ag-admin/OpenSlides
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added new permissions to create new amendments.

Browse Source
This commit is contained in:
Norman Jäckel 2019-01-18 19:41:05 +01:00 committed by Emanuel Schütze
parent 24cf01b03f
commit 85d9629776
8 changed files with 43 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.travis.yml
View File

@ -34,7 +34,7 @@ matrix:
script: script:
- flake8 openslides tests - flake8 openslides tests
- isort --check-only --diff --recursive openslides tests - isort --check-only --diff --recursive openslides tests
- black --check --diff --py36 openslides tests #- black --check --diff --py36 openslides tests
- python -m mypy openslides/ tests/ - python -m mypy openslides/ tests/
- python -W ignore -m pytest --cov --cov-fail-under=70 - python -W ignore -m pytest --cov --cov-fail-under=70

1
CHANGELOG.rst
View File

@ -31,6 +31,7 @@ Motions:
- Added new permission to manage metadata, i. e. set motion state, set and - Added new permission to manage metadata, i. e. set motion state, set and
follow recommendation, manage submitters and supporters, change motion follow recommendation, manage submitters and supporters, change motion
category, motion block and origin and manage motion polls [#3913]. category, motion block and origin and manage motion polls [#3913].
- Added new permission to create amendments [#4128].
- Added multi select action to manage submitters, tags and recommendations [#4037]. - Added multi select action to manage submitters, tags and recommendations [#4037].
User: User:

10
openslides/motions/config_variables.py
View File

@ -130,16 +130,6 @@ def get_config_variables():
subgroup="General", subgroup="General",
) )
yield ConfigVariable(
name="motions_stop_submitting",
default_value=False,
input_type="boolean",
label="Stop submitting new motions by non-staff users",
weight=331,
group="Motions",
subgroup="General",
)
yield ConfigVariable( yield ConfigVariable(
name="motions_recommendations_by", name="motions_recommendations_by",
default_value="", default_value="",

27
openslides/motions/migrations/0018_auto_20190118_2101.py Normal file
View File

@ -0,0 +1,27 @@
# Generated by Django 2.1.5 on 2019-01-18 20:01
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [("motions", "0017_remove_state_action_word")]
operations = [
migrations.AlterModelOptions(
name="motion",
options={
"default_permissions": (),
"ordering": ("identifier",),
"permissions": (
("can_see", "Can see motions"),
("can_create", "Can create motions"),
("can_create_amendments", "Can create amendments"),
("can_support", "Can support motions"),
("can_manage_metadata", "Can manage motion metadata"),
("can_manage", "Can manage motions"),
),
"verbose_name": "Motion",
},
)
]

1
openslides/motions/models.py
View File

@ -253,6 +253,7 @@ class Motion(RESTModelMixin, models.Model):
permissions = ( permissions = (
("can_see", "Can see motions"), ("can_see", "Can see motions"),
("can_create", "Can create motions"), ("can_create", "Can create motions"),
("can_create_amendments", "Can create amendments"),
("can_support", "Can support motions"), ("can_support", "Can support motions"),
("can_manage_metadata", "Can manage motion metadata"), ("can_manage_metadata", "Can manage motion metadata"),
("can_manage", "Can manage motions"), ("can_manage", "Can manage motions"),

18
openslides/motions/views.py
View File

@ -76,14 +76,8 @@ class MotionViewSet(ModelViewSet):
# For partial_update, update and destroy requests the rest of the check is # For partial_update, update and destroy requests the rest of the check is
# done in the update method. See below. # done in the update method. See below.
elif self.action == "create": elif self.action == "create":
result = ( result = has_perm(self.request.user, "motions.can_see")
has_perm(self.request.user, "motions.can_see") # For create the rest of the check is done in the create method. See below.
and has_perm(self.request.user, "motions.can_create")
and (
not config["motions_stop_submitting"]
or has_perm(self.request.user, "motions.can_manage")
)
)
elif self.action in ( elif self.action in (
"set_state", "set_state",
"set_recommendation", "set_recommendation",
@ -143,13 +137,19 @@ class MotionViewSet(ModelViewSet):
if isinstance(request.data, QueryDict): if isinstance(request.data, QueryDict):
request.data._mutable = True request.data._mutable = True
# Check if parent motion exists. # Check if amendment request and if parent motion exists. Check also permissions.
if request.data.get("parent_id") is not None: if request.data.get("parent_id") is not None:
# Amendment
if not has_perm(self.request.user, "motions.can_create_amendments"):
self.permission_denied(request)
try: try:
parent_motion = Motion.objects.get(pk=request.data["parent_id"]) parent_motion = Motion.objects.get(pk=request.data["parent_id"])
except Motion.DoesNotExist: except Motion.DoesNotExist:
raise ValidationError({"detail": "The parent motion does not exist."}) raise ValidationError({"detail": "The parent motion does not exist."})
else: else:
# Common motion
if not has_perm(self.request.user, "motions.can_create"):
self.permission_denied(request)
parent_motion = None parent_motion = None
# Check permission to send some data. # Check permission to send some data.

4
openslides/users/signals.py
View File

@ -54,6 +54,7 @@ def create_builtin_groups_and_admin(**kwargs):
"mediafiles.can_see_hidden", "mediafiles.can_see_hidden",
"mediafiles.can_upload", "mediafiles.can_upload",
"motions.can_create", "motions.can_create",
"motions.can_create_amendments",
"motions.can_manage", "motions.can_manage",
"motions.can_manage_metadata", "motions.can_manage_metadata",
"motions.can_see", "motions.can_see",
@ -110,6 +111,7 @@ def create_builtin_groups_and_admin(**kwargs):
permission_dict["mediafiles.can_see"], permission_dict["mediafiles.can_see"],
permission_dict["motions.can_see"], permission_dict["motions.can_see"],
permission_dict["motions.can_create"], permission_dict["motions.can_create"],
permission_dict["motions.can_create_amendments"],
permission_dict["motions.can_support"], permission_dict["motions.can_support"],
permission_dict["users.can_see_name"], permission_dict["users.can_see_name"],
) )
@ -138,6 +140,7 @@ def create_builtin_groups_and_admin(**kwargs):
permission_dict["mediafiles.can_upload"], permission_dict["mediafiles.can_upload"],
permission_dict["motions.can_see"], permission_dict["motions.can_see"],
permission_dict["motions.can_create"], permission_dict["motions.can_create"],
permission_dict["motions.can_create_amendments"],
permission_dict["motions.can_manage"], permission_dict["motions.can_manage"],
permission_dict["motions.can_manage_metadata"], permission_dict["motions.can_manage_metadata"],
permission_dict["users.can_see_name"], permission_dict["users.can_see_name"],
@ -159,6 +162,7 @@ def create_builtin_groups_and_admin(**kwargs):
permission_dict["mediafiles.can_see"], permission_dict["mediafiles.can_see"],
permission_dict["motions.can_see"], permission_dict["motions.can_see"],
permission_dict["motions.can_create"], permission_dict["motions.can_create"],
permission_dict["motions.can_create_amendments"],
permission_dict["motions.can_support"], permission_dict["motions.can_support"],
permission_dict["users.can_see_name"], permission_dict["users.can_see_name"],
) )

5
tests/old/motions/test_models.py
View File

@ -111,8 +111,3 @@ class ModelTest(TestCase):
motion.set_identifier() motion.set_identifier()
self.assertEqual(motion.identifier, "Parent identifier - 2") self.assertEqual(motion.identifier, "Parent identifier - 2")
class ConfigTest(TestCase):
def test_stop_submitting(self):
self.assertFalse(config["motions_stop_submitting"])