Rename the manage restriction field
Renamed 'managers_only' to 'motions.can_maange' to adapt the (new) behavior of #4638. Closes #4643.
This commit is contained in:
parent
6b25e62cec
commit
f9bac798aa
@ -117,7 +117,7 @@ export class WorkflowDetailComponent extends BaseViewComponent implements OnInit
|
||||
* Determines possible restrictions
|
||||
*/
|
||||
public restrictions = [
|
||||
{ key: 'managers_only', label: 'Can manage motions' },
|
||||
{ key: 'motions.can_manage', label: 'Can manage motions' },
|
||||
{ key: 'motions.can_see_internal', label: 'Can see motions in internal state' },
|
||||
{ key: 'motions.can_manage_metadata', label: 'Can manage motion metadata' },
|
||||
{ key: 'is_submitter', label: 'Submitters' }
|
||||
|
@ -48,19 +48,14 @@ class MotionAccessPermissions(BaseAccessPermissions):
|
||||
# Parse values of restriction field.
|
||||
# If at least one restriction is ok, permissions are granted.
|
||||
for value in restriction:
|
||||
if value == "managers_only":
|
||||
# permission remains false, becuase the user does not
|
||||
# have this permission (see above); continue to check other fields
|
||||
continue
|
||||
elif value in (
|
||||
if value in (
|
||||
"motions.can_see_internal",
|
||||
"motions.can_manage_metadata",
|
||||
):
|
||||
if await async_has_perm(user_id, value):
|
||||
"motions.can_manage",
|
||||
) and await async_has_perm(user_id, value):
|
||||
permission = True
|
||||
break
|
||||
elif value == "is_submitter":
|
||||
if is_submitter:
|
||||
elif value == "is_submitter" and is_submitter:
|
||||
permission = True
|
||||
break
|
||||
|
||||
|
22
openslides/motions/migrations/0026_rename_restriction.py
Normal file
22
openslides/motions/migrations/0026_rename_restriction.py
Normal file
@ -0,0 +1,22 @@
|
||||
# Generated by Finn Stutzenstein on 2019-04-29 08:51
|
||||
|
||||
from django.db import migrations
|
||||
|
||||
|
||||
def rename_manager_restriction(apps, schema_editor):
|
||||
"""
|
||||
Renames 'managers_only' to 'motions.can_manage'
|
||||
"""
|
||||
State = apps.get_model("motions", "State")
|
||||
for state in State.objects.all():
|
||||
for i in range(len(state.restriction)):
|
||||
if state.restriction[i] == "managers_only":
|
||||
state.restriction[i] = "motions.can_manage"
|
||||
state.save(skip_autoupdate=True)
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [("motions", "0025_motion_category_weight")]
|
||||
|
||||
operations = [migrations.RunPython(rename_manager_restriction)]
|
@ -1019,13 +1019,12 @@ class State(RESTModelMixin, models.Model):
|
||||
Contains a list of one or more of the following strings:
|
||||
* motions.can_see_internal
|
||||
* motions.can_manage_metadata
|
||||
* motions.can_manage
|
||||
* is_submitter
|
||||
* managers_only
|
||||
|
||||
If the list is empty, everybody with the general permission to see motions
|
||||
can see this motion. If the list contains 'managers_only', only managers with
|
||||
motions.can_manage permission may see this motion. In all other cases the user
|
||||
shall have one of the given permissions respectivly is submitter of the motion.
|
||||
can see this motion. If the list contains at least one item, the user needs
|
||||
the permission (or have the attribute) for at least one of the restrictions.
|
||||
|
||||
Default: Empty list so everybody can see the motion.
|
||||
"""
|
||||
|
@ -131,8 +131,8 @@ class StateSerializer(ModelSerializer):
|
||||
"enum": [
|
||||
"motions.can_see_internal",
|
||||
"motions.can_manage_metadata",
|
||||
"motions.can_manage",
|
||||
"is_submitter",
|
||||
"managers_only",
|
||||
],
|
||||
},
|
||||
}
|
||||
|
@ -481,7 +481,7 @@ class RetrieveMotion(TestCase):
|
||||
config["general_system_enable_anonymous"] = True
|
||||
guest_client = APIClient()
|
||||
state = self.motion.state
|
||||
state.restriction = ["managers_only"]
|
||||
state.restriction = ["motions.can_manage"]
|
||||
state.save()
|
||||
# The cache has to be cleared, see:
|
||||
# https://github.com/OpenSlides/OpenSlides/issues/3396
|
||||
@ -492,7 +492,7 @@ class RetrieveMotion(TestCase):
|
||||
|
||||
def test_admin_state_with_restriction(self):
|
||||
state = self.motion.state
|
||||
state.restriction = ["managers_only"]
|
||||
state.restriction = ["motions.can_manage"]
|
||||
state.save()
|
||||
response = self.client.get(reverse("motion-detail", args=[self.motion.pk]))
|
||||
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||
|
Loading…
Reference in New Issue
Block a user