Added new permission to see the history.

2019-02-19 20:24:48 +01:00 · 2019-02-19 20:24:48 +01:00 · d06a4a5c6d
commit d06a4a5c6d
parent f4f8b8422f
6 changed files with 26 additions and 9 deletions
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@ -21,7 +21,7 @@ Core:
 - Add a change-id system to get only new elements [#3938].
 - Switch from Yarn back to npm [#3964].
 - Added password reset link (password reset via email) [#3914, #4199].
- - Added global history mode [#3977, #4141].
+ - Added global history mode [#3977, #4141, #4369, #4373].
 - Projector refactoring [4119, #4130].
 - Fixed logo configuration if logo file is deleted [#4374].

--- a/openslides/core/access_permissions.py
+++ b/openslides/core/access_permissions.py
@ -1,5 +1,4 @@
 from ..utils.access_permissions import BaseAccessPermissions
-from ..utils.auth import GROUP_ADMIN_PK, async_in_some_groups


 class ProjectorAccessPermissions(BaseAccessPermissions):
@ -52,9 +51,4 @@ class HistoryAccessPermissions(BaseAccessPermissions):
    Access permissions container for the Histroy.
    """

-    async def async_check_permissions(self, user_id: int) -> bool:
-        """
-        Returns True if the user is in admin group and has read access to
-        model instances.
-        """
-        return await async_in_some_groups(user_id, [GROUP_ADMIN_PK])
+    base_permission = "core.can_see_history"
--- a/openslides/core/migrations/0017_auto_20190219_2015.py
+++ b/openslides/core/migrations/0017_auto_20190219_2015.py
@ -0,0 +1,18 @@
+# Generated by Django 2.1.5 on 2019-02-19 19:15
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [("core", "0016_projector_reference_projector")]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name="history",
+            options={
+                "default_permissions": (),
+                "permissions": (("can_see_history", "Can see history"),),
+            },
+        )
+    ]
--- a/openslides/core/models.py
+++ b/openslides/core/models.py
@ -355,3 +355,4 @@ class History(RESTModelMixin, models.Model):

    class Meta:
        default_permissions = ()
+        permissions = (("can_see_history", "Can see history"),)
--- a/openslides/core/views.py
+++ b/openslides/core/views.py
@ -501,8 +501,10 @@ class HistoryViewSet(ListModelMixin, RetrieveModelMixin, GenericViewSet):
        """
        Returns True if the user has required permissions.
        """
-        if self.action in ("list", "retrieve", "clear_history"):
+        if self.action in ("list", "retrieve"):
            result = self.get_access_permissions().check_permissions(self.request.user)
+        elif self.action == "clear_history":
+            result = in_some_groups(self.request.user.pk or 0, [GROUP_ADMIN_PK])
        else:
            result = False
        return result
--- a/openslides/users/signals.py
+++ b/openslides/users/signals.py
@ -47,6 +47,7 @@ def create_builtin_groups_and_admin(**kwargs):
        "core.can_manage_tags",
        "core.can_manage_chat",
        "core.can_see_frontpage",
+        "core.can_see_history",
        "core.can_see_projector",
        "core.can_use_chat",
        "mediafiles.can_manage",
@ -134,6 +135,7 @@ def create_builtin_groups_and_admin(**kwargs):
        permission_dict["assignments.can_nominate_other"],
        permission_dict["assignments.can_nominate_self"],
        permission_dict["core.can_see_frontpage"],
+        permission_dict["core.can_see_history"],
        permission_dict["core.can_see_projector"],
        permission_dict["core.can_manage_projector"],
        permission_dict["core.can_manage_tags"],