You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Defining our roles as a fixture comes with the caveat that permissions are referenced by the ids. This is barely readable and once the ids change (e.g. because a new permission gets added), the permissions assigned to a role are completely different.
Proposed Solution
Program the permissions as a Django migration instead of a fixture. This also makes it easier to add and edit roles because the changes can be defined in new migrations based on the initial one.
Proposed implementation
from django.db import migrations, models
def add_roles(apps, schema_editor):
ROLES = [
{
"name": "Verwaltung",
"staff_role": False,
"permissions": [
"edit_events",
"publish_events",
"view_events",
"manage_feedback",
"manage_imprint",
"manage_language_tree",
"manage_offers",
"edit_pages",
"grant_page_permissions",
"publish_pages",
"manage_pois",
"edit_push_notifications",
"send_push_notifications",
"view_push_notifications",
"manage_region_users",
],
},
{
"name": "Terminplaner",
"staff_role": False,
"permissions": [
"view_events",
"edit_events",
"publish_events",
"manage_pois",
],
},
{
"name": "Redakteur",
"staff_role": False,
"permissions": ["edit_pages", "publish_pages", "grant_page_permissions"],
},
]
# We can't import the Person model directly as it may be a newer
# version than this migration expects. We use the historical version.
Group = apps.get_model("auth", "Group")
Permission = apps.get_model("auth", "Permission")
Role = apps.get_model("cms", "Role")
for role_conf in ROLES:
group, created = Group.objects.get_or_create(name=role_conf.get("name"))
role, created = Role.objects.get_or_create(
group=group, staff_role=role_conf.get("staff_role")
)
permissions = Permission.objects.filter(codename__in=permission_codenames)
group.permissions.add(*permissions)
class Migration(migrations.Migration):
dependencies = [("cms", "0001_initial")]
operations = [
migrations.RunPython(add_roles),
]
Motivation
Defining our roles as a fixture comes with the caveat that permissions are referenced by the ids. This is barely readable and once the ids change (e.g. because a new permission gets added), the permissions assigned to a role are completely different.
Proposed Solution
Program the permissions as a Django migration instead of a fixture. This also makes it easier to add and edit roles because the changes can be defined in new migrations based on the initial one.
Proposed implementation
Alternatives
Additional Context
This is blocked by:
The text was updated successfully, but these errors were encountered: