Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

permissions: Allow record reviewers to also read/update request #31

Merged
merged 1 commit into from
Oct 2, 2024

Conversation

rekt-hard
Copy link
Contributor

@rekt-hard rekt-hard commented Sep 30, 2024

closes #24 #25
possibly closes #15 (to be tested)

Update the request permission policy to allow users who can_manage a record to also view the associated curation request.

There is also some renaming in this PR, which adds some noise. Maybe easier to compare the README instead of permissions.py. Could be solved by merging #22 and rebasing

@rekt-hard rekt-hard force-pushed the curation-request-permissions branch from 8184203 to cde0aca Compare October 1, 2024 08:56
README.rst Outdated
class CurationRDMRequestsPermissionPolicy(RDMRequestsPermissionPolicy):
"""Customized permission policy for sane handling of curation requests."""


rdm_policy = RDMRecordPermissionPolicy
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not really a great solution but it is working.

Another possibility would be to add a generator for retrieving a certain permission from the entity's service. Will give it a try

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Implemented. It feels a lot cleaner this way.

@rekt-hard rekt-hard marked this pull request as draft October 1, 2024 10:10
@rekt-hard rekt-hard force-pushed the curation-request-permissions branch from 5cbad2c to 01abb30 Compare October 1, 2024 13:59
@rekt-hard
Copy link
Contributor Author

Community manager view:
image

Record creator view:
image

@rekt-hard rekt-hard marked this pull request as ready for review October 1, 2024 14:30
Copy link
Collaborator

@max-moser max-moser left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

permission policies twist my brain a bit and i don't have the full context of community-submissions in mind (as they're currently disabled at TUW, have i mentioned that before?)
but from my understanding, this PR just makes sure that rdm-curations happen before community-submissions, and forwards read permissions to the topic's permission policy to align read/preview permissions some more?

i couldn't identify anything that looks fishy to me, LGTM!

@@ -60,6 +62,59 @@ def _condition(self, request=None, **kwargs):
return False


class EntityReferenceServicePermission(Generator):
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

so if i understand correctly, this basically "forwards" the permission check to the service responsible for the referenced entity?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah. An entity will be resolved and passed to the generators of the specified permission.

# the rdm-curation request has been accepted
curation_request_record_review = IfRequestTypes(
[CurationRequest],
then_=[TopicPermission(permission_name="can_review")],
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

with the new permission generator (see other comment), this basically checks the record_svc.can_review?
neat!

* introduce generator for accessing config permission
@rekt-hard rekt-hard force-pushed the curation-request-permissions branch from 01abb30 to cef4a1b Compare October 2, 2024 14:07
@rekt-hard rekt-hard merged commit 163b581 into main Oct 2, 2024
2 checks passed
@rekt-hard rekt-hard deleted the curation-request-permissions branch October 2, 2024 14:11
@rekt-hard rekt-hard linked an issue Oct 2, 2024 that may be closed by this pull request
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
2 participants