Mirrored_Repos/InvenTree
1
0
Fork 0
mirror of https://github.com/inventree/InvenTree synced 2024-08-30 18:33:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1022 from SchrodingersGat/permission-fixes

Browse Source 
Fixes for role permissions
This commit is contained in:
Oliver 2020-10-05 23:04:50 +11:00 committed by GitHub
commit e5960f6ce4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 19 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
InvenTree/users/models.py
View File

@ -160,6 +160,15 @@ class RuleSet(models.Model):
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
# It does not make sense to be able to change / create something,
# but not be able to view it!
if self.can_add or self.can_change or self.can_delete:
self.can_view = True
if self.can_add or self.can_delete:
self.can_change = True
super().save(*args, **kwargs) super().save(*args, **kwargs)
def get_models(self): def get_models(self):
@ -227,16 +236,13 @@ def update_group_roles(group, debug=False):
if permission_string in permissions_to_delete: if permission_string in permissions_to_delete:
permissions_to_delete.remove(permission_string) permissions_to_delete.remove(permission_string)
if permission_string not in group_permissions: permissions_to_add.add(permission_string)
permissions_to_add.add(permission_string)
else: else:
# A forbidden action will be ignored if we have already allowed it # A forbidden action will be ignored if we have already allowed it
if permission_string not in permissions_to_add: if permission_string not in permissions_to_add:
permissions_to_delete.add(permission_string)
if permission_string in group_permissions:
permissions_to_delete.add(permission_string)
# Get all the rulesets associated with this group # Get all the rulesets associated with this group
for r in RuleSet.RULESET_CHOICES: for r in RuleSet.RULESET_CHOICES:
@ -287,6 +293,10 @@ def update_group_roles(group, debug=False):
# Add any required permissions to the group # Add any required permissions to the group
for perm in permissions_to_add: for perm in permissions_to_add:
# Ignore if permission is already in the group
if perm in group_permissions:
continue
permission = get_permission_object(perm) permission = get_permission_object(perm)
group.permissions.add(permission) group.permissions.add(permission)
@ -297,6 +307,10 @@ def update_group_roles(group, debug=False):
# Remove any extra permissions from the group # Remove any extra permissions from the group
for perm in permissions_to_delete: for perm in permissions_to_delete:
# Ignore if the permission is not already assigned
if perm not in group_permissions:
continue
permission = get_permission_object(perm) permission = get_permission_object(perm)
group.permissions.remove(permission) group.permissions.remove(permission)