New admin user group
This commit is contained in:
parent
d073cbbf6f
commit
4e1c7b7497
@ -82,6 +82,7 @@ Users:
|
|||||||
- Hide password in change password view [#3417].
|
- Hide password in change password view [#3417].
|
||||||
- Added a change presence view [#3496].
|
- Added a change presence view [#3496].
|
||||||
- New feature to send invitation emails with OpenSlides login [#3503].
|
- New feature to send invitation emails with OpenSlides login [#3503].
|
||||||
|
- New admin user group [#3621].
|
||||||
|
|
||||||
Core:
|
Core:
|
||||||
- No reload on logoff. OpenSlides is now a full single page
|
- No reload on logoff. OpenSlides is now a full single page
|
||||||
|
@ -68,9 +68,9 @@ class UserManager(BaseUserManager):
|
|||||||
query_can_see_name = Q(content_type__app_label='users') & Q(codename='can_see_name')
|
query_can_see_name = Q(content_type__app_label='users') & Q(codename='can_see_name')
|
||||||
query_can_manage = Q(content_type__app_label='users') & Q(codename='can_manage')
|
query_can_manage = Q(content_type__app_label='users') & Q(codename='can_manage')
|
||||||
|
|
||||||
staff, _ = Group.objects.get_or_create(name='Staff')
|
admin_group, _ = Group.objects.get_or_create(name='Admin')
|
||||||
staff.permissions.add(Permission.objects.get(query_can_see_name))
|
admin_group.permissions.add(Permission.objects.get(query_can_see_name))
|
||||||
staff.permissions.add(Permission.objects.get(query_can_manage))
|
admin_group.permissions.add(Permission.objects.get(query_can_manage))
|
||||||
|
|
||||||
admin, created = self.get_or_create(
|
admin, created = self.get_or_create(
|
||||||
username='admin',
|
username='admin',
|
||||||
@ -78,7 +78,7 @@ class UserManager(BaseUserManager):
|
|||||||
admin.default_password = 'admin'
|
admin.default_password = 'admin'
|
||||||
admin.password = make_password(admin.default_password)
|
admin.password = make_password(admin.default_password)
|
||||||
admin.save()
|
admin.save()
|
||||||
admin.groups.add(staff)
|
admin.groups.add(admin_group)
|
||||||
return created
|
return created
|
||||||
|
|
||||||
def generate_username(self, first_name, last_name):
|
def generate_username(self, first_name, last_name):
|
||||||
|
@ -95,7 +95,6 @@ def create_builtin_groups_and_admin(**kwargs):
|
|||||||
permission_dict['core.can_see_frontpage'],
|
permission_dict['core.can_see_frontpage'],
|
||||||
permission_dict['core.can_see_projector'],
|
permission_dict['core.can_see_projector'],
|
||||||
permission_dict['mediafiles.can_see'],
|
permission_dict['mediafiles.can_see'],
|
||||||
permission_dict['mediafiles.can_upload'],
|
|
||||||
permission_dict['motions.can_see'],
|
permission_dict['motions.can_see'],
|
||||||
permission_dict['motions.can_create'],
|
permission_dict['motions.can_create'],
|
||||||
permission_dict['motions.can_support'],
|
permission_dict['motions.can_support'],
|
||||||
@ -105,6 +104,37 @@ def create_builtin_groups_and_admin(**kwargs):
|
|||||||
|
|
||||||
# Staff (pk 3)
|
# Staff (pk 3)
|
||||||
staff_permissions = (
|
staff_permissions = (
|
||||||
|
permission_dict['agenda.can_see'],
|
||||||
|
permission_dict['agenda.can_see_hidden_items'],
|
||||||
|
permission_dict['agenda.can_be_speaker'],
|
||||||
|
permission_dict['agenda.can_manage'],
|
||||||
|
permission_dict['agenda.can_manage_list_of_speakers'],
|
||||||
|
permission_dict['assignments.can_see'],
|
||||||
|
permission_dict['assignments.can_manage'],
|
||||||
|
permission_dict['assignments.can_nominate_other'],
|
||||||
|
permission_dict['assignments.can_nominate_self'],
|
||||||
|
permission_dict['core.can_see_frontpage'],
|
||||||
|
