From cea135d62bf58b4fc00f55484d5231138474054b Mon Sep 17 00:00:00 2001
From: Ernesto Rico Schmidt <ernesto@helsinki.at>
Date: Tue, 30 Jul 2024 12:15:27 -0400
Subject: [PATCH] feat: final update to the default set of permissions
---
program/management/commands/addpermissions.py | 101 +++++++++++++-----
1 file changed, 74 insertions(+), 27 deletions(-)
diff --git a/program/management/commands/addpermissions.py b/program/management/commands/addpermissions.py
index efc345f8..db1a331a 100644
--- a/program/management/commands/addpermissions.py
+++ b/program/management/commands/addpermissions.py
@@ -4,42 +4,89 @@ from django.core.management.base import BaseCommand
from django.db.models import Q, QuerySet
PERMISSIONS = {
+ # Program Managers get all permissions, they don’t need the edit the permissions
settings.PRIVILEGED_GROUP: {
- "app": Permission.objects.filter(
+ "all": Permission.objects.filter(
~Q(codename__startswith="edit"),
content_type__app_label="program",
),
- "custom_add": Permission.objects.filter(
- codename__startswith="add__",
- content_type__model="playlist",
- ),
- "custom_display": Permission.objects.filter(codename="display__show__internal_note"),
- "custom_update": Permission.objects.filter(
- codename__startswith="update",
- content_type__model__in=["host", "note", "show"],
- ),
},
+ # Host
settings.ENTITLED_GROUPS[0]: {
- "default_note_notelink": Permission.objects.filter(
- ~Q(codename__startswith="create"),
- ~Q(codename__startswith="edit"),
- ~Q(codename__startswith="update"),
- content_type__model__in=["note", "notelink"],
+ "default add/change note & notelink": Permission.objects.filter(
+ codename__in=[
+ "add_note",
+ "add_notelink",
+ "change_note",
+ "change_notelink",
+ ],
),
+ "default change profile": Permission.objects.filter(codename="change_profile"),
+ "custom add media-source": Permission.objects.filter(
+ codename__in=[
+ "add__file",
+ "add__import",
+ ]
+ ),
+ "custom edit note": Permission.objects.filter(
+ ~Q(codename="edit__note__topics"),
+ ~Q(codename="edit__note__languages"),
+ codename__startswith="edit__note",
+ ),
+ "custom edit profile": Permission.objects.filter(codename="edit__profile__name"),
},
+ # Host+
settings.ENTITLED_GROUPS[1]: {
- "extra_change": Permission.objects.filter(
- codename__startswith="change",
- content_type__model__in=["host", "note", "show"],
- ),
- "custom_add": Permission.objects.filter(
- ~Q(codename__startswith="add__m3ufile"),
- codename__startswith="add__",
- content_type__model="playlist",
- ),
- "custom_edit": Permission.objects.filter(
- codename__startswith="edit",
- content_type__model__in=["host", "note", "show"],
+ "default add/change note & notelink": Permission.objects.filter(
+ codename__in=[
+ "add_note",
+ "add_notelink",
+ "change_note",
+ "change_notelink",
+ ],
+ ),
+ "default change profile, schedule & show": Permission.objects.filter(
+ codename__in=[
+ "change_profile",
+ "change_schedule",
+ "change_show",
+ ],
+ ),
+ "custom add media-source": Permission.objects.filter(
+ codename__in=[
+ "add__file",
+ "add__import",
+ "add__line",
+ "add__stream",
+ ]
+ ),
+ "custom edit note": Permission.objects.filter(
+ ~Q(codename="edit__note__topics"),
+ codename__startswith="edit__note",
+ ),
+ "custom edit profile": Permission.objects.filter(
+ codename__in=[
+ "edit__profile__biography",
+ "edit__profile__email",
+ "edit__profile__image",
+ "edit__profile__links",
+ "edit__profile__name",
+ ]
+ ),
+ "custom edit schedule": Permission.objects.filter(
+ codename="edit__schedule__default_playlist_id"
+ ),
+ "custom edit show": Permission.objects.filter(
+ codename__in=[
+ "edit__show__default_playlist_id",
+ "edit__show__description",
+ "edit__show__email",
+ "edit__show__hosts",
+ "edit__show__image",
+ "edit__show__links",
+ "edit__show__logo",
+ "edit__show__short_description",
+ ]
),
},
}
--
GitLab