__copyright__ = "Copyright © Stichting SciPost (SciPost Foundation)"
__license__ = "AGPL v3"
from django.core.management.base import BaseCommand
from django.contrib.auth.models import Group, Permission
from django.contrib.contenttypes.models import ContentType
from scipost.models import Contributor
[docs]class Command(BaseCommand):
help = 'Defines groups and permissions'
[docs] def handle(self, *args, verbose=True, **options):
"""Append all user Groups and setup a Contributor roles to user."""
# Create Groups
SciPostAdmin, created = Group.objects.get_or_create(name='SciPost Administrators')
FinancialAdmin, created = Group.objects.get_or_create(name='Financial Administrators')
AdvisoryBoard, created = Group.objects.get_or_create(name='Advisory Board')
EditorialAdmin, created = Group.objects.get_or_create(name='Editorial Administrators')
EditorialCollege, created = Group.objects.get_or_create(name='Editorial College')
VettingEditors, created = Group.objects.get_or_create(name='Vetting Editors')
RegisteredContributors, created = Group.objects.get_or_create(
name='Registered Contributors')
Developers, created = Group.objects.get_or_create(name='Developers')
Testers, created = Group.objects.get_or_create(name='Testers')
NewsAdmin, created = Group.objects.get_or_create(name='News Administrators')
Ambassadors, created = Group.objects.get_or_create(name='Ambassadors')
JuniorAmbassadors, created = Group.objects.get_or_create(name='Junior Ambassadors')
ProductionSupervisors, created = Group.objects.get_or_create(name='Production Supervisor')
ProductionOfficers, created = Group.objects.get_or_create(name='Production Officers')
OrgContacts, created = Group.objects.get_or_create(name='Organization Contacts')
# Create Permissions
content_type = ContentType.objects.get_for_model(Contributor)
# Organizations
can_manage_organizations, created = Permission.objects.get_or_create(
codename='can_manage_organizations',
name='Can manage Organizations',
content_type=content_type)
can_add_contactperson, created = Permission.objects.get_or_create(
codename='can_add_contactperson',
name='Can add ContactPerson',
content_type=content_type)
can_view_contactrole_list, created = Permission.objects.get_or_create(
codename='can_view_contactrole_list',
name='Can view ContactRole list',
content_type=content_type)
# Registration and invitations
can_manage_contributors, created = Permission.objects.get_or_create(
codename='can_manage_contributors',
name='Can manage Contributors',
content_type=content_type)
can_vet_registration_requests, created = Permission.objects.get_or_create(
codename='can_vet_registration_requests',
name='Can vet registration requests',
content_type=content_type)
can_create_registration_invitations, created = Permission.objects.get_or_create(
codename='can_create_registration_invitations',
name='Can create registration invitations',
content_type=content_type)
can_manage_registration_invitations, created = Permission.objects.get_or_create(
codename='can_manage_registration_invitations',
name='Can manage registration invitations',
content_type=content_type)
can_invite_fellows, created = Permission.objects.get_or_create(
codename='can_invite_fellows',
name='Can invite Fellows',
content_type=content_type)
can_resend_registration_requests, created = Permission.objects.get_or_create(
codename='can_resend_registration_requests',
name='Can resend registration activation emails',
content_type=content_type)
can_read_all_privacy_sensitive_data, created = Permission.objects.get_or_create(
codename='can_read_all_privacy_sensitive_data',
name='Can read all privacy sensitive data',
content_type=content_type)
can_create_profiles, created = Permission.objects.get_or_create(
codename='can_create_profiles',
name='Can create Profiles',
content_type=content_type)
can_view_profiles, created = Permission.objects.get_or_create(
codename='can_view_profiles',
name='Can view Profiles',
content_type=content_type)
# Communications
can_email_group_members, created = Permission.objects.get_or_create(
codename='can_email_group_members',
name='Can email group members',
content_type=content_type)
can_email_particulars, created = Permission.objects.get_or_create(
codename='can_email_particulars',
name='Can email particulars',
content_type=content_type)
# Editorial College
can_manage_college_composition, created = Permission.objects.get_or_create(
codename='can_manage_college_composition',
name='Can manage Editorial College compositions',
content_type=content_type)
can_attend_VGMs, created = Permission.objects.get_or_create(
codename='can_attend_VGMs',
name='Can attend Virtual General Meetings',
content_type=content_type)
can_view_potentialfellowship_list, created = Permission.objects.get_or_create(
codename='can_view_potentialfellowship_list',
name='Can view PotentialFellowship list',
content_type=content_type)
can_add_potentialfellowship, created = Permission.objects.get_or_create(
codename='can_add_potentialfellowship',
name='Can add PotentialFellowship',
content_type=content_type)
can_vote_on_potentialfellowship, created = Permission.objects.get_or_create(
codename='can_vote_on_potentialfellowship',
name='Can vote on PotentialFellowship',
content_type=content_type)
