mirror of
https://github.com/PostHog/posthog.git
synced 2024-11-28 09:16:49 +01:00
862697ef83
* initial role and role memberships setup
* create role when org is created and role memberships when user joins
* wip for merge
* fix api tests for role
* nest roles under organization route and test fixes
* remove pdb set trace
* fix types
* remove creating default roles and role memberships for orgs and users
* add permission levels to orgs and roles
* bulk create role memberships
* leave role membership as individual api request, handle bulk creation on the frontend instead
* feature flag role access wip and migrations
* fix flag role access tests
* linter
* isort
* temp type ignore
* add access level to plugin tests
* test remove test migration safe
* test license import error fix
* delete old? org license test
* nvm we need these tests
* type ignore
* reset license plans after test
* add organization resource access model and remove access level field from regular organizations
* feat: permission return on feature flag (#12826)
* suggested permission return
* change naming
* add changes
* pass bool
* fix plugin tests
* organization resource access tests and fixes
* update can edit return with new org resource access model from feature flag
* fix tests
* add permissions to feature flag for editing
* more tests
* remove unnecessary spacing
* fix test
* add context for feature flag serializer tests
* add back workflow test step
* add organization to feature flag role access
* fix(spike): why are tests failing (#12858)
* was it because invalid id is provided?
* allow django to touch the db
* a less unexpected way of allowing access to the DB
* Revert "add organization to feature flag role access"
This reverts commit ef18b0ec8b.
* address feedback and include organization safety checks in tests
* test error fix
* test role dupe name per org
* remove third access level option
* fix migration for it
* more tests
* fix test
* feat: role based permissions UI (#12776)
* add api
* starter
* role and member creation + deletion
* working with all deletes
* add block
* working roles
* permissions tab on org settings
* org default setting
* types
* flag role assignment
* working per flag permission
* working with admin block
* types
* use restricted area component
* wrap flag resource access in different url
* restore migrations manifest
* update url endpoints
* pay gate mini org role settings
* remove view and custom edit and remove resource access creation on org creation
* add feature flag
* address feedback
* fix backend tests
* remove broken permissions setting on new feature flags
* export logic props interface
Co-authored-by: Li Yi Yu <li@posthog.com>
* type fixes
Co-authored-by: Eric Duong <eeoneric@gmail.com>
Co-authored-by: Paul D'Ambra <paul@posthog.com>
176 lines
6.7 KiB
Python
176 lines
6.7 KiB
Python
# Generated by Django 3.2.16 on 2022-11-23 17:34
|
|
|
|
import django.db.models.deletion
|
|
from django.conf import settings
|
|
from django.db import migrations, models
|
|
|
|
import posthog.models.utils
|
|
|
|
|
|
class Migration(migrations.Migration):
|
|
|
|
dependencies = [
|
|
("posthog", "0280_fix_async_deletion_team"),
|
|
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
|
|
("ee", "0013_silence_deprecated_tags_warnings"),
|
|
]
|
|
|
|
operations = [
|
|
migrations.CreateModel(
|
|
name="Role",
|
|
fields=[
|
|
(
|
|
"id",
|
|
models.UUIDField(
|
|
default=posthog.models.utils.UUIDT, editable=False, primary_key=True, serialize=False
|
|
),
|
|
),
|
|
("name", models.CharField(max_length=200)),
|
|
(
|
|
"feature_flags_access_level",
|
|
models.PositiveSmallIntegerField(
|
|
choices=[(21, "Can only view"), (37, "Can always edit")], default=37
|
|
),
|
|
),
|
|
