New admin user group
This commit is contained in:
Emanuel Schütze
parent
d073cbbf6f
commit
4e1c7b7497
@ -82,6 +82,7 @@ Users:
|
||||
- Hide password in change password view [#3417].
|
||||
- Added a change presence view [#3496].
|
||||
- New feature to send invitation emails with OpenSlides login [#3503].
|
||||
- New admin user group [#3621].
|
||||
|
||||
Core:
|
||||
- No reload on logoff. OpenSlides is now a full single page
|
||||
|
||||
@ -68,9 +68,9 @@ class UserManager(BaseUserManager):
|
||||
query_can_see_name = Q(content_type__app_label='users') & Q(codename='can_see_name')
|
||||
query_can_manage = Q(content_type__app_label='users') & Q(codename='can_manage')
|
||||
|
||||
staff, _ = Group.objects.get_or_create(name='Staff')
|
||||
staff.permissions.add(Permission.objects.get(query_can_see_name))
|
||||
staff.permissions.add(Permission.objects.get(query_can_manage))
|
||||
admin_group, _ = Group.objects.get_or_create(name='Admin')
|
||||
admin_group.permissions.add(Permission.objects.get(query_can_see_name))
|
||||
admin_group.permissions.add(Permission.objects.get(query_can_manage))
|
||||
|
||||
admin, created = self.get_or_create(
|
||||
username='admin',
|
||||
@ -78,7 +78,7 @@ class UserManager(BaseUserManager):
|
||||
admin.default_password = 'admin'
|
||||
admin.password = make_password(admin.default_password)
|
||||
admin.save()
|
||||
admin.groups.add(staff)
|
||||
admin.groups.add(admin_group)
|
||||
return created
|
||||
|
||||
def generate_username(self, first_name, last_name):
|
||||
|
||||
@ -95,7 +95,6 @@ def create_builtin_groups_and_admin(**kwargs):
|
||||
permission_dict['core.can_see_frontpage'],
|
||||
permission_dict['core.can_see_projector'],
|
||||
permission_dict['mediafiles.can_see'],
|
||||
permission_dict['mediafiles.can_upload'],
|
||||
permission_dict['motions.can_see'],
|
||||
permission_dict['motions.can_create'],
|
||||
permission_dict['motions.can_support'],
|
||||
@ -105,6 +104,37 @@ def create_builtin_groups_and_admin(**kwargs):
|
||||
|
||||
# Staff (pk 3)
|
||||
staff_permissions = (
|
||||
permission_dict['agenda.can_see'],
|
||||
permission_dict['agenda.can_see_hidden_items'],
|
||||
permission_dict['agenda.can_be_speaker'],
|
||||
permission_dict['agenda.can_manage'],
|
||||
permission_dict['agenda.can_manage_list_of_speakers'],
|
||||
permission_dict['assignments.can_see'],
|
||||
permission_dict['assignments.can_manage'],
|
||||
permission_dict['assignments.can_nominate_other'],
|
||||
permission_dict['assignments.can_nominate_self'],
|
||||
permission_dict['core.can_see_frontpage'],
|
||||
permission_dict['core.can_see_projector'],
|
||||
permission_dict['core.can_manage_projector'],
|
||||
permission_dict['core.can_manage_tags'],
|
||||
permission_dict['core.can_use_chat'],
|
||||
permission_dict['mediafiles.can_see'],
|
||||
permission_dict['mediafiles.can_manage'],
|
||||
permission_dict['mediafiles.can_upload'],
|
||||
permission_dict['motions.can_see'],
|
||||
permission_dict['motions.can_create'],
|
||||
permission_dict['motions.can_manage'],
|
||||
permission_dict['motions.can_see_comments'],
|
||||
permission_dict['motions.can_manage_comments'],
|
||||
permission_dict['users.can_see_name'],
|
||||
permission_dict['users.can_manage'],
|
||||
permission_dict['users.can_see_extra_data'],
|
||||
permission_dict['mediafiles.can_see_hidden'],)
|
||||
group_staff = Group.objects.create(name='Staff')
|
||||
group_staff.permissions.add(*staff_permissions)
|
||||
|
||||
# Admin (pk 4)
|
||||
admin_permissions = (
|
||||
permission_dict['agenda.can_see'],
|
||||
permission_dict['agenda.can_see_hidden_items'],
|
||||
permission_dict['agenda.can_be_speaker'],
|
||||
@ -134,25 +164,25 @@ def create_builtin_groups_and_admin(**kwargs):
|
||||
permission_dict['users.can_manage'],
|
||||
permission_dict['users.can_see_extra_data'],
|
||||
permission_dict['mediafiles.can_see_hidden'],)
|
||||
group_staff = Group.objects.create(name='Staff')
|
||||
group_staff.permissions.add(*staff_permissions)
|
||||
group_admin = Group.objects.create(name='Admin')
|
||||
group_admin.permissions.add(*admin_permissions)
