Skip to content
Snippets Groups Projects
Verified Commit 3befcb52 authored by Ernesto Rico Schmidt's avatar Ernesto Rico Schmidt
Browse files

fix: use management command to add permissions

parent a6b4a363
No related branches found
No related tags found
1 merge request!29Use docker main tag
Hide whitespace changes
Inline Side-by-side
Makefile
+ 4
1
View file @ 3befcb52
...@@ -18,7 +18,7 @@ create_oidc_client.dashboard: ...@@ -18,7 +18,7 @@ create_oidc_client.dashboard:
create_oidc_client.tank: create_oidc_client.tank:
$(POETRY_RUN_MANAGE) create_oidc_client tank confidential --client-id ${TANK_OIDC_CLIENT_ID} --client-secret ${TANK_OIDC_CLIENT_SECRET} -r "code" -u ${TANK_CALLBACK_BASE_URL}/tank/auth/oidc/callback $(POETRY_RUN_MANAGE) create_oidc_client tank confidential --client-id ${TANK_OIDC_CLIENT_ID} --client-secret ${TANK_OIDC_CLIENT_SECRET} -r "code" -u ${TANK_CALLBACK_BASE_URL}/tank/auth/oidc/callback
initialize: migrate collectstatic loaddata.program create_oidc_client.dashboard create_oidc_client.tank initialize: migrate collectstatic loaddata.program create_oidc_client.dashboard create_oidc_client.tank addpermissions
$(POETRY_RUN_MANAGE) createsuperuser --no-input $(POETRY_RUN_MANAGE) createsuperuser --no-input
$(POETRY_RUN_MANAGE) creatersakey $(POETRY_RUN_MANAGE) creatersakey
...@@ -43,6 +43,9 @@ loaddata.custom: ...@@ -43,6 +43,9 @@ loaddata.custom:
loaddata.test: loaddata.test:
$(POETRY_RUN_MANAGE) loaddata fixtures/test/*.json $(POETRY_RUN_MANAGE) loaddata fixtures/test/*.json
addpermissions:
$(POETRY_RUN_MANAGE) addpermissions
removestaleimages: removestaleimages:
$(POETRY_RUN_MANAGE) removestaleimages $(POETRY_RUN_MANAGE) removestaleimages
......
program/management/commands/addpermissions.py 0 → 100644
+ 42
0
View file @ 3befcb52
from django.conf import settings
from django.contrib.auth.models import Group, Permission
from django.core.management.base import BaseCommand
class Command(BaseCommand):
help = "add permissions"
def handle(self, *args, **options):
program_group = Group.objects.get(name=settings.PRIVILEGED_GROUP)
program_permissions = Permission.objects.filter(content_type__app_label="program")
self.stdout.write(
" Adding program permissions to the privileged group... ",
ending="",
)
self.stdout.flush()
program_group.permissions.add(*program_permissions)
self.stdout.write(self.style.SUCCESS(len(program_permissions)))
broadcast_group = Group.objects.get(name=settings.ENTITLED_GROUPS[0])
note_notelink_permissions = Permission.objects.filter(
content_type__model__in=["note", "notelink"]
)
self.stdout.write(
" Adding note & notelink permissions to the first entitled group... ",
ending="",
)
self.stdout.flush()
broadcast_group.permissions.add(*note_notelink_permissions)
self.stdout.write(self.style.SUCCESS(len(note_notelink_permissions)))
broadcast_plus_group = Group.objects.get(name=settings.ENTITLED_GROUPS[1])
change_host_show_permissions = Permission.objects.filter(
codename__startswith="change", content_type__model__in=["host", "show"]
)
self.stdout.write(
" Adding change host & show permissions to second the entitled group... ",
ending="",
)
self.stdout.flush()
broadcast_plus_group.permissions.add(*change_host_show_permissions)
self.stdout.write(self.style.SUCCESS(len(change_host_show_permissions)))
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment