_manage")
data = [] data = []
for full in full_data: for full in full_data:
@ -128,11 +128,13 @@ class MotionCommentSectionAccessPermissions(BaseAccessPermissions):
data: List[Dict[str, Any]] = [] data: List[Dict[str, Any]] = []
if await async_has_perm(user_id, "motions.can_manage"): if await async_has_perm(user_id, "motions.can_manage"):
data = full_data data = full_data
else: elif await async_has_perm(user_id, self.base_permission):
for full in full_data: for full in full_data:
read_groups = full.get("read_groups_id", []) read_groups = full.get("read_groups_id", [])
if await async_in_some_groups(user_id, read_groups): if await async_in_some_groups(user_id, read_groups):
data.append(full) data.append(full)
else:
data = []
return data return data
@ -168,8 +170,10 @@ class MotionBlockAccessPermissions(BaseAccessPermissions):
data: List[Dict[str, Any]] = [] data: List[Dict[str, Any]] = []
if await async_has_perm(user_id, "motions.can_manage"): if await async_has_perm(user_id, "motions.can_manage"):
data = full_data data = full_data
else: elif await async_has_perm(user_id, self.base_permission):
data = [full for full in full_data if not full["internal"]] data = [full for full in full_data if not full["internal"]]
else:
data = []
return data return data

View File

@ -25,7 +25,7 @@ class BaseVoteAccessPermissions(BaseAccessPermissions):
if await async_has_perm(user_id, self.manage_permission): if await async_has_perm(user_id, self.manage_permission):
data = full_data data = full_data
else: elif await async_has_perm(user_id, self.base_permission):
data = [ data = [
vote vote
for vote in full_data for vote in full_data
@ -33,6 +33,8 @@ class BaseVoteAccessPermissions(BaseAccessPermissions):
or vote["user_id"] == user_id or vote["user_id"] == user_id
or vote["delegated_user_id"] == user_id or vote["delegated_user_id"] == user_id
] ]
else:
data = []
return data return data
@ -45,7 +47,7 @@ class BaseOptionAccessPermissions(BaseAccessPermissions):
if await async_has_perm(user_id, self.manage_permission): if await async_has_perm(user_id, self.manage_permission):
data = full_data data = full_data
else: elif await async_has_perm(user_id, self.base_permission):
data = [] data = []
for option in full_data: for option in full_data:
if option["pollstate"] != BasePoll.STATE_PUBLISHED: if option["pollstate"] != BasePoll.STATE_PUBLISHED:
@ -56,6 +58,8 @@ class BaseOptionAccessPermissions(BaseAccessPermissions):
del option["no"] del option["no"]
del option["abstain"] del option["abstain"]
data.append(option) data.append(option)
else:
data = []
return data return data
@ -98,7 +102,7 @@ class BasePollAccessPermissions(BaseAccessPermissions):
if await async_has_perm(user_id, self.manage_permission): if await async_has_perm(user_id, self.manage_permission):
data = full_data data = full_data
else: elif await async_has_perm(user_id, self.base_permission):
data = [] data = []
for poll in full_data: for poll in full_data:
if poll["state"] != BasePoll.STATE_PUBLISHED: if poll["state"] != BasePoll.STATE_PUBLISHED:
@ -112,4 +116,6 @@ class BasePollAccessPermissions(BaseAccessPermissions):
for field in self.additional_fields: for field in self.additional_fields:
del poll[field] del poll[field]
data.append(poll) data.append(poll)
else:
data = []
return data return data

View File

@ -90,19 +90,27 @@ class UserAccessPermissions(BaseAccessPermissions):
): ):
can_see_collection_strings.add(collection_string) can_see_collection_strings.add(collection_string)
user_ids = await required_user.get_required_users( required_user_ids = await required_user.get_required_users(
can_see_collection_strings can_see_collection_strings
) )
# Add oneself. # Add oneself.
if user_id: if user_id:
user_ids.add(user_id) required_user_ids.add(user_id)
# add vote delegations
# Find our model in full_data and get vote_delegated_from_users_id from it.
for user in full_data:
if user["id"] == user_id:
if len(user["vote_delegated_from_users_id"]) > 0:
required_user_ids.add(*user["vote_delegated_from_users_id"])
break
# Parse data. # Parse data.
data = [ data = [
filtered_data(full, little_data_fields, own_data_fields) filtered_data(full, little_data_fields, own_data_fields)
for full in full_data for full in full_data
if full["id"] in user_ids if full["id"] in required_user_ids
] ]
return data return data

View File

@ -33,7 +33,7 @@ async def get_user_name(
for name_part in ("title", "first_name", "last_name"): for name_part in ("title", "first_name", "last_name"):
if user[name_part]: if user[name_part]:
name_parts.append(user[name_part]) name_parts.append(user[name_part])
if not name_part: if not name_parts:
name_parts.append(user["username"]) name_parts.append(user["username"])
if user["structure_level"]: if user["structure_level"]:
name_parts.append(f"({user['structure_level']})") name_parts.append(f"({user['structure_level']})")