|
||||
|
||||
# Add users.can_see_name permission to staff
|
||||
# Add users.can_see_name permission to staff/admin
|
||||
# group to ensure proper management possibilities
|
||||
# TODO: Remove this redundancy after cleanup of the permission system.
|
||||
group_staff.permissions.add(
|
||||
permission_dict['users.can_see_name'])
|
||||
group_admin.permissions.add(
|
||||
permission_dict['users.can_see_name'])
|
||||
|
||||
# Committees (pk 4)
|
||||
# Committees (pk 5)
|
||||
committees_permissions = (
|
||||
permission_dict['agenda.can_see'],
|
||||
permission_dict['agenda.can_see_hidden_items'],
|
||||
permission_dict['agenda.can_be_speaker'],
|
||||
permission_dict['assignments.can_see'],
|
||||
permission_dict['core.can_see_frontpage'],
|
||||
permission_dict['core.can_see_projector'],
|
||||
permission_dict['mediafiles.can_see'],
|
||||
permission_dict['mediafiles.can_upload'],
|
||||
permission_dict['motions.can_see'],
|
||||
permission_dict['motions.can_create'],
|
||||
permission_dict['motions.can_support'],
|
||||
@ -166,4 +196,4 @@ def create_builtin_groups_and_admin(**kwargs):
|
||||
# After each group was created, the permissions (many to many fields) where
|
||||
# added to the group. So we have to update the cache by calling
|
||||
# inform_changed_data().
|
||||
inform_changed_data((group_default, group_delegates, group_staff, group_committee))
|
||||
inform_changed_data((group_default, group_delegates, group_staff, group_admin, group_committee))
|
||||
|
||||
@ -203,10 +203,10 @@ class ManageSpeaker(TestCase):
|
||||
|
||||
def test_add_someone_else_non_admin(self):
|
||||
admin = get_user_model().objects.get(username='admin')
|
||||
group_staff = admin.groups.get(name='Staff')
|
||||
group_delegates = type(group_staff).objects.get(name='Delegates')
|
||||
group_admin = admin.groups.get(name='Admin')
|
||||
group_delegates = type(group_admin).objects.get(name='Delegates')
|
||||
admin.groups.add(group_delegates)
|
||||
admin.groups.remove(group_staff)
|
||||
admin.groups.remove(group_admin)
|
||||
CollectionElement.from_instance(admin)
|
||||
|
||||
response = self.client.post(
|
||||
@ -240,10 +240,10 @@ class ManageSpeaker(TestCase):
|
||||
|
||||
def test_remove_someone_else_non_admin(self):
|
||||
admin = get_user_model().objects.get(username='admin')
|
||||
group_staff = admin.groups.get(name='Staff')
|
||||
group_delegates = type(group_staff).objects.get(name='Delegates')
|
||||
group_admin = admin.groups.get(name='Admin')
|
||||
group_delegates = type(group_admin).objects.get(name='Delegates')
|
||||
admin.groups.add(group_delegates)
|
||||
admin.groups.remove(group_staff)
|
||||
admin.groups.remove(group_admin)
|
||||
CollectionElement.from_instance(admin)
|
||||
speaker = Speaker.objects.add(self.user, self.item)
|
||||
|
||||
@ -268,10 +268,10 @@ class ManageSpeaker(TestCase):
|
||||
|
||||
def test_mark_speaker_non_admin(self):
|
||||
admin = get_user_model().objects.get(username='admin')
|
||||
group_staff = admin.groups.get(name='Staff')
|
||||
group_delegates = type(group_staff).objects.get(name='Delegates')
|
||||
group_admin = admin.groups.get(name='Admin')
|
||||
group_delegates = type(group_admin).objects.get(name='Delegates')
|
||||
admin.groups.add(group_delegates)
|
||||
admin.groups.remove(group_staff)
|
||||
admin.groups.remove(group_admin)
|
||||
CollectionElement.from_instance(admin)
|
||||
Speaker.objects.add(self.user, self.item)
|
||||
|
||||
|
||||
@ -106,10 +106,10 @@ class CanidatureSelf(TestCase):
|
||||
self.assignment.set_phase(Assignment.PHASE_VOTING)
|
||||
self.assignment.save()
|
||||
admin = get_user_model().objects.get(username='admin')
|
||||
group_staff = admin.groups.get(name='Staff')
|
||||
group_delegates = type(group_staff).objects.get(name='Delegates')
|
||||
group_admin = admin.groups.get(name='Admin')
|
||||
group_delegates = type(group_admin).objects.get(name='Delegates')
|
||||
admin.groups.add(group_delegates)
|
||||
admin.groups.remove(group_staff)
|
||||
admin.groups.remove(group_admin)
|
||||
