Skip to content

Commit

Permalink
Merge pull request #33874 from dimagi/mk/3234-alerts-permission
Browse files Browse the repository at this point in the history 
Add a new permission for managing project alerts
  • Loading branch information
@mkangia
mkangia committed Dec 13, 2023
2 parents a8eb55c + ab268b6 commit 8014b53
Show file tree
Hide file tree
Showing 7 changed files with 71 additions and 12 deletions.
10 changes: 6 additions & 4 deletions corehq/apps/domain/views/settings.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@
from corehq.apps.hqwebapp.signals import clear_login_attempts
from corehq.apps.locations.permissions import location_safe
from corehq.apps.ota.models import MobileRecoveryMeasure
from corehq.apps.users.decorators import require_can_manage_domain_alerts
from corehq.apps.users.models import CouchUser
from corehq.toggles import NAMESPACE_DOMAIN
from corehq.toggles.models import Toggle
Expand Down Expand Up @@ -528,8 +529,9 @@ class ManageDomainMobileWorkersView(ManageMobileWorkersMixin, BaseAdminProjectSe
urlname = 'domain_manage_mobile_workers'


@method_decorator(toggles.CUSTOM_DOMAIN_BANNER_ALERTS.required_decorator(), name='dispatch')
class ManageDomainAlertsView(BaseAdminProjectSettingsView):
@method_decorator([toggles.CUSTOM_DOMAIN_BANNER_ALERTS.required_decorator(),
require_can_manage_domain_alerts], name='dispatch')
class ManageDomainAlertsView(BaseProjectSettingsView):
template_name = 'domain/admin/manage_alerts.html'
urlname = 'domain_manage_alerts'
page_title = gettext_lazy("Manage Project Alerts")
Expand Down Expand Up @@ -595,7 +597,7 @@ def _convert_timestamp_to_utc(timestamp, timezone):


@toggles.CUSTOM_DOMAIN_BANNER_ALERTS.required_decorator()
@domain_admin_required
@require_can_manage_domain_alerts
@require_POST
def update_domain_alert_status(request, domain):
alert_id = request.POST.get('alert_id')
Expand All @@ -610,7 +612,7 @@ def update_domain_alert_status(request, domain):


@toggles.CUSTOM_DOMAIN_BANNER_ALERTS.required_decorator()
@domain_admin_required
@require_can_manage_domain_alerts
@require_POST
def delete_domain_alert(request, domain):
alert_id = request.POST.get('alert_id')
Expand Down
1 change: 1 addition & 0 deletions corehq/apps/users/decorators.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,7 @@ def _check_permission(_user, _domain):
require_can_view_roles = require_permission('view_roles')
require_can_login_as = require_permission_raw(lambda user, domain: user.can_login_as(domain))
require_can_coordinate_events = require_permission('manage_attendance_tracking')
require_can_manage_domain_alerts = require_permission('manage_domain_alerts')


def require_permission_to_edit_user(view_func):
Expand Down
22 changes: 22 additions & 0 deletions corehq/apps/users/migrations/0056_add_manage_domain_alerts_permission.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# Generated by Django 3.2.23 on 2023-12-13 10:09

from django.db import migrations

from corehq.apps.users.models_role import Permission
from corehq.util.django_migrations import skip_on_fresh_install


@skip_on_fresh_install
def create_manage_domain_alerts_permission(*args, **kwargs):
Permission.objects.get_or_create(value='manage_domain_alerts')


class Migration(migrations.Migration):

dependencies = [
('users', '0055_add_user_data'),
]

operations = [
migrations.RunPython(create_manage_domain_alerts_permission, migrations.RunPython.noop)
]
2 changes: 2 additions & 0 deletions corehq/apps/users/models.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -225,6 +225,8 @@ class HqPermissions(DocumentSchema):
view_data_registry_contents_list = StringListProperty(default=[])
manage_attendance_tracking = BooleanProperty(default=False)

manage_domain_alerts = BooleanProperty(default=False)

