Fixed context permissions for superuser with no group assigned

2024-08-30 18:33:04 +00:00 · 2020-10-06 09:59:51 -05:00 · 2020-10-06 09:59:51 -05:00 · 1ce2166843
commit 1ce2166843
parent 279b50d977
1 changed files with 26 additions and 15 deletions
--- a/InvenTree/InvenTree/context.py
+++ b/InvenTree/InvenTree/context.py
@ -7,6 +7,8 @@ Provides extra global data to all templates.
 from InvenTree.status_codes import SalesOrderStatus, PurchaseOrderStatus
 from InvenTree.status_codes import BuildStatus, StockStatus
 from users.models import RuleSet
 def status_codes(request):
@ -38,22 +40,31 @@ def user_roles(request):
    roles = {
    }
-    for group in user.groups.all():
+    if user.is_superuser:
-        for rule in group.rule_sets.all():
+        for ruleset in RuleSet.RULESET_MODELS.keys():
            roles[ruleset] = {
                'view': True,
                'add': True,
                'change': True,
                'delete': True,
            }
    else:
        for group in user.groups.all():
            for rule in group.rule_sets.all():
-            # Ensure the role name is in the dict
+                # Ensure the role name is in the dict
-            if rule.name not in roles:
+                if rule.name not in roles:
-                roles[rule.name] = {
+                    roles[rule.name] = {
-                    'view': user.is_superuser,
+                        'view': user.is_superuser,
-                    'add': user.is_superuser,
+                        'add': user.is_superuser,
-                    'change': user.is_superuser,
+                        'change': user.is_superuser,
-                    'delete': user.is_superuser
+                        'delete': user.is_superuser
-                }
+                    }
-            # Roles are additive across groups
+                # Roles are additive across groups
-            roles[rule.name]['view'] |= rule.can_view
+                roles[rule.name]['view'] |= rule.can_view
-            roles[rule.name]['add'] |= rule.can_add
+                roles[rule.name]['add'] |= rule.can_add
-            roles[rule.name]['change'] |= rule.can_change
+                roles[rule.name]['change'] |= rule.can_change
-            roles[rule.name]['delete'] |= rule.can_delete
+                roles[rule.name]['delete'] |= rule.can_delete
    return {'roles': roles}