Add extra permissions and link permisions with views (#2390)

tabbycat/adjallocation/views.py

@@ -13,7 +13,7 @@
 from participants.models import Adjudicator, Region
 from participants.prefetch import populate_feedback_scores
 from tournaments.mixins import DebateDragAndDropMixin, TournamentMixin
-from users.permissions import has_permission
+from users.permissions import has_permission, Permission
 from utils.misc import ranks_dictionary, redirect_tournament, reverse_tournament
 from utils.mixins import AdministratorMixin
 from utils.views import ModelFormSetView
@@ -91,6 +91,8 @@ class EditDebateAdjudicatorsView(BaseEditDebateOrPanelAdjudicatorsView):
     page_title = gettext_lazy("Edit Allocation")
     prefetch_adjs = True # Fetched in full as get_serialised
 
+    view_permission = Permission.VIEW_DEBATEADJUDICATORS
+
     def get_extra_info(self):
         info = super().get_extra_info()
         return info
@@ -105,6 +107,8 @@ class EditPanelAdjudicatorsView(BaseEditDebateOrPanelAdjudicatorsView):
     template_name = "edit_panel_adjudicators.html"
     page_title = gettext_lazy("Edit Panels")
 
+    view_permission = Permission.VIEW_PREFORMEDPANELS
+
     def get_extra_info(self):
         info = super().get_extra_info()
         info['backUrl'] = reverse_tournament('panel-adjudicators-index',
@@ -146,12 +150,6 @@ class BaseAdjudicatorConflictsView(LogActionMixin, AdministratorMixin, Tournamen
 
     formset_factory_kwargs = {}
 
-    def get_view_permission(self):
-        return 'view.%s' % (self.formset_model.__name__.lower())
-
-    def get_edit_permission(self):
-        return 'edit.%s' % (self.formset_model.__name__.lower())
-
     def get_formset_factory_kwargs(self):
         can_edit = has_permission(self.request.user, self.get_edit_permission(), self.tournament)
         kwargs = super().get_formset_factory_kwargs()
@@ -187,6 +185,9 @@ def formset_valid(self, formset):
 
 class AdjudicatorTeamConflictsView(BaseAdjudicatorConflictsView):
 
+    view_permission = Permission.VIEW_ADJ_TEAM_CONFLICTS
+    edit_permission = Permission.EDIT_ADJ_TEAM_CONFLICTS
+
     action_log_type = ActionLogEntry.ACTION_TYPE_CONFLICTS_ADJ_TEAM_EDIT
     formset_model = AdjudicatorTeamConflict
     page_title = gettext_lazy("Adjudicator-Team Conflicts")
@@ -231,6 +232,9 @@ def add_message(self, nsaved, ndeleted):
 
 class AdjudicatorAdjudicatorConflictsView(BaseAdjudicatorConflictsView):
 
+    view_permission = Permission.VIEW_ADJ_ADJ_CONFLICTS
+    edit_permission = Permission.EDIT_ADJ_ADJ_CONFLICTS
+
     action_log_type = ActionLogEntry.ACTION_TYPE_CONFLICTS_ADJ_ADJ_EDIT
     formset_model = AdjudicatorAdjudicatorConflict
     page_title = gettext_lazy("Adjudicator-Adjudicator Conflicts")
@@ -271,6 +275,9 @@ def add_message(self, nsaved, ndeleted):
 
 class AdjudicatorInstitutionConflictsView(BaseAdjudicatorConflictsView):
 
+    view_permission = Permission.VIEW_ADJ_INST_CONFLICTS
+    edit_permission = Permission.EDIT_ADJ_INST_CONFLICTS
+
     action_log_type = ActionLogEntry.ACTION_TYPE_CONFLICTS_ADJ_INST_EDIT
     formset_model = AdjudicatorInstitutionConflict
     page_title = gettext_lazy("Adjudicator-Institution Conflicts")
@@ -310,6 +317,9 @@ def add_message(self, nsaved, ndeleted):
 
 class TeamInstitutionConflictsView(BaseAdjudicatorConflictsView):
 
+    view_permission = Permission.VIEW_TEAM_INST_CONFLICTS
+    edit_permission = Permission.EDIT_TEAM_INST_CONFLICTS
+
     action_log_type = ActionLogEntry.ACTION_TYPE_CONFLICTS_TEAM_INST_EDIT
     formset_model = TeamInstitutionConflict
     page_title = gettext_lazy("Team-Institution Conflicts")

tabbycat/adjfeedback/views.py

@@ -672,7 +672,7 @@ def modify_adjudicator(self, request, adjudicator):
 class SetAdjudicatorBreakingStatusView(AdministratorMixin, TournamentMixin, LogActionMixin, View):
 
     action_log_type = ActionLogEntry.ACTION_TYPE_ADJUDICATOR_BREAK_SET
-    edit_permission = Permission.EDIT_SETBREAKING
+    edit_permission = Permission.EDIT_ADJ_BREAK
 
     def post(self, request, *args, **kwargs):
         body = self.request.body.decode('utf-8')

tabbycat/availability/views.py

@@ -21,6 +21,7 @@
 from draw.models import Debate
 from participants.models import Adjudicator, Team
 from tournaments.mixins import RoundMixin
+from users.permissions import Permission
 from utils.misc import reverse_round
 from utils.mixins import AdministratorMixin
 from utils.tables import TabbycatTableBuilder
@@ -206,6 +207,10 @@ def get_table(self):
 
 
 class AvailabilityTypeTeamView(AvailabilityTypeBase):
+
+    view_permission = Permission.VIEW_ROUNDAVAILABILITIES_TEAM
+    edit_permission = Permission.EDIT_ROUNDAVAILABILITIES_TEAM
+
     page_title = gettext_lazy("Team Availability")
     page_emoji = '👂'
     model = Team
@@ -225,6 +230,10 @@ def annotate_checkins(queryset, t):
 
 
 class AvailabilityTypeAdjudicatorView(AvailabilityTypeBase):
+
+    view_permission = Permission.VIEW_ROUNDAVAILABILITIES_ADJ
+    edit_permission = Permission.EDIT_ROUNDAVAILABILITIES_ADJ
+
     page_title = gettext_lazy("Adjudicator Availability")
     page_emoji = '👂'
     model = Adjudicator
@@ -244,6 +253,10 @@ def annotate_checkins(queryset, t):
 
 
 class AvailabilityTypeVenueView(AvailabilityTypeBase):
+
+    view_permission = Permission.VIEW_ROUNDAVAILABILITIES_VENUE
+    edit_permission = Permission.EDIT_ROUNDAVAILABILITIES_VENUE
+
     page_title = gettext_lazy("Room Availability")
     page_emoji = '🎪'
     model = Venue

tabbycat/checkins/views.py

@@ -15,6 +15,7 @@
 from participants.models import Person, Speaker
 from participants.serializers import InstitutionSerializer
 from tournaments.mixins import PublicTournamentPageMixin, TournamentMixin
+from users.permissions import Permission
 from utils.misc import reverse_tournament
 from utils.mixins import AdministratorMixin, AssistantMixin
 from utils.views import PostOnlyRedirectView
@@ -63,6 +64,8 @@ class CheckInPeopleStatusView(BaseCheckInStatusView):
     page_title = _("People's Check-In Statuses")
     window_preference = 'checkin_window_people'
 
+    edit_permission = Permission.EDIT_PARTICIPANT_CHECKIN
+
     def get_context_data(self, **kwargs):
 
         team_codes = use_team_code_names(self.tournament, admin=self.for_admin)
@@ -120,6 +123,8 @@ class CheckInVenuesStatusView(BaseCheckInStatusView):
     page_title = _("Rooms' Check-In Statuses")
     window_preference = 'checkin_window_venues'
 