@classmethod
def from_permission_list(cls, permission_list):
"""Converts a list of Permission objects into a Permissions object"""
Expand Down
17 changes: 17 additions & 0 deletions corehq/apps/users/templates/users/partials/edit_role_modal.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -466,6 +466,23 @@ <h4 class="modal-title" data-bind="text: modalTitle"></h4>
</div>
</div>
</div>
{% if request|toggle_enabled:"CUSTOM_DOMAIN_BANNER_ALERTS" %}
<div class="form-group">
<label class="col-sm-4 control-label">
{% trans "Manage Project Alerts" %}
</label>
<div class="col-sm-8 controls">
<div class="form-check">
<input type="checkbox"
id="manage-domain-alerts-checkbox"
data-bind="checked: permissions.manage_domain_alerts" />
<label for="manage-domain-alerts-checkbox">
{% trans "Allow this role to manage project alerts." %}
</label>
</div>
</div>
</div>
{% endif %}
</div>

<div class="modal-footer" data-bind="css: {'has-error': $root.roleError }">
Expand Down
30 changes: 22 additions & 8 deletions corehq/tabs/tabclasses.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1881,6 +1881,7 @@ def sidebar_items(self):
items = []
user_is_admin = self.couch_user.is_domain_admin(self.domain)
user_is_billing_admin = self.couch_user.can_edit_billing()
user_can_manage_domain_alerts = self.couch_user.can_manage_domain_alerts(self.domain)
has_project_access = has_privilege(self._request, privileges.PROJECT_ACCESS)

project_info = []
Expand Down Expand Up @@ -1910,8 +1911,14 @@ def sidebar_items(self):

items.append((_('Project Information'), project_info))

if user_is_admin and has_project_access:
items.append((_('Project Administration'), _get_administration_section(self.domain)))
if (user_is_admin or user_can_manage_domain_alerts) and has_project_access:
section = []
if user_is_admin:
section = _get_administration_section(self.domain)
elif user_can_manage_domain_alerts:
section = _get_manage_domain_alerts_section(self.domain)
if section:
items.append((_('Project Administration'), section))

if self.couch_user.can_edit_motech() and has_project_access:
integration_nav = _get_integration_section(self.domain, self.couch_user)
Expand Down Expand Up @@ -2019,7 +2026,6 @@ def _get_administration_section(domain):
from corehq.apps.domain.views.settings import (
FeaturePreviewsView,
ManageDomainMobileWorkersView,
ManageDomainAlertsView,
RecoveryMeasuresHistory,
)
from corehq.apps.ota.models import MobileRecoveryMeasure
Expand All @@ -2037,11 +2043,7 @@ def _get_administration_section(domain):
'url': reverse(FeaturePreviewsView.urlname, args=[domain])
})

if toggles.CUSTOM_DOMAIN_BANNER_ALERTS.enabled(domain):
administration.append({
'title': _(ManageDomainAlertsView.page_title),
'url': reverse(ManageDomainAlertsView.urlname, args=[domain])
})
administration.extend(_get_manage_domain_alerts_section(domain))

if toggles.TRANSFER_DOMAIN.enabled(domain):
administration.append({
Expand All @@ -2065,6 +2067,18 @@ def _get_administration_section(domain):
return administration


def _get_manage_domain_alerts_section(domain):
from corehq.apps.domain.views.settings import ManageDomainAlertsView
section = []

if toggles.CUSTOM_DOMAIN_BANNER_ALERTS.enabled(domain):
section.append({
'title': _(ManageDomainAlertsView.page_title),
'url': reverse(ManageDomainAlertsView.urlname, args=[domain])
})
return section


def _get_integration_section(domain, couch_user):

def _get_forward_name(repeater_type=None, **context):
Expand Down
1 change: 1 addition & 0 deletions migrations.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1181,6 +1181,7 @@ users
0053_userreportingmetadatastaging_fcm_token
0054_connectiduserlink
0055_add_user_data
0056_add_manage_domain_alerts_permission
util
0001_initial
0002_complaintbouncemeta_permanentbouncemeta_transientbounceemail
Expand Down

0 comments on commit 8014b53

Please sign in to comment.