__copyright__ = "Copyright © Stichting SciPost (SciPost Foundation)"
__license__ = "AGPL v3"
from django.core.management.base import BaseCommand
from django.contrib.auth.models import Group, Permission
from django.contrib.contenttypes.models import ContentType
from scipost.models import Contributor
[docs]class Command(BaseCommand):
help = "Defines groups and permissions"
[docs] def handle(self, *args, verbose=True, **options):
"""Append all user Groups and setup a Contributor roles to user."""
# Create Groups
SciPostAdmin, created = Group.objects.get_or_create(
name="SciPost Administrators"
)
FinancialAdmin, created = Group.objects.get_or_create(
name="Financial Administrators"
)
AdvisoryBoard, created = Group.objects.get_or_create(name="Advisory Board")
EditorialAdmin, created = Group.objects.get_or_create(
name="Editorial Administrators"
)
EditorialCollege, created = Group.objects.get_or_create(
name="Editorial College"
)
VettingEditors, created = Group.objects.get_or_create(name="Vetting Editors")
RegisteredContributors, created = Group.objects.get_or_create(
name="Registered Contributors"
)
Developers, created = Group.objects.get_or_create(name="Developers")
Testers, created = Group.objects.get_or_create(name="Testers")
Previewers, created = Group.objects.get_or_create(name="Previewers")
NewsAdmin, created = Group.objects.get_or_create(name="News Administrators")
Ambassadors, created = Group.objects.get_or_create(name="Ambassadors")
JuniorAmbassadors, created = Group.objects.get_or_create(
name="Junior Ambassadors"
)
ProductionSupervisors, created = Group.objects.get_or_create(
name="Production Supervisor"
)
ProductionOfficers, created = Group.objects.get_or_create(
name="Production Officers"
)
OrgContacts, created = Group.objects.get_or_create(name="Organization Contacts")
# Create Permissions
content_type = ContentType.objects.get_for_model(Contributor)
# Organizations
can_manage_organizations, created = Permission.objects.get_or_create(
codename="can_manage_organizations",
name="Can manage Organizations",
content_type=content_type,
)
can_add_contactperson, created = Permission.objects.get_or_create(
codename="can_add_contactperson",
name="Can add ContactPerson",
content_type=content_type,
)
can_view_contactrole_list, created = Permission.objects.get_or_create(
codename="can_view_contactrole_list",
name="Can view ContactRole list",
content_type=content_type,
)
# Registration and invitations
can_manage_contributors, created = Permission.objects.get_or_create(
codename="can_manage_contributors",
name="Can manage Contributors",
content_type=content_type,
)
can_vet_registration_requests, created = Permission.objects.get_or_create(
codename="can_vet_registration_requests",
name="Can vet registration requests",
content_type=content_type,
)
can_create_registration_invitations, created = Permission.objects.get_or_create(
codename="can_create_registration_invitations",
name="Can create registration invitations",
content_type=content_type,
)
can_manage_registration_invitations, created = Permission.objects.get_or_create(
codename="can_manage_registration_invitations",
name="Can manage registration invitations",
content_type=content_type,
)
can_invite_fellows, created = Permission.objects.get_or_create(
codename="can_invite_fellows",
name="Can invite Fellows",
content_type=content_type,
)
can_resend_registration_requests, created = Permission.objects.get_or_create(
codename="can_resend_registration_requests",
name="Can resend registration activation emails",
content_type=content_type,
)
can_read_all_privacy_sensitive_data, created = Permission.objects.get_or_create(
codename="can_read_all_privacy_sensitive_data",
name="Can read all privacy sensitive data",
content_type=content_type,
)
can_create_profiles, created = Permission.objects.get_or_create(
codename="can_create_profiles",
name="Can create Profiles",
content_type=content_type,
)
can_view_profiles, created = Permission.objects.get_or_create(
codename="can_view_profiles",
name="Can view Profiles",
content_type=content_type,
)
# Communications
can_email_group_members, created = Permission.objects.get_or_create(
