diff --git a/aleksis/apps/paweljong/rules.py b/aleksis/apps/paweljong/rules.py
index 63f2234c4c1edff3ee37ce157260e56bc9c75a32..7ad451f75bd2574625ce5ac89230b48ea72b8c3b 100644
--- a/aleksis/apps/paweljong/rules.py
+++ b/aleksis/apps/paweljong/rules.py
@@ -16,26 +16,33 @@ from .predicates import (
is_organiser,
)
+## Vouchers
+
# View vouchers
view_vouchers_predicate = has_person & (
has_global_perm("paweljong.view_voucher") | has_any_object("paweljong.view_voucher", Voucher)
)
rules.add_perm("paweljong.view_vouchers_rule", view_vouchers_predicate)
-# Edit vouchers
-change_vouchers_predicate = has_person & (
- has_global_perm("paweljong.change_voucher")
- | has_any_object("paweljong.change_voucher", Voucher)
+# View voucher
+view_voucher_predicate = has_person & (
+ is_own_voucher | has_global_perm("paweljong.view_voucher") | has_object_perm("paweljong.view_voucher")
)
-rules.add_perm("paweljong.change_vouchers_rule", change_vouchers_predicate)
+rules.add_perm("paweljong.view_voucher_rule", view_voucher_predicate)
+# Edit voucher
+change_voucher_predicate = has_person & (
+ has_global_perm("paweljong.change_voucher")
+ | has_object_perm("paweljong.change_voucher")
+)
+rules.add_perm("paweljong.change_voucher_rule", change_voucher_predicate)
-# Delete vouchers
-delete_vouchers_predicate = has_person & (
+# Delete voucher
+delete_voucher_predicate = has_person & (
has_global_perm("paweljong.delete_voucher")
- | has_any_object("paweljong.delete_voucher", Voucher)
+ | has_object_perm("paweljong.delete_voucher")
)
-rules.add_perm("paweljong.delete_vouchers_rule", delete_vouchers_predicate)
+rules.add_perm("paweljong.delete_voucher_rule", delete_voucher_predicate)
# Create vouchers
create_vouchers_predicate = has_person & (
@@ -44,18 +51,20 @@ create_vouchers_predicate = has_person & (
)
rules.add_perm("paweljong.create_vouchers_rule", create_vouchers_predicate)
-# Edit events
-change_events_predicate = has_person & (
- has_global_perm("paweljong.change_event") | has_any_object("paweljong.change_event", Event)
+## Events
+
+# Edit event
+change_event_predicate = has_person & (
+ has_global_perm("paweljong.change_event") | has_object_perm("paweljong.change_event")
)
-rules.add_perm("paweljong.change_events_rule", change_events_predicate)
+rules.add_perm("paweljong.change_event_rule", change_event_predicate)
-# Delete events
-delete_events_predicate = has_person & (
- has_global_perm("paweljong.delete_event") | has_any_object("paweljong.delete_event", Event)
+# Delete event
+delete_event_predicate = has_person & (
+ has_global_perm("paweljong.delete_event") | has_object_perm("paweljong.delete_event")
)
-rules.add_perm("paweljong.delete_events_rule", delete_events_predicate)
+rules.add_perm("paweljong.delete_event_rule", delete_event_predicate)
# Create events
create_events_predicate = has_person & (
@@ -63,33 +72,39 @@ create_events_predicate = has_person & (
)
rules.add_perm("paweljong.create_events_rule", create_events_predicate)
-# Manage registrations
-manage_registrations_predicate = has_person & (
- has_global_perm("paweljong.manage_registration")
+## Registrations
+
+# View registration
+view_registration_predicate = has_person & (
+ has_global_perm("paweljong.view_eventregistration")
+ | has_object_perm("paweljong.view_eventregistration")
| is_organiser
| is_own_registration
)
-rules.add_perm("paweljong.manage_registrations_rule", manage_registrations_predicate)
+rules.add_perm("paweljong.view_registration_rule", view_registration_predicate)
# View registrations
view_registrations_predicate = has_person & (
has_global_perm("paweljong.view_eventregistration")
- | has_any_object("paweljong.manage_registrations_rule", EventRegistration)
+ | has_any_object("paweljong.view_registration_rule", EventRegistration)
)
rules.add_perm("paweljong.view_registrations_rule", view_registrations_predicate)
-# Delete registrations
-delete_registrations_predicate = has_person & (
+# Delete registration
+delete_registration_predicate = has_person & (
has_global_perm("paweljong.delete_eventregistration")
- | has_any_object("paweljong.delete_eventregistration", EventRegistration)
+ | has_object_perm("paweljong.delete_eventregistration")
)
-rules.add_perm("paweljong.delete_registrations_rule", delete_registrations_predicate)
+rules.add_perm("paweljong.delete_registration_rule", delete_registration_predicate)
+# Change registration
+change_registration_predicate = has_person & (
+ has_global_perm("paweljong.change_eventregistration")
+ | has_object_perm("paweljong.change_eventregistration")
+)
+rules.add_perm("paweljong.change_registration_rule", change_registration_predicate)
-# Is own voucher?
