fix: allow super admin customer platform apps
This commit is contained in:
Md Bayazid Bostame
@@ -212,13 +212,13 @@ DEFAULT_ROLE_VISIBILITY = {
|
|||||||
ROLE_STAFF: False,
|
ROLE_STAFF: False,
|
||||||
},
|
},
|
||||||
'branding': {
|
'branding': {
|
||||||
ROLE_SUPER_ADMIN: False,
|
ROLE_SUPER_ADMIN: True,
|
||||||
ROLE_ADMIN: False,
|
ROLE_ADMIN: False,
|
||||||
ROLE_IT_STAFF: False,
|
ROLE_IT_STAFF: False,
|
||||||
ROLE_STAFF: False,
|
ROLE_STAFF: False,
|
||||||
},
|
},
|
||||||
'company_config': {
|
'company_config': {
|
||||||
ROLE_SUPER_ADMIN: False,
|
ROLE_SUPER_ADMIN: True,
|
||||||
ROLE_ADMIN: False,
|
ROLE_ADMIN: False,
|
||||||
ROLE_IT_STAFF: False,
|
ROLE_IT_STAFF: False,
|
||||||
ROLE_STAFF: False,
|
ROLE_STAFF: False,
|
||||||
|
|||||||
@@ -33,8 +33,8 @@ ROLE_LABELS = {
|
|||||||
CAPABILITIES = {
|
CAPABILITIES = {
|
||||||
# Platform-only capabilities stay above any customer-company admin role.
|
# Platform-only capabilities stay above any customer-company admin role.
|
||||||
'manage_users': {ROLE_PLATFORM_OWNER, ROLE_SUPER_ADMIN},
|
'manage_users': {ROLE_PLATFORM_OWNER, ROLE_SUPER_ADMIN},
|
||||||
'manage_product_branding': {ROLE_PLATFORM_OWNER},
|
'manage_product_branding': {ROLE_PLATFORM_OWNER, ROLE_SUPER_ADMIN},
|
||||||
'manage_company_config': {ROLE_PLATFORM_OWNER},
|
'manage_company_config': {ROLE_PLATFORM_OWNER, ROLE_SUPER_ADMIN},
|
||||||
'manage_trial_lifecycle': {ROLE_PLATFORM_OWNER},
|
'manage_trial_lifecycle': {ROLE_PLATFORM_OWNER},
|
||||||
'manage_app_registry': {ROLE_PLATFORM_OWNER},
|
'manage_app_registry': {ROLE_PLATFORM_OWNER},
|
||||||
'access_requests_dashboard': {ROLE_PLATFORM_OWNER, ROLE_SUPER_ADMIN, ROLE_ADMIN, ROLE_IT_STAFF, ROLE_STAFF},
|
'access_requests_dashboard': {ROLE_PLATFORM_OWNER, ROLE_SUPER_ADMIN, ROLE_ADMIN, ROLE_IT_STAFF, ROLE_STAFF},
|
||||||
|
|||||||
@@ -41,6 +41,13 @@ class AppRegistryPermissionTests(TestCase):
|
|||||||
self.assertNotIn('trial_management', self._visible_keys(self.super_admin))
|
self.assertNotIn('trial_management', self._visible_keys(self.super_admin))
|
||||||
self.assertNotIn('trial_management', self._visible_keys(self.admin))
|
self.assertNotIn('trial_management', self._visible_keys(self.admin))
|
||||||
|
|
||||||
|
def test_super_admin_sees_branding_and_company_config_but_not_app_registry(self):
|
||||||
|
keys = self._visible_keys(self.super_admin)
|
||||||
|
|
||||||
|
self.assertIn('branding', keys)
|
||||||
|
self.assertIn('company_config', keys)
|
||||||
|
self.assertNotIn('app_registry', keys)
|
||||||
|
|
||||||
def test_requests_dashboard_can_be_hidden_from_staff_via_registry(self):
|
def test_requests_dashboard_can_be_hidden_from_staff_via_registry(self):
|
||||||
config = PortalAppConfig.objects.get(key='requests_dashboard')
|
config = PortalAppConfig.objects.get(key='requests_dashboard')
|
||||||
config.visible_to_staff = False
|
config.visible_to_staff = False
|
||||||
@@ -63,3 +70,12 @@ class AppRegistryPermissionTests(TestCase):
|
|||||||
response = self.client.get(reverse('portal_app_registry_page'))
|
response = self.client.get(reverse('portal_app_registry_page'))
|
||||||
|
|
||||||
self.assertEqual(response.status_code, 200)
|
self.assertEqual(response.status_code, 200)
|
||||||
|
|
||||||
|
def test_super_admin_can_open_branding_and_company_config_pages(self):
|
||||||
|
self.client.force_login(self.super_admin)
|
||||||
|
|
||||||
|
branding_response = self.client.get(reverse('portal_branding_page'))
|
||||||
|
company_response = self.client.get(reverse('portal_company_config_page'))
|
||||||
|
|
||||||
|
self.assertEqual(branding_response.status_code, 200)
|
||||||
|
self.assertEqual(company_response.status_code, 200)
|
||||||
|
|||||||
Reference in New Issue
Block a user