Merge pull request #4518 from normanjaeckel/NewPermInternalMotions
Added new permission to see motions in internal state (so called auth…
This commit is contained in:
commit
a3ed1ae00c
@ -35,13 +35,14 @@ Motions:
|
||||
follow recommendation, manage submitters and supporters, change motion
|
||||
category, motion block and origin and manage motion polls [#3913].
|
||||
- Added new permission to create amendments [#4128].
|
||||
- Added new flag to motion state to control access for different users. Added
|
||||
new permission to see motions in some internal state [#4235, #4518].
|
||||
- Allowed submitters to set state of new motions in complex and customized
|
||||
workflow [#4236].
|
||||
- Added multi select action to manage submitters, tags, states and
|
||||
recommendations [#4037, #4132].
|
||||
- Added timestampes for motions [#4134].
|
||||
- New config option to set reason as required field [#4232]
|
||||
- Added new flag to motion state to control access for different users [#4235].
|
||||
|
||||
User:
|
||||
- Added new admin group which grants all permissions. Users of existing group
|
||||
|
@ -118,8 +118,8 @@ export class WorkflowDetailComponent extends BaseViewComponent implements OnInit
|
||||
*/
|
||||
public accessLevels = [
|
||||
{ level: 0, label: '0: All users' },
|
||||
{ level: 1, label: '1: Submitters and all managers' },
|
||||
{ level: 2, label: '2: Only managers for motions and metadata' },
|
||||
{ level: 1, label: '1: Submitters, authorized users and managers' },
|
||||
{ level: 2, label: '2: Authorized users and managers for motions and metadata' },
|
||||
{ level: 3, label: '3: Only managers for motions' }
|
||||
] as AccessLevel[];
|
||||
|
||||
|
@ -41,7 +41,9 @@ class MotionAccessPermissions(BaseAccessPermissions):
|
||||
|
||||
if await async_has_perm(user_id, "motions.can_manage"):
|
||||
level = State.MANAGERS_ONLY
|
||||
elif await async_has_perm(user_id, "motions.can_manage_metadata"):
|
||||
elif await async_has_perm(
|
||||
user_id, "motions.can_manage_metadata"
|
||||
) or await async_has_perm(user_id, "motions.can_see_internal"):
|
||||
level = State.EXTENDED_MANAGERS
|
||||
elif is_submitter:
|
||||
level = State.EXTENDED_MANAGERS_AND_SUBMITTER
|
||||
|
49
openslides/motions/migrations/0022_auto_20190320_0840.py
Normal file
49
openslides/motions/migrations/0022_auto_20190320_0840.py
Normal file
@ -0,0 +1,49 @@
|
||||
# Generated by Django 2.1.7 on 2019-03-20 07:40
|
||||
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [("motions", "0021_state_access_level_3")]
|
||||
|
||||
operations = [
|
||||
migrations.AlterModelOptions(
|
||||
name="motion",
|
||||
options={
|
||||
"default_permissions": (),
|
||||
"ordering": ("identifier",),
|
||||
"permissions": (
|
||||
("can_see", "Can see motions"),
|
||||
("can_see_internal", "Can see motions in internal state"),
|
||||
("can_create", "Can create motions"),
|
||||
("can_create_amendments", "Can create amendments"),
|
||||
("can_support", "Can support motions"),
|
||||
("can_manage_metadata", "Can manage motion metadata"),
|
||||
("can_manage", "Can manage motions"),
|
||||
),
|
||||
"verbose_name": "Motion",
|
||||
},
|
||||
),
|
||||
migrations.AlterField(
|
||||
model_name="state",
|
||||
name="access_level",
|
||||
field=models.IntegerField(
|
||||
choices=[
|
||||
(0, "All users with permission to see motions"),
|
||||
(
|
||||
1,
|
||||
"Submitters, authorized users (with permission to see internal motions), managers and "
|
||||
"users with permission to manage metadata",
|
||||
),
|
||||
(
|
||||
2,
|
||||
"Only authorized users (with permission to see internal motions), managers and "
|
||||
"users with permission to manage metadata",
|
||||
),
|
||||
(3, "Only managers"),
|
||||
],
|
||||
default=0,
|
||||
),
|
||||
),
|
||||
]
|
@ -264,6 +264,7 @@ class Motion(RESTModelMixin, models.Model):
|
||||
default_permissions = ()
|
||||
permissions = (
|
||||
("can_see", "Can see motions"),
|
||||
("can_see_internal", "Can see motions in internal state"),
|
||||
("can_create", "Can create motions"),
|
||||
("can_create_amendments", "Can create amendments"),
|
||||
("can_support", "Can support motions"),
|
||||
@ -1050,11 +1051,11 @@ class State(RESTModelMixin, models.Model):
|
||||
(ALL, "All users with permission to see motions"),
|
||||
(
|
||||
EXTENDED_MANAGERS_AND_SUBMITTER,
|
||||
"Submitters, managers and users with permission to manage metadata",
|
||||
"Submitters, authorized users (with permission to see internal motions), managers and users with permission to manage metadata",
|
||||
),
|
||||
(
|
||||
EXTENDED_MANAGERS,
|
||||
"Only managers and users with permission to manage metadata",
|
||||
"Only authorized users (with permission to see internal motions), managers and users with permission to manage metadata",
|
||||
),
|
||||
(MANAGERS_ONLY, "Only managers"),
|
||||
)
|
||||
@ -1083,7 +1084,8 @@ class State(RESTModelMixin, models.Model):
|
||||
access_level = models.IntegerField(choices=ACCESS_LEVELS, default=0)
|
||||
"""
|
||||
Defines which users may see motions in this state e. g. only managers,
|
||||
users with permission to manage metadata and submitters.
|
||||
authorized users with permission to see internal motiosn, users with permission
|
||||
to manage metadata and submitters.
|
||||
"""
|
||||
|
||||
allow_support = models.BooleanField(default=False)
|
||||
|
@ -59,6 +59,7 @@ def create_builtin_groups_and_admin(**kwargs):
|
||||
"motions.can_manage",
|
||||
"motions.can_manage_metadata",
|
||||
"motions.can_see",
|
||||
"motions.can_see_internal",
|
||||
"motions.can_support",
|
||||
"users.can_change_password",
|
||||
"users.can_manage",
|
||||
@ -145,6 +146,7 @@ def create_builtin_groups_and_admin(**kwargs):
|
||||
permission_dict["mediafiles.can_upload"],
|
||||
permission_dict["mediafiles.can_see_hidden"],
|
||||
permission_dict["motions.can_see"],
|
||||
permission_dict["motions.can_see_internal"],
|
||||
permission_dict["motions.can_create"],
|
||||
permission_dict["motions.can_create_amendments"],
|
||||
permission_dict["motions.can_manage"],
|
||||
|
Loading…
Reference in New Issue
Block a user