-is_own_voucher_predicate = has_person & (is_own_voucher)
-rules.add_perm("paweljong.is_own_voucher_rule", is_own_voucher_predicate)
-
+## Terms
# View terms
view_terms_predicate = has_person & (
@@ -97,6 +112,33 @@ view_terms_predicate = has_person & (
)
rules.add_perm("paweljong.view_terms_rule", view_terms_predicate)
+# View term
+view_term_predicate = has_person & (
+ has_global_perm("paweljong.view_term") | has_object_perm("paweljong.view_term", Terms)
+)
+rules.add_perm("paweljong.view_term_rule", view_term_predicate)
+
+# Delete term
+delete_term_predicate = has_person & (
+ has_global_perm("paweljong.delete_eventterm")
+ | has_object_perm("paweljong.delete_eventterm")
+)
+rules.add_perm("paweljong.delete_term_rule", delete_term_predicate)
+
+# Change term
+change_term_predicate = has_person & (
+ has_global_perm("paweljong.change_eventterm")
+ | has_object_perm("paweljong.change_eventterm")
+)
+rules.add_perm("paweljong.change_term_rule", change_term_predicate)
+
+# Create terms
+create_terms_predicate = has_person & (
+ has_global_perm("paweljong.create_term") | has_any_object("paweljong.create_term", Event)
+)
+rules.add_perm("paweljong.create_terms_rule", create_terms_predicate)
+
+## Info mailings
# View info_mailings
view_info_mailings_predicate = has_person & (
@@ -105,6 +147,33 @@ view_info_mailings_predicate = has_person & (
)
rules.add_perm("paweljong.view_info_mailings_rule", view_info_mailings_predicate)
+# View info_mailing
+view_info_mailing_predicate = has_person & (
+ has_global_perm("paweljong.view_info_mailing") | has_object_perm("paweljong.view_info_mailing", Terms)
+)
+rules.add_perm("paweljong.view_info_mailing_rule", view_info_mailing_predicate)
+
+# Delete info_mailing
+delete_info_mailing_predicate = has_person & (
+ has_global_perm("paweljong.delete_eventinfo_mailing")
+ | has_object_perm("paweljong.delete_eventinfo_mailing")
+)
+rules.add_perm("paweljong.delete_info_mailing_rule", delete_info_mailing_predicate)
+
+# Change info_mailing
+change_info_mailing_predicate = has_person & (
+ has_global_perm("paweljong.change_eventinfo_mailing")
+ | has_object_perm("paweljong.change_eventinfo_mailing")
+)
+rules.add_perm("paweljong.change_info_mailing_rule", change_info_mailing_predicate)
+
+# Create info_mailings
+create_info_mailings_predicate = has_person & (
+ has_global_perm("paweljong.create_info_mailing") | has_any_object("paweljong.create_info_mailing", Event)
+)
+rules.add_perm("paweljong.create_info_mailings_rule", create_info_mailings_predicate)
+
+# View menu
can_view_menu_predicate = has_person & (
has_any_object("paweljong.manage_registrations_rule", EventRegistration)
| has_any_object("paweljong.view_info_mailing", InfoMailing)
diff --git a/aleksis/apps/paweljong/views.py b/aleksis/apps/paweljong/views.py
index 2a3dba289b839fab805abba85aee826bdf47d605..6179f3d8cd262ad381000a2f27fb72ca278db699 100644
--- a/aleksis/apps/paweljong/views.py
+++ b/aleksis/apps/paweljong/views.py
@@ -57,7 +57,7 @@ User = get_user_model()
class CreateEventView(PermissionRequiredMixin, AdvancedCreateView):
form_class = EditEventForm
model = Event
- permission_required = "paweljong.change_event"
+ permission_required = "paweljong.create_events_rule"
template_name = "paweljong/event/create.html"
success_url = reverse_lazy("manage_events")
success_message = _("The event has been saved.")
