From 320537a0549cf576ba0f02f8b1fe57a5eb1d8528 Mon Sep 17 00:00:00 2001 From: shamoon <4887959+shamoon@users.noreply.github.com> Date: Fri, 3 Mar 2023 19:50:06 -0800 Subject: [PATCH] Give superuser full doc permissions --- src-ui/cypress/fixtures/ui_settings/settings.json | 7 +++++-- .../cypress/fixtures/ui_settings/settings_restricted.json | 7 +++++-- src-ui/src/app/data/paperless-uisettings.ts | 5 +++-- src-ui/src/app/services/permissions.service.ts | 7 ++++++- src-ui/src/app/services/settings.service.ts | 5 +---- src/documents/views.py | 7 +++++-- 6 files changed, 25 insertions(+), 13 deletions(-) diff --git a/src-ui/cypress/fixtures/ui_settings/settings.json b/src-ui/cypress/fixtures/ui_settings/settings.json index bc86255fc..f552054df 100644 --- a/src-ui/cypress/fixtures/ui_settings/settings.json +++ b/src-ui/cypress/fixtures/ui_settings/settings.json @@ -1,6 +1,9 @@ { - "user_id": 1, - "username": "admin", + "user": { + "id": 1, + "username": "admin", + "is_superuser": true + }, "settings": { "language": "", "bulk_edit": { diff --git a/src-ui/cypress/fixtures/ui_settings/settings_restricted.json b/src-ui/cypress/fixtures/ui_settings/settings_restricted.json index 4bc8a2d41..921d4274d 100644 --- a/src-ui/cypress/fixtures/ui_settings/settings_restricted.json +++ b/src-ui/cypress/fixtures/ui_settings/settings_restricted.json @@ -1,6 +1,9 @@ { - "user_id": 1, - "username": "admin", + "user": { + "id": 1, + "username": "admin", + "is_superuser": false + }, "settings": { "language": "", "bulk_edit": { diff --git a/src-ui/src/app/data/paperless-uisettings.ts b/src-ui/src/app/data/paperless-uisettings.ts index 5f89708b5..d2b4c583d 100644 --- a/src-ui/src/app/data/paperless-uisettings.ts +++ b/src-ui/src/app/data/paperless-uisettings.ts @@ -1,6 +1,7 @@ +import { PaperlessUser } from './paperless-user' + export interface PaperlessUiSettings { - user_id: number - username: string + user: PaperlessUser settings: Object permissions: string[] } diff --git a/src-ui/src/app/services/permissions.service.ts b/src-ui/src/app/services/permissions.service.ts index bca2037fa..a7ba7638d 100644 --- a/src-ui/src/app/services/permissions.service.ts +++ b/src-ui/src/app/services/permissions.service.ts @@ -46,7 +46,12 @@ export class PermissionsService { } public currentUserOwnsObject(object: ObjectWithPermissions): boolean { - return !object || !object.owner || object.owner === this.currentUser.id + return ( + !object || + !object.owner || + this.currentUser.is_superuser || + object.owner === this.currentUser.id + ) } public currentUserHasObjectPermissions( diff --git a/src-ui/src/app/services/settings.service.ts b/src-ui/src/app/services/settings.service.ts index 5d8eb733f..4767162f6 100644 --- a/src-ui/src/app/services/settings.service.ts +++ b/src-ui/src/app/services/settings.service.ts @@ -75,10 +75,7 @@ export class SettingsService { // to update lang cookie if (this.settings['language']?.length) this.setLanguage(this.settings['language']) - this.currentUser = { - id: uisettings['user_id'], - username: uisettings['username'], - } + this.currentUser = uisettings.user this.permissionsService.initialize( uisettings.permissions, this.currentUser diff --git a/src/documents/views.py b/src/documents/views.py index 2ad6fd1cd..ca162e06d 100644 --- a/src/documents/views.py +++ b/src/documents/views.py @@ -931,8 +931,11 @@ class UiSettingsView(GenericAPIView): roles = map(lambda perm: re.sub(r"^\w+.", "", perm), user.get_all_permissions()) return Response( { - "user_id": user.id, - "username": user.username, + "user": { + "id": user.id, + "username": user.username, + "is_superuser": user.is_superuser, + }, "settings": ui_settings, "permissions": roles, },