binarybeach/bb-plane-fork
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore: roles demotion (#5612)

Browse source
This commit is contained in:
Bavisetti Narayan 2024-09-16 14:25:27 +05:30 committed by GitHub
parent 5ba1eeaf4c
commit 3ce84f78f1
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 8 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

2
apiserver/plane/app/views/project/invite.py
View file

@ -164,7 +164,7 @@ class UserProjectInvitationsViewset(BaseViewSet):
ProjectMember( ProjectMember(
project_id=project_id, project_id=project_id,
member=request.user, member=request.user,
role=15 if workspace_role >= 15 else 5, role=workspace_role,
workspace=workspace, workspace=workspace,
created_by=request.user, created_by=request.user,
) )

34
apiserver/plane/app/views/workspace/member.py
View file

@ -14,7 +14,7 @@ from plane.app.permissions import (
WorkSpaceAdminPermission, WorkSpaceAdminPermission,
WorkspaceEntityPermission, WorkspaceEntityPermission,
allow_permission, allow_permission,
ROLE ROLE,
) )
# Module imports # Module imports
@ -44,7 +44,6 @@ class WorkSpaceMemberViewSet(BaseViewSet):
serializer_class = WorkspaceMemberAdminSerializer serializer_class = WorkspaceMemberAdminSerializer
model = WorkspaceMember model = WorkspaceMember
search_fields = [ search_fields = [
"member__display_name", "member__display_name",
"member__first_name", "member__first_name",
@ -96,9 +95,7 @@ class WorkSpaceMemberViewSet(BaseViewSet):
user=False, user=False,
multiple=True, multiple=True,
) )
@allow_permission( @allow_permission(allowed_roles=[ROLE.ADMIN], level="WORKSPACE")
allowed_roles=[ROLE.ADMIN], level="WORKSPACE"
)
def partial_update(self, request, slug, pk): def partial_update(self, request, slug, pk):
workspace_member = WorkspaceMember.objects.get( workspace_member = WorkspaceMember.objects.get(
pk=pk, pk=pk,
@ -112,25 +109,10 @@ class WorkSpaceMemberViewSet(BaseViewSet):
status=status.HTTP_400_BAD_REQUEST, status=status.HTTP_400_BAD_REQUEST,
) )
# Get the requested user role if workspace_member.role > int(request.data.get("role")):
requested_workspace_member = WorkspaceMember.objects.get( _ = ProjectMember.objects.filter(
workspace__slug=slug, workspace__slug=slug, member_id=workspace_member.member_id
member=request.user, ).update(role=int(request.data.get("role")))
is_active=True,
)
# Check if role is being updated
# One cannot update role higher than his own role
if (
"role" in request.data
and int(request.data.get("role", workspace_member.role))
> requested_workspace_member.role
):
return Response(
{
"error": "You cannot update a role that is higher than your own role"
},
status=status.HTTP_400_BAD_REQUEST,
)
serializer = WorkSpaceMemberSerializer( serializer = WorkSpaceMemberSerializer(
workspace_member, data=request.data, partial=True workspace_member, data=request.data, partial=True
@ -151,9 +133,7 @@ class WorkSpaceMemberViewSet(BaseViewSet):
@invalidate_cache( @invalidate_cache(
path="/api/users/me/workspaces/", user=False, multiple=True path="/api/users/me/workspaces/", user=False, multiple=True
) )
@allow_permission( @allow_permission(allowed_roles=[ROLE.ADMIN], level="WORKSPACE")
allowed_roles=[ROLE.ADMIN], level="WORKSPACE"
)
def destroy(self, request, slug, pk): def destroy(self, request, slug, pk):
# Check the user role who is deleting the user # Check the user role who is deleting the user
workspace_member = WorkspaceMember.objects.get( workspace_member = WorkspaceMember.objects.get(