-
Notifications
You must be signed in to change notification settings - Fork 49
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(interview): Project visibility [1] #1121
Conversation
199863c
to
be2dea7
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think that the implementation so far looks good.
Our use case would probably require the site permissions as well.
Could we not make a rule based on user.role.member
and project.owner.role.member
to filter a bit for Site
already? That when the current user is also a member of the same site as the project.owner?
Yes, of course. But then you cannot create template projects for all sites right? We could add a choice |
Yeah maybe, but as long as |
da16d3e
to
9c1477c
Compare
be2dea7
to
493f4b5
Compare
|
||
# @pytest.mark.parametrize('username,password', users) | ||
# @pytest.mark.parametrize('project_id', projects) | ||
# def test_project_update_visibility_get(db, client, username, password, project_id): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what about these tests?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, I need to remove them, they moved to test_view_project_update_visibility.py
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done.
I think that "Manni Manager" is missing the role manager somehow from the test fixtures (maybe only multisite) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks! So that site managers can update the visibility!
approved when tests have passed
This PR adds a newvisibility
field toProject
.private
is the current behavior,internal
allows everybody to access the project like aguest
(read only). I added a choice field in case we need a public choice in the future.At on point we probably want to restrict projects to groups/sites but this should be better done using yet another field.This PR adds the
Visibility
model, which has aOneToOne
relation toProject
. If a project has a visibility it is visible to all users of the instance.Visibility
has asites
and agroups
field like e.g.Catalog
to restrict this behavior.The new
ProjectUserFilterBackend
allows for queries like/api/v1/projects/projects/?user=1
(used onprojects
) and returns all projects where the user (in this case1
) is a member or which are visible to them because of the visibility feature, but not because they are asite_manager
or admin.