("created_at", models.DateTimeField(auto_now_add=True)),
|
|
(
|
|
"created_by",
|
|
models.ForeignKey(
|
|
null=True,
|
|
on_delete=django.db.models.deletion.SET_NULL,
|
|
related_name="roles",
|
|
related_query_name="role",
|
|
to=settings.AUTH_USER_MODEL,
|
|
),
|
|
),
|
|
(
|
|
"organization",
|
|
models.ForeignKey(
|
|
on_delete=django.db.models.deletion.CASCADE,
|
|
related_name="roles",
|
|
related_query_name="role",
|
|
to="posthog.organization",
|
|
),
|
|
),
|
|
],
|
|
),
|
|
migrations.CreateModel(
|
|
name="RoleMembership",
|
|
fields=[
|
|
(
|
|
"id",
|
|
models.UUIDField(
|
|
default=posthog.models.utils.UUIDT, editable=False, primary_key=True, serialize=False
|
|
),
|
|
),
|
|
("joined_at", models.DateTimeField(auto_now_add=True)),
|
|
("updated_at", models.DateTimeField(auto_now=True)),
|
|
(
|
|
"role",
|
|
models.ForeignKey(
|
|
on_delete=django.db.models.deletion.CASCADE,
|
|
related_name="roles",
|
|
related_query_name="role",
|
|
to="ee.role",
|
|
),
|
|
),
|
|
(
|
|
"user",
|
|
models.ForeignKey(
|
|
on_delete=django.db.models.deletion.CASCADE,
|
|
related_name="role_memberships",
|
|
related_query_name="role_membership",
|
|
to=settings.AUTH_USER_MODEL,
|
|
),
|
|
),
|
|
],
|
|
),
|
|
migrations.CreateModel(
|
|
name="OrganizationResourceAccess",
|
|
fields=[
|
|
("id", models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name="ID")),
|
|
(
|
|
"resource",
|
|
models.CharField(
|
|
choices=[
|
|
("feature flags", "feature flags"),
|
|
("experiments", "experiments"),
|
|
("cohorts", "cohorts"),
|
|
("data management", "data management"),
|
|
("session recordings", "session recordings"),
|
|
("insights", "insights"),
|
|
("dashboards", "dashboards"),
|
|
],
|
|
max_length=32,
|
|
),
|
|
),
|
|
(
|
|
"access_level",
|
|
models.PositiveSmallIntegerField(
|
|
choices=[(21, "Can only view"), (37, "Can always edit")], default=37
|
|
),
|
|
),
|
|
("created_at", models.DateTimeField(auto_now_add=True)),
|
|
("updated_at", models.DateTimeField(auto_now=True)),
|
|
(
|
|
"created_by",
|
|
models.ForeignKey(
|
|
null=True, on_delete=django.db.models.deletion.SET_NULL, to=settings.AUTH_USER_MODEL
|
|
),
|
|
),
|
|
(
|
|
"organization",
|
|
models.ForeignKey(
|
|
on_delete=django.db.models.deletion.CASCADE,
|
|
related_name="resource_access",
|
|
to="posthog.organization",
|
|
),
|
|
),
|
|
],
|
|
),
|
|
migrations.CreateModel(
|
|
name="FeatureFlagRoleAccess",
|
|
fields=[
|
|
("id", models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name="ID")),
|
|
("added_at", models.DateTimeField(auto_now_add=True)),
|
|
("updated_at", models.DateTimeField(auto_now=True)),
|
|
(
|
|
"feature_flag",
|
|
models.ForeignKey(
|
|
on_delete=django.db.models.deletion.CASCADE,
|
|
related_name="access",
|
|
related_query_name="access",
|
|
to="posthog.featureflag",
|
|
),
|
|
),
|
|
(
|
|
"role",
|
|
models.ForeignKey(
|
|
on_delete=django.db.models.deletion.CASCADE,
|
|
related_name="feature_flag_access",
|
|
related_query_name="feature_flag_access",
|
|
to="ee.role",
|
|
),
|
|
),
|
|
],
|
|
),
|
|
migrations.AddConstraint(
|
|
model_name="rolemembership",
|
|
constraint=models.UniqueConstraint(fields=("role", "user"), name="unique_user_and_role"),
|
|
),
|
|
migrations.AddConstraint(
|
|
model_name="role",
|
|
constraint=models.UniqueConstraint(fields=("organization", "name"), name="unique_role_name"),
|
|
),
|
|
migrations.AddConstraint(
|
|
model_name="organizationresourceaccess",
|
|
constraint=models.UniqueConstraint(
|
|
fields=("organization", "resource"), name="unique resource per organization"
|
|
),
|
|
),
|
|
migrations.AddConstraint(
|
|
model_name="featureflagroleaccess",
|
|
constraint=models.UniqueConstraint(fields=("role", "feature_flag"), name="unique_feature_flag_and_role"),
|
|
),
|
|
]
|