Merge branch 'main' into za/1001-update-to-use-sentence-case

2025-07-25 20:18:38 +02:00 · 2023-12-06 09:51:58 -07:00 · 2023-12-06 09:51:58 -07:00 · 6dc280dd08
commit 6dc280dd08
parent ebb257e6b0 cd022404f0
4 changed files with 56 additions and 0 deletions
--- a/src/registrar/admin.py
+++ b/src/registrar/admin.py
@ -1,6 +1,7 @@
 import logging
 from django import forms
 from django.http import HttpResponse
+from django.shortcuts import redirect
 from django_fsm import get_available_FIELD_transitions
 from django.contrib import admin, messages
 from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
@ -360,6 +361,17 @@ class UserDomainRoleAdmin(ListHeaderAdmin):

    autocomplete_fields = ["user", "domain"]

+    # Fixes a bug where non-superusers are redirected to the main page
+    def delete_view(self, request, object_id, extra_context=None):
+        """Custom delete_view implementation that specifies redirect behaviour"""
+        response = super().delete_view(request, object_id, extra_context)
+
+        if isinstance(response, HttpResponseRedirect) and not request.user.has_perm("registrar.full_access_permission"):
+            url = reverse("admin:registrar_userdomainrole_changelist")
+            return redirect(url)
+        else:
+            return response
+

 class DomainInvitationAdmin(ListHeaderAdmin):
    """Custom domain invitation admin class."""
--- a/src/registrar/migrations/0053_create_groups_v05.py
+++ b/src/registrar/migrations/0053_create_groups_v05.py
@ -0,0 +1,37 @@
+# This migration creates the create_full_access_group and create_cisa_analyst_group groups
+# It is dependent on 0035 (which populates ContentType and Permissions)
+# If permissions on the groups need changing, edit CISA_ANALYST_GROUP_PERMISSIONS
+# in the user_group model then:
+# [NOT RECOMMENDED]
+# step 1: docker-compose exec app ./manage.py migrate --fake registrar 0035_contenttypes_permissions
+# step 2: docker-compose exec app ./manage.py migrate registrar 0036_create_groups
+# step 3: fake run the latest migration in the migrations list
+# [RECOMMENDED]
+# Alternatively:
+# step 1: duplicate the migration that loads data
+# step 2: docker-compose exec app ./manage.py migrate
+
+from django.db import migrations
+from registrar.models import UserGroup
+from typing import Any
+
+
+# For linting: RunPython expects a function reference,
+# so let's give it one
+def create_groups(apps, schema_editor) -> Any:
+    UserGroup.create_cisa_analyst_group(apps, schema_editor)
+    UserGroup.create_full_access_group(apps, schema_editor)
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("registrar", "0052_alter_domainapplication_anything_else_and_more"),
+    ]
+
+    operations = [
+        migrations.RunPython(
+            create_groups,
+            reverse_code=migrations.RunPython.noop,
+            atomic=True,
+        ),
+    ]
--- a/src/registrar/models/user_group.py
+++ b/src/registrar/models/user_group.py
@ -61,6 +61,11 @@ class UserGroup(Group):
                "model": "website",
                "permissions": ["change_website"],
            },
+            {
+                "app_label": "registrar",
+                "model": "userdomainrole",
+                "permissions": ["view_userdomainrole", "delete_userdomainrole"],
+            },
        ]

        # Avoid error: You can't execute queries until the end
--- a/src/registrar/tests/test_migrations.py
+++ b/src/registrar/tests/test_migrations.py
@ -41,6 +41,8 @@ class TestGroups(TestCase):
            "change_draftdomain",
            "analyst_access_permission",
            "change_user",
+            "delete_userdomainrole",
+            "view_userdomainrole",
            "change_website",
        ]