0
0
mirror of https://github.com/PostHog/posthog.git synced 2024-11-28 09:16:49 +01:00
posthog/ee/migrations/0005_project_based_permissioning.py
Michael Matloka bc3e223265
Project-based permissioning framework (#5976)
* Refactor `AvailableFeature` from strings to an enum everywhere

* Fix circular dependency and type

* Add "Per-project access" feature flag, premium feature, and organization switch

* Rename `OrganizationMembershipLevel` to `OrganizationAccessLevel`

* Create `ExplicitTeamMembership` model

* Show whether projects are restricted in the project switcher

* Update organizations API code

* Fix migrations

* Move organization tests that require EE to `ee`

* Revert `OrganizationMembershipLevel` rename

* Fix organization tests

* Update migration

* Fix schema and add Members to Project Settings

* Build out test memberships API with security tests

* Update `TeamMembers` and `teamMembersLogic`

* Move "Per-project access" description to tooltip

* Add moar tests

* Fix Project Members list logic

* Add additional membership checks

* Update migrations

* Fix typing

* Adjust explicit team memberships API similarly

* Fix typo

* Unify `ExplicitTeamMemberSerializer`

* Remove old changes to `membersLogic` usage

* Use `effective_membership_level` on `TeamBasicSerializer`

* Clean up organization update tests

* Explicitly disallow enabling per-project access for free

* Fix circular import

* Remove `id` from `UserSerializer`

* Fix typing

* Try to fix import

* Fix fatal typing

* Add more tests

* Update permissioning.ts

* Add clarifying comment to migration

* Fix import

* minor clarifications

* Revert `TopNavigation` changes

* Make new access control entirely project-based

* Update migrations

* Add `project_based_permissioning` to `TeamBasicSerializer`

* Update test_team.py

* Fix Access Control restriction tooltip

* adjust copy & UI a bit

* Address feedback on field comment

* "Privacy settings" to "Access Control"

* Ignore mypy

* Rename `Team` field `project_based_permissioning` to `access_control`

* Update migrations

Co-authored-by: Paolo D'Amico <paolodamico@users.noreply.github.com>
2021-09-22 18:29:59 +02:00

58 lines
2.1 KiB
Python

# Generated by Django 3.2.5 on 2021-09-10 11:39
import django.db.models.deletion
from django.conf import settings
from django.db import migrations, models
import posthog.models.utils
class Migration(migrations.Migration):
dependencies = [
("posthog", "0170_project_based_permissioning"),
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
("ee", "0004_enterpriseeventdefinition_enterprisepropertydefinition"),
]
operations = [
migrations.CreateModel(
name="ExplicitTeamMembership",
fields=[
(
"id",
models.UUIDField(
default=posthog.models.utils.UUIDT, editable=False, primary_key=True, serialize=False
),
),
("level", models.PositiveSmallIntegerField(choices=[(1, "member"), (8, "administrator")], default=1)),
("joined_at", models.DateTimeField(auto_now_add=True)),
("updated_at", models.DateTimeField(auto_now=True)),
(
"team",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
related_name="explicit_memberships",
related_query_name="explicit_membership",
to="posthog.team",
),
),
(
"parent_membership",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
related_name="explicit_team_memberships",
related_query_name="explicit_team_membership",
to="posthog.organizationmembership",
),
),
],
),
migrations.AddConstraint(
model_name="explicitteammembership",
constraint=models.UniqueConstraint(
fields=("team", "parent_membership"), name="unique_explicit_team_membership"
),
),
]