Merge pull request #614 from nearbeach/develop

Develop

NearBeach/decorators/check_user_permissions/gantt_chart_permissions.py

@@ -0,0 +1,71 @@
+from django.core.exceptions import PermissionDenied
+from django.db.models import Max
+from functools import wraps
+
+from NearBeach.models import Sprint
+
+from NearBeach.decorators.check_user_permissions.object_permissions import FUNCTION_DICT
+
+
+def check_gantt_chart_permissions_with_destination(min_permission_level):
+    """
+    Checks the user's permission for the gantt chart, using the destination as
+    the object lookup. We will need to make sure the destination is either
+    a project or requirement, otherwise they will get permission denied.
+    We will then utilise the correct permission partials to determine if the
+    user should have access.
+    """
+    def decorator(func):
+        @wraps(func)
+        def inner(request, *args, **kwargs):
+            # Obtain destination from args
+            # due to weird issue - we check the args length
+            if len(args) == 0:
+                destination = kwargs["destination"]
+                location_id = kwargs["location_id"]
+            else:
+                destination = args[0]
+                location_id = args[1]
+
+            # TEMP FUNCTIONALITY -> At the moment, we are only focusing on sprint functionality
+            # In the near future, we'll open this up to OTHER objects
+            # For the initial proof of concept, we are only dealing with sprints
+            if not destination == "sprint":
+                raise PermissionDenied
+
+            destination, location_id = get_sprint_parent_destination(location_id)
+
+            # If user is admin - grant them all permissions
+            if request.user.is_superuser:
+                # Return the function with a user_level of 4
+                return func(request, *args, **kwargs, user_level=4)
+
+            # Fold the location id into the {destination}_id. This will be used in the partials
+            kwargs[F"{destination}_id"] = location_id
+
+            # User the FUNCTION_DICT to determine which partial permissions we need
+            # to reference
+            passes, user_level = FUNCTION_DICT[destination](request, kwargs)
+
+            if not passes:
+                raise PermissionDenied
+
+            if user_level >= min_permission_level:
+                # Everything is fine - continue on
+                return func(request, *args, **kwargs, user_level=user_level)
+
+            # Does not meet conditions
+            raise PermissionDenied
+        return inner
+    return decorator
+
+
+def get_sprint_parent_destination(location_id):
+    # Get the sprint information
+    sprint_results = Sprint.objects.get(sprint_id=location_id)
+
+    # If there is a project assigned to the sprint. The destination should be project
+    if sprint_results.project is not None:
+        return "project", sprint_results.project_id
+    else:
+        return "requirement", sprint_results.requirement_id

NearBeach/decorators/check_user_permissions/partials/requirement_permissions.py

@@ -12,17 +12,12 @@ def requirement_permissions(request, kwargs):
     if len(kwargs) > 0:
         # Get the requirement groups
         user_group_results = user_group_results.filter(
-            Q(
+            is_deleted=False,
+            group_id__in=ObjectAssignment.objects.filter(
                 is_deleted=False,
-                group_id__in=ObjectAssignment.objects.filter(
-                    is_deleted=False,
-                    group_id__isnull=False,
-                    requirement_id=kwargs["requirement_id"],
-                ).values("group_id"),
-            )
-            & Q(
-                username=request.user,
-            )
+                group_id__isnull=False,
+                requirement_id=kwargs["requirement_id"],
+            ).values("group_id"),
         )
 
         # Check to see if there are any groups associated

NearBeach/fixtures/NearBeach_basic_setup.json

@@ -1986,6 +1986,114 @@
     "is_deleted": false
   }
 },
+{
+  "model": "NearBeach.objectassignment",
+  "pk": 35,
+  "fields": {
+    "assigned_user": 1,
+    "group_id": null,
+    "requirement": null,
+    "requirement_item": null,
+    "project": 1,
+    "task": null,
+    "kanban_board": null,
+    "kanban_card": null,
+    "request_for_change": null,
+    "customer": null,
+    "organisation": null,
+    "change_task": null,
+    "meta_object": null,
+    "meta_object_title": "",
+    "meta_object_status": "",
+    "link_relationship": "",
+    "parent_link": "",
+    "date_created": "2024-05-13T10:29:17.681Z",
+    "date_modified": "2024-05-13T10:29:17.681Z",
+    "change_user": 1,
+    "is_deleted": false
+  }
+},
+{
+  "model": "NearBeach.objectassignment",
+  "pk": 36,
+  "fields": {
+    "assigned_user": 5,
+    "group_id": null,
+    "requirement": null,
+    "requirement_item": null,
+    "project": null,
+    "task": 2,
+    "kanban_board": null,
+    "kanban_card": null,
+    "request_for_change": null,
+    "customer": null,
+    "organisation": null,
+    "change_task": null,
+    "meta_object": null,
+    "meta_object_title": "",
+    "meta_object_status": "",
+    "link_relationship": "",
+    "parent_link": "",
+    "date_created": "2024-05-13T10:30:40.078Z",
+    "date_modified": "2024-05-13T10:30:40.078Z",
+    "change_user": 1,
+    "is_deleted": false
+  }
+},
+{
+  "model": "NearBeach.objectassignment",
+  "pk": 37,
+  "fields": {
+    "assigned_user": 3,
+    "group_id": null,
+    "requirement": null,
+    "requirement_item": null,
+    "project": null,
+    "task": 2,
+    "kanban_board": null,
+    "kanban_card": null,
+    "request_for_change": null,
+    "customer": null,
+    "organisation": null,
+    "change_task": null,
+    "meta_object": null,
+    "meta_object_title": "",
+    "meta_object_status": "",
+    "link_relationship": "",
+    "parent_link": "",
+    "date_created": "2024-05-13T10:41:58.777Z",
+    "date_modified": "2024-05-13T10:41:58.777Z",
+    "change_user": 2,
+    "is_deleted": false
+  }
+},
+{
+  "model": "NearBeach.objectassignment",
+  "pk": 38,
+  "fields": {
+    "assigned_user": 2,
+    "group_id": null,
+    "requirement": null,
+    "requirement_item": null,
+    "project": null,
+    "task": 2,
+    "kanban_board": null,
+    "kanban_card": null,
+    "request_for_change": null,
+    "customer": null,
+    "organisation": null,
+    "change_task": null,
+    "meta_object": null,
+    "meta_object_title": "",
+    "meta_object_status": "",
+    "link_relationship": "",
+    "parent_link": "",
+    "date_created": "2024-05-13T10:42:14.120Z",
+    "date_modified": "2024-05-13T10:42:14.120Z",
+    "change_user": 2,
+    "is_deleted": false
+  }
+},
 {
   "model": "NearBeach.objectnote",
   "pk": 1,
@@ -2962,6 +3070,54 @@