codename="can_email_group_members",
name="Can email group members",
content_type=content_type,
)
can_email_particulars, created = Permission.objects.get_or_create(
codename="can_email_particulars",
name="Can email particulars",
content_type=content_type,
)
# Editorial College
can_manage_college_composition, created = Permission.objects.get_or_create(
codename="can_manage_college_composition",
name="Can manage Editorial College compositions",
content_type=content_type,
)
can_attend_VGMs, created = Permission.objects.get_or_create(
codename="can_attend_VGMs",
name="Can attend Virtual General Meetings",
content_type=content_type,
)
can_view_potentialfellowship_list, created = Permission.objects.get_or_create(
codename="can_view_potentialfellowship_list",
name="Can view PotentialFellowship list",
content_type=content_type,
)
can_add_potentialfellowship, created = Permission.objects.get_or_create(
codename="can_add_potentialfellowship",
name="Can add PotentialFellowship",
content_type=content_type,
)
can_vote_on_potentialfellowship, created = Permission.objects.get_or_create(
codename="can_vote_on_potentialfellowship",
name="Can vote on PotentialFellowship",
content_type=content_type,
)
# Contributions (not related to submissions)
can_submit_comments, created = Permission.objects.get_or_create(
codename="can_submit_comments",
name="Can submit Comments",
content_type=content_type,
)
can_request_commentary_pages, created = Permission.objects.get_or_create(
codename="can_request_commentary_pages",
name="Can request opening of Commentara Pages",
content_type=content_type,
)
can_request_thesislinks, created = Permission.objects.get_or_create(
codename="can_request_thesislinks",
name="Can request Thesis Links",
content_type=content_type,
)
# Vetting of objects
can_vet_commentary_requests, created = Permission.objects.get_or_create(
codename="can_vet_commentary_requests",
name="Can vet Commentary page requests",
content_type=content_type,
)
can_vet_thesislink_requests, created = Permission.objects.get_or_create(
codename="can_vet_thesislink_requests",
name="Can vet Thesis Link requests",
content_type=content_type,
)
can_vet_authorship_claims, created = Permission.objects.get_or_create(
codename="can_vet_authorship_claims",
name="Can vet Authorship claims",
content_type=content_type,
)
can_vet_comments, created = Permission.objects.get_or_create(
codename="can_vet_comments",
name="Can vet submitted Comments",
content_type=content_type,
)
can_vet_submitted_reports, created = Permission.objects.get_or_create(
codename="can_vet_submitted_reports",
name="Can vet submitted Reports",
content_type=content_type,
)
# Submissions
can_submit_manuscript, created = Permission.objects.get_or_create(
codename="can_submit_manuscript",
name="Can submit manuscript",
content_type=content_type,
)
can_do_plagiarism_checks, created = Permission.objects.get_or_create(
codename="can_do_plagiarism_checks",
name="Can do plagiarism checks on submissions",
content_type=content_type,
)
can_reassign_submissions, created = Permission.objects.get_or_create(
codename="can_reassign_submissions",
name="Can force-assign new EIC to Submission",
content_type=content_type,
)
# Submission handling
can_view_pool, created = Permission.objects.get_or_create(
codename="can_view_pool",
name="Can view Submissions Pool",
content_type=content_type,
)
can_assign_submissions, created = Permission.objects.get_or_create(
codename="can_assign_submissions",
name="Can assign incoming Submissions to potential Editor-in-charge",
content_type=content_type,
)
can_take_charge_of_submissions, created = Permission.objects.get_or_create(
codename="can_take_charge_of_submissions",
name="Can take charge (become Editor-in-charge) of submissions",
content_type=content_type,
)
can_manage_series, created = Permission.objects.get_or_create(
codename="can_manage_series",
name="Can manage Series and Collections",
content_type=content_type,
)
# Refereeing
can_referee, created = Permission.objects.get_or_create(
codename="can_referee",
name="Can act as a referee and submit reports on Submissions",
content_type=content_type,
)
