Skip to content
Snippets Groups Projects
Verified Commit cea135d6 authored by Ernesto Rico Schmidt's avatar Ernesto Rico Schmidt
Browse files

feat: final update to the default set of permissions

parent f3bc9744
No related branches found
No related tags found
No related merge requests found
Pipeline #8390 passed
Stage: check
Stage: test
Stage: build
Stage: deploy
Stage: release
Hide whitespace changes
Inline Side-by-side
program/management/commands/addpermissions.py
+ 74
27
View file @ cea135d6
...@@ -4,42 +4,89 @@ from django.core.management.base import BaseCommand ...@@ -4,42 +4,89 @@ from django.core.management.base import BaseCommand
from django.db.models import Q, QuerySet from django.db.models import Q, QuerySet
PERMISSIONS = { PERMISSIONS = {
# Program Managers get all permissions, they don’t need the edit the permissions
settings.PRIVILEGED_GROUP: { settings.PRIVILEGED_GROUP: {
"app": Permission.objects.filter( "all": Permission.objects.filter(
~Q(codename__startswith="edit"), ~Q(codename__startswith="edit"),
content_type__app_label="program", content_type__app_label="program",
), ),
"custom_add": Permission.objects.filter(
codename__startswith="add__",
content_type__model="playlist",
),
"custom_display": Permission.objects.filter(codename="display__show__internal_note"),
"custom_update": Permission.objects.filter(
codename__startswith="update",
content_type__model__in=["host", "note", "show"],
),
}, },
# Host
settings.ENTITLED_GROUPS[0]: { settings.ENTITLED_GROUPS[0]: {
"default_note_notelink": Permission.objects.filter( "default add/change note & notelink": Permission.objects.filter(
~Q(codename__startswith="create"), codename__in=[
~Q(codename__startswith="edit"), "add_note",
~Q(codename__startswith="update"), "add_notelink",
content_type__model__in=["note", "notelink"], "change_note",
"change_notelink",
],
), ),
"default change profile": Permission.objects.filter(codename="change_profile"),
"custom add media-source": Permission.objects.filter(
codename__in=[
"add__file",
"add__import",
]
),
"custom edit note": Permission.objects.filter(
~Q(codename="edit__note__topics"),
~Q(codename="edit__note__languages"),
codename__startswith="edit__note",
),
"custom edit profile": Permission.objects.filter(codename="edit__profile__name"),
}, },
# Host+
settings.ENTITLED_GROUPS[1]: { settings.ENTITLED_GROUPS[1]: {
"extra_change": Permission.objects.filter( "default add/change note & notelink": Permission.objects.filter(
codename__startswith="change", codename__in=[
content_type__model__in=["host", "note", "show"], "add_note",
), "add_notelink",
"custom_add": Permission.objects.filter( "change_note",
~Q(codename__startswith="add__m3ufile"), "change_notelink",
codename__startswith="add__", ],
content_type__model="playlist", ),
), "default change profile, schedule & show": Permission.objects.filter(
"custom_edit": Permission.objects.filter( codename__in=[
codename__startswith="edit", "change_profile",
content_type__model__in=["host", "note", "show"], "change_schedule",
"change_show",
],
),
"custom add media-source": Permission.objects.filter(
codename__in=[
"add__file",
"add__import",
"add__line",
"add__stream",
]
),
"custom edit note": Permission.objects.filter(
~Q(codename="edit__note__topics"),
codename__startswith="edit__note",
),
"custom edit profile": Permission.objects.filter(
codename__in=[
"edit__profile__biography",
"edit__profile__email",
"edit__profile__image",
"edit__profile__links",
"edit__profile__name",
]
),
"custom edit schedule": Permission.objects.filter(
codename="edit__schedule__default_playlist_id"
),
"custom edit show": Permission.objects.filter(
codename__in=[
"edit__show__default_playlist_id",
"edit__show__description",
"edit__show__email",
"edit__show__hosts",
"edit__show__image",
"edit__show__links",
"edit__show__logo",
"edit__show__short_description",
]
), ),
}, },
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment