Add missing rules

bb056868 · Tom Teichler · f7677563 · bb056868 · bb056868
Commit bb056868 authored 3 years ago by Tom Teichler
--- a/aleksis/apps/paweljong/rules.py
+++ b/aleksis/apps/paweljong/rules.py
@@ -16,26 +16,33 @@ from .predicates import (
    is_organiser,
 )

+## Vouchers
+
 # View vouchers
 view_vouchers_predicate = has_person & (
    has_global_perm("paweljong.view_voucher") | has_any_object("paweljong.view_voucher", Voucher)
 )
 rules.add_perm("paweljong.view_vouchers_rule", view_vouchers_predicate)

-# Edit vouchers
-change_vouchers_predicate = has_person & (
-    has_global_perm("paweljong.change_voucher")
-    | has_any_object("paweljong.change_voucher", Voucher)
+# View voucher
+view_voucher_predicate = has_person & (
+    is_own_voucher | has_global_perm("paweljong.view_voucher") | has_object_perm("paweljong.view_voucher")
 )
-rules.add_perm("paweljong.change_vouchers_rule", change_vouchers_predicate)
+rules.add_perm("paweljong.view_voucher_rule", view_voucher_predicate)

+# Edit voucher
+change_voucher_predicate = has_person & (
+    has_global_perm("paweljong.change_voucher")
+    | has_object_perm("paweljong.change_voucher")
+)
+rules.add_perm("paweljong.change_voucher_rule", change_voucher_predicate)

-# Delete vouchers
-delete_vouchers_predicate = has_person & (
+# Delete voucher
+delete_voucher_predicate = has_person & (
    has_global_perm("paweljong.delete_voucher")
-    | has_any_object("paweljong.delete_voucher", Voucher)
+    | has_object_perm("paweljong.delete_voucher")
 )
-rules.add_perm("paweljong.delete_vouchers_rule", delete_vouchers_predicate)
+rules.add_perm("paweljong.delete_voucher_rule", delete_voucher_predicate)

 # Create vouchers
 create_vouchers_predicate = has_person & (
@@ -44,18 +51,20 @@ create_vouchers_predicate = has_person & (
 )
 rules.add_perm("paweljong.create_vouchers_rule", create_vouchers_predicate)

-# Edit events
-change_events_predicate = has_person & (
-    has_global_perm("paweljong.change_event") | has_any_object("paweljong.change_event", Event)
+## Events
+
+# Edit event
+change_event_predicate = has_person & (
+    has_global_perm("paweljong.change_event") | has_object_perm("paweljong.change_event")
 )
-rules.add_perm("paweljong.change_events_rule", change_events_predicate)
+rules.add_perm("paweljong.change_event_rule", change_event_predicate)


-# Delete events
-delete_events_predicate = has_person & (
-    has_global_perm("paweljong.delete_event") | has_any_object("paweljong.delete_event", Event)
+# Delete event
+delete_event_predicate = has_person & (
+    has_global_perm("paweljong.delete_event") | has_object_perm("paweljong.delete_event")
 )
-rules.add_perm("paweljong.delete_events_rule", delete_events_predicate)
+rules.add_perm("paweljong.delete_event_rule", delete_event_predicate)

 # Create events
 create_events_predicate = has_person & (
@@ -63,33 +72,39 @@ create_events_predicate = has_person & (
 )
 rules.add_perm("paweljong.create_events_rule", create_events_predicate)

-# Manage registrations
-manage_registrations_predicate = has_person & (
-    has_global_perm("paweljong.manage_registration")
+## Registrations
+
+# View registration
+view_registration_predicate = has_person & (
+    has_global_perm("paweljong.view_eventregistration")
+    | has_object_perm("paweljong.view_eventregistration")
    | is_organiser
    | is_own_registration
 )
-rules.add_perm("paweljong.manage_registrations_rule", manage_registrations_predicate)
+rules.add_perm("paweljong.view_registration_rule", view_registration_predicate)

 # View registrations
 view_registrations_predicate = has_person & (
    has_global_perm("paweljong.view_eventregistration")
-    | has_any_object("paweljong.manage_registrations_rule", EventRegistration)
+    | has_any_object("paweljong.view_registration_rule", EventRegistration)
 )
 rules.add_perm("paweljong.view_registrations_rule", view_registrations_predicate)

-# Delete registrations
-delete_registrations_predicate = has_person & (
+# Delete registration
+delete_registration_predicate = has_person & (
    has_global_perm("paweljong.delete_eventregistration")
-    | has_any_object("paweljong.delete_eventregistration", EventRegistration)
+    | has_object_perm("paweljong.delete_eventregistration")
 )
-rules.add_perm("paweljong.delete_registrations_rule", delete_registrations_predicate)
+rules.add_perm("paweljong.delete_registration_rule", delete_registration_predicate)

