From 4390067a48e19f05431175e86741dd49ccecd91c Mon Sep 17 00:00:00 2001
From: Jonathan Weth <git@jonathanweth.de>
Date: Thu, 25 Nov 2021 16:38:36 +0100
Subject: [PATCH] Add and fix definitions of global permissions

---
 aleksis/apps/alsijil/model_extensions.py | 1 +
 aleksis/apps/alsijil/models.py           | 3 +++
 aleksis/apps/alsijil/rules.py            | 4 ++--
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/aleksis/apps/alsijil/model_extensions.py b/aleksis/apps/alsijil/model_extensions.py
index 72c4b02f9..53578423a 100644
--- a/aleksis/apps/alsijil/model_extensions.py
+++ b/aleksis/apps/alsijil/model_extensions.py
@@ -206,6 +206,7 @@ Group.add_permission("view_full_register_group", _("Can view full register of a
 Group.add_permission(
     "register_absence_group", _("Can register an absence for all members of a group")
 )
+Group.add_permission("assign_grouprole", _("Can assign a group role for this group"))
 Person.add_permission("register_absence_person", _("Can register an absence for a person"))
 
 
diff --git a/aleksis/apps/alsijil/models.py b/aleksis/apps/alsijil/models.py
index d00f08301..1805831a1 100644
--- a/aleksis/apps/alsijil/models.py
+++ b/aleksis/apps/alsijil/models.py
@@ -445,6 +445,7 @@ class GroupRole(ExtensibleModel):
         constraints = [
             models.UniqueConstraint(fields=("site_id", "name"), name="unique_role_per_site"),
         ]
+        permissions = (("assign_group_role", _("Can assign group role")),)
 
 
 class GroupRoleAssignment(GroupPropertiesMixin, ExtensibleModel):
@@ -495,7 +496,9 @@ class AlsijilGlobalPermissions(GlobalPermissionModel):
     class Meta:
         managed = False
         permissions = (
+            ("view_lesson", _("Can view lesson overview")),
             ("view_week", _("Can view week overview")),
+            ("view_full_register", _("Can view full register")),
             ("register_absence", _("Can register absence")),
             ("list_personal_note_filters", _("Can list all personal note filters")),
         )
diff --git a/aleksis/apps/alsijil/rules.py b/aleksis/apps/alsijil/rules.py
index 0eca2b8c0..23686bf17 100644
--- a/aleksis/apps/alsijil/rules.py
+++ b/aleksis/apps/alsijil/rules.py
@@ -192,7 +192,7 @@ add_perm(
 # Edit person overview personal notes
 edit_person_overview_personal_notes_predicate = view_person_overview_predicate & (
     ~is_current_person
-    | has_global_perm("alsijil.edit_personalnote")
+    | has_global_perm("alsijil.change_personalnote")
     | has_person_group_object_perm("core.edit_personalnote_group")
 )
 add_perm(
@@ -307,6 +307,6 @@ add_perm("alsijil.delete_grouproleassignment_rule", delete_group_role_assignment
 
 view_register_objects_list_predicate = has_person & (
     has_any_object("core.view_full_register_group", Group)
-    | has_global_perm("core.view_full_register")
+    | has_global_perm("alsijil.view_full_register")
 )
 add_perm("alsijil.view_register_objects_list_rule", view_register_objects_list_predicate)
-- 
GitLab