servala/servala-portal
3
0
Fork 0
Code Issues 21 Pull requests 5 Projects 2 Releases Packages 2 Activity Actions

Fix permission issue for editing or deleting instances #151

Merged
tobru merged 3 commits from 148-instance-edit-permissions into main 2025-07-11 14:55:48 +00:00
Conversation 3 Commits 3 Files changed 2 +19 -4
rixx commented 2025-07-11 10:17:29 +00:00
Member
Copy link

Alternative to #148 – does this resolve the problem observed? I followed the other PR in making it so that only org admins, not org members, can change instances.

Additionally, I added a rule that grants "admin dashboard" permissions to staff users. Up until now, staff users were able to see, edit and delete objects, but did not see any indication of this on the dashboard, which was empty.

Alternative to #148 – does this resolve the problem observed? I followed the other PR in making it so that only org admins, not org members, can change instances. Additionally, I added a rule that grants "admin dashboard" permissions to staff users. Up until now, staff users were able to see, edit and delete objects, but did not see any indication of this on the dashboard, which was empty.
rixx force-pushed 148-instance-edit-permissions from 4c0a656ed4 to 5feabda513 2025-07-11 10:25:56 +00:00 Compare
tobru commented 2025-07-11 12:18:51 +00:00
Owner
Copy link

@rixx Unfortunately, no. A regular user without any Django permissions (staff or superuser) cannot edit or delete a service instance. IMHO we should not rely on the Django permissions but on the role the user has in the Organization.

@rixx Unfortunately, no. A regular user without any Django permissions (staff or superuser) cannot edit or delete a service instance. IMHO we should not rely on the Django permissions but on the role the user has in the Organization.
rixx added 1 commit 2025-07-11 14:38:59 +00:00
Make rules compatible with instance checks
All checks were successful
Tests / test (push) Successful in 26s
Details
0bd895c486
rixx commented 2025-07-11 14:39:10 +00:00
Author
Member
Copy link

@tobru Hm, but that's what's meant to happen regardless – you can see that Django uses the django-rules permissions in User.has_perm by checking out this PR and comparing the look of the admin interface as a staff user.

I found the bug, though – the problem was that the checks were originally tailored to the Organization model, and were not flexible enough to look up the organization when given an instance. Fixed this in 0bd895c.

@tobru Hm, but that's what's meant to happen regardless – you can see that Django uses the django-rules permissions in `User.has_perm` by checking out this PR and comparing the look of the admin interface as a staff user. I found the bug, though – the problem was that the checks were originally tailored to the Organization model, and were not flexible enough to look up the organization when given an instance. Fixed this in 0bd895c.
tobru merged commit 683977a001 into main 2025-07-11 14:55:48 +00:00
tobru deleted branch 148-instance-edit-permissions 2025-07-11 14:55:48 +00:00
tobru commented 2025-07-11 14:56:00 +00:00
Owner
Copy link

Perfect, now it works as intended

Perfect, now it works as intended
tobru changed title from Try to fix permissions issue to Fix permission issue for editing or deleting instances 2025-07-11 14:56:35 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
dependencies

Dependencies Update

  
bug

Something is not working

  
change

Change an existing feature

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

No labels
dependencies
bug
change
duplicate
enhancement
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: servala/servala-portal#151
No description provided.
Delete branch "148-instance-edit-permissions"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?