# Contributions (not related to submissions)
can_submit_comments, created = Permission.objects.get_or_create(
codename='can_submit_comments',
name='Can submit Comments',
content_type=content_type)
can_request_commentary_pages, created = Permission.objects.get_or_create(
codename='can_request_commentary_pages',
name='Can request opening of Commentara Pages',
content_type=content_type)
can_request_thesislinks, created = Permission.objects.get_or_create(
codename='can_request_thesislinks',
name='Can request Thesis Links',
content_type=content_type)
# Vetting of objects
can_vet_commentary_requests, created = Permission.objects.get_or_create(
codename='can_vet_commentary_requests',
name='Can vet Commentary page requests',
content_type=content_type)
can_vet_thesislink_requests, created = Permission.objects.get_or_create(
codename='can_vet_thesislink_requests',
name='Can vet Thesis Link requests',
content_type=content_type)
can_vet_authorship_claims, created = Permission.objects.get_or_create(
codename='can_vet_authorship_claims',
name='Can vet Authorship claims',
content_type=content_type)
can_vet_comments, created = Permission.objects.get_or_create(
codename='can_vet_comments',
name='Can vet submitted Comments',
content_type=content_type)
can_vet_submitted_reports, created = Permission.objects.get_or_create(
codename='can_vet_submitted_reports',
name='Can vet submitted Reports',
content_type=content_type)
# Submissions
can_submit_manuscript, created = Permission.objects.get_or_create(
codename='can_submit_manuscript',
name='Can submit manuscript',
content_type=content_type)
can_do_plagiarism_checks, created = Permission.objects.get_or_create(
codename='can_do_plagiarism_checks',
name='Can do plagiarism checks on submissions',
content_type=content_type)
can_reassign_submissions, created = Permission.objects.get_or_create(
codename='can_reassign_submissions',
name='Can force-assign new EIC to Submission',
content_type=content_type)
# Submission handling
can_view_pool, created = Permission.objects.get_or_create(
codename='can_view_pool',
name='Can view Submissions Pool',
content_type=content_type)
can_assign_submissions, created = Permission.objects.get_or_create(
codename='can_assign_submissions',
name='Can assign incoming Submissions to potential Editor-in-charge',
content_type=content_type)
can_take_charge_of_submissions, created = Permission.objects.get_or_create(
codename='can_take_charge_of_submissions',
name='Can take charge (become Editor-in-charge) of submissions',
content_type=content_type)
# Refereeing
can_referee, created = Permission.objects.get_or_create(
codename='can_referee',
name='Can act as a referee and submit reports on Submissions',
content_type=content_type)
can_oversee_refereeing, created = Permission.objects.get_or_create(
codename='can_oversee_refereeing',
name='Can oversee refereeing',
content_type=content_type)
can_run_pre_screening, created = Permission.objects.get_or_create(
codename='can_run_pre_screening',
name='Can run pre-screening on Submissions',
content_type=content_type)
# Reports
can_manage_reports, created = Permission.objects.get_or_create(
codename='can_manage_reports',
name='Can manage Reports',
content_type=content_type)
# Statistics
can_view_statistics, created = Permission.objects.get_or_create(
codename='can_view_statistics',
name='Can view statistics',
content_type=content_type)
# Voting
can_prepare_recommendations_for_voting, created = Permission.objects.get_or_create(
codename='can_prepare_recommendations_for_voting',
name='Can prepare recommendations for voting',
content_type=content_type)
can_fix_College_decision, created = Permission.objects.get_or_create(
codename='can_fix_College_decision',
name='Can fix the College voting decision',
content_type=content_type)
# Production
can_promote_user_to_production_officer, created = Permission.objects.get_or_create(
codename='can_promote_user_to_production_officer',
name='Can promote user to production officer',
content_type=content_type)
can_assign_production_officer, created = Permission.objects.get_or_create(
codename='can_assign_production_officer',
name='Can assign production officer',
content_type=content_type)
can_view_all_production_streams, created = Permission.objects.get_or_create(
codename='can_view_all_production_streams',
name='Can view all production stream',
content_type=content_type)
can_assign_production_supervisor, created = Permission.objects.get_or_create(
codename='can_assign_production_supervisor',
name='Can assign production supervisor',
content_type=content_type)
can_view_production, created = Permission.objects.get_or_create(
codename='can_view_production',
name='Can view production page',
content_type=content_type)
can_upload_proofs, created = Permission.objects.get_or_create(
codename='can_upload_proofs',
name='Can upload proofs',
content_type=content_type)
can_take_decisions_related_to_proofs, created = Permission.objects.get_or_create(
codename='can_take_decisions_related_to_proofs',
name='Can take decisions related to proofs',
content_type=content_type)
can_run_proofs_by_authors, created = Permission.objects.get_or_create(
codename='can_run_proofs_by_authors',
name='Can run proof by authors',
content_type=content_type)