     "is_deleted": false
   }
 },
+{
+  "model": "NearBeach.userjob",
+  "pk": 1,
+  "fields": {
+    "username": 1,
+    "job_date": "2024-05-14",
+    "job_sort_number": 0,
+    "kanban_card": null,
+    "project": 1,
+    "task": null,
+    "date_created": "2024-05-13T10:29:27.540Z",
+    "date_modified": "2024-05-13T10:32:17.413Z",
+    "change_user": 1,
+    "is_deleted": false
+  }
+},
+{
+  "model": "NearBeach.userjob",
+  "pk": 2,
+  "fields": {
+    "username": 5,
+    "job_date": "2024-05-13",
+    "job_sort_number": 0,
+    "kanban_card": null,
+    "project": null,
+    "task": 2,
+    "date_created": "2024-05-13T10:30:51.400Z",
+    "date_modified": "2024-05-13T10:30:51.400Z",
+    "change_user": 5,
+    "is_deleted": false
+  }
+},
+{
+  "model": "NearBeach.userjob",
+  "pk": 3,
+  "fields": {
+    "username": 2,
+    "job_date": "2024-05-14",
+    "job_sort_number": 0,
+    "kanban_card": null,
+    "project": null,
+    "task": 2,
+    "date_created": "2024-05-13T10:42:21.906Z",
+    "date_modified": "2024-05-13T10:42:30.668Z",
+    "change_user": 2,
+    "is_deleted": false
+  }
+},
 {
   "model": "NearBeach.usersetting",
   "pk": 1,
@@ -4862,8 +5018,8 @@
   "model": "auth.user",
   "pk": 5,
   "fields": {
-    "password": "pbkdf2_sha256$390000$wSOIKxIzbfTVG7Z6TRKQ0n$QrhNVyNQ5C3RW8rSVkxleNmyCqECJX48uqenvvBTIdQ=",
-    "last_login": null,
+    "password": "pbkdf2_sha256$720000$lme60tWetgq1EdCCjo4iPZ$tGR4stCLa56Rt/LjtHYKCff2RDtJ0RJ4pFr4fC24TXo=",
+    "last_login": "2024-05-13T10:30:22.990Z",
     "is_superuser": false,
     "username": "read_only",
     "first_name": "Read",
@@ -5312,6 +5468,14 @@
     "model": "session"
   }
 },
+{
+  "model": "sessions.session",
+  "pk": "1dxxe5glzsbvq94spcivlz28kvq8vazx",
+  "fields": {
+    "session_data": ".eJxVjEEOgyAQRe_CuiEoI4wuu-8ZyABjtTXagKya3r2SuGi3_73_3sJR2SdXMic3RzGITlx-N0_hyWsF8UHrfZNhW_c0e1kVedIsb1vk5Xq6f4GJ8nS8jUdq0IIhrbANYDmy5l5FGAMCtR1Y4xtkYgjYKd1Ab9AAe2DSBPqIztnl8uJUs2IYacn8-QK2uz9a:1s6Swp:5KDFXsDZsmVAprYtI7TP_dX-ddlKrYDYujwVQTCZbSU",
+    "expire_date": "2024-05-27T10:30:23.003Z"
+  }
+},
 {
   "model": "sessions.session",
   "pk": "4ihdjbrhcx7hokg3uisrpinxhca0e34d",
@@ -5340,8 +5504,8 @@
   "model": "sessions.session",
   "pk": "922i2920gbdv4xctpizrk8pypiaysael",
   "fields": {
-    "session_data": ".eJxVjEEOwiAQRe_C2hAYoNQu3XsGwgyDrZrWQFkZ726bdKHb_95_bxFiW8fQKpcwJTEILU6_G0Z68LyDdI_zbZG0zGuZUO6KPGiV1yXx83K4f4Ex1nF7O0Ai68FFdqlPkdH1nBUmC-SzNqAUeaMMGtuBBsAz6q7LtrfaGqdoi0411PbismfFsJbGny-LGT7k:1s6R9f:Bnve0zi8T7R8BLUIPjW7DFbBUFWSyOuRHKDjTJhqJKw",
-    "expire_date": "2024-05-27T08:35:31.102Z"
+    "session_data": ".eJxVjEEOwiAQRe_C2hAYoNQu3XsGwgyDrZrWQFkZ726bdKHb_95_bxFiW8fQKpcwJTEILU6_G0Z68LyDdI_zbZG0zGuZUO6KPGiV1yXx83K4f4Ex1nF7O0Ai68FFdqlPkdH1nBUmC-SzNqAUeaMMGtuBBsAz6q7LtrfaGqdoi0411PbismfFsJbGny-LGT7k:1s6Sva:uc1eEmvvEv9_L46aDGeLvGYfSLgwPVARk6sdNAHWLGk",
+    "expire_date": "2024-05-27T10:29:06.063Z"
   }
 },
 {