+# Change registration
+change_registration_predicate = has_person & (
+    has_global_perm("paweljong.change_eventregistration")
+    | has_object_perm("paweljong.change_eventregistration")
+)
+rules.add_perm("paweljong.change_registration_rule", change_registration_predicate)

-# Is own voucher?
-is_own_voucher_predicate = has_person & (is_own_voucher)
-rules.add_perm("paweljong.is_own_voucher_rule", is_own_voucher_predicate)
-
+## Terms

 # View terms
 view_terms_predicate = has_person & (
@@ -97,6 +112,33 @@ view_terms_predicate = has_person & (
 )
 rules.add_perm("paweljong.view_terms_rule", view_terms_predicate)

+# View term
+view_term_predicate = has_person & (
+    has_global_perm("paweljong.view_term") | has_object_perm("paweljong.view_term", Terms)
+)
+rules.add_perm("paweljong.view_term_rule", view_term_predicate)
+
+# Delete term
+delete_term_predicate = has_person & (
+    has_global_perm("paweljong.delete_eventterm")
+    | has_object_perm("paweljong.delete_eventterm")
+)
+rules.add_perm("paweljong.delete_term_rule", delete_term_predicate)
+
+# Change term
+change_term_predicate = has_person & (
+    has_global_perm("paweljong.change_eventterm")
+    | has_object_perm("paweljong.change_eventterm")
+)
+rules.add_perm("paweljong.change_term_rule", change_term_predicate)
+
+# Create terms
+create_terms_predicate = has_person & (
+    has_global_perm("paweljong.create_term") | has_any_object("paweljong.create_term", Event)
+)
+rules.add_perm("paweljong.create_terms_rule", create_terms_predicate)
+
+## Info mailings

 # View info_mailings
 view_info_mailings_predicate = has_person & (
@@ -105,6 +147,33 @@ view_info_mailings_predicate = has_person & (
 )
 rules.add_perm("paweljong.view_info_mailings_rule", view_info_mailings_predicate)

+# View info_mailing
+view_info_mailing_predicate = has_person & (
+    has_global_perm("paweljong.view_info_mailing") | has_object_perm("paweljong.view_info_mailing", Terms)
+)
+rules.add_perm("paweljong.view_info_mailing_rule", view_info_mailing_predicate)
+
+# Delete info_mailing
+delete_info_mailing_predicate = has_person & (
+    has_global_perm("paweljong.delete_eventinfo_mailing")
+    | has_object_perm("paweljong.delete_eventinfo_mailing")
+)
+rules.add_perm("paweljong.delete_info_mailing_rule", delete_info_mailing_predicate)
+
+# Change info_mailing
+change_info_mailing_predicate = has_person & (
+    has_global_perm("paweljong.change_eventinfo_mailing")
+    | has_object_perm("paweljong.change_eventinfo_mailing")
+)
+rules.add_perm("paweljong.change_info_mailing_rule", change_info_mailing_predicate)
+
+# Create info_mailings
+create_info_mailings_predicate = has_person & (
+    has_global_perm("paweljong.create_info_mailing") | has_any_object("paweljong.create_info_mailing", Event)
+)
+rules.add_perm("paweljong.create_info_mailings_rule", create_info_mailings_predicate)
+
+# View menu
 can_view_menu_predicate = has_person & (
    has_any_object("paweljong.manage_registrations_rule", EventRegistration)
    | has_any_object("paweljong.view_info_mailing", InfoMailing)

--- a/aleksis/apps/paweljong/views.py
+++ b/aleksis/apps/paweljong/views.py
@@ -57,7 +57,7 @@ User = get_user_model()
 class CreateEventView(PermissionRequiredMixin, AdvancedCreateView):
    form_class = EditEventForm
    model = Event
-    permission_required = "paweljong.change_event"
+    permission_required = "paweljong.create_events_rule"
    template_name = "paweljong/event/create.html"
    success_url = reverse_lazy("manage_events")
    success_message = _("The event has been saved.")
@@ -68,14 +68,14 @@ class EditEventView(PermissionRequiredMixin, RevisionMixin, AdvancedEditView):
    form_class = EditEventForm
    model = Event
    slug_field = "slug"
-    permission_required = "paweljong.change_event"
+    permission_required = "paweljong.change_event_rule"
    context_object_name = "manage_events"
    template_name = "paweljong/event/edit.html"
    success_url = reverse_lazy("manage_events")
    success_message = _("The event has been saved.")


