Remove permission grant and revoke permissions
Signed-off-by: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
This commit is contained in:
Roberto Rosario
@@ -12,10 +12,11 @@
|
||||
* Add custom DatabaseWarning to tag the SQLite usage warning.
|
||||
* Add keyword arguments to add_to_class instances.
|
||||
* Move add_to_class function to their own module called methods.py
|
||||
* Remove catch all exception handling for the check in and
|
||||
* Remove catch all exception handling for the check in and
|
||||
check out views.
|
||||
* Improve checkouts tests code reducing redundant code.
|
||||
* Change how the HOME_VIEW setting is defined.
|
||||
* Change how the HOME_VIEW setting is defined.
|
||||
* Remove the role permission grant and revoke permission.
|
||||
|
||||
3.1.11 (2019-04-XX)
|
||||
===================
|
||||
|
||||
@@ -20,6 +20,13 @@ Every app reference is now prepended with 'mayan.apps'.
|
||||
Existing config.yml files need to be updated manually.
|
||||
|
||||
|
||||
Permissions
|
||||
^^^^^^^^^^^
|
||||
|
||||
The role permission grant and revoke permissions were removed. Instead only the
|
||||
role edit permission is required to grant or revoke permissions to a role.
|
||||
|
||||
|
||||
Other changes
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
@@ -27,9 +34,9 @@ Other changes
|
||||
* Fix multiple tag selection wizard step.
|
||||
* Split document app models into separate modules.
|
||||
* Split workflow views into separate modules.
|
||||
* Change how the HOME_VIEW setting is defined
|
||||
* Change how the HOME_VIEW setting is defined
|
||||
|
||||
HOME_VIEW is now COMMON_HOME_VIEW.
|
||||
HOME_VIEW is now COMMON_HOME_VIEW.
|
||||
|
||||
|
||||
Removals
|
||||
|
||||
@@ -19,7 +19,6 @@ from .links import (
|
||||
link_role_list, link_role_permissions
|
||||
)
|
||||
from .permissions import (
|
||||
permission_permission_grant, permission_permission_revoke,
|
||||
permission_role_delete, permission_role_edit, permission_role_view
|
||||
)
|
||||
from .search import * # NOQA
|
||||
@@ -42,7 +41,6 @@ class PermissionsApp(MayanAppConfig):
|
||||
ModelPermission.register(
|
||||
model=Role, permissions=(
|
||||
permission_acl_edit, permission_acl_view,
|
||||
permission_permission_grant, permission_permission_revoke,
|
||||
permission_role_delete, permission_role_edit,
|
||||
permission_role_view
|
||||
)
|
||||
|
||||
@@ -7,7 +7,6 @@ from mayan.apps.user_management.permissions import permission_group_edit
|
||||
|
||||
from .icons import icon_role_create, icon_role_list
|
||||
from .permissions import (
|
||||
permission_permission_grant, permission_permission_revoke,
|
||||
permission_role_create, permission_role_delete, permission_role_edit,
|
||||
permission_role_view
|
||||
)
|
||||
@@ -17,11 +16,11 @@ link_group_roles = Link(
|
||||
view='permissions:group_roles',
|
||||
)
|
||||
link_permission_grant = Link(
|
||||
permissions=(permission_permission_grant,), text=_('Grant'),
|
||||
permissions=(permission_role_edit,), text=_('Grant'),
|
||||
view='permissions:permission_multiple_grant'
|
||||
)
|
||||
link_permission_revoke = Link(
|
||||
permissions=(permission_permission_revoke,), text=_('Revoke'),
|
||||
permissions=(permission_role_edit,), text=_('Revoke'),
|
||||
view='permissions:permission_multiple_revoke'
|
||||
)
|
||||
link_role_create = Link(
|
||||
@@ -46,6 +45,6 @@ link_role_groups = Link(
|
||||
)
|
||||
link_role_permissions = Link(
|
||||
args='object.id',
|
||||
permissions=(permission_permission_grant, permission_permission_revoke),
|
||||
permissions=(permission_role_edit,),
|
||||
text=_('Role permissions'), view='permissions:role_permissions',
|
||||
)
|
||||
|
||||
@@ -18,9 +18,3 @@ permission_role_create = namespace.add_permission(
|
||||
permission_role_delete = namespace.add_permission(
|
||||
name='role_delete', label=_('Delete roles')
|
||||
)
|
||||
permission_permission_grant = namespace.add_permission(
|
||||
name='permission_grant', label=_('Grant permissions')
|
||||
)
|
||||
permission_permission_revoke = namespace.add_permission(
|
||||
name='permission_revoke', label=_('Revoke permissions')
|
||||
)
|
||||
|
||||
@@ -8,7 +8,6 @@ from mayan.apps.user_management.tests.literals import TEST_GROUP_2_NAME
|
||||
|
||||
from ..models import Role
|
||||
from ..permissions import (
|
||||
permission_permission_grant, permission_permission_revoke,
|
||||
permission_role_create, permission_role_delete, permission_role_edit,
|
||||
permission_role_view,
|
||||
)
|
||||
@@ -129,18 +128,10 @@ class PermissionsViewsTestCase(GenericViewTestCase):
|
||||
response = self._request_role_permissions_view()
|
||||
self.assertEqual(response.status_code, 403)
|
||||
|
||||
def test_role_permissions_view_with_permission_grant(self):
|
||||
def test_role_permissions_view_with_access(self):
|
||||
self._create_role()
|
||||
self.grant_access(
|
||||
permission=permission_permission_grant, obj=self.role_2
|
||||
)
|
||||
response = self._request_role_permissions_view()
|
||||
self.assertEqual(response.status_code, 200)
|
||||
|
||||
def test_role_permissions_view_with_permission_revoke(self):
|
||||
self._create_role()
|
||||
self.grant_access(
|
||||
permission=permission_permission_revoke, obj=self.role_2
|
||||
permission=permission_role_edit, obj=self.role_2
|
||||
)
|
||||
response = self._request_role_permissions_view()
|
||||
self.assertEqual(response.status_code, 200)
|
||||
|
||||
@@ -21,7 +21,6 @@ from .icons import icon_role_list
|
||||
from .links import link_role_create
|
||||
from .models import Role, StoredPermission
|
||||
from .permissions import (
|
||||
permission_permission_grant, permission_permission_revoke,
|
||||
permission_role_view, permission_role_create, permission_role_delete,
|
||||
permission_role_edit
|
||||
)
|
||||
@@ -145,15 +144,12 @@ class SetupRolePermissionsView(AssignRemoveView):
|
||||
return results
|
||||
|
||||
def add(self, item):
|
||||
Permission.check_permissions(
|
||||
self.request.user, permissions=(permission_permission_grant,)
|
||||
)
|
||||
permission = get_object_or_404(klass=StoredPermission, pk=item)
|
||||
self.get_object().permissions.add(permission)
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
AccessControlList.objects.check_access(
|
||||
permissions=(permission_permission_grant, permission_permission_revoke),
|
||||
permissions=(permission_role_edit,),
|
||||
user=self.request.user, obj=self.get_object()
|
||||
)
|
||||
return super(SetupRolePermissionsView, self).dispatch(request, *args, **kwargs)
|
||||
@@ -186,9 +182,6 @@ class SetupRolePermissionsView(AssignRemoveView):
|
||||
)
|
||||
|
||||
def remove(self, item):
|
||||
Permission.check_permissions(
|
||||
self.request.user, permissions=(permission_permission_revoke,)
|
||||
)
|
||||
permission = get_object_or_404(klass=StoredPermission, pk=item)
|
||||
self.get_object().permissions.remove(permission)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user