Added ACL app from Udi's commit.

Added basic models for Group & GroupRole. Moved & refactored permissions to acl app.
nonZero · Jun 7, 2015 · 2d656fc · 2d656fc
1 parent 14d5fe6
commit 2d656fc
Show file tree

Hide file tree

Showing 42 changed files with 943 additions and 138 deletions.
diff --git a/src/acl/__init__.py b/src/acl/__init__.py
diff --git a/src/acl/admin.py b/src/acl/admin.py
@@ -0,0 +1,15 @@
+from acl import models
+from django.contrib import admin
+
+
+class RolePermissionInline(admin.TabularInline):
+    model = models.RolePermission
+
+
+class RoleAdmin(admin.ModelAdmin):
+    inlines = [
+        RolePermissionInline
+    ]
+
+
+admin.site.register(models.Role, RoleAdmin)
diff --git a/src/acl/core_permissions.py b/src/acl/core_permissions.py
@@ -0,0 +1,198 @@
+from django.utils.translation import ugettext_lazy as _
+
+PERMISSIONS = (
+    (
+        'access_community',
+        _('Access Community'),
+        ()
+    ),
+    (
+        'viewupcoming_community',
+        _('View Upcoming Meeting'),
+        ('access_community',)
+    ),
+    (
+        'viewupcoming_draft',
+        _('View Upcoming Meeting Before Published'),
+        ('viewupcoming_community',)
+    ),
+    (
+        'editagenda_community',
+        _('Edit Upcoming Agenda'),
+        ()
+    ),
+    (
+        'editparticipants_community',
+        _('Manage Upcoming Meeting Participants'),
+        ()
+    ),
+    (
+        'editsummary_community',
+        _('Edit Summary'),
+        ()
+    ),
+    (
+        'editupcoming_community',
+        _('Edit Upcoming'),
+        ()
+    ),
+    (
+        'invite_member',
+        _('Invite Member'),
+        ()
+    ),
+    (
+        'acceptclosed_proposal',
+        _('Acceptclosed Proposal'),
+        ()
+    ),
+    (
+        'acceptopen_proposal',
+        _('Acceptopen Proposal'),
+        ()
+    ),
+    (
+        'add_issue',
+        _('Add Issue'),
+        ()
+    ),
+    (
+        'add_issuecomment',
+        _('Add Issuecomment'),
+        ()
+    ),
+    (
+        'add_proposal',
+        _('Add Proposal'),
+        ()
+    ),
+    (
+        'chairman_vote',
+        _('Chairman Vote'),
+        ()
+    ),
+    (
+        'edit_referendum',
+        _('Edit Referendum'),
+        ()
+    ),
+    (
+        'editclosed_issue',
+        _('Edit Closed Issue'),
+        ()
+    ),
+    (
+        'editclosed_issuecomment',
+        _('Edit Closed Issuecomment'),
+        ()
+    ),
+    (
+        'editclosed_proposal',
+        _('Edit Closed Proposal'),
+        ()
+    ),
+    (
+        'editopen_issue',
+        _('Edit Open Issue'),
+        ()
+    ),
+    (
+        'editopen_issuecomment',
+        _('Edit Open Issuecomment'),
+        ()
+    ),
+    (
+        'editopen_proposal',
+        _('Edit Open Proposal'),
+        ()
+    ),
+    (
+        'edittask_proposal',
+        _('Edit Task Proposal'),
+        ()
+    ),
+    (
+        'move_to_referendum',
+        _('Move To Referendum'),
+        ()
+    ),
+    (
+        'proposal_board_vote',
+        _('Proposal Board Vote'),
+        ()
+    ),
+    (
+        'proposal_board_vote_self',
+        _('Proposal Board Vote Self'),
+        ()
+    ),
+    (
+        'view_proposal_in_discussion',
+        _('View Proposal In Discussion'),
+        ()
+    ),
+    (
+        'view_referendum_results',
+        _('View Referendum Results'),
+        ()
+    ),
+    (
+        'view_update_status',
+        _('View Update Status'),
+        ()
+    ),
+    (
+        'view_straw_vote_result',
+        _('View straw vote result'),
+        ()
+    ),
+    (
+        'viewclosed_issue',
+        _('View Closed Issue'),
+        ()
+    ),
+    (
+        'viewclosed_proposal',
+        _('View Closed Proposal'),
+        ()
+    ),
+    (
+        'viewopen_issue',
+        _('View Open Issue'),
+        ()
+    ),
+    (
+        'viewopen_proposal',
+        _('View Open Proposal'),
+        ()
+    ),
+    (
