archive/bramw_baserow
1
0
Fork 0
mirror of https://gitlab.com/bramw/baserow.git synced 2025-04-08 06:40:07 +00:00
Code Issues Projects Releases Wiki Activity

Resolve "Cannot reorder databases in workspace if user has editor or lower access on any database"

Browse source
This commit is contained in:
Davide Silvestri 2024-08-13 09:20:27 +00:00
parent 4ff95c8ac8
commit 7b54650b79
3 changed files with 57 additions and 2 deletions
backend/src/baserow/core
handler.py
changelog/entries/unreleased/bug
2874_cannot_reorder_databases_in_workspace_if_user_has_editor_or_.json
enterprise/backend/tests/baserow_enterprise_tests/role
test_core_handler_operations.py

4
backend/src/baserow/core/handler.py
View file

@ -1554,12 +1554,12 @@ class CoreHandler(metaclass=baserow_trace_methods(tracer)):
users_applications = CoreHandler().filter_queryset(
user,
OrderApplicationsOperationType.type,
ReadApplicationOperationType.type,
all_applications,
workspace=workspace,
)
users_application_ids = users_applications.values_list("id", flat=True)
users_application_ids = list(users_applications.values_list("id", flat=True))
# Check that all ordered ids can be ordered by the user
for application_id in order:

7
changelog/entries/unreleased/bug/2874_cannot_reorder_databases_in_workspace_if_user_has_editor_or_.json Normal file
View file

@ -0,0 +1,7 @@
{
"type": "bug",
"message": "Fixed a bug causing an issue reordering databases in workspace if user has editor or lower access on any database.",
"issue_number": 2874,
"bullet_points": [],
"created_at": "2024-08-09"
}

48
enterprise/backend/tests/baserow_enterprise_tests/role/test_core_handler_operations.py Normal file
View file

@ -0,0 +1,48 @@
import pytest
from pytest_unordered import unordered
from baserow.core.exceptions import PermissionDenied
from baserow.core.handler import CoreHandler
from baserow_enterprise.role.handler import RoleAssignmentHandler
from baserow_enterprise.role.models import Role
@pytest.fixture(autouse=True)
def enable_enterprise_and_synced_roles_for_all_tests_here(
enable_enterprise, synced_roles
):
pass
@pytest.mark.django_db()
def test_viewer_and_up_can_reoder_applications_in_workspace(data_fixture):
admin = data_fixture.create_user()
viewer = data_fixture.create_user()
workspace = data_fixture.create_workspace(user=admin, members=[viewer])
database_1 = data_fixture.create_database_application(workspace=workspace)
database_2 = data_fixture.create_database_application(workspace=workspace)
admin_role = Role.objects.get(uid="ADMIN")
viewer_role = Role.objects.get(uid="VIEWER")
RoleAssignmentHandler().assign_role(admin, workspace, role=admin_role)
RoleAssignmentHandler().assign_role(viewer, workspace, role=viewer_role)
with pytest.raises(PermissionDenied):
CoreHandler().order_applications(
viewer, workspace, [database_2.id, database_1.id]
)
# Let's a assign an admin role at workspace level but a lower level to the single
# database application.
RoleAssignmentHandler().assign_role(viewer, workspace, role=admin_role)
RoleAssignmentHandler().assign_role(
viewer, workspace, role=viewer_role, scope=database_1.application_ptr
)
# Now it should be possible to reorder the applications.
order = CoreHandler().order_applications(
viewer, workspace, [database_2.id, database_1.id]
)
assert order == unordered([database_2.id, database_1.id])