permission_dict['core.can_see_projector'],
|
||||||
|
permission_dict['core.can_manage_projector'],
|
||||||
|
permission_dict['core.can_manage_tags'],
|
||||||
|
permission_dict['core.can_use_chat'],
|
||||||
|
permission_dict['mediafiles.can_see'],
|
||||||
|
permission_dict['mediafiles.can_manage'],
|
||||||
|
permission_dict['mediafiles.can_upload'],
|
||||||
|
permission_dict['motions.can_see'],
|
||||||
|
permission_dict['motions.can_create'],
|
||||||
|
permission_dict['motions.can_manage'],
|
||||||
|
permission_dict['motions.can_see_comments'],
|
||||||
|
permission_dict['motions.can_manage_comments'],
|
||||||
|
permission_dict['users.can_see_name'],
|
||||||
|
permission_dict['users.can_manage'],
|
||||||
|
permission_dict['users.can_see_extra_data'],
|
||||||
|
permission_dict['mediafiles.can_see_hidden'],)
|
||||||
|
group_staff = Group.objects.create(name='Staff')
|
||||||
|
group_staff.permissions.add(*staff_permissions)
|
||||||
|
|
||||||
|
# Admin (pk 4)
|
||||||
|
admin_permissions = (
|
||||||
permission_dict['agenda.can_see'],
|
permission_dict['agenda.can_see'],
|
||||||
permission_dict['agenda.can_see_hidden_items'],
|
permission_dict['agenda.can_see_hidden_items'],
|
||||||
permission_dict['agenda.can_be_speaker'],
|
permission_dict['agenda.can_be_speaker'],
|
||||||
@ -134,25 +164,25 @@ def create_builtin_groups_and_admin(**kwargs):
|
|||||||
permission_dict['users.can_manage'],
|
permission_dict['users.can_manage'],
|
||||||
permission_dict['users.can_see_extra_data'],
|
permission_dict['users.can_see_extra_data'],
|
||||||
permission_dict['mediafiles.can_see_hidden'],)
|
permission_dict['mediafiles.can_see_hidden'],)
|
||||||
group_staff = Group.objects.create(name='Staff')
|
group_admin = Group.objects.create(name='Admin')
|
||||||
group_staff.permissions.add(*staff_permissions)
|
group_admin.permissions.add(*admin_permissions)
|
||||||
|
|
||||||
# Add users.can_see_name permission to staff
|
# Add users.can_see_name permission to staff/admin
|
||||||
# group to ensure proper management possibilities
|
# group to ensure proper management possibilities
|
||||||
# TODO: Remove this redundancy after cleanup of the permission system.
|
# TODO: Remove this redundancy after cleanup of the permission system.
|
||||||
group_staff.permissions.add(
|
group_staff.permissions.add(
|
||||||
permission_dict['users.can_see_name'])
|
permission_dict['users.can_see_name'])
|
||||||
|
group_admin.permissions.add(
|
||||||
|
permission_dict['users.can_see_name'])
|
||||||
|
|
||||||
# Committees (pk 4)
|
# Committees (pk 5)
|
||||||
committees_permissions = (
|
committees_permissions = (
|
||||||
permission_dict['agenda.can_see'],
|
permission_dict['agenda.can_see'],
|
||||||
permission_dict['agenda.can_see_hidden_items'],
|
permission_dict['agenda.can_see_hidden_items'],
|
||||||
permission_dict['agenda.can_be_speaker'],
|
|
||||||
permission_dict['assignments.can_see'],
|
permission_dict['assignments.can_see'],
|
||||||
permission_dict['core.can_see_frontpage'],
|
permission_dict['core.can_see_frontpage'],
|
||||||
permission_dict['core.can_see_projector'],
|
permission_dict['core.can_see_projector'],
|
||||||
permission_dict['mediafiles.can_see'],
|
permission_dict['mediafiles.can_see'],
|
||||||
permission_dict['mediafiles.can_upload'],
|
|
||||||
permission_dict['motions.can_see'],
|
permission_dict['motions.can_see'],
|
||||||
permission_dict['motions.can_create'],
|
permission_dict['motions.can_create'],
|
||||||
permission_dict['motions.can_support'],
|
permission_dict['motions.can_support'],
|
||||||
@ -166,4 +196,4 @@ def create_builtin_groups_and_admin(**kwargs):
