chore: roles demotion (#5612)

2024-09-16 14:25:27 +05:30 · 2024-09-16 14:25:27 +05:30 · 3ce84f78f1
commit 3ce84f78f1
parent 5ba1eeaf4c
2 changed files with 8 additions and 28 deletions
--- a/apiserver/plane/app/views/project/invite.py
+++ b/apiserver/plane/app/views/project/invite.py
@ -164,7 +164,7 @@ class UserProjectInvitationsViewset(BaseViewSet):
                ProjectMember(
                    project_id=project_id,
                    member=request.user,
-                    role=15 if workspace_role >= 15 else 5,
+                    role=workspace_role,
                    workspace=workspace,
                    created_by=request.user,
                )
--- a/apiserver/plane/app/views/workspace/member.py
+++ b/apiserver/plane/app/views/workspace/member.py
@ -14,7 +14,7 @@ from plane.app.permissions import (
    WorkSpaceAdminPermission,
    WorkspaceEntityPermission,
    allow_permission,
-    ROLE
+    ROLE,
 )

 # Module imports
@ -44,7 +44,6 @@ class WorkSpaceMemberViewSet(BaseViewSet):
    serializer_class = WorkspaceMemberAdminSerializer
    model = WorkspaceMember

-
    search_fields = [
        "member__display_name",
        "member__first_name",
@ -96,9 +95,7 @@ class WorkSpaceMemberViewSet(BaseViewSet):
        user=False,
        multiple=True,
    )
-    @allow_permission(
-        allowed_roles=[ROLE.ADMIN], level="WORKSPACE"
-    )
+    @allow_permission(allowed_roles=[ROLE.ADMIN], level="WORKSPACE")
    def partial_update(self, request, slug, pk):
        workspace_member = WorkspaceMember.objects.get(
            pk=pk,
@ -112,25 +109,10 @@ class WorkSpaceMemberViewSet(BaseViewSet):
                status=status.HTTP_400_BAD_REQUEST,
            )

-        # Get the requested user role
-        requested_workspace_member = WorkspaceMember.objects.get(
-            workspace__slug=slug,
-            member=request.user,
-            is_active=True,
-        )
-        # Check if role is being updated
-        # One cannot update role higher than his own role
-        if (
-            "role" in request.data
-            and int(request.data.get("role", workspace_member.role))
-            > requested_workspace_member.role
-        ):
-            return Response(
-                {
-                    "error": "You cannot update a role that is higher than your own role"
-                },
-                status=status.HTTP_400_BAD_REQUEST,
-            )
+        if workspace_member.role > int(request.data.get("role")):
+            _ = ProjectMember.objects.filter(
+                workspace__slug=slug, member_id=workspace_member.member_id
+            ).update(role=int(request.data.get("role")))

        serializer = WorkSpaceMemberSerializer(
            workspace_member, data=request.data, partial=True
@ -151,9 +133,7 @@ class WorkSpaceMemberViewSet(BaseViewSet):
    @invalidate_cache(
        path="/api/users/me/workspaces/", user=False, multiple=True
    )
-    @allow_permission(
-        allowed_roles=[ROLE.ADMIN], level="WORKSPACE"
-    )
+    @allow_permission(allowed_roles=[ROLE.ADMIN], level="WORKSPACE")
    def destroy(self, request, slug, pk):
        # Check the user role who is deleting the user
        workspace_member = WorkspaceMember.objects.get(