get_redis_connection('default').flushall()
|
||||
|
||||
response = self.client.post(reverse('assignment-candidature-self', args=[self.assignment.pk]))
|
||||
@ -153,10 +153,10 @@ class CanidatureSelf(TestCase):
|
||||
self.assignment.set_phase(Assignment.PHASE_VOTING)
|
||||
self.assignment.save()
|
||||
admin = get_user_model().objects.get(username='admin')
|
||||
group_staff = admin.groups.get(name='Staff')
|
||||
group_delegates = type(group_staff).objects.get(name='Delegates')
|
||||
group_admin = admin.groups.get(name='Admin')
|
||||
group_delegates = type(group_admin).objects.get(name='Delegates')
|
||||
admin.groups.add(group_delegates)
|
||||
admin.groups.remove(group_staff)
|
||||
admin.groups.remove(group_admin)
|
||||
get_redis_connection('default').flushall()
|
||||
|
||||
response = self.client.delete(reverse('assignment-candidature-self', args=[self.assignment.pk]))
|
||||
@ -234,10 +234,10 @@ class CandidatureOther(TestCase):
|
||||
self.assignment.set_phase(Assignment.PHASE_VOTING)
|
||||
self.assignment.save()
|
||||
admin = get_user_model().objects.get(username='admin')
|
||||
group_staff = admin.groups.get(name='Staff')
|
||||
group_delegates = type(group_staff).objects.get(name='Delegates')
|
||||
group_admin = admin.groups.get(name='Admin')
|
||||
group_delegates = type(group_admin).objects.get(name='Delegates')
|
||||
admin.groups.add(group_delegates)
|
||||
admin.groups.remove(group_staff)
|
||||
admin.groups.remove(group_admin)
|
||||
get_redis_connection('default').flushall()
|
||||
|
||||
response = self.client.post(
|
||||
@ -290,10 +290,10 @@ class CandidatureOther(TestCase):
|
||||
self.assignment.set_phase(Assignment.PHASE_VOTING)
|
||||
self.assignment.save()
|
||||
admin = get_user_model().objects.get(username='admin')
|
||||
group_staff = admin.groups.get(name='Staff')
|
||||
group_delegates = type(group_staff).objects.get(name='Delegates')
|
||||
group_admin = admin.groups.get(name='Admin')
|
||||
group_delegates = type(group_admin).objects.get(name='Delegates')
|
||||
admin.groups.add(group_delegates)
|
||||
admin.groups.remove(group_staff)
|
||||
admin.groups.remove(group_admin)
|
||||
get_redis_connection('default').flushall()
|
||||
|
||||
response = self.client.delete(
|
||||
|
||||
@ -321,7 +321,7 @@ class CreateMotion(TestCase):
|
||||
"""
|
||||
self.admin = get_user_model().objects.get(username='admin')
|
||||
self.admin.groups.add(2)
|
||||
self.admin.groups.remove(3)
|
||||
self.admin.groups.remove(4)
|
||||
group_delegate = self.admin.groups.get()
|
||||
group_delegate.permissions.add(Permission.objects.get(
|
||||
content_type__app_label='motions',
|
||||
@ -381,7 +381,7 @@ class CreateMotion(TestCase):
|
||||
|
||||
self.admin = get_user_model().objects.get(username='admin')
|
||||
self.admin.groups.add(2)
|
||||
self.admin.groups.remove(3)
|
||||
self.admin.groups.remove(4)
|
||||
get_redis_connection('default').flushall()
|
||||
|
||||
response = self.client.post(
|
||||
@ -564,8 +564,8 @@ class UpdateMotion(TestCase):
|
||||
def test_removal_of_supporters(self):
|
||||
# No cache used here.
|
||||
admin = get_user_model().objects.get(username='admin')
|
||||
group_staff = admin.groups.get(name='Staff')
|
||||
admin.groups.remove(group_staff)
|
||||
group_admin = admin.groups.get(name='Admin')
|
||||
admin.groups.remove(group_admin)
|
||||
self.motion.submitters.add(admin)
|
||||
supporter = get_user_model().objects.create_user(
|
||||
username='test_username_ahshi4oZin0OoSh9chee',
|
||||
@ -656,9 +656,9 @@ class DeleteMotion(TestCase):
|
||||
self.assertEqual(motions, 0)
|
||||
|
||||
def make_admin_delegate(self):
|
||||
group_staff = self.admin.groups.get(name='Staff')
|
||||
group_admin = self.admin.groups.get(name='Admin')
|
||||
group_delegates = Group.objects.get(name='Delegates')
|
||||
self.admin.groups.remove(group_staff)
|
||||
self.admin.groups.remove(group_admin)
|
||||
self.admin.groups.add(group_delegates)
|
||||
CollectionElement.from_instance(self.admin)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user