@@ -68,14 +68,14 @@ class EditEventView(PermissionRequiredMixin, RevisionMixin, AdvancedEditView):
form_class = EditEventForm
model = Event
slug_field = "slug"
- permission_required = "paweljong.change_event"
+ permission_required = "paweljong.change_event_rule"
context_object_name = "manage_events"
template_name = "paweljong/event/edit.html"
success_url = reverse_lazy("manage_events")
success_message = _("The event has been saved.")
-@permission_required("paweljong.change_events")
+@permission_required("paweljong.view_events_rule")
def manage_events(request: HttpRequest) -> HttpResponse:
"""List view listing all registrations."""
context = {}
@@ -96,7 +96,7 @@ def manage_events(request: HttpRequest) -> HttpResponse:
return render(request, "paweljong/event/manage.html", context)
-@permission_required("paweljong.view_vouchers")
+@permission_required("paweljong.view_vouchers_rule")
def vouchers(request):
context = {}
@@ -115,7 +115,7 @@ def vouchers(request):
return render(request, "paweljong/voucher/list.html", context)
-@permission_required("paweljong.generate_lists")
+@permission_required("paweljong.generate_lists_rule")
def generate_lists(request: HttpRequest) -> HttpResponse:
context = {}
@@ -161,7 +161,7 @@ class EventRegistrationCreateView(PermissionRequiredMixin, AdvancedCreateView):
model = EventRegistration
form_class = EditEventRegistrationForm
- permission_required = "paweljong.manage_registration"
+ permission_required = "paweljong.create_eventregistration_rule"
template_name = "paweljong/event_registration/create.html"
success_url = reverse_lazy("registrations")
success_message = _("The event registration has been created.")
@@ -173,14 +173,14 @@ class EventRegistrationEditView(PermissionRequiredMixin, AdvancedEditView):
model = EventRegistration
form_class = EditEventRegistrationForm
- permission_required = "paweljong.manage_eventregistration"
+ permission_required = "paweljong.change_eventregistration_rule"
template_name = "paweljong/event_registration/edit.html"
success_url = reverse_lazy("registrations")
success_message = _("The event registration has been saved.")
@permission_required(
- "paweljong.manage_registrations",
+ "paweljong.change_eventregistration_rule",
fn=objectgetter_optional(EventRegistration, None, False),
)
def edit_registration(request: HttpRequest, pk) -> HttpResponse:
@@ -206,7 +206,7 @@ def edit_registration(request: HttpRequest, pk) -> HttpResponse:
return render(request, "paweljong/event_registration/edit.html", context)
-@permission_required("paweljong.is_own_voucher", fn=objectgetter_optional(Voucher, None, False))
+@permission_required("paweljong.view_voucher_rule", fn=objectgetter_optional(Voucher, None, False))
def print_voucher(request: HttpRequest, pk) -> HttpResponse:
context = {}
@@ -220,7 +220,7 @@ class EventRegistrationDetailView(PermissionRequiredMixin, DetailView):
"""Detail view for an application instance."""
context_object_name = "registration"
- permission_required = "paweljong.manage_registrations_rule"
+ permission_required = "paweljong.view_registration_rule"
template_name = "paweljong/event_registration/full.html"
def get_queryset(self):
@@ -231,7 +231,7 @@ class EventRegistrationDeleteView(PermissionRequiredMixin, AdvancedDeleteView):
"""Delete view for registrations."""
model = EventRegistration
- permission_required = "paweljong.delete_eventregistration"
+ permission_required = "paweljong.delete_eventregistration_rule"
template_name = "core/pages/delete.html"
success_url = reverse_lazy("registrations")
success_message = _("The registration has been deleted.")
@@ -243,7 +243,7 @@ class VoucherCreateView(PermissionRequiredMixin, AdvancedCreateView):
model = Voucher
form_class = EditVoucherForm
- permission_required = "paweljong.add_voucher"
+ permission_required = "paweljong.create_voucher_rule"
template_name = "paweljong/voucher/create.html"
success_url = reverse_lazy("vouchers")
success_message = _("The voucher has been created.")
@@ -255,7 +255,7 @@ class VoucherEditView(PermissionRequiredMixin, AdvancedEditView):
model = Voucher
form_class = EditVoucherForm
- permission_required = "paweljong.edit_voucher"
+ permission_required = "paweljong.change_voucher_rule"
template_name = "paweljong/voucher/edit.html"
success_url = reverse_lazy("vouchers")
success_message = _("The voucher has been saved.")
@@ -265,7 +265,7 @@ class VoucherDeleteView(PermissionRequiredMixin, AdvancedDeleteView):
"""Delete view for vouchers."""
model = Voucher
- permission_required = "paweljong.delete_voucher"
+ permission_required = "paweljong.delete_voucher_rule"
template_name = "core/pages/delete.html"
success_url = reverse_lazy("vouchers")
success_message = _("The voucher has been deleted.")