-@permission_required("paweljong.change_events")
+@permission_required("paweljong.view_events_rule")
 def manage_events(request: HttpRequest) -> HttpResponse:
    """List view listing all registrations."""
    context = {}
@@ -96,7 +96,7 @@ def manage_events(request: HttpRequest) -> HttpResponse:
    return render(request, "paweljong/event/manage.html", context)


-@permission_required("paweljong.view_vouchers")
+@permission_required("paweljong.view_vouchers_rule")
 def vouchers(request):
    context = {}

@@ -115,7 +115,7 @@ def vouchers(request):
    return render(request, "paweljong/voucher/list.html", context)


-@permission_required("paweljong.generate_lists")
+@permission_required("paweljong.generate_lists_rule")
 def generate_lists(request: HttpRequest) -> HttpResponse:
    context = {}

@@ -161,7 +161,7 @@ class EventRegistrationCreateView(PermissionRequiredMixin, AdvancedCreateView):

    model = EventRegistration
    form_class = EditEventRegistrationForm
-    permission_required = "paweljong.manage_registration"
+    permission_required = "paweljong.create_eventregistration_rule"
    template_name = "paweljong/event_registration/create.html"
    success_url = reverse_lazy("registrations")
    success_message = _("The event registration has been created.")
@@ -173,14 +173,14 @@ class EventRegistrationEditView(PermissionRequiredMixin, AdvancedEditView):

    model = EventRegistration
    form_class = EditEventRegistrationForm
-    permission_required = "paweljong.manage_eventregistration"
+    permission_required = "paweljong.change_eventregistration_rule"
    template_name = "paweljong/event_registration/edit.html"
    success_url = reverse_lazy("registrations")
    success_message = _("The event registration has been saved.")


 @permission_required(
-    "paweljong.manage_registrations",
+    "paweljong.change_eventregistration_rule",
    fn=objectgetter_optional(EventRegistration, None, False),
 )
 def edit_registration(request: HttpRequest, pk) -> HttpResponse:
@@ -206,7 +206,7 @@ def edit_registration(request: HttpRequest, pk) -> HttpResponse:
    return render(request, "paweljong/event_registration/edit.html", context)


-@permission_required("paweljong.is_own_voucher", fn=objectgetter_optional(Voucher, None, False))
+@permission_required("paweljong.view_voucher_rule", fn=objectgetter_optional(Voucher, None, False))
 def print_voucher(request: HttpRequest, pk) -> HttpResponse:
    context = {}

@@ -220,7 +220,7 @@ class EventRegistrationDetailView(PermissionRequiredMixin, DetailView):
    """Detail view for an application instance."""

    context_object_name = "registration"
-    permission_required = "paweljong.manage_registrations_rule"
+    permission_required = "paweljong.view_registration_rule"
    template_name = "paweljong/event_registration/full.html"

    def get_queryset(self):
@@ -231,7 +231,7 @@ class EventRegistrationDeleteView(PermissionRequiredMixin, AdvancedDeleteView):
    """Delete view for registrations."""

    model = EventRegistration
-    permission_required = "paweljong.delete_eventregistration"
+    permission_required = "paweljong.delete_eventregistration_rule"
    template_name = "core/pages/delete.html"
    success_url = reverse_lazy("registrations")
    success_message = _("The registration has been deleted.")
@@ -243,7 +243,7 @@ class VoucherCreateView(PermissionRequiredMixin, AdvancedCreateView):

    model = Voucher
    form_class = EditVoucherForm
-    permission_required = "paweljong.add_voucher"
+    permission_required = "paweljong.create_voucher_rule"
    template_name = "paweljong/voucher/create.html"
    success_url = reverse_lazy("vouchers")
    success_message = _("The voucher has been created.")
@@ -255,7 +255,7 @@ class VoucherEditView(PermissionRequiredMixin, AdvancedEditView):

    model = Voucher
    form_class = EditVoucherForm
-    permission_required = "paweljong.edit_voucher"
+    permission_required = "paweljong.change_voucher_rule"
    template_name = "paweljong/voucher/edit.html"
    success_url = reverse_lazy("vouchers")
    success_message = _("The voucher has been saved.")
@@ -265,7 +265,7 @@ class VoucherDeleteView(PermissionRequiredMixin, AdvancedDeleteView):
    """Delete view for vouchers."""

