Skip to content
Snippets Groups Projects
Verified Commit 75ecb91f authored by Jonathan Weth's avatar Jonathan Weth :keyboard:
Browse files

Introduce permissions for AbsenceCreationDialog

parent 4dc0e501
No related branches found
No related tags found
1 merge request!356Add dialog for creation of long-term absences
......@@ -11,6 +11,9 @@
bottom
fixed
right
:class="{
'd-none': !checkPermission('alsijil.view_register_absence_rule'),
}"
>
<v-icon>$plus</v-icon>
</create-button>
......@@ -106,6 +109,9 @@ export default {
absenceReason: "",
};
},
mounted() {
this.addPermissions(["alsijil.view_register_absence_rule"]);
},
methods: {
cancel() {
this.popup = false;
......
# Uses core persons query
query persons {
allPersons: persons {
allPersons: absenceCreationPersons {
id
fullName
}
......
......@@ -798,11 +798,11 @@ class ParticipationStatus(CalendarEvent):
qs = super().get_objects(request, params).select_related("person", "absence_reason")
if params:
if params.get("person"):
qs = qs.filter(person_id=params["person"])
qs = qs.filter(person=params["person"])
elif params.get("persons"):
qs = qs.filter(person_id__in=params["persons"])
qs = qs.filter(person__in=params["persons"])
elif params.get("group"):
qs = qs.filter(groups_of_person__id=params.get("group"))
qs = qs.filter(groups_of_person__in=params.get("group"))
return qs
@classmethod
......
......@@ -169,19 +169,16 @@ add_perm("alsijil.view_week_personalnote_rule", view_week_personal_notes_predica
# Register absence
view_register_absence_predicate = has_person & (
(
is_person_group_owner
& is_site_preference_set("alsijil", "register_absence_as_primary_group_owner")
)
| has_global_perm("alsijil.register_absence")
is_person_group_owner | has_global_perm("alsijil.register_absence")
)
add_perm("alsijil.view_register_absence_rule", view_register_absence_predicate)
register_absence_predicate = has_person & (
view_register_absence_predicate
is_group_owner
| has_global_perm("alsijil.register_absence")
| has_object_perm("core.register_absence_person")
| has_person_group_object_perm("core.register_absence_group")
)
add_perm("alsijil.view_register_absence_rule", view_register_absence_predicate)
add_perm("alsijil.register_absence_rule", register_absence_predicate)
# View full register for group
......
......@@ -44,6 +44,7 @@ class Query(graphene.ObjectType):
groups_by_person = FilterOrderList(GroupType, person=graphene.ID())
courses_of_person = FilterOrderList(CourseType, person=graphene.ID())
absence_creation_persons = graphene.List(PersonType)
lessons_for_persons = graphene.List(
LessonsForPersonType,
persons=graphene.List(graphene.ID, required=True),
......@@ -147,6 +148,12 @@ class Query(graphene.ObjectType):
| Q(groups__parent_groups__owners=person)
)
@staticmethod
def resolve_absence_creation_persons(root, info, **kwargs):
if not info.context.user.has_perm("alsijil.register_absence"):
return Person.objects.filter(member_of__owners=info.context.user.person)
return Person.objects.all()
@staticmethod
def resolve_lessons_for_persons(
root,
......
from datetime import datetime
from django.core.exceptions import PermissionDenied
import graphene
from aleksis.apps.kolego.models import Absence
from aleksis.core.models import Person
from ..models import ParticipationStatus
from .participation_status import ParticipationStatusType
......@@ -19,17 +24,18 @@ class AbsencesForPersonsCreateMutation(graphene.Mutation):
@classmethod
def mutate(cls, root, info, persons, start, end, comment, reason): # noqa
# TODO: Check permissions for ParticipationStatus & KolegoAbsence
# See MR 356
participation_statuses = []
persons = Person.objects.filter(pk__in=persons)
for person in persons:
if not info.context.user.has_perm("alsijil.register_absence_rule", person):
raise PermissionDenied()
kolego_absence, __ = Absence.objects.get_or_create(
date_start=start,
date_end=end,
reason_id=reason,
person_id=person,
person=person,
comment=comment,
)
......@@ -41,14 +47,12 @@ class AbsencesForPersonsCreateMutation(graphene.Mutation):
with_reference_object=True,
)
# Create a ParticipationStatus for each documentation
for event in events:
participation_status = event["REFERENCE_OBJECT"]
participation_status.absence_reason_id = reason
participation_status.base_absence = kolego_absence
participation_status.save()
participation_statuses.append(participation_status)
# Set person & absence_reason directly from id
return AbsencesForPersonsCreateMutation(
ok=True, participation_statuses=participation_statuses
......
......@@ -93,19 +93,14 @@ def is_group_owner(user: User, obj: Union[Group, Person]) -> bool:
@predicate
def is_person_group_owner(user: User, obj: Person) -> bool:
def is_person_group_owner(user: User, obj) -> bool:
"""
Predicate for group owners of any group.
Checks whether the person linked to the user is
the owner of any group of the given person.
"""
if obj:
for group in use_prefetched(obj, "member_of"):
if user.person in use_prefetched(group, "owners"):
return True
return False
return False
return Group.objects.filter(owners=user.person).exists()
def use_prefetched(obj, attr):
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment