Add Notion import #1050
Closed
Add Notion import #1050
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We were returning too many select options for the restricted link reach: - when the "restricted" reach is an option (key present in the returned dictionary), the possible values for link roles are now always None to make it clearer that they don't matter and no select box should be shown for roles. - Never propose "restricted" as option for link reach when the ancestors already offer a public access. Indeed, restricted/editor was shown when the ancestors had public/read access. The logic was to propose editor role on more restricted reaches... but this does not make sense for restricted since the role does is not taken into account for this reach. Roles are set by each access line assign to users/teams.
The frontend needs to display inherited link accesses when it displays possible selection options. We need to return this information to the client.
If anonymous users have reader access on a parent, we were considering that an edge use case was interesting: allowing an authenticated user to still be editor on the child. Although this use case could be interesting, we consider, as a first approach, that the value it carries is not big enough to justify the complexity for the user to understand this complex access right heritage.
The document viewset was overriding the get_queryset method from its own mixin. This was a sign that the mixin was not optimal anymore. In the next commit I will need to complexify it further so it's time to refactor the mixin.
The methods to annotate a document queryset were factorized on the viewset but the correct place is the custom queryset itself now that we have one.
The document accesses a user have on a document's ancestors also apply to this document. The frontend needs to list them as "inherited" so we need to add them to the list. Adding a "document_id" field on the output will allow the frontend to differentiate between inherited and direct accesses on a document.
We are going to need to compare choices to materialize the fact that choices are ordered. For example an admin role is higer than an editor role but lower than an owner role. We will need this to compute the reach and role resulting from all the document accesses (resp. link accesses) assigned on a document's ancestors.
This will allow us to simplify the get_abilities method. It is also more efficient because we have computed this definitions dict and the the get_select_options method was doing the conversion again.
The user account created to query the API had a random email that could randomly interfere with our search results.
We were returning the list of roles a user has on a document (direct and inherited). Now that we introduced priority on roles, we are able to determine what is the max role and return only this one. This commit also changes the role that is returned for the restricted reach: we now return None because the role is not relevant in this case.
On a document, we need to display the status of the link (reach and role) as inherited from its ancestors.
On a document, we need to display the status of the link (reach and role) taking into account the ancestors link reach/role as well as the current document.
The latest refactoring in a445278 kept some factorizations that are not legit anymore after the refactoring. It is also cleaner to not make serializer choice in the list view if the reason for this choice is related to something else b/c other views would then use the wrong serializer and that would be a security leak. This commit also fixes a bug in the access rights inheritance: if a user is allowed to see accesses on a document, he should see all acesses related to ancestors, even the ancestors that he can not read. This is because the access that was granted on all ancestors also apply on the current document... so it must be displayed. Lastly, we optimize database queries because the number of accesses we fetch is going up with multi-pages and we were generating a lot of useless queries.
This field is set only on the list view when all accesses for a given document and all its ancestors are listed. It gives the highest role among all accesses related to each document.
If root documents are guaranteed to have a owner, non-root documents will automatically have them as owner by inheritance. We should not require non-root documents to have their own direct owner because this will make it difficult to manage access rights when we move documents around or when we want to remove access rights for someone on a document subtree... There should be as few overrides as possible.
There is a delay between the time the signature is issued and the
time it is checked. Although this delay is minimal, if the signature
is issued at the end of a second, both timestamps can differ of 1s.
> assert response["X-Amz-Date"] == timezone.now().strftime("%Y%m%dT%H%M%SZ")
AssertionError: assert equals failed '20250504T175307Z' '20250504T175308Z'
We took the opportunity of this bug to refactor serializers and permissions as advised one day by @qbey: no permission checks in serializers.
The frontend requires this information about the ancestor document to which each access is related. We make sure it does not generate more db queries and does not fetch useless and heavy fields from the document like "excerpt".
This use case was forgotten when the support for team accesses was added. We add tests to stabilize the feature and its security.
We reduce the number of options even more by treating link reach and link role independently: link reach must be higher than its ancestors' equivalent link reach and link role must be higher than its ancestors' link role. This reduces the number of possibilities but we decided to start with the most restrictive and simple offer and extend it if we realize it faces too many criticism instead of risking to offer too many options that are too complex and must be reduced afterwards.
The frontend needs to know what to display on an access. The maximum role between the access role and the role equivalent to all accesses on the document's ancestors should be computed on the backend.
We were returning too many select options for the restricted link reach: - when the "restricted" reach is an option (key present in the returned dictionary), the possible values for link roles are now always None to make it clearer that they don't matter and no select box should be shown for roles. - Never propose "restricted" as option for link reach when the ancestors already offer a public access. Indeed, restricted/editor was shown when the ancestors had public/read access. The logic was to propose editor role on more restricted reaches... but this does not make sense for restricted since the role does is not taken into account for this reach. Roles are set by each access line assign to users/teams.
The frontend needs to display inherited link accesses when it displays possible selection options. We need to return this information to the client.
We were returning the list of roles a user has on a document (direct and inherited). Now that we introduced priority on roles, we are able to determine what is the max role and return only this one. This commit also changes the role that is returned for the restricted reach: we now return None because the role is not relevant in this case.
We were returning too many select options for the restricted link reach: - when the "restricted" reach is an option (key present in the returned dictionary), the possible values for link roles are now always None to make it clearer that they don't matter and no select box should be shown for roles. - Never propose "restricted" as option for link reach when the ancestors already offer a public access. Indeed, restricted/editor was shown when the ancestors had public/read access. The logic was to propose editor role on more restricted reaches... but this does not make sense for restricted since the role does is not taken into account for this reach. Roles are set by each access line assign to users/teams.
The frontend needs to display inherited link accesses when it displays possible selection options. We need to return this information to the client.
With the soft delete feature, relying on the is_leaf method from the treebeard is not accurate anymore. To determine if a node is a leaf, it checks if the number of numchild is equal to 0. But a node can have soft deleted children, then numchild is equal to 0, but it is not a leaf because if we want to add a child we have to look for the last child to compute a correct path. Otherwise we will have an error saying that the path already exists.
Added several new dependencies to the `package.json` file, including `@dnd-kit/core`, `@dnd-kit/modifiers`, `@fontsource/material-icons`, and `@gouvfr-lasuite/ui-kit`.
Added a new feature for moving documents within the user interface via drag-and-drop. This includes the creation of Draggable and Droppable components, as well as tests to verify document creation and movement behavior. Changes have also been made to document types to include user roles and child management capabilities.
PanchoutNathan
force-pushed
the
feature/doc-dnd
branch
6 times, most recently
from
574c184 to
5057f4d
Compare
PanchoutNathan
force-pushed
the
feature/doc-dnd
branch
from
79cdcc1 to
a54482f
Compare
AntoLC
force-pushed
the
feature/doc-dnd
branch
16 times, most recently
from
1dfe4e9 to
33bd5ef
Compare
|
Why has this been closed? |
|
Hm, seems like this is a side-effect of deleting the branch this was based on. Will rebase and reopen later. |
|
Opened #1141 (GitHub won't let me re-open this PR.) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🌟 Contributors: @emersion @Tguisnet @Castavo @NicolasRitouet @clarani
💻 Project of the Hack Days Hackathon
Purpose
The goal of this feature is to allow users to import notion workspace into Docs in 1 clic.
The user can connect to Notion by clicking on a button, select the pages he/she wants to import and the pages are directly imported into Docs.
A progress bar displays the import progression.
A lot of Notion block types are handled:
The unsupported blocks are replaced by a textual warning. The database pages from Notion are ignored since Docs does not handle databases for the moment.
For later