Skip to content

Commit 18b05ac

Browse files
lunikaAntoLC
lunika
authored and
AntoLC
committed
✨(backend) add commentator role
To allow a user to comment a document we added a new role: commentator. Commentator is higher than reader but lower than editor.
1 parent 6cc4263 commit 18b05ac

File tree

7 files changed

+249
-62
lines changed

7 files changed

+249
-62
lines changed

src/backend/core/choices.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,13 +33,15 @@ class LinkRoleChoices(PriorityTextChoices):
3333
"""Defines the possible roles a link can offer on a document."""
3434

3535
READER = "reader", _("Reader") # Can read
36+
COMMENTATOR = "commentator", _("Commentator") # Can read and comment
3637
EDITOR = "editor", _("Editor") # Can read and edit
3738

3839

3940
class RoleChoices(PriorityTextChoices):
4041
"""Defines the possible roles a user can have in a resource."""
4142

4243
READER = "reader", _("Reader") # Can read
44+
COMMENTATOR = "commentator", _("Commentator") # Can read and comment
4345
EDITOR = "editor", _("Editor") # Can read and edit
4446
ADMIN = "administrator", _("Administrator") # Can read, edit, delete and share
4547
OWNER = "owner", _("Owner")

src/backend/core/models.py

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -753,6 +753,7 @@ def get_abilities(self, user):
753753
can_update = (
754754
is_owner_or_admin or role == RoleChoices.EDITOR
755755
) and not is_deleted
756+
can_comment = (can_update or role == RoleChoices.COMMENTATOR) and not is_deleted
756757
can_create_children = can_update and user.is_authenticated
757758
can_destroy = (
758759
is_owner
@@ -783,6 +784,7 @@ def get_abilities(self, user):
783784
"children_list": can_get,
784785
"children_create": can_create_children,
785786
"collaboration_auth": can_get,
787+
"comment": can_comment,
786788
"content": can_get,
787789
"cors_proxy": can_get,
788790
"descendants": can_get,
@@ -1143,7 +1145,12 @@ def get_abilities(self, user):
11431145
set_role_to = []
11441146
if is_owner_or_admin:
11451147
set_role_to.extend(
1146-
[RoleChoices.READER, RoleChoices.EDITOR, RoleChoices.ADMIN]
1148+
[
1149+
RoleChoices.READER,
1150+
RoleChoices.COMMENTATOR,
1151+
RoleChoices.EDITOR,
1152+
RoleChoices.ADMIN,
1153+
]
11471154
)
11481155
if role == RoleChoices.OWNER:
11491156
set_role_to.append(RoleChoices.OWNER)

src/backend/core/tests/documents/test_api_document_accesses.py

Lines changed: 21 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -293,6 +293,7 @@ def test_api_document_accesses_retrieve_set_role_to_child():
293293
}
294294
assert result_dict[str(document_access_other_user.id)] == [
295295
"reader",
296+
"commentator",
296297
"editor",
297298
"administrator",
298299
"owner",
@@ -301,7 +302,7 @@ def test_api_document_accesses_retrieve_set_role_to_child():
301302

302303
# Add an access for the other user on the parent
303304
parent_access_other_user = factories.UserDocumentAccessFactory(
304-
document=parent, user=other_user, role="editor"
305+
document=parent, user=other_user, role="commentator"
305306
)
306307

