diff --git a/app/dao/permissions_dao.py b/app/dao/permissions_dao.py index d6bdfc8b8..2213c0040 100644 --- a/app/dao/permissions_dao.py +++ b/app/dao/permissions_dao.py @@ -12,7 +12,7 @@ from app.models import ( SEND_EMAILS, SEND_LETTERS, MANAGE_API_KEYS, - ACCESS_DEVELOPER_DOCS) + VIEW_ACTIVITY) # Default permissions for a service @@ -24,7 +24,7 @@ default_service_permissions = [ SEND_EMAILS, SEND_LETTERS, MANAGE_API_KEYS, - ACCESS_DEVELOPER_DOCS] + VIEW_ACTIVITY] class PermissionDAO(DAOClass): diff --git a/app/models.py b/app/models.py index a6f8c9d0f..0603fb1c3 100644 --- a/app/models.py +++ b/app/models.py @@ -306,8 +306,8 @@ SEND_TEXTS = 'send_texts' SEND_EMAILS = 'send_emails' SEND_LETTERS = 'send_letters' MANAGE_API_KEYS = 'manage_api_keys' -ACCESS_DEVELOPER_DOCS = 'access_developer_docs' PLATFORM_ADMIN = 'platform_admin' +VIEW_ACTIVITY = 'view_activity' # List of permissions PERMISSION_LIST = [ @@ -318,8 +318,8 @@ PERMISSION_LIST = [ SEND_EMAILS, SEND_LETTERS, MANAGE_API_KEYS, - ACCESS_DEVELOPER_DOCS, - PLATFORM_ADMIN] + PLATFORM_ADMIN, + VIEW_ACTIVITY] class Permission(db.Model): diff --git a/app/permissions_utils.py b/app/permissions_utils.py index 13a4ffcbe..fa9268523 100644 --- a/app/permissions_utils.py +++ b/app/permissions_utils.py @@ -6,7 +6,7 @@ from app.models import ( SEND_EMAILS, SEND_LETTERS, MANAGE_API_KEYS, - ACCESS_DEVELOPER_DOCS + VIEW_ACTIVITY ) from app.schemas import permission_schema @@ -14,7 +14,8 @@ from app.schemas import permission_schema permissions_groups = {'send_messages': [SEND_TEXTS, SEND_EMAILS, SEND_LETTERS], 'manage_service': [MANAGE_USERS, MANAGE_SETTINGS, MANAGE_TEMPLATES], - 'manage_api_keys': [MANAGE_API_KEYS, ACCESS_DEVELOPER_DOCS]} + 'manage_api_keys': [MANAGE_API_KEYS], + VIEW_ACTIVITY: [VIEW_ACTIVITY]} def get_permissions_by_group(permission_groups): diff --git a/app/service/rest.py b/app/service/rest.py index 26bee5600..9cd34bbb2 100644 --- a/app/service/rest.py +++ b/app/service/rest.py @@ -178,7 +178,6 @@ def remove_user_from_service(service_id, user_id): def _process_permissions(user, service, permission_groups): from app.permissions_utils import get_permissions_by_group - from app.dao.permissions_dao import permission_dao permissions = get_permissions_by_group(permission_groups) for permission in permissions: permission.user = user diff --git a/migrations/versions/0043_view_activity.py b/migrations/versions/0043_view_activity.py new file mode 100644 index 000000000..f589a0938 --- /dev/null +++ b/migrations/versions/0043_view_activity.py @@ -0,0 +1,47 @@ +"""empty message + +Revision ID: 0043_add_view_activity +Revises: 0042_default_stats_to_zero +Create Date: 2016-03-29 13:46:36.219549 + +""" + +# revision identifiers, used by Alembic. +import uuid + +revision = '0043_add_view_activity' +down_revision = '0042_default_stats_to_zero' + +from alembic import op + + +def upgrade(): + ### commands auto generated by Alembic - please adjust! ### + conn = op.get_bind() + conn.execute('COMMIT') + conn.execute("alter type permission_types add value IF NOT EXISTS 'view_activity'") + user_services = conn.execute("SELECT * FROM user_to_service").fetchall() + for user_service in user_services: + conn.execute( + "insert into permissions (id, service_id, user_id, created_at, permission) " + "values('{0}', '{1}', {2}, now(), 'view_activity')".format( + uuid.uuid4(), user_service.service_id, user_service.user_id)) + conn.execute("delete from permissions where permission = 'access_developer_docs'") + conn.execute("delete from pg_enum where enumlabel='access_developer_docs'") + ### end Alembic commands ### + + +def downgrade(): + ### commands auto generated by Alembic - please adjust! ### + conn = op.get_bind() + conn.execute("delete from permissions where permission = 'view_activity'") + conn.execute("delete from pg_enum where enumlabel = 'view_activity'") + conn.execute('COMMIT') + conn.execute("alter type permission_types add value IF NOT EXISTS 'access_developer_docs'") + manage_api_key_users = conn.execute("SELECT * FROM permissions where permission='manage_api_keys'").fetchall() + for user_service in manage_api_key_users: + conn.execute( + "insert into permissions (id, service_id, user_id, created_at, permission) " + "values('{0}', '{1}', {2}, now(), 'access_developer_docs')".format( + uuid.uuid4(), user_service.service_id, user_service.user_id)) + ### end Alembic commands ### diff --git a/tests/app/service/test_rest.py b/tests/app/service/test_rest.py index 960d66543..7b2c4e8dd 100644 --- a/tests/app/service/test_rest.py +++ b/tests/app/service/test_rest.py @@ -600,8 +600,7 @@ def test_add_existing_user_to_another_service_with_all_permissions(notify_api, json_resp = json.loads(resp.get_data(as_text=True)) permissions = json_resp['data']['permissions'][str(sample_service.id)] expected_permissions = ['send_texts', 'send_emails', 'send_letters', 'manage_users', - 'manage_settings', 'manage_templates', 'manage_api_keys', - 'access_developer_docs'] + 'manage_settings', 'manage_templates', 'manage_api_keys'] assert sorted(expected_permissions) == sorted(permissions) @@ -745,7 +744,7 @@ def test_add_existing_user_to_another_service_with_manage_api_keys(notify_api, json_resp = json.loads(resp.get_data(as_text=True)) permissions = json_resp['data']['permissions'][str(sample_service.id)] - expected_permissions = ['manage_api_keys', 'access_developer_docs'] + expected_permissions = ['manage_api_keys'] assert sorted(expected_permissions) == sorted(permissions)