From a34756265c6c4f20b0c820dfbbc9c3a1b894d8b2 Mon Sep 17 00:00:00 2001 From: Alex Ioannidis Date: Tue, 30 Jul 2024 17:03:06 +0200 Subject: [PATCH] permissions: add member policy generator --- invenio_communities/generators.py | 32 ++++++++++++++++++++++++------ invenio_communities/permissions.py | 4 ++-- 2 files changed, 28 insertions(+), 8 deletions(-) diff --git a/invenio_communities/generators.py b/invenio_communities/generators.py index 221d4d3e3..4df7eb39f 100644 --- a/invenio_communities/generators.py +++ b/invenio_communities/generators.py @@ -161,16 +161,36 @@ def __init__(self, then_, else_): """Initialize.""" field = "record_policy" super().__init__( - lambda r: ( + field_getter=lambda r: ( getattr(r.access, field, None) if hasattr(r, "access") else r.get("access", {}).get(field) ), # needed for running permission check at serialization time and avoid db query - f"access.{field}", - "closed", - "open", - then_, - else_, + field_name=f"access.{field}", + then_value="closed", + else_value="open", + then_=then_, + else_=else_, + ) + + +class IfMemberPolicyClosed(IfRestrictedBase): + """If member policy is closed.""" + + def __init__(self, then_, else_): + """Initialize.""" + field = "member_policy" + super().__init__( + field_getter=lambda r: ( + getattr(r.access, field, None) + if hasattr(r, "access") + else r.get("access", {}).get(field) + ), # needed for running permission check at serialization time and avoid db query + field_name=f"access.{field}", + then_value="closed", + else_value="open", + then_=then_, + else_=else_, ) diff --git a/invenio_communities/permissions.py b/invenio_communities/permissions.py index 255314ed2..973e8584a 100644 --- a/invenio_communities/permissions.py +++ b/invenio_communities/permissions.py @@ -33,6 +33,7 @@ CommunityOwners, CommunitySelfMember, IfCommunityDeleted, + IfMemberPolicyClosed, IfRecordPolicyClosed, IfRestricted, ReviewPolicy, @@ -190,8 +191,7 @@ class CommunityPermissionPolicy(BasePermissionPolicy): IfConfig( "COMMUNITIES_ALLOW_MEMBERSHIP_REQUESTS", then_=[ - IfPolicyClosed( - "member_policy", + IfMemberPolicyClosed( then_=[Disable()], else_=[AuthenticatedButNotCommunityMembers()], ),