Merge pull request #5776 from nyaruka/remove_viwers_pt2

Remove viewer user handling code from API
nyaruka · Jan 9, 2025 · 5bab940 · 5bab940
2 parents 74914e7 + 9b03ad6
commit 5bab940
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 19 deletions.
diff --git a/temba/api/models.py b/temba/api/models.py
@@ -86,8 +86,8 @@ def has_permission(self, request, view):
         if not has_perm:
             return False
 
-        # viewers and servicing staff can only ever GET from the API
-        if role == OrgRole.VIEWER or (not role and request.user.is_staff):
+        # servicing staff can only ever GET from the API
+        if request.user.is_staff and not role:
             return request.method == "GET"
 
         return True

diff --git a/temba/api/v2/fields.py b/temba/api/v2/fields.py
@@ -379,18 +379,8 @@ class UserField(TembaModelField):
     lookup_fields = ("email",)
     ignore_case_for_fields = ("email",)
 
-    def __init__(self, assignable_only=False, **kwargs):
-        self.assignable_only = assignable_only
-        super().__init__(**kwargs)
-
     def to_representation(self, obj):
         return {"email": obj.email, "name": obj.name}
 
     def get_queryset(self):
-        org = self.context["org"]
-        if self.assignable_only:
-            qs = org.get_users(with_perm=Ticket.ASSIGNEE_PERMISSION)
-        else:
-            qs = org.get_users()
-
-        return qs
+        return self.context["org"].get_users()
diff --git a/temba/api/v2/serializers.py b/temba/api/v2/serializers.py
@@ -1650,7 +1650,7 @@ class TicketBulkActionSerializer(WriteSerializer):
 
     tickets = fields.TicketField(many=True)
     action = serializers.ChoiceField(required=True, choices=ACTION_CHOICES)
-    assignee = fields.UserField(required=False, allow_null=True, assignable_only=True)
+    assignee = fields.UserField(required=False, allow_null=True)
     topic = fields.TopicField(required=False)
     note = serializers.CharField(required=False, max_length=Ticket.MAX_NOTE_LENGTH)
 

diff --git a/temba/api/v2/tests/test_base.py b/temba/api/v2/tests/test_base.py
@@ -178,7 +178,7 @@ def request_by_session(endpoint, user, post_data=None):
         self.assertEqual(response.status_code, 429)
 
         # if user is demoted to a role that can't use tokens, tokens shouldn't work for them
-        self.org.add_user(self.admin, OrgRole.VIEWER)
+        self.org.add_user(self.admin, OrgRole.AGENT)
 
         self.assertEqual(request_by_token(campaigns_url, token1.key).status_code, 403)
         self.assertEqual(request_by_basic_auth(campaigns_url, self.admin.username, token1.key).status_code, 403)

diff --git a/temba/api/v2/tests/test_serializers.py b/temba/api/v2/tests/test_serializers.py
@@ -296,20 +296,19 @@ def test_others(self):
         self.assert_field(
             fields.UserField(source="test"),
             submissions={
-                "VIEWER@TEXTIT.COM": self.user,
+                "AGENT@TEXTIT.COM": self.agent,
                 "admin@textit.com": self.admin,
                 self.editor.email: serializers.ValidationError,  # deleted
                 self.admin2.email: serializers.ValidationError,  # not in org
             },
             representations={
-                self.user: {"email": "viewer@textit.com", "name": ""},
+                self.agent: {"email": "agent@textit.com", "name": "Agnes"},
                 self.editor: {"email": "editor@textit.com", "name": "Ed McEdits"},
             },
         )
         self.assert_field(
-            fields.UserField(source="test", assignable_only=True),
+            fields.UserField(source="test"),
             submissions={
-                self.user.email: serializers.ValidationError,  # not assignable
                 self.admin.email: self.admin,
                 self.agent.email: self.agent,
             },