From 515146d4a28741078147d0b7035f85c01c12b3d4 Mon Sep 17 00:00:00 2001 From: shamoon <4887959+shamoon@users.noreply.github.com> Date: Mon, 8 May 2023 01:56:28 -0700 Subject: [PATCH] Default frontend to current owner, allow setting no owner on create --- .../correspondent-edit-dialog.component.ts | 6 +- .../document-type-edit-dialog.component.ts | 6 +- .../edit-dialog/edit-dialog.component.ts | 13 +++- .../group-edit-dialog.component.ts | 6 +- .../mail-account-edit-dialog.component.ts | 6 +- .../mail-rule-edit-dialog.component.ts | 6 +- .../storage-path-edit-dialog.component.ts | 6 +- .../tag-edit-dialog.component.ts | 6 +- .../user-edit-dialog.component.ts | 6 +- src/documents/serialisers.py | 2 + src/documents/tests/test_api.py | 71 +++++++++++++++++++ 11 files changed, 116 insertions(+), 18 deletions(-) diff --git a/src-ui/src/app/components/common/edit-dialog/correspondent-edit-dialog/correspondent-edit-dialog.component.ts b/src-ui/src/app/components/common/edit-dialog/correspondent-edit-dialog/correspondent-edit-dialog.component.ts index 2ac7f2d99..89aa68f84 100644 --- a/src-ui/src/app/components/common/edit-dialog/correspondent-edit-dialog/correspondent-edit-dialog.component.ts +++ b/src-ui/src/app/components/common/edit-dialog/correspondent-edit-dialog/correspondent-edit-dialog.component.ts @@ -6,6 +6,7 @@ import { DEFAULT_MATCHING_ALGORITHM } from 'src/app/data/matching-model' import { PaperlessCorrespondent } from 'src/app/data/paperless-correspondent' import { CorrespondentService } from 'src/app/services/rest/correspondent.service' import { UserService } from 'src/app/services/rest/user.service' +import { SettingsService } from 'src/app/services/settings.service' @Component({ selector: 'app-correspondent-edit-dialog', @@ -16,9 +17,10 @@ export class CorrespondentEditDialogComponent extends EditDialogComponent, private activeModal: NgbActiveModal, - private userService: UserService + private userService: UserService, + private settingsService: SettingsService ) {} users: PaperlessUser[] @@ -64,7 +66,14 @@ export abstract class EditDialogComponent< this.closeEnabled = true }) - this.userService.listAll().subscribe((r) => (this.users = r.results)) + this.userService.listAll().subscribe((r) => { + this.users = r.results + if (this.dialogMode === 'create') { + this.objectForm.get('permissions_form').setValue({ + owner: this.settingsService.currentUser.id, + }) + } + }) } getCreateTitle() { diff --git a/src-ui/src/app/components/common/edit-dialog/group-edit-dialog/group-edit-dialog.component.ts b/src-ui/src/app/components/common/edit-dialog/group-edit-dialog/group-edit-dialog.component.ts index 785d6c20d..85f6d9efd 100644 --- a/src-ui/src/app/components/common/edit-dialog/group-edit-dialog/group-edit-dialog.component.ts +++ b/src-ui/src/app/components/common/edit-dialog/group-edit-dialog/group-edit-dialog.component.ts @@ -5,6 +5,7 @@ import { EditDialogComponent } from 'src/app/components/common/edit-dialog/edit- import { PaperlessGroup } from 'src/app/data/paperless-group' import { GroupService } from 'src/app/services/rest/group.service' import { UserService } from 'src/app/services/rest/user.service' +import { SettingsService } from 'src/app/services/settings.service' @Component({ selector: 'app-group-edit-dialog', @@ -15,9 +16,10 @@ export class GroupEditDialogComponent extends EditDialogComponent { constructor( service: TagService, activeModal: NgbActiveModal, - userService: UserService + userService: UserService, + settingsService: SettingsService ) { - super(service, activeModal, userService) + super(service, activeModal, userService, settingsService) } getCreateTitle() { diff --git a/src-ui/src/app/components/common/edit-dialog/user-edit-dialog/user-edit-dialog.component.ts b/src-ui/src/app/components/common/edit-dialog/user-edit-dialog/user-edit-dialog.component.ts index 9b3bd9bd8..afe23ac1b 100644 --- a/src-ui/src/app/components/common/edit-dialog/user-edit-dialog/user-edit-dialog.component.ts +++ b/src-ui/src/app/components/common/edit-dialog/user-edit-dialog/user-edit-dialog.component.ts @@ -7,6 +7,7 @@ import { PaperlessGroup } from 'src/app/data/paperless-group' import { PaperlessUser } from 'src/app/data/paperless-user' import { GroupService } from 'src/app/services/rest/group.service' import { UserService } from 'src/app/services/rest/user.service' +import { SettingsService } from 'src/app/services/settings.service' @Component({ selector: 'app-user-edit-dialog', @@ -23,9 +24,10 @@ export class UserEditDialogComponent constructor( service: UserService, activeModal: NgbActiveModal, - groupsService: GroupService + groupsService: GroupService, + settingsService: SettingsService ) { - super(service, activeModal, service) + super(service, activeModal, service, settingsService) groupsService .listAll() diff --git a/src/documents/serialisers.py b/src/documents/serialisers.py index ad2b5d0f6..71ffe7be2 100644 --- a/src/documents/serialisers.py +++ b/src/documents/serialisers.py @@ -220,6 +220,8 @@ class OwnedObjectSerializer(serializers.ModelSerializer, SetPermissionsMixin): permissions = None if "set_permissions" in validated_data: permissions = validated_data.pop("set_permissions") + if "user" not in permissions or permissions["user"] is None: + validated_data["owner"] = None instance = super().create(validated_data) if permissions is not None: self._set_permissions(permissions, instance) diff --git a/src/documents/tests/test_api.py b/src/documents/tests/test_api.py index e8c6dee7c..325ba3814 100644 --- a/src/documents/tests/test_api.py +++ b/src/documents/tests/test_api.py @@ -3532,6 +3532,77 @@ class TestApiAuth(DirectoriesMixin, APITestCase): status.HTTP_404_NOT_FOUND, ) + def test_api_set_permissions(self): + """ + GIVEN: + - API request to create an object (Tag) that supplies set_permissions object + WHEN: + - owner is passed as null or as a user id + - view > users is set + THEN: + - Object permissions are set appropriately + """ + user1 = User.objects.create_superuser(username="user1") + user2 = User.objects.create(username="user2") + + self.client.force_authenticate(user1) + + response = self.client.post( + "/api/tags/", + json.dumps( + { + "name": "test1", + "matching_algorithm": MatchingModel.MATCH_AUTO, + "set_permissions": { + "owner": None, + "view": { + "users": None, + "groups": None, + }, + "change": { + "users": None, + "groups": None, + }, + }, + }, + ), + content_type="application/json", + ) + + self.assertEqual(response.status_code, status.HTTP_201_CREATED) + + tag1 = Tag.objects.filter(name="test1").first() + self.assertEqual(tag1.owner, None) + + response = self.client.post( + "/api/tags/", + json.dumps( + { + "name": "test2", + "matching_algorithm": MatchingModel.MATCH_AUTO, + "set_permissions": { + "owner": user1.id, + "view": { + "users": [user2.id], + "groups": None, + }, + "change": { + "users": None, + "groups": None, + }, + }, + }, + ), + content_type="application/json", + ) + + tag2 = Tag.objects.filter(name="test2").first() + + from guardian.core import ObjectPermissionChecker + + checker = ObjectPermissionChecker(user2) + self.assertEqual(checker.has_perm("view_tag", tag2), True) + def test_dynamic_permissions_fields(self): Document.objects.create(title="Test", content="content 1", checksum="1")