+        'vote',
+        _('Vote'),
+        ()
+    ),
+    (
+        'vote_ranking',
+        _('Vote Ranking'),
+        ()
+    ),
+    (
+        'add_meeting',
+        _('Add Meeting'),
+        ()
+    ),
+    (
+        'view_meeting',
+        _('View Meeting'),
+        ()
+    ),
+    (
+        'show_member_profile',
+        _('Show Member Profile'),
+        ()
+    )
+)
+
+CHOICES = [x[:2] for x in PERMISSIONS]
+CHOICES_DICT = dict(CHOICES)
+ORDER = dict([(x[0], i) for i, x in enumerate(PERMISSIONS)])
diff --git a/src/acl/default_roles.py b/src/acl/default_roles.py
@@ -0,0 +1,127 @@
+from django.utils.translation import ugettext_lazy as _
+
+
+class DefaultRoles(object):
+    VIEWER = 'viewer'
+    OBSERVER = 'observer'
+    PARTICIPANT = 'participant'
+    PROPOSER = 'proposer'
+    CONTRIBUTOR = 'contributor'
+    EDITOR = 'editor'
+    OPERATOR = 'operator'
+    DECIDER = 'decider'
+    MANAGER = 'manager'
+
+    choices = (
+        (VIEWER, _('Viewer')),
+        (OBSERVER, _('Observer')),
+        (PARTICIPANT, _('Participant')),
+        (PROPOSER, _('Proposer')),
+        (CONTRIBUTOR, _('Contributor')),
+        (EDITOR, _('Editor')),
+        (OPERATOR, _('Operator')),
+        (DECIDER, _('Decider')),
+        (MANAGER, _('Manager')),
+    )
+
+    permissions = {}
+
+    permissions[VIEWER] = [
+        'access_community',
+        'viewclosed_issue',
+        'viewclosed_proposal',
+        'view_meeting',
+    ]
+
+    permissions[OBSERVER] = permissions[VIEWER] + [
+        'viewopen_issue',
+        'viewopen_proposal',
+        'viewupcoming_community',
+
+        'vote',
+        'proposal_board_vote_self',
+        'vote_ranking',
+    ]
+
+    permissions[PARTICIPANT] = permissions[OBSERVER] + [
+        'view_proposal_in_discussion',
+        'viewupcoming_draft',
+        'view_referendum_results',
+        'view_update_status',
+        'view_straw_vote_result',
+    ]
+
+    permissions[PROPOSER] = permissions[PARTICIPANT] + [
+        'add_proposal',
+    ]
+
+    permissions[CONTRIBUTOR] = permissions[PROPOSER] + [
+        'add_issue',
+    ]
+
+    permissions[EDITOR] = permissions[CONTRIBUTOR] + [
+        'editopen_issue',
+        'editopen_proposal',
+        'edittask_proposal',
+    ]
+
+    permissions[OPERATOR] = permissions[CONTRIBUTOR] + [
+        'add_issuecomment',
+        'edittask_proposal',
+        'editupcoming_community',
+        'editparticipants_community',
+        'editsummary_community',  # ???
+        'invite_member',
+        'move_to_referendum',
+        'proposal_board_vote',
+    ]
+
+    permissions[DECIDER] = permissions[OPERATOR] + [
+        'editopen_issuecomment',
+        'editagenda_community',
+        'acceptopen_proposal',
+        'add_meeting',  # == Close Meeting
+        'edit_referendum',
+        'chairman_vote',
+        'show_member_profile',
+    ]
+
+    permissions[MANAGER] = permissions[DECIDER] + [
+        'editopen_issue',
+        'editclosed_issue',
+        'editclosed_issuecomment',
+        'editopen_proposal',
+        'editclosed_proposal',
+        'acceptclosed_proposal',
+    ]
+
+
+class DefaultGroups(object):
+    MEMBER = "member"
+    BOARD = "board"
+    SECRETARY = "secretary"
+    CHAIRMAN = "chairman"
+
+    builtin = {
+        MEMBER: [DefaultRoles.OBSERVER],
+        BOARD: [DefaultRoles.PARTICIPANT],
+        SECRETARY: [DefaultRoles.OPERATOR],
+        CHAIRMAN: [DefaultRoles.DECIDER, DefaultRoles.EDITOR]
+    }
+
+    permissions = {
+        k: frozenset(
+            [p for role in roles for p in DefaultRoles.permissions[role]])
+        for k, roles in builtin.items()
+    }
+
+    CHOICES = (
+        (MEMBER, _("member")),
+        (BOARD, _("board")),
+        (SECRETARY, _("secretary")),
+        (CHAIRMAN, _("chairman")),
+    )
+
+
+ALL_PERMISSIONS = frozenset(
+    [p for perms in DefaultGroups.permissions.values() for p in perms])
diff --git a/src/acl/forms.py b/src/acl/forms.py
@@ -0,0 +1,18 @@
+from acl import core_permissions, models
+import floppyforms as forms
+from ocd.formfields import OCCheckboxSelectMultiple
+
+
+class RoleForm(forms.ModelForm):
+    perms = forms.MultipleChoiceField(required=False, choices=core_permissions.CHOICES, widget=OCCheckboxSelectMultiple)
+
+    class Meta:
+        model = models.Role
+        fields = (
+            'title',
+            'based_on',
+        )
+        widgets = {
+            'title': forms.TextInput,
+            'based_on': forms.Select,
+        }
diff --git a/src/acl/migrations/0001_initial.py b/src/acl/migrations/0001_initial.py
@@ -0,0 +1,36 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import models, migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('communities', '0009_auto_20150603_1359'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='Role',
+            fields=[
+                ('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True)),
+                ('ordinal', models.IntegerField(default=0, verbose_name='ordinal')),
+                ('title', models.CharField(unique=True, max_length=200, verbose_name='title')),
+                ('based_on', models.CharField(blank=True, max_length=50, null=True, verbose_name='based on', choices=[(b'viewer', 'Viewer'), (b'observer', 'Observer'), (b'participant', 'Participant'), (b'proposer', 'Proposer'), (b'contributor', 'Contributor'), (b'editor', 'Editor'), (b'operator', 'Operator'), (b'decider', 'Decider'), (b'manager', 'Manager')])),
+                ('community', models.ForeignKey(verbose_name='Limit to community', blank=True, to='communities.Community', null=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='RolePermission',
+            fields=[
+                ('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True)),
+                ('code', models.CharField(max_length=100, verbose_name='Permission', choices=[(b'access_community', 'Access Community'), (b'viewupcoming_community', 'View Upcoming Meeting'), (b'viewupcoming_draft', 'View Upcoming Meeting Before Published'), (b'editagenda_community', 'Edit Upcoming Agenda'), (b'editparticipants_community', 'Manage Upcoming Meeting Participants'), (b'editsummary_community', 'Edit Summary'), (b'editupcoming_community', 'Edit Upcoming'), (b'invite_member', 'Invite Member'), (b'acceptclosed_proposal', 'Acceptclosed Proposal'), (b'acceptopen_proposal', 'Acceptopen Proposal'), (b'add_issue', 'Add Issue'), (b'add_issuecomment', 'Add Issuecomment'), (b'add_proposal', 'Add Proposal'), (b'chairman_vote', 'Chairman Vote'), (b'edit_referendum', 'Edit Referendum'), (b'editclosed_issue', 'Edit Closed Issue'), (b'editclosed_issuecomment', 'Edit Closed Issuecomment'), (b'editclosed_proposal', 'Edit Closed Proposal'), (b'editopen_issue', 'Edit Open Issue'), (b'editopen_issuecomment', 'Edit Open Issuecomment'), (b'editopen_proposal', 'Edit Open Proposal'), (b'edittask_proposal', 'Edit Task Proposal'), (b'move_to_referendum', 'Move To Referendum'), (b'proposal_board_vote', 'Proposal Board Vote'), (b'proposal_board_vote_self', 'Proposal Board Vote Self'), (b'view_proposal_in_discussion', 'View Proposal In Discussion'), (b'view_referendum_results', 'View Referendum Results'), (b'view_update_status', 'View Update Status'), (b'view_straw_vote_result', 'View straw vote result'), (b'viewclosed_issue', 'View Closed Issue'), (b'viewclosed_proposal', 'View Closed Proposal'), (b'viewopen_issue', 'View Open Issue'), (b'viewopen_proposal', 'View Open Proposal'), (b'vote', 'Vote'), (b'vote_ranking', 'Vote Ranking'), (b'add_meeting', 'Add Meeting'), (b'view_meeting', 'View Meeting'), (b'show_member_profile', 'Show Member Profile')])),
+                ('role', models.ForeignKey(related_name='perms', to='acl.Role')),
+            ],
+        ),
+        migrations.AlterUniqueTogether(
+            name='rolepermission',
+            unique_together=set([('role', 'code')]),
+        ),
+    ]
diff --git a/src/acl/migrations/__init__.py b/src/acl/migrations/__init__.py