Skip to content

Commit

Permalink
✨ [#390] Add django permissions and groups
Browse files Browse the repository at this point in the history
  • Loading branch information
SilviaAmAm committed Oct 1, 2024
1 parent a37da0b commit e8f7005
Show file tree
Hide file tree
Showing 2 changed files with 159 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
# Generated by Django 4.2.15 on 2024-09-30 11:56

from django.db import migrations

PERMISSIONS = {
"can_start_destruction": "Can start destruction",
"can_review_destruction": "Can review destruction",
"can_review_final_list": "Can review final list",
}

GROUPS = {
"Record Manager": [
"can_start_destruction",
],
"Reviewer": [
"can_review_destruction",
],
"Archivist": [
"can_review_final_list",
],
"Administrator": [
"can_start_destruction",
"can_review_destruction",
"can_review_final_list",
],
}


def create_groups_permissions(apps, schema_editor):
User = apps.get_model("accounts", "User")
Group = apps.get_model("auth", "Group")
Permission = apps.get_model("auth", "Permission")
ContentType = apps.get_model("contenttypes", "ContentType")

content_type = ContentType.objects.get_for_model(User)
for code_name, name in PERMISSIONS.items():
Permission.objects.get_or_create(
codename=code_name, name=name, content_type=content_type
)

for group_name, permission_codenames in GROUPS.items():
group, _ = Group.objects.get_or_create(name=group_name)

for codename in permission_codenames:
permission = Permission.objects.get(codename=codename)
group.permissions.add(permission)


class Migration(migrations.Migration):

dependencies = [
("accounts", "0003_role_can_review_final_list"),
("auth", "0012_alter_user_first_name_max_length"),
]

operations = [
migrations.RunPython(create_groups_permissions, migrations.RunPython.noop),
]
Original file line number Diff line number Diff line change
@@ -0,0 +1,101 @@
# Generated by Django 4.2.15 on 2024-09-30 12:10

from django.db import migrations


def add_users_to_groups(apps, schema_editor):
User = apps.get_model("accounts", "User")
Group = apps.get_model("auth", "Group")

administrators = User.objects.filter(
role__can_start_destruction=True,
role__can_review_destruction=True,
role__can_review_final_list=True,
)
admin_group = Group.objects.get(name="Administrator")
for user in administrators:
user.groups.add(admin_group)

record_managers = User.objects.filter(
role__can_start_destruction=True,
role__can_review_destruction=False,
role__can_review_final_list=False,
)
record_manager_group = Group.objects.get(name="Record Manager")
for user in record_managers:
user.groups.add(record_manager_group)

reviewers = User.objects.filter(
role__can_start_destruction=False,
role__can_review_destruction=True,
role__can_review_final_list=False,
)
reviewer_group = Group.objects.get(name="Reviewer")
for user in reviewers:
user.groups.add(reviewer_group)

archivists = User.objects.filter(
role__can_start_destruction=False,
role__can_review_destruction=False,
role__can_review_final_list=True,
)
archivist_group = Group.objects.get(name="Archivist")
for user in archivists:
user.groups.add(archivist_group)


def add_role_to_users(apps, schema_editor):
User = apps.get_model("accounts", "User")
Role = apps.get_model("accounts", "Role")

administrator, _ = Role.objects.get_or_create(
name="Administrator",
can_start_destruction=True,
can_review_destruction=True,
can_review_final_list=True,
)
record_manager, _ = Role.objects.get_or_create(
name="Record Manager",
can_start_destruction=True,
can_review_destruction=False,
can_review_final_list=False,
)
reviewer, _ = Role.objects.get_or_create(
name="Reviewer",
can_start_destruction=False,
can_review_destruction=True,
can_review_final_list=False,
)
archivist, _ = Role.objects.get_or_create(
name="Archivist",
can_start_destruction=False,
can_review_destruction=False,
can_review_final_list=True,
)

users = User.objects.all()

for user in users:
if user.groups.filter(name="Administrator").exists():
user.role = administrator
elif user.groups.filter(name="Record Manager").exists():
user.role = record_manager
elif user.groups.filter(name="Reviewer").exists():
user.role = reviewer
elif user.groups.filter(name="Archivist").exists():
user.role = archivist
else:
continue

user.save()


class Migration(migrations.Migration):

dependencies = [
("accounts", "0004_add_groups_permissions"),
]

operations = [
migrations.RunPython(add_users_to_groups, add_role_to_users),
]

0 comments on commit e8f7005

Please sign in to comment.