[EPIC] Minimal role and permission management

Parent Epic: [AEP07] [EPIC] Role and Permission Management (#77)

For the 1.0 release we want a minimal implementation of these three user groups/roles:

• Admin/superuser
• Programme coordinator
• Host

As a basis we use Django Role & Permission management and expose them via the API. Dashboard gets a set of permissions per user role, assigned to the user object.

This initial set of permissions does not reflect all details of all radio stations. More fine-granular permissions will be provided with 1.1 or later.

Role access per Dashboard area

• Show View: Generally read & write for hosts (individual differences on field level, see next chapter)
• Media Library Management View: Generally read & write for hosts (individual differences on field level, see next chapter)
• Calendar View: For hosts the calendar view should only have read access. Admins and Programme Coordinators have full read/write access.
• Radio Station Settings (located in Dashboard footer): For read nor write access for hosts.

Fine grained permissions on field-level

These permissions should be assignable to the role in Django backend:

• Show View

  • Show title and description should only be editable by ProKo (helsinki)
  • Show title and description should be editable by everyone (o94)
  • Show category should only be editable by ProKo (o94)
  • Timeslot/note category should only be editable by ProKo (o94)
  • Show topic should only be editable by ProKo (o94)
  • Timeslot/topic should only be editable by ProKo (o94)
  • Show type should be only editable by ProKo (o94)
  • Show slug editable (ProKo only, o94)

• Media View:

  • Playlist entry "Stream" should only be available for ProKo (o94, see Permission managment for adding playlist entrie... (dashboard#57))

• Timeslot / Note:

  • edit topic (only ProKo, req. o94)
  • edit language (o94 ProKo requirement but can be useful for hosts, too)

TODO: Define what the other, minimal field-level permissions per role are.