From e93567be9724f04126c199616480cf0ca8bbe47a Mon Sep 17 00:00:00 2001
From: Hangzhi Yu <hangzhi@protonmail.com>
Date: Wed, 2 Oct 2024 22:46:03 +0200
Subject: [PATCH] Add dynamically added permissions
---
aleksis/apps/maka/model_extensions.py | 11 +++++++++++
aleksis/apps/maka/rules.py | 18 +++++++++---------
2 files changed, 20 insertions(+), 9 deletions(-)
create mode 100644 aleksis/apps/maka/model_extensions.py
diff --git a/aleksis/apps/maka/model_extensions.py b/aleksis/apps/maka/model_extensions.py
new file mode 100644
index 0000000..d6a70c2
--- /dev/null
+++ b/aleksis/apps/maka/model_extensions.py
@@ -0,0 +1,11 @@
+from django.utils.translation import gettext as _
+
+from aleksis.core.models import Group
+
+
+# Dynamically add extra permissions to Group model in core
+# Note: requires migrate afterwards
+Group.add_permission("view_efforts_group", _("Can view all efforts of a group"))
+Group.add_permission("manage_efforts_group", _("Can manage all efforts of a group"))
+Group.add_permission("view_grades_group", _("Can view all grades of a group"))
+Group.add_permission("manage_grades_group", _("Can manage all grades of a group"))
diff --git a/aleksis/apps/maka/rules.py b/aleksis/apps/maka/rules.py
index 42cd845..f656f3c 100644
--- a/aleksis/apps/maka/rules.py
+++ b/aleksis/apps/maka/rules.py
@@ -26,35 +26,35 @@ view_effort_predicate = has_person & (
(is_effort_group_member & is_site_preference_set("maka", "view_own_efforts"))
| is_effort_group_owner
| has_global_perm("maka.view_effort")
- | has_effort_group_perm("core.view_effort_group")
+ | has_effort_group_perm("core.view_efforts_group")
)
add_perm("maka.view_effort_rule", view_effort_predicate)
add_effort_predicate = has_person & (
is_effort_group_owner
| has_global_perm("maka.add_effort")
- | has_effort_group_perm("core.add_effort_group")
+ | has_effort_group_perm("core.manage_efforts_group")
)
add_perm("maka.add_effort_rule", add_effort_predicate)
edit_effort_predicate = has_person & (
is_effort_group_owner
| has_global_perm("maka.change_effort")
- | has_effort_group_perm("core.edit_effort_group")
+ | has_effort_group_perm("core.manage_efforts_group")
)
add_perm("maka.edit_effort_rule", edit_effort_predicate)
delete_effort_predicate = has_person & (
is_effort_group_owner
| has_global_perm("maka.delete_effort")
- | has_effort_group_perm("core.delete_effort_group")
+ | has_effort_group_perm("core.manage_efforts_group")
)
add_perm("maka.delete_effort_rule", delete_effort_predicate)
view_efforts_menu_predicate = has_person & (
has_global_perm("maka.view_effort")
| has_any_group_ownership
- | has_any_object("core.view_effort_group", Group)
+ | has_any_object("core.view_efforts_group", Group)
)
add_perm("maka.view_efforts_menu_rule", view_efforts_menu_predicate)
@@ -64,28 +64,28 @@ view_grade_predicate = has_person & (
(is_grade_person & is_site_preference_set("maka", "view_own_grades"))
| is_grade_group_owner
| has_global_perm("maka.view_grade")
- | has_grade_group_perm("core.view_grade_group")
+ | has_grade_group_perm("core.view_grades_group")
)
add_perm("maka.view_grade_rule", view_grade_predicate)
add_grade_predicate = has_person & (
is_grade_group_owner
| has_global_perm("maka.add_grade")
- | has_grade_group_perm("core.add_grade_group")
+ | has_grade_group_perm("core.manage_grades_group")
)
add_perm("maka.add_grade_rule", add_grade_predicate)
edit_grade_predicate = has_person & (
is_grade_group_owner
| has_global_perm("maka.change_grade")
- | has_grade_group_perm("core.edit_grade_group")
+ | has_grade_group_perm("core.manage_grades_group")
)
add_perm("maka.edit_grade_rule", edit_grade_predicate)
delete_grade_predicate = has_person & (
is_grade_group_owner
| has_global_perm("maka.delete_grade")
- | has_grade_group_perm("core.delete_grade_group")
+ | has_grade_group_perm("core.manage_grades_group")
)
add_perm("maka.delete_grade_rule", delete_grade_predicate)
--
GitLab