Fix inherited permissions should not display per user in permissions form

This commit is contained in:
shamoon 2023-03-17 20:49:47 -07:00
parent 4cfc416cdc
commit ae0c585918
9 changed files with 58 additions and 11 deletions

View File

@ -21,7 +21,16 @@
"original_file_name": "2022-03-22 no latin title.pdf",
"archived_file_name": "2022-03-22 no latin title.pdf",
"owner": null,
"permissions": [],
"permissions": {
"view": {
"users": [],
"groups": []
},
"change": {
"users": [],
"groups": []
}
},
"notes": [
{
"id": 9,
@ -59,7 +68,16 @@
"original_file_name": "2022-03-23 lorem ipsum dolor sit amet.pdf",
"archived_file_name": "2022-03-23 llorem ipsum dolor sit amet.pdf",
"owner": null,
"permissions": [],
"permissions": {
"view": {
"users": [],
"groups": []
},
"change": {
"users": [],
"groups": []
}
},
"notes": []
},
{
@ -80,7 +98,16 @@
"original_file_name": "2022-03-24 dolor.pdf",
"archived_file_name": "2022-03-24 dolor.pdf",
"owner": null,
"permissions": [],
"permissions": {
"view": {
"users": [],
"groups": []
},
"change": {
"users": [],
"groups": []
}
},
"notes": []
},
{
@ -101,7 +128,16 @@
"original_file_name": "2022-06-01 sit amet.pdf",
"archived_file_name": "2022-06-01 sit amet.pdf",
"owner": null,
"permissions": [],
"permissions": {
"view": {
"users": [],
"groups": []
},
"change": {
"users": [],
"groups": []
}
},
"notes": []
}
]

View File

@ -2,7 +2,8 @@
"user": {
"id": 1,
"username": "admin",
"is_superuser": true
"is_superuser": true,
"groups": []
},
"settings": {
"language": "",

View File

@ -2,7 +2,8 @@
"user": {
"id": 1,
"username": "admin",
"is_superuser": false
"is_superuser": false,
"groups": []
},
"settings": {
"language": "",

View File

@ -77,7 +77,7 @@ export class SelectComponent extends AbstractInputComponent<number> {
}
get isPrivate(): boolean {
return this.items.find((i) => i.id === this.value)?.private
return this.items?.find((i) => i.id === this.value)?.private
}
getSuggestions() {

View File

@ -9,7 +9,7 @@ export interface PaperlessUser extends ObjectWithId {
is_staff?: boolean
is_active?: boolean
is_superuser?: boolean
groups?: PaperlessGroup[]
groups?: number[] // PaperlessGroup[]
user_permissions?: string[]
inherited_permissions?: string[]
}

View File

@ -58,11 +58,16 @@ export class PermissionsService {
action: string,
object: ObjectWithPermissions
): boolean {
let actionObject = null
if (action === PermissionAction.View) actionObject = object.permissions.view
else if (action === PermissionAction.Change)
actionObject = object.permissions.change
if (!actionObject) return false
return (
this.currentUserOwnsObject(object) ||
(object.permissions[action]['users'] as Array<number>)?.includes(
this.currentUser.id
)
actionObject.users.includes(this.currentUser.id) ||
actionObject.groups.filter((g) => this.currentUser.groups.includes(g))
.length > 0
)
}

View File

@ -63,6 +63,7 @@ def set_permissions_for_object(permissions, object):
users_to_remove = get_users_with_perms(
object,
only_with_perms_in=[permission],
with_group_users=False,
)
if len(users_to_add) > 0 and len(users_to_remove) > 0:
users_to_remove = users_to_remove.difference(users_to_add)

View File

@ -161,6 +161,7 @@ class OwnedObjectSerializer(serializers.ModelSerializer, SetPermissionsMixin):
"users": get_users_with_perms(
obj,
only_with_perms_in=[view_codename],
with_group_users=False,
).values_list("id", flat=True),
"groups": get_groups_with_only_permission(
obj,
@ -171,6 +172,7 @@ class OwnedObjectSerializer(serializers.ModelSerializer, SetPermissionsMixin):
"users": get_users_with_perms(
obj,
only_with_perms_in=[change_codename],
with_group_users=False,
).values_list("id", flat=True),
"groups": get_groups_with_only_permission(
obj,

View File

@ -964,6 +964,7 @@ class UiSettingsView(GenericAPIView):
"id": user.id,
"username": user.username,
"is_superuser": user.is_superuser,
"groups": user.groups.values_list("id", flat=True),
},
"settings": ui_settings,
"permissions": roles,