can_manage_issues, created = Permission.objects.get_or_create(
codename='can_manage_issues',
name='Can manage Volumes and Issues',
content_type=content_type)
can_publish_accepted_submission, created = Permission.objects.get_or_create(
codename='can_publish_accepted_submission',
name='Can publish accepted submission',
content_type=content_type)
can_view_all_funding_info, created = Permission.objects.get_or_create(
codename='can_view_all_funding_info',
name='Can view all Funders info',
content_type=content_type)
can_create_grants, created = Permission.objects.get_or_create(
codename='can_create_grants',
name='Can create Grant',
content_type=content_type)
can_draft_publication, created = Permission.objects.get_or_create(
codename='can_draft_publication',
name='Can draft Publication',
content_type=content_type)
# Documentation
can_view_docs_scipost, created = Permission.objects.get_or_create(
codename='can_view_docs_scipost',
name='Can view docs: scipost',
content_type=content_type)
# Financial administration
can_manage_subsidies, created = Permission.objects.get_or_create(
codename='can_manage_subsidies',
name='Can manage subsidies',
content_type=content_type)
can_view_timesheets, created = Permission.objects.get_or_create(
codename='can_view_timesheets',
name='Can view timesheets',
content_type=content_type)
# News administration
can_manage_news, created = Permission.objects.get_or_create(
codename='can_manage_news',
name='Can manage News',
content_type=content_type)
# Mailchimp
can_manage_mailchimp, created = Permission.objects.get_or_create(
codename='can_manage_mailchimp',
name='Can manage Mailchimp settings',
content_type=content_type)
# Ontology
can_manage_ontology, created = Permission.objects.get_or_create(
codename='can_manage_ontology',
name='Can manage ontology',
content_type=content_type)
# Assign permissions to groups
SciPostAdmin.permissions.set([
can_read_all_privacy_sensitive_data,
can_manage_registration_invitations,
can_create_registration_invitations,
can_email_group_members,
can_email_particulars,
can_resend_registration_requests,
can_vet_registration_requests,
can_vet_commentary_requests,
can_vet_thesislink_requests,
can_vet_authorship_claims,
can_vet_submitted_reports,
can_vet_comments,
can_view_pool,
can_assign_submissions,
can_prepare_recommendations_for_voting,
can_fix_College_decision,
can_promote_user_to_production_officer,
can_view_production,
can_view_all_production_streams,
can_attend_VGMs,
can_view_timesheets,
can_manage_mailchimp,
can_view_statistics,
can_create_profiles,
can_view_profiles,
can_manage_ontology,
can_manage_organizations,
can_view_potentialfellowship_list,
can_add_potentialfellowship,
])
FinancialAdmin.permissions.set([
can_manage_organizations,
can_manage_subsidies,
can_view_timesheets,
])
AdvisoryBoard.permissions.set([
can_manage_registration_invitations,
can_create_registration_invitations,
can_attend_VGMs,
can_view_statistics,
can_view_potentialfellowship_list,
can_add_potentialfellowship,
])
EditorialAdmin.permissions.set([
can_view_pool,
can_invite_fellows,
can_assign_submissions,
can_do_plagiarism_checks,
can_oversee_refereeing,
can_reassign_submissions,
can_run_pre_screening,
can_prepare_recommendations_for_voting,
can_manage_college_composition,
can_fix_College_decision,
can_view_timesheets,
can_publish_accepted_submission,
can_manage_issues,
can_draft_publication,
can_view_all_funding_info,
can_create_grants,
can_attend_VGMs,
can_manage_reports,
can_assign_production_supervisor,
can_view_all_production_streams,
can_view_production,
can_promote_user_to_production_officer,
can_take_decisions_related_to_proofs,
can_upload_proofs,
can_run_proofs_by_authors,
can_view_statistics,
can_create_profiles,
can_view_profiles,
can_manage_ontology,
can_manage_organizations,
can_view_potentialfellowship_list,
can_add_potentialfellowship,
])
EditorialCollege.permissions.set([
can_view_pool,
can_take_charge_of_submissions,
can_create_profiles,
can_view_profiles,
can_attend_VGMs,
can_view_statistics,
can_manage_ontology,
can_view_potentialfellowship_list,
can_add_potentialfellowship,
can_vote_on_potentialfellowship,
])
VettingEditors.permissions.set([
can_vet_commentary_requests,
can_vet_thesislink_requests,
can_vet_authorship_claims,
can_vet_submitted_reports,
can_vet_comments,
])
RegisteredContributors.permissions.set([
can_submit_manuscript,
can_submit_comments,
can_request_commentary_pages,
can_request_thesislinks,
can_referee,
])
Developers.permissions.set([
can_view_docs_scipost,
])
Ambassadors.permissions.set([
can_create_registration_invitations,
can_manage_registration_invitations,
])
JuniorAmbassadors.permissions.set([
can_create_registration_invitations,
])
ProductionSupervisors.permissions.set([
can_assign_production_officer,
can_take_decisions_related_to_proofs,
# can_draft_publication,
# can_create_grants,
can_view_all_production_streams,
can_run_proofs_by_authors,
can_view_docs_scipost,
can_view_production,
can_upload_proofs,
])
ProductionOfficers.permissions.set([
can_view_docs_scipost,
can_view_production,
can_upload_proofs,
])
OrgContacts.permissions.set([
can_add_contactperson,
can_view_contactrole_list,
])
if verbose:
self.stdout.write(self.style.SUCCESS('Successfully created groups and permissions.'))