|
|||||||
# After each group was created, the permissions (many to many fields) where
|
# After each group was created, the permissions (many to many fields) where
|
||||||
# added to the group. So we have to update the cache by calling
|
# added to the group. So we have to update the cache by calling
|
||||||
# inform_changed_data().
|
# inform_changed_data().
|
||||||
inform_changed_data((group_default, group_delegates, group_staff, group_committee))
|
inform_changed_data((group_default, group_delegates, group_staff, group_admin, group_committee))
|
||||||
|
@ -203,10 +203,10 @@ class ManageSpeaker(TestCase):
|
|||||||
|
|
||||||
def test_add_someone_else_non_admin(self):
|
def test_add_someone_else_non_admin(self):
|
||||||
admin = get_user_model().objects.get(username='admin')
|
admin = get_user_model().objects.get(username='admin')
|
||||||
group_staff = admin.groups.get(name='Staff')
|
group_admin = admin.groups.get(name='Admin')
|
||||||
group_delegates = type(group_staff).objects.get(name='Delegates')
|
group_delegates = type(group_admin).objects.get(name='Delegates')
|
||||||
admin.groups.add(group_delegates)
|
admin.groups.add(group_delegates)
|
||||||
admin.groups.remove(group_staff)
|
admin.groups.remove(group_admin)
|
||||||
CollectionElement.from_instance(admin)
|
CollectionElement.from_instance(admin)
|
||||||
|
|
||||||
response = self.client.post(
|
response = self.client.post(
|
||||||
@ -240,10 +240,10 @@ class ManageSpeaker(TestCase):
|
|||||||
|
|
||||||
def test_remove_someone_else_non_admin(self):
|
def test_remove_someone_else_non_admin(self):
|
||||||
admin = get_user_model().objects.get(username='admin')
|
admin = get_user_model().objects.get(username='admin')
|
||||||
group_staff = admin.groups.get(name='Staff')
|
group_admin = admin.groups.get(name='Admin')
|
||||||
group_delegates = type(group_staff).objects.get(name='Delegates')
|
group_delegates = type(group_admin).objects.get(name='Delegates')
|
||||||
admin.groups.add(group_delegates)
|
admin.groups.add(group_delegates)
|
||||||
admin.groups.remove(group_staff)
|
admin.groups.remove(group_admin)
|
||||||
CollectionElement.from_instance(admin)
|
CollectionElement.from_instance(admin)
|
||||||
speaker = Speaker.objects.add(self.user, self.item)
|
speaker = Speaker.objects.add(self.user, self.item)
|
||||||
|
|
||||||
@ -268,10 +268,10 @@ class ManageSpeaker(TestCase):
|
|||||||
|
|
||||||
def test_mark_speaker_non_admin(self):
|
def test_mark_speaker_non_admin(self):
|
||||||
admin = get_user_model().objects.get(username='admin')
|
admin = get_user_model().objects.get(username='admin')
|
||||||
group_staff = admin.groups.get(name='Staff')
|
group_admin = admin.groups.get(name='Admin')
|
||||||
group_delegates = type(group_staff).objects.get(name='Delegates')
|
group_delegates = type(group_admin).objects.get(name='Delegates')
|
||||||
admin.groups.add(group_delegates)
|
admin.groups.add(group_delegates)
|
||||||
admin.groups.remove(group_staff)
|
admin.groups.remove(group_admin)
|
||||||
CollectionElement.from_instance(admin)
|
CollectionElement.from_instance(admin)
|
||||||
Speaker.objects.add(self.user, self.item)
|
Speaker.objects.add(self.user, self.item)
|
||||||
|
|
||||||
|
@ -106,10 +106,10 @@ class CanidatureSelf(TestCase):
|
|||||||