can_oversee_refereeing, created = Permission.objects.get_or_create(
codename="can_oversee_refereeing",
name="Can oversee refereeing",
content_type=content_type,
)
can_run_pre_screening, created = Permission.objects.get_or_create(
codename="can_run_pre_screening",
name="Can run pre-screening on Submissions",
content_type=content_type,
)
# Reports
can_manage_reports, created = Permission.objects.get_or_create(
codename="can_manage_reports",
name="Can manage Reports",
content_type=content_type,
)
# Statistics
can_view_statistics, created = Permission.objects.get_or_create(
codename="can_view_statistics",
name="Can view statistics",
content_type=content_type,
)
# Voting
(
can_prepare_recommendations_for_voting,
created,
) = Permission.objects.get_or_create(
codename="can_prepare_recommendations_for_voting",
name="Can prepare recommendations for voting",
content_type=content_type,
)
can_fix_College_decision, created = Permission.objects.get_or_create(
codename="can_fix_College_decision",
name="Can fix the College voting decision",
content_type=content_type,
)
# Production
(
can_promote_user_to_production_officer,
created,
) = Permission.objects.get_or_create(
codename="can_promote_user_to_production_officer",
name="Can promote user to production officer",
content_type=content_type,
)
can_assign_production_officer, created = Permission.objects.get_or_create(
codename="can_assign_production_officer",
name="Can assign production officer",
content_type=content_type,
)
can_view_all_production_streams, created = Permission.objects.get_or_create(
codename="can_view_all_production_streams",
name="Can view all production stream",
content_type=content_type,
)
can_assign_production_supervisor, created = Permission.objects.get_or_create(
codename="can_assign_production_supervisor",
name="Can assign production supervisor",
content_type=content_type,
)
can_view_production, created = Permission.objects.get_or_create(
codename="can_view_production",
name="Can view production page",
content_type=content_type,
)
can_upload_proofs, created = Permission.objects.get_or_create(
codename="can_upload_proofs",
name="Can upload proofs",
content_type=content_type,
)
(
can_take_decisions_related_to_proofs,
created,
) = Permission.objects.get_or_create(
codename="can_take_decisions_related_to_proofs",
name="Can take decisions related to proofs",
content_type=content_type,
)
can_run_proofs_by_authors, created = Permission.objects.get_or_create(
codename="can_run_proofs_by_authors",
name="Can run proof by authors",
content_type=content_type,
)
can_manage_issues, created = Permission.objects.get_or_create(
codename="can_manage_issues",
name="Can manage Volumes and Issues",
content_type=content_type,
)
can_publish_accepted_submission, created = Permission.objects.get_or_create(
codename="can_publish_accepted_submission",
name="Can publish accepted submission",
content_type=content_type,
)
can_view_all_funding_info, created = Permission.objects.get_or_create(
codename="can_view_all_funding_info",
name="Can view all Funders info",
content_type=content_type,
)
can_create_grants, created = Permission.objects.get_or_create(
codename="can_create_grants",
name="Can create Grant",
content_type=content_type,
)
can_draft_publication, created = Permission.objects.get_or_create(
codename="can_draft_publication",
name="Can draft Publication",
content_type=content_type,
)
# Documentation
can_view_docs_scipost, created = Permission.objects.get_or_create(
codename="can_view_docs_scipost",
name="Can view docs: scipost",
content_type=content_type,
)
# Financial administration
can_manage_subsidies, created = Permission.objects.get_or_create(
codename="can_manage_subsidies",
name="Can manage subsidies",
content_type=content_type,
)
can_view_timesheets, created = Permission.objects.get_or_create(
codename="can_view_timesheets",
name="Can view timesheets",
content_type=content_type,
)
# News administration
can_manage_news, created = Permission.objects.get_or_create(
codename="can_manage_news",
name="Can manage News",
content_type=content_type,
)
# Mailchimp
can_manage_mailchimp, created = Permission.objects.get_or_create(
