Added new permission to see the history.

This commit is contained in:
Norman Jäckel 2019-02-19 20:24:48 +01:00 committed by Sean Engelhardt
parent f4f8b8422f
commit d06a4a5c6d
6 changed files with 26 additions and 9 deletions

View File

@ -21,7 +21,7 @@ Core:
- Add a change-id system to get only new elements [#3938]. - Add a change-id system to get only new elements [#3938].
- Switch from Yarn back to npm [#3964]. - Switch from Yarn back to npm [#3964].
- Added password reset link (password reset via email) [#3914, #4199]. - Added password reset link (password reset via email) [#3914, #4199].
- Added global history mode [#3977, #4141]. - Added global history mode [#3977, #4141, #4369, #4373].
- Projector refactoring [4119, #4130]. - Projector refactoring [4119, #4130].
- Fixed logo configuration if logo file is deleted [#4374]. - Fixed logo configuration if logo file is deleted [#4374].

View File

@ -1,5 +1,4 @@
from ..utils.access_permissions import BaseAccessPermissions from ..utils.access_permissions import BaseAccessPermissions
from ..utils.auth import GROUP_ADMIN_PK, async_in_some_groups
class ProjectorAccessPermissions(BaseAccessPermissions): class ProjectorAccessPermissions(BaseAccessPermissions):
@ -52,9 +51,4 @@ class HistoryAccessPermissions(BaseAccessPermissions):
Access permissions container for the Histroy. Access permissions container for the Histroy.
""" """
async def async_check_permissions(self, user_id: int) -> bool: base_permission = "core.can_see_history"
"""
Returns True if the user is in admin group and has read access to
model instances.
"""
return await async_in_some_groups(user_id, [GROUP_ADMIN_PK])

View File

@ -0,0 +1,18 @@
# Generated by Django 2.1.5 on 2019-02-19 19:15
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [("core", "0016_projector_reference_projector")]
operations = [
migrations.AlterModelOptions(
name="history",
options={
"default_permissions": (),
"permissions": (("can_see_history", "Can see history"),),
},
)
]

View File

@ -355,3 +355,4 @@ class History(RESTModelMixin, models.Model):
class Meta: class Meta:
default_permissions = () default_permissions = ()
permissions = (("can_see_history", "Can see history"),)

View File

@ -501,8 +501,10 @@ class HistoryViewSet(ListModelMixin, RetrieveModelMixin, GenericViewSet):
""" """
Returns True if the user has required permissions. Returns True if the user has required permissions.
""" """
if self.action in ("list", "retrieve", "clear_history"): if self.action in ("list", "retrieve"):
result = self.get_access_permissions().check_permissions(self.request.user) result = self.get_access_permissions().check_permissions(self.request.user)
elif self.action == "clear_history":
result = in_some_groups(self.request.user.pk or 0, [GROUP_ADMIN_PK])
else: else:
result = False result = False
return result return result

View File

@ -47,6 +47,7 @@ def create_builtin_groups_and_admin(**kwargs):
"core.can_manage_tags", "core.can_manage_tags",
"core.can_manage_chat", "core.can_manage_chat",
"core.can_see_frontpage", "core.can_see_frontpage",
"core.can_see_history",
"core.can_see_projector", "core.can_see_projector",
"core.can_use_chat", "core.can_use_chat",
"mediafiles.can_manage", "mediafiles.can_manage",
@ -134,6 +135,7 @@ def create_builtin_groups_and_admin(**kwargs):
permission_dict["assignments.can_nominate_other"], permission_dict["assignments.can_nominate_other"],
permission_dict["assignments.can_nominate_self"], permission_dict["assignments.can_nominate_self"],
permission_dict["core.can_see_frontpage"], permission_dict["core.can_see_frontpage"],
permission_dict["core.can_see_history"],
permission_dict["core.can_see_projector"], permission_dict["core.can_see_projector"],
permission_dict["core.can_manage_projector"], permission_dict["core.can_manage_projector"],
permission_dict["core.can_manage_tags"], permission_dict["core.can_manage_tags"],