self.assignment.set_phase(Assignment.PHASE_VOTING)
|
self.assignment.set_phase(Assignment.PHASE_VOTING)
|
||||||
self.assignment.save()
|
self.assignment.save()
|
||||||
admin = get_user_model().objects.get(username='admin')
|
admin = get_user_model().objects.get(username='admin')
|
||||||
group_staff = admin.groups.get(name='Staff')
|
group_admin = admin.groups.get(name='Admin')
|
||||||
group_delegates = type(group_staff).objects.get(name='Delegates')
|
group_delegates = type(group_admin).objects.get(name='Delegates')
|
||||||
admin.groups.add(group_delegates)
|
admin.groups.add(group_delegates)
|
||||||
admin.groups.remove(group_staff)
|
admin.groups.remove(group_admin)
|
||||||
get_redis_connection('default').flushall()
|
get_redis_connection('default').flushall()
|
||||||
|
|
||||||
response = self.client.post(reverse('assignment-candidature-self', args=[self.assignment.pk]))
|
response = self.client.post(reverse('assignment-candidature-self', args=[self.assignment.pk]))
|
||||||
@ -153,10 +153,10 @@ class CanidatureSelf(TestCase):
|
|||||||
self.assignment.set_phase(Assignment.PHASE_VOTING)
|
self.assignment.set_phase(Assignment.PHASE_VOTING)
|
||||||
self.assignment.save()
|
self.assignment.save()
|
||||||
admin = get_user_model().objects.get(username='admin')
|
admin = get_user_model().objects.get(username='admin')
|
||||||
group_staff = admin.groups.get(name='Staff')
|
group_admin = admin.groups.get(name='Admin')
|
||||||
group_delegates = type(group_staff).objects.get(name='Delegates')
|
group_delegates = type(group_admin).objects.get(name='Delegates')
|
||||||
admin.groups.add(group_delegates)
|
admin.groups.add(group_delegates)
|
||||||
admin.groups.remove(group_staff)
|
admin.groups.remove(group_admin)
|
||||||
get_redis_connection('default').flushall()
|
get_redis_connection('default').flushall()
|
||||||
|
|
||||||
response = self.client.delete(reverse('assignment-candidature-self', args=[self.assignment.pk]))
|
response = self.client.delete(reverse('assignment-candidature-self', args=[self.assignment.pk]))
|
||||||
@ -234,10 +234,10 @@ class CandidatureOther(TestCase):
|
|||||||
self.assignment.set_phase(Assignment.PHASE_VOTING)
|
self.assignment.set_phase(Assignment.PHASE_VOTING)
|
||||||
self.assignment.save()
|
self.assignment.save()
|
||||||
admin = get_user_model().objects.get(username='admin')
|
admin = get_user_model().objects.get(username='admin')
|
||||||
group_staff = admin.groups.get(name='Staff')
|
group_admin = admin.groups.get(name='Admin')
|
||||||
group_delegates = type(group_staff).objects.get(name='Delegates')
|
group_delegates = type(group_admin).objects.get(name='Delegates')
|
||||||
admin.groups.add(group_delegates)
|
admin.groups.add(group_delegates)
|
||||||
admin.groups.remove(group_staff)
|
admin.groups.remove(group_admin)
|
||||||
get_redis_connection('default').flushall()
|
get_redis_connection('default').flushall()
|
||||||
|
|
||||||
response = self.client.post(
|
response = self.client.post(
|
||||||
@ -290,10 +290,10 @@ class CandidatureOther(TestCase):
|
|||||||
self.assignment.set_phase(Assignment.PHASE_VOTING)
|
self.assignment.set_phase(Assignment.PHASE_VOTING)
|
||||||
self.assignment.save()
|
self.assignment.save()
|
||||||
admin = get_user_model().objects.get(username='admin')
|
admin = get_user_model().objects.get(username='admin')