307308
response = client.get(f"/api/v1.0/documents/{document.id!s}/accesses/")
@@ -314,13 +315,15 @@ def test_api_document_accesses_retrieve_set_role_to_child():
314315
result["id"]: result["abilities"]["set_role_to"] for result in content
315316
}
316317
assert result_dict[str(document_access_other_user.id)] == [
318+
"commentator",
317319
"editor",
318320
"administrator",
319321
"owner",
320322
]
321323
assert result_dict[str(parent_access.id)] == []
322324
assert result_dict[str(parent_access_other_user.id)] == [
323325
"reader",
326+
"commentator",
324327
"editor",
325328
"administrator",
326329
"owner",
@@ -333,28 +336,28 @@ def test_api_document_accesses_retrieve_set_role_to_child():
333336
[
334337
["administrator", "reader", "reader", "reader"],
335338
[
336-
["reader", "editor", "administrator"],
339+
["reader", "commentator", "editor", "administrator"],
337340
[],
338341
[],
339-
["reader", "editor", "administrator"],
342+
["reader", "commentator", "editor", "administrator"],
340343
],
341344
],
342345
[
343346
["owner", "reader", "reader", "reader"],
344347
[
345-
["reader", "editor", "administrator", "owner"],
348+
["reader", "commentator", "editor", "administrator", "owner"],
346349
[],
347350
[],
348-
["reader", "editor", "administrator", "owner"],
351+
["reader", "commentator", "editor", "administrator", "owner"],
349352
],
350353
],
351354
[
352355
["owner", "reader", "reader", "owner"],
353356
[
354-
["reader", "editor", "administrator", "owner"],
357+
["reader", "commentator", "editor", "administrator", "owner"],
355358
[],
356359
[],
357-
["reader", "editor", "administrator", "owner"],
360+
["reader", "commentator", "editor", "administrator", "owner"],
358361
],
359362
],
360363
],
@@ -415,52 +418,52 @@ def test_api_document_accesses_list_authenticated_related_same_user(roles, resul
415418
[
416419
["administrator", "reader", "reader", "reader"],
417420
[
418-
["reader", "editor", "administrator"],
421+
["reader", "commentator", "editor", "administrator"],
419422
[],
420423
[],
421-
["reader", "editor", "administrator"],
424+
["reader", "commentator", "editor", "administrator"],
422425
],
423426
],
424427
[
425428
["owner", "reader", "reader", "reader"],
426429
[
427-
["reader", "editor", "administrator", "owner"],
430+
["reader", "commentator", "editor", "administrator", "owner"],
428431
[],
429432
[],
430-
["reader", "editor", "administrator", "owner"],
433+
["reader", "commentator", "editor", "administrator", "owner"],
431434
],
432435
],
433436
[
434437
["owner", "reader", "reader", "owner"],
435438
[
436-
["reader", "editor", "administrator", "owner"],
439+
["reader", "commentator", "editor", "administrator", "owner"],
437440
[],
438441
[],
439-
["reader", "editor", "administrator", "owner"],
442+
["reader", "commentator", "editor", "administrator", "owner"],
440443
],
441444
],
442445
[
443446
["reader", "reader", "reader", "owner"],
444447
[
445-
["reader", "editor", "administrator", "owner"],
448+
["reader", "commentator", "editor", "administrator", "owner"],
446449
[],
447450
[],
448-
["reader", "editor", "administrator", "owner"],
451+
["reader", "commentator", "editor", "administrator", "owner"],
449452
],
450453
],
451454
[
452455
["reader", "administrator", "reader", "editor"],
453456
[
454-
["reader", "editor", "administrator"],
455-
["reader", "editor", "administrator"],
457+
["reader", "commentator", "editor", "administrator"],
458+
["reader", "commentator", "editor", "administrator"],
456459
[],
457460
[],
458461
],
459462
],
460463
[
461464
["editor", "editor", "administrator", "editor"],
462465
[
463-
["reader", "editor", "administrator"],
466+
["reader", "commentator", "editor", "administrator"],
464467
[],
465468
["editor", "administrator"],
466469
[],

src/backend/core/tests/documents/test_api_documents_retrieve.py

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,7 @@ def test_api_documents_retrieve_anonymous_public_standalone():
3636
"children_create": False,
3737
"children_list": True,
3838
"collaboration_auth": True,
39+
"comment": document.link_role in ["commentator", "editor"],
3940
"cors_proxy": True,
4041
"content": True,
4142
"descendants": True,
@@ -46,8 +47,8 @@ def test_api_documents_retrieve_anonymous_public_standalone():
4647
"invite_owner": False,
4748
"link_configuration": False,
4849
"link_select_options": {
49-
"authenticated": ["reader", "editor"],
50-
"public": ["reader", "editor"],
50+
"authenticated": ["reader", "commentator", "editor"],
51+
"public": ["reader", "commentator", "editor"],
5152
"restricted": None,
5253
},
5354
"mask": False,
@@ -112,6 +113,7 @@ def test_api_documents_retrieve_anonymous_public_parent():
112113
"children_create": False,
113114
"children_list": True,
114115
"collaboration_auth": True,
116+
"comment": grand_parent.link_role in ["commentator", "editor"],
115117
"descendants": True,
116118
"cors_proxy": True,
117119
"content": True,
@@ -218,6 +220,7 @@ def test_api_documents_retrieve_authenticated_unrelated_public_or_authenticated(
218220
"children_create": document.link_role == "editor",
219221
"children_list": True,
220222
"collaboration_auth": True,
223+
"comment": document.link_role in ["commentator", "editor"],
221224
"descendants": True,
222225
"cors_proxy": True,
223226
"content": True,
@@ -227,8 +230,8 @@ def test_api_documents_retrieve_authenticated_unrelated_public_or_authenticated(
227230
"invite_owner": False,
228231
"link_configuration": False,
229232
"link_select_options": {
230-
"authenticated": ["reader", "editor"],
231-
"public": ["reader", "editor"],
233+
"authenticated": ["reader", "commentator", "editor"],
234+
"public": ["reader", "commentator", "editor"],
232235
"restricted": None,
233236
},
234237
"mask": True,
@@ -301,6 +304,7 @@ def test_api_documents_retrieve_authenticated_public_or_authenticated_parent(rea
301304
"children_create": grand_parent.link_role == "editor",
302305
"children_list": True,
303306
"collaboration_auth": True,
307+
"comment": grand_parent.link_role in ["commentator", "editor"],
304308
"descendants": True,
305309
"cors_proxy": True,
306310
"content": True,
@@ -492,10 +496,11 @@ def test_api_documents_retrieve_authenticated_related_parent():
492496
"ai_transform": access.role != "reader",
493497
"ai_translate": access.role != "reader",
494498
"attachment_upload": access.role != "reader",
495-
"can_edit": access.role != "reader",
499+
"can_edit": access.role not in ["reader", "commentator"],
496500
"children_create": access.role != "reader",
497501
"children_list": True,
498502
"collaboration_auth": True,
503+
"comment": access.role != "reader",
499504
"descendants": True,
500505
"cors_proxy": True,
501506
"content": True,

