👔(backend) doc restricted by default
By default a created document was in "authenticated" mode, we switch to "restricted" by default.
This commit is contained in:
Anthony LC
@@ -20,6 +20,7 @@ and this project adheres to
|
|||||||
## Changed
|
## Changed
|
||||||
|
|
||||||
- ♻️(frontend) list accesses if user has abilities #376
|
- ♻️(frontend) list accesses if user has abilities #376
|
||||||
|
- 👔(backend) doc restricted by default #388
|
||||||
|
|
||||||
## Fixed
|
## Fixed
|
||||||
|
|
||||||
|
|||||||
@@ -0,0 +1,18 @@
|
|||||||
|
# Generated by Django 5.1.2 on 2024-10-25 11:41
|
||||||
|
|
||||||
|
from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
('core', '0007_fix_users_duplicate'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.AlterField(
|
||||||
|
model_name='document',
|
||||||
|
name='link_reach',
|
||||||
|
field=models.CharField(choices=[('restricted', 'Restricted'), ('authenticated', 'Authenticated'), ('public', 'Public')], default='restricted', max_length=20),
|
||||||
|
),
|
||||||
|
]
|
||||||
@@ -336,7 +336,7 @@ class Document(BaseModel):
|
|||||||
link_reach = models.CharField(
|
link_reach = models.CharField(
|
||||||
max_length=20,
|
max_length=20,
|
||||||
choices=LinkReachChoices.choices,
|
choices=LinkReachChoices.choices,
|
||||||
default=LinkReachChoices.AUTHENTICATED,
|
default=LinkReachChoices.RESTRICTED,
|
||||||
)
|
)
|
||||||
link_role = models.CharField(
|
link_role = models.CharField(
|
||||||
max_length=20, choices=LinkRoleChoices.choices, default=LinkRoleChoices.READER
|
max_length=20, choices=LinkRoleChoices.choices, default=LinkRoleChoices.READER
|
||||||
|
|||||||
@@ -47,6 +47,7 @@ def test_api_documents_create_authenticated_success():
|
|||||||
assert response.status_code == 201
|
assert response.status_code == 201
|
||||||
document = Document.objects.get()
|
document = Document.objects.get()
|
||||||
assert document.title == "my document"
|
assert document.title == "my document"
|
||||||
|
assert document.link_reach == "restricted"
|
||||||
assert document.accesses.filter(role="owner", user=user).exists()
|
assert document.accesses.filter(role="owner", user=user).exists()
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -40,20 +40,20 @@ test.describe('Doc Visibility', () => {
|
|||||||
name: 'Visibility',
|
name: 'Visibility',
|
||||||
});
|
});
|
||||||
|
|
||||||
await expect(selectVisibility.getByText('Authenticated')).toBeVisible();
|
await expect(selectVisibility.getByText('Restricted')).toBeVisible();
|
||||||
|
|
||||||
await expect(page.getByLabel('Read only')).toBeVisible();
|
await expect(page.getByLabel('Read only')).toBeHidden();
|
||||||
await expect(page.getByLabel('Can read and edit')).toBeVisible();
|
await expect(page.getByLabel('Can read and edit')).toBeHidden();
|
||||||
|
|
||||||
await selectVisibility.click();
|
await selectVisibility.click();
|
||||||
await page
|
await page
|
||||||
.getByRole('option', {
|
.getByRole('option', {
|
||||||
name: 'Restricted',
|
name: 'Authenticated',
|
||||||
})
|
})
|
||||||
.click();
|
.click();
|
||||||
|
|
||||||
await expect(page.getByLabel('Read only')).toBeHidden();
|
await expect(page.getByLabel('Read only')).toBeVisible();
|
||||||
await expect(page.getByLabel('Can read and edit')).toBeHidden();
|
await expect(page.getByLabel('Can read and edit')).toBeVisible();
|
||||||
|
|
||||||
await selectVisibility.click();
|
await selectVisibility.click();
|
||||||
|
|
||||||
@@ -87,26 +87,6 @@ test.describe('Doc Visibility: Restricted', () => {
|
|||||||
|
|
||||||
await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
|
await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
|
||||||
|
|
||||||
await page.getByRole('button', { name: 'Share' }).click();
|
|
||||||
await page
|
|
||||||
.getByRole('combobox', {
|
|
||||||
name: 'Visibility',
|
|
||||||
})
|
|
||||||
.click();
|
|
||||||
await page
|
|
||||||
.getByRole('option', {
|
|
||||||
name: 'Restricted',
|
|
||||||
})
|
|
||||||
.click();
|
|
||||||
|
|
||||||
await expect(
|
|
||||||
page.getByText('The document visibility has been updated.'),
|
|
||||||
).toBeVisible();
|
|
||||||
|
|
||||||
await page.locator('.c__modal__backdrop').click({
|
|
||||||
position: { x: 0, y: 0 },
|
|
||||||
});
|
|
||||||
|
|
||||||
const urlDoc = page.url();
|
const urlDoc = page.url();
|
||||||
|
|
||||||
await page
|
await page
|
||||||
@@ -133,26 +113,6 @@ test.describe('Doc Visibility: Restricted', () => {
|
|||||||
|
|
||||||
await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
|
await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
