✨(backend) give an order to choices

We are going to need to compare choices to materialize the fact that choices are ordered. For example an admin role is higer than an editor role but lower than an owner role. We will need this to compute the reach and role resulting from all the document accesses (resp. link accesses) assigned on a document's ancestors.
2025-04-23 22:47:24 +02:00
parent fae024229e
commit 18d46acd75
5 changed files with 138 additions and 106 deletions
--- a/src/backend/core/api/viewsets.py
+++ b/src/backend/core/api/viewsets.py
@@ -32,7 +32,7 @@ from rest_framework import response as drf_response
 from rest_framework.permissions import AllowAny
 from rest_framework.throttling import UserRateThrottle

-from core import authentication, enums, models
+from core import authentication, choices, enums, models
 from core.services.ai_services import AIService
 from core.services.collaboration_services import CollaborationService
 from core.tasks.mail import send_ask_for_access_mail
@@ -1539,12 +1539,12 @@ class DocumentAccessViewSet(
            document__in=ancestors.filter(depth__gte=highest_readable.depth)
        )

-        is_privileged = bool(roles.intersection(set(models.PRIVILEGED_ROLES)))
+        is_privileged = bool(roles.intersection(set(choices.PRIVILEGED_ROLES)))
        if is_privileged:
            serializer_class = serializers.DocumentAccessSerializer
        else:
            # Return only the document's privileged accesses
-            queryset = queryset.filter(role__in=models.PRIVILEGED_ROLES)
+            queryset = queryset.filter(role__in=choices.PRIVILEGED_ROLES)
            serializer_class = serializers.DocumentAccessLightSerializer

        queryset = queryset.distinct()
@@ -1786,11 +1786,11 @@ class InvitationViewset(
                queryset.filter(
                    db.Q(
                        document__accesses__user=user,
-                        document__accesses__role__in=models.PRIVILEGED_ROLES,
+                        document__accesses__role__in=choices.PRIVILEGED_ROLES,
                    )
                    | db.Q(
                        document__accesses__team__in=teams,
-                        document__accesses__role__in=models.PRIVILEGED_ROLES,
+                        document__accesses__role__in=choices.PRIVILEGED_ROLES,
                    ),
                )
                # Abilities are computed based on logged-in user's role and