From d397e1ba72969ec9f07866da4f22d958b2c21abd Mon Sep 17 00:00:00 2001
From: Jonathan Weth <git@jonathanweth.de>
Date: Wed, 10 Mar 2021 11:57:50 +0100
Subject: [PATCH] Split up view permissions for group roles to use them with
different models
---
aleksis/apps/alsijil/rules.py | 12 +++++++++---
aleksis/apps/alsijil/views.py | 4 +++-
2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/aleksis/apps/alsijil/rules.py b/aleksis/apps/alsijil/rules.py
index f36db7aa5..ad4536adc 100644
--- a/aleksis/apps/alsijil/rules.py
+++ b/aleksis/apps/alsijil/rules.py
@@ -241,13 +241,19 @@ add_perm("alsijil.delete_grouprole", delete_group_role_predicate)
view_assigned_group_roles_predicate = (
is_group_owner
- | is_lesson_teacher
- | is_lesson_parent_group_owner
| has_global_perm("alsjil.assign_grouprole")
- | has_object_perm("alsijil.assign_grouprole")
+ | has_object_perm("core.assign_grouprole")
)
add_perm("alsijil.view_assigned_grouproles", view_assigned_group_roles_predicate)
+view_assigned_group_roles_register_object_predicate = (
+ is_lesson_teacher | is_lesson_parent_group_owner | has_global_perm("alsjil.assign_grouprole")
+)
+add_perm(
+ "alsijil.view_assigned_grouproles_for_register_object",
+ view_assigned_group_roles_register_object_predicate,
+)
+
assign_group_role_person_predicate = is_person_group_owner | has_global_perm(
"alsjil.assign_grouprole"
)
diff --git a/aleksis/apps/alsijil/views.py b/aleksis/apps/alsijil/views.py
index 75c07ebec..f3990be4f 100644
--- a/aleksis/apps/alsijil/views.py
+++ b/aleksis/apps/alsijil/views.py
@@ -167,7 +167,9 @@ def register_object(
# Group roles
show_group_roles = request.user.person.preferences[
"alsijil__group_roles_in_lesson_view"
- ] and request.user.has_perm("alsijil.view_assigned_grouproles", register_object)
+ ] and request.user.has_perm(
+ "alsijil.view_assigned_grouproles_for_register_object", register_object
+ )
if show_group_roles:
groups = register_object.get_groups().all()
group_roles = GroupRole.objects.with_assignments(date_of_lesson, groups)
--
GitLab