+    edit_permission = Permission.EDIT_ROOM_CHECKIN
+
     def get_context_data(self, **kwargs):
         venues = []
         for venue in self.tournament.relevant_venues.select_related('checkin_identifier').prefetch_related('venuecategory_set').all():

tabbycat/draw/views.py

@@ -34,6 +34,7 @@
     TournamentMixin)
 from tournaments.models import Round
 from tournaments.utils import get_side_name
+from users.permissions import Permission
 from utils.misc import reverse_round, reverse_tournament
 from utils.mixins import AdministratorMixin
 from utils.tables import TabbycatTableBuilder
@@ -250,6 +251,8 @@ class BriefingRoomDrawTableMixin:
     """Mixin for views that get projected in the briefing room, to be accessed
     only by admins and assistants."""
 
+    view_permission = Permission.VIEW_BRIEFING_DRAW
+
     def get_context_data(self, **kwargs):
         kwargs['no_popovers'] = True
         return super().get_context_data(**kwargs)
@@ -445,6 +448,8 @@ def get_queryset(self):
 class AdminDrawView(RoundMixin, AdministratorMixin, AdminDrawUtilitiesMixin, VueTableTemplateView):
     detailed = False
 
+    view_permission = Permission.VIEW_ADMIN_DRAW
+
     def get_page_title(self):
         round = self.round
         self.page_emoji = '👀'
@@ -655,7 +660,7 @@ class DrawStatusEdit(LogActionMixin, AdministratorMixin, RoundMixin, PostOnlyRed
 
 
 class CreateDrawView(DrawStatusEdit):
-
+    edit_permission = Permission.GENERATE_DEBATE
     action_log_type = ActionLogEntry.ACTION_TYPE_DRAW_CREATE
 
     def post(self, request, *args, **kwargs):
@@ -741,6 +746,7 @@ class ConfirmDrawRegenerationView(AdministratorMixin, TemplateView):
 
 
 class DrawReleaseView(DrawStatusEdit):
+    edit_permission = Permission.RELEASE_DRAW
     action_log_type = ActionLogEntry.ACTION_TYPE_DRAW_RELEASE
     round_redirect_pattern_name = 'draw-display'
 
@@ -761,6 +767,7 @@ def post(self, request, *args, **kwargs):
 
 
 class DrawUnreleaseView(DrawStatusEdit):
+    edit_permission = Permission.UNRELEASE_DRAW
     action_log_type = ActionLogEntry.ACTION_TYPE_DRAW_UNRELEASE
     round_redirect_pattern_name = 'draw-display'
 
@@ -777,6 +784,7 @@ def post(self, request, *args, **kwargs):
 
 
 class SetRoundStartTimeView(DrawStatusEdit):
+    edit_permission = Permission.EDIT_STARTTIME
     action_log_type = ActionLogEntry.ACTION_TYPE_ROUND_START_TIME_SET
     round_redirect_pattern_name = 'draw-display'
 
@@ -828,6 +836,7 @@ def get_table(self):
 
 
 class SideAllocationsView(AdministratorMixin, BaseSideAllocationsView):
+    view_permission = Permission.EDIT_ALLOCATESIDES
     pass
 
 
@@ -839,6 +848,7 @@ class EditDebateTeamsView(DebateDragAndDropMixin, AdministratorMixin, TemplateVi
     template_name = "edit_debate_teams.html"
     page_title = gettext_lazy("Edit Matchups")
     prefetch_teams = False # Fetched in full as get_serialised
+    edit_permission = Permission.EDIT_DEBATETEAMS
 
     def get_serialised_allocatable_items(self):
         # TODO: account for shared teams

tabbycat/importer/views.py

@@ -22,6 +22,7 @@
 from participants.utils import populate_code_names
 from tournaments.mixins import TournamentMixin
 from tournaments.models import Tournament
+from users.permissions import Permission
 from utils.misc import redirect_tournament, reverse_tournament
 from utils.mixins import AdministratorMixin
 from utils.views import PostOnlyRedirectView
@@ -97,6 +98,7 @@ def done(self, form_list, form_dict, **kwargs):
 
 class ImportInstitutionsWizardView(BaseImportWizardView):
     model = Institution
+    edit_permission = Permission.ADD_INSTITUTIONS
     form_list = [
         ('raw', ImportInstitutionsRawForm),
         ('details', modelformset_factory(Institution, fields=('name', 'code'), extra=0)),
@@ -112,6 +114,7 @@ def get_message(self, count):
 
 class ImportVenuesWizardView(BaseImportWizardView):
     model = Venue
+    edit_permission = Permission.ADD_ROOMS
     form_list = [
         ('raw', ImportVenuesRawForm),
         ('details', modelformset_factory(Venue, form=VenueDetailsForm, extra=0)),
@@ -171,6 +174,7 @@ def get_details_instance_initial(self):
 
 class ImportTeamsWizardView(BaseImportByInstitutionWizardView):
     model = Team
+    edit_permission = Permission.ADD_TEAMS
     form_list = [
         ('numbers', ImportTeamsNumbersForm),
         ('details', modelformset_factory(Team, form=TeamDetailsForm, formset=TeamDetailsFormSet, extra=0)),
@@ -193,6 +197,7 @@ def get_message(self, count):
 
 class ImportAdjudicatorsWizardView(BaseImportByInstitutionWizardView):
     model = Adjudicator
+    edit_permission = Permission.ADD_ADJUDICATORS
     form_list = [
         ('numbers', ImportAdjudicatorsNumbersForm),
         ('details', modelformset_factory(Adjudicator, form=AdjudicatorDetailsForm, extra=0)),

tabbycat/motions/views.py

@@ -14,6 +14,7 @@
 from tournaments.mixins import (CurrentRoundMixin, OptionalAssistantTournamentPageMixin,
                                 PublicTournamentPageMixin, RoundMixin, TournamentMixin)
 from tournaments.models import Round
+from users.permissions import Permission
 from utils.misc import redirect_round
 from utils.mixins import AdministratorMixin
 from utils.views import ModelFormSetView, PostOnlyRedirectView
@@ -43,7 +44,8 @@ def get_context_data(self, **kwargs):
 class EditMotionsView(AdministratorMixin, LogActionMixin, RoundMixin, ModelFormSetView):
     # Django doesn't have a class-based view for formsets, so this implements
     # the form processing analogously to FormView, with less decomposition.
-
+    view_permission = Permission.VIEW_MOTION
+    edit_permission = Permission.EDIT_MOTION
     template_name = 'motions_edit.html'
     action_log_type = ActionLogEntry.ACTION_TYPE_MOTION_EDIT
     formset_model = Motion
@@ -167,7 +169,7 @@ def post(self, request, *args, **kwargs):
 
 
 class ReleaseMotionsView(BaseReleaseMotionsView):
-
+    edit_permission = Permission.RELEASE_MOTION
     action_log_type = ActionLogEntry.ACTION_TYPE_MOTIONS_RELEASE
     motions_released = True
 
@@ -199,6 +201,7 @@ def get_context_data(self, **kwargs):
 
 
 class AdminDisplayMotionsView(AdministratorMixin, BaseDisplayMotionsView):
+    view_permission = Permission.DISPLAY_MOTION
     pass
 
 
@@ -266,6 +269,7 @@ class AdminRoundMotionStatisticsView(AdministratorMixin, RoundMotionStatisticsVi
 
 
 class AdminGlobalMotionStatisticsView(AdministratorMixin, GlobalMotionStatisticsView):
+    view_permission = Permission.VIEW_MOTIONSTAB
     pass
 
 

tabbycat/participants/views.py

@@ -22,6 +22,7 @@
 from tournaments.mixins import (PublicTournamentPageMixin,
                                 SingleObjectFromTournamentMixin, TournamentMixin)
 from tournaments.models import Round
+from users.permissions import Permission
 from utils.misc import redirect_tournament, reverse_tournament
 from utils.mixins import AdministratorMixin, AssistantMixin
 from utils.tables import TabbycatTableBuilder
@@ -69,6 +70,7 @@ def get_context_data(self, **kwargs):
 
 
 class AdminParticipantsListView(AdministratorMixin, BaseParticipantsListView):
+    view_permission = Permission.VIEW_PARTICIPANTS
     template_name = 'participants_list.html'
     admin = True
 
@@ -118,6 +120,7 @@ def get_table(self):
 
 
 class AdminInstitutionsListView(AdministratorMixin, BaseInstitutionsListView):
+    view_permission = Permission.VIEW_INSTITUTIONS
     template_name = 'participants_list.html'
     admin = True
 
@@ -323,7 +326,7 @@ class EditSpeakerCategoriesView(LogActionMixin, AdministratorMixin, TournamentMi
     # uniqueness checks will work. Since this is a superuser form, they can
     # access all tournaments anyway, so tournament forgery wouldn't be a
     # security risk.
-
+    view_permission = Permission.VIEW_SPEAKER_CATEGORIES
     template_name = 'speaker_categories_edit.html'
     formset_model = SpeakerCategory
     action_log_type = ActionLogEntry.ACTION_TYPE_SPEAKER_CATEGORIES_EDIT
@@ -386,6 +389,7 @@ class EditSpeakerCategoryEligibilityView(AdministratorMixin, TournamentMixin, Vu
     template_name = 'edit_speaker_eligibility.html'
     page_title = _("Speaker Category Eligibility")
     page_emoji = '🍯'
+    edit_permission = Permission.EDIT_SPEAKER_CATEGORIES
 
     def get_table(self):
         table = TabbycatTableBuilder(view=self, sort_key='team')

tabbycat/privateurls/views.py

@@ -17,6 +17,7 @@
 from participants.views import BaseRecordView
 from tournaments.mixins import PersonalizablePublicTournamentPageMixin, SingleObjectByRandomisedUrlMixin, TournamentMixin
 from tournaments.models import Round
+from users.permissions import Permission
 from utils.misc import reverse_tournament
 from utils.mixins import AdministratorMixin
 from utils.tables import TabbycatTableBuilder
@@ -60,6 +61,7 @@ def get_participants_to_email(self, already_sent: bool = False) -> 'QuerySet[Per
 
 class RandomisedUrlsView(RandomisedUrlsMixin, VueTableTemplateView):
 
+    view_permission = Permission.VIEW_PRIVATE_URLS
     template_name = 'private_urls.html'
     tables_orientation = 'columns'
 
@@ -113,6 +115,7 @@ def get_tables(self) -> List[TabbycatTableBuilder]:
 class GenerateRandomisedUrlsView(AdministratorMixin, TournamentMixin, PostOnlyRedirectView):
 
     tournament_redirect_pattern_name = 'privateurls-list'
+    edit_permission = Permission.GENERATE_PRIVATE_URLS
 
     def post(self, request: 'HttpRequest', *args, **kwargs) -> 'HttpResponseRedirect':
         tournament = self.tournament
@@ -149,7 +152,8 @@ def post(self, request: 'HttpRequest', *args, **kwargs) -> 'HttpResponseRedirect
 
 class EmailRandomisedUrlsView(RoleColumnMixin, TournamentTemplateEmailCreateView):
     page_subtitle = _("Private URLs")
-
+    view_permission = Permission.VIEW_PRIVATE_URLS_EMAIL_LIST
+    edit_permission = Permission.SEND_PRIVATE_URLS
     event = BulkNotification.EventType.URL
     subject_template = 'url_email_subject'
     message_template = 'url_email_message'