codename="can_manage_mailchimp",
name="Can manage Mailchimp settings",
content_type=content_type,
)
# Ontology
can_manage_ontology, created = Permission.objects.get_or_create(
codename="can_manage_ontology",
name="Can manage ontology",
content_type=content_type,
)
# Previewing new features
can_preview_new_features, created = Permission.objects.get_or_create(
codename="can_preview_new_features",
name="Can preview new features",
content_type=content_type,
)
# Assign permissions to groups
SciPostAdmin.permissions.set(
[
can_read_all_privacy_sensitive_data,
can_manage_registration_invitations,
can_create_registration_invitations,
can_email_group_members,
can_email_particulars,
can_resend_registration_requests,
can_vet_registration_requests,
can_vet_commentary_requests,
can_vet_thesislink_requests,
can_vet_authorship_claims,
can_vet_submitted_reports,
can_vet_comments,
can_view_pool,
can_assign_submissions,
can_prepare_recommendations_for_voting,
can_fix_College_decision,
can_promote_user_to_production_officer,
can_view_production,
can_view_all_production_streams,
can_attend_VGMs,
can_view_timesheets,
can_manage_mailchimp,
can_view_statistics,
can_create_profiles,
can_view_profiles,
can_manage_ontology,
can_manage_organizations,
can_view_potentialfellowship_list,
can_add_potentialfellowship,
can_preview_new_features,
]
)
FinancialAdmin.permissions.set(
[
can_manage_organizations,
can_manage_subsidies,
can_view_timesheets,
]
)
AdvisoryBoard.permissions.set(
[
can_manage_registration_invitations,
can_create_registration_invitations,
can_attend_VGMs,
can_view_statistics,
can_view_potentialfellowship_list,
can_add_potentialfellowship,
can_preview_new_features,
]
)
EditorialAdmin.permissions.set(
[
can_view_pool,
can_invite_fellows,
can_assign_submissions,
can_do_plagiarism_checks,
can_oversee_refereeing,
can_reassign_submissions,
can_run_pre_screening,
can_manage_series,
can_prepare_recommendations_for_voting,
can_manage_college_composition,
can_fix_College_decision,
can_view_timesheets,
can_publish_accepted_submission,
can_manage_issues,
can_draft_publication,
can_view_all_funding_info,
can_create_grants,
can_attend_VGMs,
can_manage_reports,
can_assign_production_supervisor,
can_view_all_production_streams,
can_view_production,
can_promote_user_to_production_officer,
can_take_decisions_related_to_proofs,
can_upload_proofs,
can_run_proofs_by_authors,
can_view_statistics,
can_create_profiles,
can_view_profiles,
can_manage_ontology,
can_manage_organizations,
can_view_potentialfellowship_list,
can_add_potentialfellowship,
can_preview_new_features,
]
)
EditorialCollege.permissions.set(
[
can_view_pool,
can_take_charge_of_submissions,
can_create_profiles,
can_view_profiles,
can_attend_VGMs,
can_view_statistics,
can_manage_ontology,
can_view_potentialfellowship_list,
can_add_potentialfellowship,
can_vote_on_potentialfellowship,
can_preview_new_features,
]
)
VettingEditors.permissions.set(
[
can_vet_commentary_requests,
can_vet_thesislink_requests,
can_vet_authorship_claims,
can_vet_submitted_reports,
can_vet_comments,
]
)
RegisteredContributors.permissions.set(
[
can_submit_manuscript,
can_submit_comments,
can_request_commentary_pages,
can_request_thesislinks,
can_referee,
]
)
Developers.permissions.set(
[
can_view_docs_scipost,
]
)
Previewers.permissions.set(
[
can_preview_new_features,
]
)
Ambassadors.permissions.set(
[
can_create_registration_invitations,
can_manage_registration_invitations,
]
)
JuniorAmbassadors.permissions.set(
[
can_create_registration_invitations,
]
)
ProductionSupervisors.permissions.set(
[
can_view_profiles,
can_assign_production_officer,
can_take_decisions_related_to_proofs,
# can_draft_publication,
# can_create_grants,
can_view_all_production_streams,
can_run_proofs_by_authors,
can_view_docs_scipost,
can_view_production,
can_upload_proofs,
]
)
ProductionOfficers.permissions.set(
[
can_view_docs_scipost,
can_view_production,
can_upload_proofs,
]
)
OrgContacts.permissions.set(
[
can_add_contactperson,
can_view_contactrole_list,
]
)
if verbose:
self.stdout.write(
self.style.SUCCESS("Successfully created groups and permissions.")
)