    model = Voucher
-    permission_required = "paweljong.delete_voucher"
+    permission_required = "paweljong.delete_voucher_rule"
    template_name = "core/pages/delete.html"
    success_url = reverse_lazy("vouchers")
    success_message = _("The voucher has been deleted.")
@@ -719,7 +719,7 @@ class TermListView(PermissionRequiredMixin, SingleTableView):

    model = Terms
    table_class = TermsTable
-    permission_required = "paweljong.view_terms"
+    permission_required = "paweljong.view_terms_rule"
    template_name = "paweljong/term/list.html"


@@ -729,7 +729,7 @@ class TermCreateView(PermissionRequiredMixin, AdvancedCreateView):

    model = Terms
    form_class = EditTermForm
-    permission_required = "paweljong.add_terms"
+    permission_required = "paweljong.create_terms_rule"
    template_name = "paweljong/term/create.html"
    success_url = reverse_lazy("terms")
    success_message = _("The term has been created.")
@@ -741,7 +741,7 @@ class TermEditView(PermissionRequiredMixin, AdvancedEditView):

    model = Terms
    form_class = EditTermForm
-    permission_required = "paweljong.edit_terms"
+    permission_required = "paweljong.change_terms_rule"
    template_name = "paweljong/term/edit.html"
    success_url = reverse_lazy("terms")
    success_message = _("The term has been saved.")
@@ -788,7 +788,7 @@ class InfoMailingListView(PermissionRequiredMixin, SingleTableView):

    model = InfoMailing
    table_class = InfoMailingsTable
-    permission_required = "paweljong.view_info_mailing"
+    permission_required = "paweljong.view_info_mailings_rule"
    template_name = "paweljong/info_mailing/list.html"


@@ -798,7 +798,7 @@ class InfoMailingCreateView(PermissionRequiredMixin, AdvancedCreateView):

    model = InfoMailing
    form_class = EditInfoMailingForm
-    permission_required = "paweljong.add_info_mailing"
+    permission_required = "paweljong.create_info_mailing_rule"
    template_name = "paweljong/info_mailing/create.html"
    success_url = reverse_lazy("info_mailings")
    success_message = _("The info mailing has been created.")
@@ -810,7 +810,7 @@ class InfoMailingEditView(PermissionRequiredMixin, AdvancedEditView):

    model = InfoMailing
    form_class = EditInfoMailingForm
-    permission_required = "paweljong.edit_info_mailing"
+    permission_required = "paweljong.change_info_mailing_rule"
    template_name = "paweljong/info_mailing/edit.html"
    success_url = reverse_lazy("info_mailings")
    success_message = _("The info mailing has been saved.")
@@ -820,7 +820,7 @@ class InfoMailingDeleteView(PermissionRequiredMixin, AdvancedDeleteView):
    """Delete view for info mailings."""

    model = InfoMailing
-    permission_required = "paweljong.delete_info_mailing"
+    permission_required = "paweljong.delete_info_mailing_rule"
    template_name = "core/pages/delete.html"
    success_url = reverse_lazy("info_mailings")
    success_message = _("The info mailing has been deleted.")
@@ -829,7 +829,7 @@ class InfoMailingDeleteView(PermissionRequiredMixin, AdvancedDeleteView):
 class SendMailFromRegistration(PermissionRequiredMixin, FormView):

    template_name = "paweljong/event_registration/notification.html"
-    permission_required = "paweljong.send_notification_mail"
+    permission_required = "paweljong.send_notification_mail_rule"
    form_class = RegistrationNotificationForm
    success_url = reverse_lazy("registrations")

@@ -870,7 +870,7 @@ class RegistrationStateListView(PermissionRequiredMixin, SingleTableView):

    model = RegistrationState
    table_class = RegistrationStatesTable
-    permission_required = "paweljong.view_registration_states"
+    permission_required = "paweljong.view_registration_states_rule"
    template_name = "paweljong/registration_state/list.html"


@@ -880,7 +880,7 @@ class RegistrationStateCreateView(PermissionRequiredMixin, AdvancedCreateView):

    model = RegistrationState
    form_class = RegistrationStatesForm
-    permission_required = "paweljong.add_registration_states"
+    permission_required = "paweljong.create_registration_states_rule"
    template_name = "paweljong/registration_state/create.html"
    success_url = reverse_lazy("registration_states")
    success_message = _("The term has been created.")
@@ -892,7 +892,7 @@ class RegistrationStateEditView(PermissionRequiredMixin, AdvancedEditView):

    model = RegistrationState
    form_class = RegistrationStatesForm
-    permission_required = "paweljong.edit_registration_states"
+    permission_required = "paweljong.change_registration_states_rule"
    template_name = "paweljong/registration_state/edit.html"
    success_url = reverse_lazy("registration_states")
    success_message = _("The term has been saved.")