src/backend/core/tests/documents/test_api_documents_trashbin.py

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -79,17 +79,18 @@ def test_api_documents_trashbin_format():
7979
"children_create": True,
8080
"children_list": True,
8181
"collaboration_auth": True,
82-
"descendants": True,
82+
"comment": True,
8383
"cors_proxy": True,
84+
"descendants": True,
8485
"content": True,
8586
"destroy": True,
8687
"duplicate": True,
8788
"favorite": True,
8889
"invite_owner": True,
8990
"link_configuration": True,
9091
"link_select_options": {
91-
"authenticated": ["reader", "editor"],
92-
"public": ["reader", "editor"],
92+
"authenticated": ["reader", "commentator", "editor"],
93+
"public": ["reader", "commentator", "editor"],
9394
"restricted": None,
9495
},
9596
"mask": True,

src/backend/core/tests/test_models_document_accesses.py

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -123,7 +123,7 @@ def test_models_document_access_get_abilities_for_owner_of_self_allowed():
123123
"retrieve": True,
124124
"update": True,
125125
"partial_update": True,
126-
"set_role_to": ["reader", "editor", "administrator", "owner"],
126+
"set_role_to": ["reader", "commentator", "editor", "administrator", "owner"],
127127
}
128128

129129

@@ -166,7 +166,7 @@ def test_models_document_access_get_abilities_for_owner_of_self_last_on_child(
166166
"retrieve": True,
167167
"update": True,
168168
"partial_update": True,
169-
"set_role_to": ["reader", "editor", "administrator", "owner"],
169+
"set_role_to": ["reader", "commentator", "editor", "administrator", "owner"],
170170
}
171171

172172

@@ -183,7 +183,7 @@ def test_models_document_access_get_abilities_for_owner_of_owner():
183183
"retrieve": True,
184184
"update": True,
185185
"partial_update": True,
186-
"set_role_to": ["reader", "editor", "administrator", "owner"],
186+
"set_role_to": ["reader", "commentator", "editor", "administrator", "owner"],
187187
}
188188

189189

@@ -200,7 +200,7 @@ def test_models_document_access_get_abilities_for_owner_of_administrator():
200200
"retrieve": True,
201201
"update": True,
202202
"partial_update": True,
203-
"set_role_to": ["reader", "editor", "administrator", "owner"],
203+
"set_role_to": ["reader", "commentator", "editor", "administrator", "owner"],
204204
}
205205

206206

@@ -217,7 +217,7 @@ def test_models_document_access_get_abilities_for_owner_of_editor():
217217
"retrieve": True,
218218
"update": True,
219219
"partial_update": True,
220-
"set_role_to": ["reader", "editor", "administrator", "owner"],
220+
"set_role_to": ["reader", "commentator", "editor", "administrator", "owner"],
221221
}
222222

223223

@@ -234,7 +234,7 @@ def test_models_document_access_get_abilities_for_owner_of_reader():
234234
"retrieve": True,
235235
"update": True,
236236
"partial_update": True,
237-
"set_role_to": ["reader", "editor", "administrator", "owner"],
237+
"set_role_to": ["reader", "commentator", "editor", "administrator", "owner"],
238238
}
239239

240240

@@ -271,7 +271,7 @@ def test_models_document_access_get_abilities_for_administrator_of_administrator
271271
"retrieve": True,
272272
"update": True,
273273
"partial_update": True,
274-
"set_role_to": ["reader", "editor", "administrator"],
274+
"set_role_to": ["reader", "commentator", "editor", "administrator"],
275275
}
276276

277277

@@ -288,7 +288,7 @@ def test_models_document_access_get_abilities_for_administrator_of_editor():
288288
"retrieve": True,
289289
"update": True,
290290
"partial_update": True,
291-
"set_role_to": ["reader", "editor", "administrator"],
291+
"set_role_to": ["reader", "commentator", "editor", "administrator"],
292292
}
293293

294294

@@ -305,7 +305,7 @@ def test_models_document_access_get_abilities_for_administrator_of_reader():
305305
"retrieve": True,
306306
"update": True,
307307
"partial_update": True,
308-
"set_role_to": ["reader", "editor", "administrator"],
308+
"set_role_to": ["reader", "commentator", "editor", "administrator"],
309309
}
310310

311311

0 commit comments

Comments
 (0)