Fix: add permissions for custom fields with migration (#4513)

This commit is contained in:
shamoon 2023-11-06 08:05:35 -08:00 committed by GitHub
parent 8716590cef
commit 24dbf669a9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 83 additions and 0 deletions

View File

@ -2,8 +2,44 @@
import django.db.models.deletion
import django.utils.timezone
from django.contrib.auth.management import create_permissions
from django.contrib.auth.models import Group
from django.contrib.auth.models import Permission
from django.contrib.auth.models import User
from django.db import migrations
from django.db import models
from django.db.models import Q
def add_customfield_permissions(apps, schema_editor):
# create permissions without waiting for post_migrate signal
for app_config in apps.get_app_configs():
app_config.models_module = True
create_permissions(app_config, apps=apps, verbosity=0)
app_config.models_module = None
add_permission = Permission.objects.get(codename="add_document")
customfield_permissions = Permission.objects.filter(
codename__contains="customfield",
)
for user in User.objects.filter(Q(user_permissions=add_permission)).distinct():
user.user_permissions.add(*customfield_permissions)
for group in Group.objects.filter(Q(permissions=add_permission)).distinct():
group.permissions.add(*customfield_permissions)
def remove_customfield_permissions(apps, schema_editor):
customfield_permissions = Permission.objects.filter(
codename__contains="customfield",
)
for user in User.objects.all():
user.user_permissions.remove(*customfield_permissions)
for group in Group.objects.all():
group.permissions.remove(*customfield_permissions)
class Migration(migrations.Migration):
@ -128,4 +164,8 @@ class Migration(migrations.Migration):
name="documents_customfieldinstance_unique_document_field",
),
),
migrations.RunPython(
add_customfield_permissions,
remove_customfield_permissions,
),
]

View File

@ -0,0 +1,43 @@
from django.contrib.auth import get_user_model
from documents.tests.utils import TestMigrations
class TestMigrateCustomFields(TestMigrations):
migrate_from = "1039_consumptiontemplate"
migrate_to = "1040_customfield_customfieldinstance_and_more"
def setUpBeforeMigration(self, apps):
User = get_user_model()
Group = apps.get_model("auth.Group")
self.Permission = apps.get_model("auth", "Permission")
self.user = User.objects.create(username="user1")
self.group = Group.objects.create(name="group1")
permission = self.Permission.objects.get(codename="add_document")
self.user.user_permissions.add(permission.id)
self.group.permissions.add(permission.id)
def test_users_with_add_documents_get_add_customfields(self):
permission = self.Permission.objects.get(codename="add_customfield")
self.assertTrue(self.user.has_perm(f"documents.{permission.codename}"))
self.assertTrue(permission in self.group.permissions.all())
class TestReverseMigrateCustomFields(TestMigrations):
migrate_from = "1040_customfield_customfieldinstance_and_more"
migrate_to = "1039_consumptiontemplate"
def setUpBeforeMigration(self, apps):
User = get_user_model()
Group = apps.get_model("auth.Group")
self.Permission = apps.get_model("auth", "Permission")
self.user = User.objects.create(username="user1")
self.group = Group.objects.create(name="group1")
permission = self.Permission.objects.get(codename="add_customfield")
self.user.user_permissions.add(permission.id)
self.group.permissions.add(permission.id)
def test_remove_consumptiontemplate_permissions(self):
permission = self.Permission.objects.get(codename="add_customfield")
self.assertFalse(self.user.has_perm(f"documents.{permission.codename}"))
self.assertFalse(permission in self.group.permissions.all())