@@ -719,7 +719,7 @@ class TermListView(PermissionRequiredMixin, SingleTableView):
model = Terms
table_class = TermsTable
- permission_required = "paweljong.view_terms"
+ permission_required = "paweljong.view_terms_rule"
template_name = "paweljong/term/list.html"
@@ -729,7 +729,7 @@ class TermCreateView(PermissionRequiredMixin, AdvancedCreateView):
model = Terms
form_class = EditTermForm
- permission_required = "paweljong.add_terms"
+ permission_required = "paweljong.create_terms_rule"
template_name = "paweljong/term/create.html"
success_url = reverse_lazy("terms")
success_message = _("The term has been created.")
@@ -741,7 +741,7 @@ class TermEditView(PermissionRequiredMixin, AdvancedEditView):
model = Terms
form_class = EditTermForm
- permission_required = "paweljong.edit_terms"
+ permission_required = "paweljong.change_terms_rule"
template_name = "paweljong/term/edit.html"
success_url = reverse_lazy("terms")
success_message = _("The term has been saved.")
@@ -788,7 +788,7 @@ class InfoMailingListView(PermissionRequiredMixin, SingleTableView):
model = InfoMailing
table_class = InfoMailingsTable
- permission_required = "paweljong.view_info_mailing"
+ permission_required = "paweljong.view_info_mailings_rule"
template_name = "paweljong/info_mailing/list.html"
@@ -798,7 +798,7 @@ class InfoMailingCreateView(PermissionRequiredMixin, AdvancedCreateView):
model = InfoMailing
form_class = EditInfoMailingForm
- permission_required = "paweljong.add_info_mailing"
+ permission_required = "paweljong.create_info_mailing_rule"
template_name = "paweljong/info_mailing/create.html"
success_url = reverse_lazy("info_mailings")
success_message = _("The info mailing has been created.")
@@ -810,7 +810,7 @@ class InfoMailingEditView(PermissionRequiredMixin, AdvancedEditView):
model = InfoMailing
form_class = EditInfoMailingForm
- permission_required = "paweljong.edit_info_mailing"
+ permission_required = "paweljong.change_info_mailing_rule"
template_name = "paweljong/info_mailing/edit.html"
success_url = reverse_lazy("info_mailings")
success_message = _("The info mailing has been saved.")
@@ -820,7 +820,7 @@ class InfoMailingDeleteView(PermissionRequiredMixin, AdvancedDeleteView):
"""Delete view for info mailings."""
model = InfoMailing
- permission_required = "paweljong.delete_info_mailing"
+ permission_required = "paweljong.delete_info_mailing_rule"
template_name = "core/pages/delete.html"
success_url = reverse_lazy("info_mailings")
success_message = _("The info mailing has been deleted.")
@@ -829,7 +829,7 @@ class InfoMailingDeleteView(PermissionRequiredMixin, AdvancedDeleteView):
class SendMailFromRegistration(PermissionRequiredMixin, FormView):
template_name = "paweljong/event_registration/notification.html"
- permission_required = "paweljong.send_notification_mail"
+ permission_required = "paweljong.send_notification_mail_rule"
form_class = RegistrationNotificationForm
success_url = reverse_lazy("registrations")
@@ -870,7 +870,7 @@ class RegistrationStateListView(PermissionRequiredMixin, SingleTableView):
model = RegistrationState
table_class = RegistrationStatesTable
- permission_required = "paweljong.view_registration_states"
+ permission_required = "paweljong.view_registration_states_rule"
template_name = "paweljong/registration_state/list.html"
@@ -880,7 +880,7 @@ class RegistrationStateCreateView(PermissionRequiredMixin, AdvancedCreateView):
model = RegistrationState
form_class = RegistrationStatesForm
- permission_required = "paweljong.add_registration_states"
+ permission_required = "paweljong.create_registration_states_rule"
template_name = "paweljong/registration_state/create.html"
success_url = reverse_lazy("registration_states")
success_message = _("The term has been created.")
@@ -892,7 +892,7 @@ class RegistrationStateEditView(PermissionRequiredMixin, AdvancedEditView):
model = RegistrationState
form_class = RegistrationStatesForm
- permission_required = "paweljong.edit_registration_states"
+ permission_required = "paweljong.change_registration_states_rule"
template_name = "paweljong/registration_state/edit.html"
success_url = reverse_lazy("registration_states")
success_message = _("The term has been saved.")