diff --git a/program/management/commands/addpermissions.py b/program/management/commands/addpermissions.py
index 13f2e2aca24fe70aa37688d8cedb870cb846ef70..efc345f864e250d31022590fd28ea6a170b40f2d 100644
--- a/program/management/commands/addpermissions.py
+++ b/program/management/commands/addpermissions.py
@@ -1,7 +1,48 @@
from django.conf import settings
from django.contrib.auth.models import Group, Permission
from django.core.management.base import BaseCommand
-from django.db.models import QuerySet
+from django.db.models import Q, QuerySet
+
+PERMISSIONS = {
+ settings.PRIVILEGED_GROUP: {
+ "app": Permission.objects.filter(
+ ~Q(codename__startswith="edit"),
+ content_type__app_label="program",
+ ),
+ "custom_add": Permission.objects.filter(
+ codename__startswith="add__",
+ content_type__model="playlist",
+ ),
+ "custom_display": Permission.objects.filter(codename="display__show__internal_note"),
+ "custom_update": Permission.objects.filter(
+ codename__startswith="update",
+ content_type__model__in=["host", "note", "show"],
+ ),
+ },
+ settings.ENTITLED_GROUPS[0]: {
+ "default_note_notelink": Permission.objects.filter(
+ ~Q(codename__startswith="create"),
+ ~Q(codename__startswith="edit"),
+ ~Q(codename__startswith="update"),
+ content_type__model__in=["note", "notelink"],
+ ),
+ },
+ settings.ENTITLED_GROUPS[1]: {
+ "extra_change": Permission.objects.filter(
+ codename__startswith="change",
+ content_type__model__in=["host", "note", "show"],
+ ),
+ "custom_add": Permission.objects.filter(
+ ~Q(codename__startswith="add__m3ufile"),
+ codename__startswith="add__",
+ content_type__model="playlist",
+ ),
+ "custom_edit": Permission.objects.filter(
+ codename__startswith="edit",
+ content_type__model__in=["host", "note", "show"],
+ ),
+ },
+}
class Command(BaseCommand):
@@ -14,46 +55,8 @@ class Command(BaseCommand):
self.stdout.write(self.style.SUCCESS(str(len(permissions))))
def handle(self, *args, **options):
- privileged_group = Group.objects.get(name=settings.PRIVILEGED_GROUP)
- host_group = Group.objects.get(name=settings.ENTITLED_GROUPS[0])
- host_plus_group = Group.objects.get(name=settings.ENTITLED_GROUPS[1])
+ for group_name in PERMISSIONS:
+ group = Group.objects.get(name=group_name)
- app_permissions = Permission.objects.filter(content_type__app_label="program").exclude(
- codename__startswith="edit"
- )
- default_model_permissions = (
- Permission.objects.filter(content_type__model__in=["note", "notelink"])
- .exclude(codename__startswith="edit")
- .exclude(codename__startswith="create")
- .exclude(codename__startswith="update")
- )
- change_permissions = Permission.objects.filter(
- codename__startswith="change", content_type__model__in=["host", "note", "show"]
- )
- edit_permissions = Permission.objects.filter(
- codename__startswith="edit", content_type__model__in=["host", "note", "show"]
- )
- create_permissions = Permission.objects.filter(
- codename__startswith="create", content_type__model__in=["note"]
- )
- update_permissions = Permission.objects.filter(
- codename__startswith="update", content_type__model__in=["host", "note", "show"]
- )
- custom_add_permissions = Permission.objects.filter(
- codename__startswith="add__", content_type__model="playlist"
- )
-
- self.add_permissions(privileged_group, app_permissions, "default app level")
- self.add_permissions(privileged_group, edit_permissions, "custom edit field")
- self.add_permissions(privileged_group, create_permissions, "custom create")
- self.add_permissions(privileged_group, update_permissions, "custom update")
- self.add_permissions(privileged_group, custom_add_permissions, "custom add")
-
- self.add_permissions(host_group, default_model_permissions, "default model")
-
- self.add_permissions(host_plus_group, change_permissions, "default change")
- self.add_permissions(host_plus_group, edit_permissions, "custom edit field")
-
- self.add_permissions(
- host_plus_group, custom_add_permissions.exclude(codename="add__m3ufile"), "custom add"
- )
+ for name, permissions in PERMISSIONS[group_name].items():
+ self.add_permissions(group, permissions, name)