Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Permissions and Code Review/Tidy #476

Merged
merged 29 commits into from
Oct 28, 2024
Merged

Permissions and Code Review/Tidy #476

merged 29 commits into from
Oct 28, 2024

Conversation

awf-dbca
Copy link
Contributor

Implemented permissions for approvers and assessors for each type of application.

Approval, proposal, and compliance permissions added. Internal users, changed to only include members of internal system user groups, have full read rights and can submit applications and compliances on an external user's behalf. Assessment and Approval rights are granted via their respective permissions by checking the application type of the proposal and the group membership of the given user. In-built IsAuthenticated permission is used where no group membership check is required, with external user access to records filtered by the applicant value (where applicable). DCV admissions still do not require authentication to submit.

Conducted comprehensive review of code, removing unused functions, commented out code, and ensuring all proper authorisation measure are in place.

A number of TODOs remain requiring additional information or related to other issues.

awf-dbca added 29 commits October 21, 2024 02:24
@awf-dbca
Update: reviewed approval, compliance, and main serialisers, removed …
f967a85 
…tempdoc endpoint (unused)
@awf-dbca
Update: payment, proposal, and user serialisers reviewed
3addda9
@awf-dbca
Update: removing unused methods and properties for approval models, a…
1bdeeba 
…dding todos for further review and future field removals
@awf-dbca
Update: continue reviewing approval models, applied rounding setting …
c27678e 
…to fee line items that were missed before
@awf-dbca
Update: initial review of approval models done - auth to be added (if…
36ce016 
… required here) and fields to be removed
@awf-dbca
Update: addressed TODOs RE removal of unecessary fields and properties
97a02bd
@awf-dbca
Update: ongoing proposal models review
c406847
@awf-dbca
Update: replaced 50 max loop with proposal id check (should never loo…
4a8a333 
…p the same proposal id twice)
@awf-dbca
Update: continue reviewing proposal models
3a4db53
@awf-dbca
Update: changes to main proposal model
01ec81e
@awf-dbca
Update: renamed applicant address fields, removed same_as_residential…
b67ddd7 
… field, and removed uncessary proposal applicant properties
@awf-dbca
Update: complete proposal model review (some TODOs to be addressed)
68a2015
@awf-dbca
Removed: unecessary proposal fields, including company ownership star…
f19bad0 
…t/end dates
@awf-dbca
Update: fixed proposal requirments create
d0dabd8
@awf-dbca
Update: made company viewset accessible by (only name and id, auth no…
31d91dc 
…t required)
@awf-dbca
Removed: unecessary compliance fields
4aa8179
@awf-dbca
Added: assessor auth to a number of compliance assessment functions
4783688
@awf-dbca
Update: finished compliance review, compliance amendment requests no …
3a0338a 
…longer have unecessary dependency on super class (which has been removed)
@awf-dbca
Updatae: reviewed main, user, and payment models
123ca1c
@awf-dbca
Update: reviewed number of util and signal functions - some TODOs to …
f2b510c 
…be addressed
@awf-dbca
Update: addressed each TODO - remaining TODOs to be addressed in late…
783dfe2 
…r issues or require additional information
@awf-dbca
Added: basic permissions - IsAuthenticated, and InternalApprovalPermi…
90c07e6 
…ssion and InternalProposalPermission
@awf-dbca
Added: Approver and Assessor proposal permissions that check proposal…
7794758 
… type and user group membership
@awf-dbca
Added: compliance permissions
61d3925
@awf-dbca
Update: moved removeAUPFromMooring in to a viewset class (with permis…
73e380c 
…sions applied)
@awf-dbca
Update: moved removeMooringFromApproval in to viewset class
061b7ae
@awf-dbca
Update: removed permission reqs on fee success preload views to fix p…
b9db8a2 
…ayment bugs
@awf-dbca
Update: fixed permissions check
d3766cd
@awf-dbca
Merge branch 'main' into auth-perms-2
e56ea81
xzzy
xzzy approved these changes Oct 28, 2024
View reviewed changes
Copy link
Collaborator

@xzzy xzzy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sensitivity Check Completed

@xzzy xzzy merged commit ab9fc58 into dbca-wa:main Oct 28, 2024
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xzzy xzzy xzzy approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@awf-dbca @xzzy