|
||||||
|
|
||||||
await page.getByRole('button', { name: 'Share' }).click();
|
|
||||||
await page
|
|
||||||
.getByRole('combobox', {
|
|
||||||
name: 'Visibility',
|
|
||||||
})
|
|
||||||
.click();
|
|
||||||
await page
|
|
||||||
.getByRole('option', {
|
|
||||||
name: 'Restricted',
|
|
||||||
})
|
|
||||||
.click();
|
|
||||||
|
|
||||||
await expect(
|
|
||||||
page.getByText('The document visibility has been updated.'),
|
|
||||||
).toBeVisible();
|
|
||||||
|
|
||||||
await page.locator('.c__modal__backdrop').click({
|
|
||||||
position: { x: 0, y: 0 },
|
|
||||||
});
|
|
||||||
|
|
||||||
const urlDoc = page.url();
|
const urlDoc = page.url();
|
||||||
|
|
||||||
await page
|
await page
|
||||||
@@ -182,20 +142,6 @@ test.describe('Doc Visibility: Restricted', () => {
|
|||||||
await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
|
await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
|
||||||
|
|
||||||
await page.getByRole('button', { name: 'Share' }).click();
|
await page.getByRole('button', { name: 'Share' }).click();
|
||||||
await page
|
|
||||||
.getByRole('combobox', {
|
|
||||||
name: 'Visibility',
|
|
||||||
})
|
|
||||||
.click();
|
|
||||||
await page
|
|
||||||
.getByRole('option', {
|
|
||||||
name: 'Restricted',
|
|
||||||
})
|
|
||||||
.click();
|
|
||||||
|
|
||||||
await expect(
|
|
||||||
page.getByText('The document visibility has been updated.'),
|
|
||||||
).toBeVisible();
|
|
||||||
|
|
||||||
const inputSearch = page.getByLabel(/Find a member to add to the document/);
|
const inputSearch = page.getByLabel(/Find a member to add to the document/);
|
||||||
|
|
||||||
@@ -389,6 +335,26 @@ test.describe('Doc Visibility: Authenticated', () => {
|
|||||||
|
|
||||||
await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
|
await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
|
||||||
|
|
||||||
|
await page.getByRole('button', { name: 'Share' }).click();
|
||||||
|
await page
|
||||||
|
.getByRole('combobox', {
|
||||||
|
name: 'Visibility',
|
||||||
|
})
|
||||||
|
.click();
|
||||||
|
await page
|
||||||
|
.getByRole('option', {
|
||||||
|
name: 'Authenticated',
|
||||||
|
})
|
||||||
|
.click();
|
||||||
|
|
||||||
|
await expect(
|
||||||
|
page.getByText('The document visibility has been updated.'),
|
||||||
|
).toBeVisible();
|
||||||
|
|
||||||
|
await page.locator('.c__modal__backdrop').click({
|
||||||
|
position: { x: 0, y: 0 },
|
||||||
|
});
|
||||||
|
|
||||||
const urlDoc = page.url();
|
const urlDoc = page.url();
|
||||||
|
|
||||||
await page
|
await page
|
||||||
@@ -421,6 +387,26 @@ test.describe('Doc Visibility: Authenticated', () => {
|
|||||||
|
|
||||||
await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
|
await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
|
||||||
|
|
||||||
|
await page.getByRole('button', { name: 'Share' }).click();
|
||||||
|
await page
|
||||||
|
.getByRole('combobox', {
|
||||||
|
name: 'Visibility',
|
||||||
|
})
|
||||||
|
.click();
|
||||||
|
await page
|
||||||
|
.getByRole('option', {
|
||||||
|
name: 'Authenticated',
|
||||||
|
})
|
||||||
|
.click();
|
||||||
|
|
||||||
|
await expect(
|
||||||
|
page.getByText('The document visibility has been updated.'),
|
||||||
|
).toBeVisible();
|
||||||
|
|
||||||
|
await page.locator('.c__modal__backdrop').click({
|
||||||
|
position: { x: 0, y: 0 },
|
||||||
|
});
|
||||||
|
|
||||||
const urlDoc = page.url();
|
const urlDoc = page.url();
|
||||||
|
|
||||||
await page
|
await page
|
||||||
@@ -467,6 +453,26 @@ test.describe('Doc Visibility: Authenticated', () => {
|
|||||||
|
|
||||||
await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
|
await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
|
||||||
|
|
||||||
|
await page.getByRole('button', { name: 'Share' }).click();
|
||||||
|
await page
|
||||||
|
.getByRole('combobox', {
|
||||||
|
name: 'Visibility',
|
||||||
|
})
|
||||||
|
.click();
|
||||||
|
await page
|
||||||
|
.getByRole('option', {
|
||||||
|
name: 'Authenticated',
|
||||||
|
})
|
||||||
|
.click();
|
||||||
|
|
||||||
|
await expect(
|
||||||
|
page.getByText('The document visibility has been updated.'),
|
||||||
|
).toBeVisible();
|
||||||
|
|
||||||
|
await page.locator('.c__modal__backdrop').click({
|
||||||
|
position: { x: 0, y: 0 },
|
||||||
|
});
|
||||||
|
|
||||||
const urlDoc = page.url();
|
const urlDoc = page.url();
|
||||||
|
|
||||||
await page.getByRole('button', { name: 'Share' }).click();
|
await page.getByRole('button', { name: 'Share' }).click();
|
||||||
|
|||||||
Reference in New Issue
Block a user