|
||||||
group_staff = admin.groups.get(name='Staff')
|
group_admin = admin.groups.get(name='Admin')
|
||||||
group_delegates = type(group_staff).objects.get(name='Delegates')
|
group_delegates = type(group_admin).objects.get(name='Delegates')
|
||||||
admin.groups.add(group_delegates)
|
admin.groups.add(group_delegates)
|
||||||
admin.groups.remove(group_staff)
|
admin.groups.remove(group_admin)
|
||||||
get_redis_connection('default').flushall()
|
get_redis_connection('default').flushall()
|
||||||
|
|
||||||
response = self.client.delete(
|
response = self.client.delete(
|
||||||
|
@ -321,7 +321,7 @@ class CreateMotion(TestCase):
|
|||||||
"""
|
"""
|
||||||
self.admin = get_user_model().objects.get(username='admin')
|
self.admin = get_user_model().objects.get(username='admin')
|
||||||
self.admin.groups.add(2)
|
self.admin.groups.add(2)
|
||||||
self.admin.groups.remove(3)
|
self.admin.groups.remove(4)
|
||||||
group_delegate = self.admin.groups.get()
|
group_delegate = self.admin.groups.get()
|
||||||
group_delegate.permissions.add(Permission.objects.get(
|
group_delegate.permissions.add(Permission.objects.get(
|
||||||
content_type__app_label='motions',
|
content_type__app_label='motions',
|
||||||
@ -381,7 +381,7 @@ class CreateMotion(TestCase):
|
|||||||
|
|
||||||
self.admin = get_user_model().objects.get(username='admin')
|
self.admin = get_user_model().objects.get(username='admin')
|
||||||
self.admin.groups.add(2)
|
self.admin.groups.add(2)
|
||||||
self.admin.groups.remove(3)
|
self.admin.groups.remove(4)
|
||||||
get_redis_connection('default').flushall()
|
get_redis_connection('default').flushall()
|
||||||
|
|
||||||
response = self.client.post(
|
response = self.client.post(
|
||||||
@ -564,8 +564,8 @@ class UpdateMotion(TestCase):
|
|||||||
def test_removal_of_supporters(self):
|
def test_removal_of_supporters(self):
|
||||||
# No cache used here.
|
# No cache used here.
|
||||||
admin = get_user_model().objects.get(username='admin')
|
admin = get_user_model().objects.get(username='admin')
|
||||||
group_staff = admin.groups.get(name='Staff')
|
group_admin = admin.groups.get(name='Admin')
|
||||||
admin.groups.remove(group_staff)
|
admin.groups.remove(group_admin)
|
||||||
self.motion.submitters.add(admin)
|
self.motion.submitters.add(admin)
|
||||||
supporter = get_user_model().objects.create_user(
|
supporter = get_user_model().objects.create_user(
|
||||||
username='test_username_ahshi4oZin0OoSh9chee',
|
username='test_username_ahshi4oZin0OoSh9chee',
|
||||||
@ -656,9 +656,9 @@ class DeleteMotion(TestCase):
|
|||||||
self.assertEqual(motions, 0)
|
self.assertEqual(motions, 0)
|
||||||
|
|
||||||
def make_admin_delegate(self):
|
def make_admin_delegate(self):
|
||||||
group_staff = self.admin.groups.get(name='Staff')
|
group_admin = self.admin.groups.get(name='Admin')
|
||||||
group_delegates = Group.objects.get(name='Delegates')
|
group_delegates = Group.objects.get(name='Delegates')
|
||||||
self.admin.groups.remove(group_staff)
|
self.admin.groups.remove(group_admin)
|
||||||
self.admin.groups.add(group_delegates)
|
self.admin.groups.add(group_delegates)
|
||||||
CollectionElement.from_instance(self.admin)
|
CollectionElement.from_instance(self.admin)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user