forked from openwisp/openwisp-controller
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request openwisp#60 from openwisp/permissions
[permissions] Improved patch openwisp#57
- Loading branch information
Showing
6 changed files
with
132 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
50 changes: 50 additions & 0 deletions
50
openwisp_controller/config/migrations/0015_default_groups_permissions.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
from django.db import migrations | ||
from django.contrib.auth.models import Permission | ||
|
||
from ...migrations import create_default_permissions | ||
|
||
|
||
def assign_permissions_to_groups(apps, schema_editor): | ||
create_default_permissions(apps, schema_editor) | ||
Group = apps.get_model('openwisp_users', 'Group') | ||
admin = Group.objects.get(name='Administrator') | ||
operator = Group.objects.get(name='Operator') | ||
operators_and_admins_can_change = ['device', 'config', 'template'] | ||
operators_read_only_admins_manage = ['vpn'] | ||
manage_operations = ['add', 'change', 'delete'] | ||
|
||
for model_name in operators_and_admins_can_change: | ||
for operation in manage_operations: | ||
permission = Permission.objects.get( | ||
codename='{}_{}'.format(operation, model_name) | ||
) | ||
admin.permissions.add(permission.pk) | ||
operator.permissions.add(permission.pk) | ||
|
||
for model_name in operators_read_only_admins_manage: | ||
try: | ||
permission = Permission.objects.get( | ||
codename="view_{}".format(model_name) | ||
) | ||
operator.permissions.add(permission.pk) | ||
except Permission.DoesNotExist: | ||
pass | ||
|
||
for operation in manage_operations: | ||
admin.permissions.add( | ||
Permission.objects.get(codename="{}_{}".format(operation, model_name)).pk | ||
) | ||
|
||
|
||
class Migration(migrations.Migration): | ||
dependencies = [ | ||
('openwisp_users', '0004_default_groups'), | ||
('config', '0014_device_hardware_id'), | ||
] | ||
|
||
operations = [ | ||
migrations.RunPython( | ||
assign_permissions_to_groups, | ||
reverse_code=migrations.RunPython.noop | ||
), | ||
] |
34 changes: 34 additions & 0 deletions
34
openwisp_controller/geo/migrations/0002_default_groups_permissions.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
from django.db import migrations | ||
from django.contrib.auth.models import Permission | ||
|
||
from ...migrations import create_default_permissions | ||
|
||
|
||
def assign_permissions_to_groups(apps, schema_editor): | ||
create_default_permissions(apps, schema_editor) | ||
Group = apps.get_model('openwisp_users', 'Group') | ||
admin = Group.objects.get(name='Administrator') | ||
operator = Group.objects.get(name='Operator') | ||
operators_and_admins_can_change = ['location', 'floorplan', ] | ||
manage_operations = ['add', 'change', 'delete'] | ||
|
||
for model_name in operators_and_admins_can_change: | ||
for operation in manage_operations: | ||
permission = Permission.objects.get( | ||
codename='{}_{}'.format(operation, model_name) | ||
) | ||
admin.permissions.add(permission.pk) | ||
operator.permissions.add(permission.pk) | ||
|
||
|
||
class Migration(migrations.Migration): | ||
dependencies = [ | ||
('openwisp_users', '0004_default_groups'), | ||
('geo', '0001_initial') | ||
] | ||
operations = [ | ||
migrations.RunPython( | ||
assign_permissions_to_groups, | ||
reverse_code=migrations.RunPython.noop | ||
) | ||
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
from django.contrib.auth.management import create_permissions | ||
|
||
|
||
def create_default_permissions(apps, schema_editor): | ||
for app_config in apps.get_app_configs(): | ||
app_config.models_module = True | ||
create_permissions(app_config, apps=apps, verbosity=0) | ||
app_config.models_module = None |
37 changes: 37 additions & 0 deletions
37
openwisp_controller/pki/migrations/0007_default_groups_permissions.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
from django.db import migrations | ||
from django.contrib.auth.models import Permission | ||
|
||
from ...migrations import create_default_permissions | ||
|
||
|
||
def assign_permissions_to_groups(apps, schema_editor): | ||
create_default_permissions(apps, schema_editor) | ||
Group = apps.get_model('openwisp_users', 'Group') | ||
admin = Group.objects.get(name='Administrator') | ||
operator = Group.objects.get(name='Operator') | ||
operators_read_only_admins_manage = ['ca', 'cert'] | ||
manage_operations = ['add', 'change', 'delete'] | ||
|
||
for model_name in operators_read_only_admins_manage: | ||
try: | ||
permission = Permission.objects.get(codename="view_{}".format(model_name)) | ||
operator.permissions.add(permission.pk) | ||
except Permission.DoesNotExist: | ||
pass | ||
for operation in manage_operations: | ||
admin.permissions.add( | ||
Permission.objects.get(codename="{}_{}".format(operation, model_name)).pk | ||
) | ||
|
||
|
||
class Migration(migrations.Migration): | ||
dependencies = [ | ||
('openwisp_users', '0004_default_groups'), | ||
('pki', '0006_add_x509_passphrase_field'), | ||
] | ||
operations = [ | ||
migrations.RunPython( | ||
assign_permissions_to_groups, | ||
reverse_code=migrations.RunPython.noop | ||
) | ||
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters