altf4arnold/datatracker
1
0
Fork 0
Code Issues Pull requests Actions 2 Packages Projects Releases Wiki Activity

Merged in [13575] from rcross@amsl.com:

Browse source 
Create new script ietf/bin/set_admin_permissions to configure Django Admin group permissions.  Fixes #2008.
 - Legacy-Id: 13581
Note: SVN reference [13575] has been migrated to Git commit 1876927cbc
This commit is contained in:
Henrik Levkowetz 2017-06-10 09:29:26 +00:00
parent 3d387e5ff6 1876927cbc
commit a9785674ea
1 changed files with 78 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

78
ietf/bin/set_admin_permissions Executable file
View file

@ -0,0 +1,78 @@
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# -*- Python -*-
#
'''
This script configures Django Admin permissions
'''
# Set PYTHONPATH and load environment variables for standalone script -----------------
import os, sys
basedir = os.path.abspath(os.path.join(os.path.dirname(__file__), "../.."))
sys.path = [ basedir ] + sys.path
os.environ["DJANGO_SETTINGS_MODULE"] = "ietf.settings"
virtualenv_activation = os.path.join(basedir, "env", "bin", "activate_this.py")
if os.path.exists(virtualenv_activation):
execfile(virtualenv_activation, dict(__file__=virtualenv_activation))
import django
django.setup()
# -------------------------------------------------------------------------------------
from django.contrib.auth.models import Group as AuthGroup
from django.contrib.auth.models import Permission
from ietf.group.models import Group
def permission_names_to_objects(names):
"""
Given an iterable of permission names (e.g. 'app_label.add_model'),
return an iterable of Permission objects for them. The permission
must already exist, because a permission name is not enough information
to create a new permission.
"""
result = []
for name in names:
app_label, codename = name.split(".", 1)
try:
result.append(Permission.objects.get(content_type__app_label=app_label,
codename=codename))
except Permission.DoesNotExist:
print "NO SUCH PERMISSION: %s, %s" % (app_label, codename)
raise
return result
def main():
secretariat = Group.objects.get(acronym='secretariat')
users = [ r.person.user for r in secretariat.role_set.filter(name='secr') ]
# Set Auth Group members
auth_group, _ = AuthGroup.objects.get_or_create(name='secretariat')
auth_group.user_set.set(users)
# Set Auth Group Admin Permissions
names = ['auth.add_user','auth.change_user','auth.delete_user',
'group.add_group','group.change_group','group.delete_group',
'group.add_role','group.change_role','group.delete_role',
'group.add_groupevent','group.change_groupevent','group.delete_groupevent',
'iesg.add_telechatagendaitem','iesg.change_telechatagendaitem','iesg.delete_telechatagendaitem',
'iesg.add_telechatdate','iesg.change_telechatdate','iesg.delete_telechatdate',
'mailinglists.add_list','mailinglists.change_list','mailinglists.delete_list',
'meeting.add_floorplan','meeting.change_floorplan','meeting.delete_floorplan',
'meeting.add_room','meeting.change_room','meeting.delete_room',
'meeting.add_urlresource','meeting.change_urlresource','meeting.delete_urlresource',
'person.add_person','person.change_person','person.delete_person',
'person.add_alias','person.change_alias','person.delete_alias',
'person.add_email','person.change_email','person.delete_email',
'submit.add_submission','submit.change_submission','submit.delete_submission',
]
permissions = permission_names_to_objects(names)
auth_group.permissions.set(permissions)
if __name__ == '__main__':
main()