Added authorization for boundaries.

Author: epou

config/settings/base.py

@@ -102,6 +102,7 @@
 
 LOCAL_APPS = [
     "mosquito_alert.annotations",
+    "mosquito_alert.authorization",
     "mosquito_alert.bites",
     "mosquito_alert.breeding_sites",
     "mosquito_alert.epidemiology",

mosquito_alert/authorization/__init__.py

@@ -0,0 +1,18 @@
+from django.contrib import admin
+
+from .models import BoundaryAuthorization, BoundaryMembership
+
+
+class BoundaryMembershipInline(admin.StackedInline):
+    model = BoundaryMembership
+    extra = 1
+    fields = ("user", "role")
+
+
+@admin.register(BoundaryAuthorization)
+class BoundaryAuthorizationAdmin(admin.ModelAdmin):
+    list_display = ("boundary", "supervisor_exclusivity_days", "members_only")
+    search_fields = ("boundary__name",)
+
+    fields = ("boundary", "supervisor_exclusivity_days", "members_only")
+    inlines = [BoundaryMembershipInline]

mosquito_alert/authorization/admin.py

@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class AuthorizationConfig(AppConfig):
+    default_auto_field = "django.db.models.BigAutoField"
+    name = "mosquito_alert.authorization"

mosquito_alert/authorization/apps.py

@@ -0,0 +1,122 @@
+# Generated by Django 4.2.3 on 2024-10-18 14:52
+
+from django.conf import settings
+from django.db import migrations, models
+import django.db.models.deletion
+import django.db.models.functions.datetime
+import django.utils.timezone
+
+
+class Migration(migrations.Migration):
+    initial = True
+
+    dependencies = [
+        ("geo", "0003_location_timezone"),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name="BoundaryAuthorization",
+            fields=[
+                ("id", models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name="ID")),
+                ("created_at", models.DateTimeField(blank=True, default=django.utils.timezone.now, editable=False)),
+                ("updated_at", models.DateTimeField(blank=True, default=django.utils.timezone.now, editable=False)),
+                ("supervisor_exclusivity_days", models.PositiveSmallIntegerField(default=15)),
+                ("members_only", models.BooleanField(default=False)),
+                (
+                    "boundary",
+                    models.OneToOneField(
+                        on_delete=django.db.models.deletion.CASCADE, related_name="authorization", to="geo.boundary"
+                    ),
+                ),
+            ],
+            options={
+                "verbose_name": "Boundary Authorization",
+                "verbose_name_plural": "Boundary Authorizations",
+                "abstract": False,
+            },
+        ),
+        migrations.CreateModel(
+            name="BoundaryMembership",
+            fields=[
+                ("id", models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name="ID")),
+                ("created_at", models.DateTimeField(blank=True, default=django.utils.timezone.now, editable=False)),
+                ("updated_at", models.DateTimeField(blank=True, default=django.utils.timezone.now, editable=False)),
+                (
+                    "role",
+                    models.CharField(
+                        choices=[("s", "Supervisor"), ("i", "Identificator"), ("v", "Viewer")],
+                        db_index=True,
+                        max_length=1,
+                    ),
+                ),
+                (
+                    "boundary_authorization",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        related_name="memberships",
+                        to="authorization.boundaryauthorization",
+                    ),
+                ),
+                (
+                    "user",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        related_name="boundary_memberships",
+                        to=settings.AUTH_USER_MODEL,
+                    ),
+                ),
+            ],
+            options={
+                "abstract": False,
+            },
+        ),
+        migrations.AddField(
+            model_name="boundaryauthorization",
+            name="users",
+            field=models.ManyToManyField(through="authorization.BoundaryMembership", to=settings.AUTH_USER_MODEL),
+        ),
+        migrations.AddConstraint(
+            model_name="boundarymembership",
+            constraint=models.CheckConstraint(
+                check=models.Q(("created_at__lte", django.db.models.functions.datetime.Now())),
+                name="authorization_boundarymembership_created_at_cannot_be_future_dated",
+            ),
+        ),
+        migrations.AddConstraint(
+            model_name="boundarymembership",
+            constraint=models.CheckConstraint(
+                check=models.Q(("updated_at__lte", django.db.models.functions.datetime.Now())),
+                name="authorization_boundarymembership_updated_at_cannot_be_future_dated",
+            ),
+        ),
+        migrations.AddConstraint(
+            model_name="boundarymembership",
+            constraint=models.CheckConstraint(
+                check=models.Q(("updated_at__gte", models.F("created_at"))),
+                name="authorization_boundarymembership_updated_at_must_be_after_created_at",
+            ),
+        ),
+        migrations.AddConstraint(
+            model_name="boundaryauthorization",
+            constraint=models.CheckConstraint(
+                check=models.Q(("created_at__lte", django.db.models.functions.datetime.Now())),
+                name="authorization_boundaryauthorization_created_at_cannot_be_future_dated",
+            ),
+        ),
+        migrations.AddConstraint(
+            model_name="boundaryauthorization",
+            constraint=models.CheckConstraint(
+                check=models.Q(("updated_at__lte", django.db.models.functions.datetime.Now())),
+                name="authorization_boundaryauthorization_updated_at_cannot_be_future_dated",
+            ),
+        ),
+        migrations.AddConstraint(
+            model_name="boundaryauthorization",
+            constraint=models.CheckConstraint(
+                check=models.Q(("updated_at__gte", models.F("created_at"))),
+                name="authorization_boundaryauthorization_updated_at_must_be_after_created_at",
+            ),
+        ),
+    ]

mosquito_alert/authorization/migrations/0001_initial.py

@@ -0,0 +1,51 @@
+from django.conf import settings
+from django.db import models
+from django.utils.translation import gettext_lazy as _
+
+from mosquito_alert.geo.models import Boundary
+from mosquito_alert.utils.models import TimeStampedModel
+
+
+class BoundaryAuthorization(TimeStampedModel):
+    # Relations
+    boundary = models.OneToOneField(Boundary, on_delete=models.CASCADE, related_name="authorization")
+    users = models.ManyToManyField(settings.AUTH_USER_MODEL, through="BoundaryMembership")
+
+    # Attributes - Mandatory
+    supervisor_exclusivity_days = models.PositiveSmallIntegerField(default=15)
+    members_only = models.BooleanField(default=False)
+
+    # Attributes - Optional
+
+    # Object Manager
+    # Custom Properties
+    # Methods
+    # Meta and String
+    class Meta(TimeStampedModel.Meta):
+        verbose_name = _("Boundary Authorization")
+        verbose_name_plural = _("Boundary Authorizations")
+
+
+class BoundaryMembership(TimeStampedModel):
+    class RoleType(models.TextChoices):
+        SUPERVISOR = "s", _("Supervisor")
+        IDENTIFICATOR = "i", _("Identificator")
+        VIEWER = "v", _("Viewer")
+
+    # Relations
+    boundary_authorization = models.ForeignKey(
+        BoundaryAuthorization, on_delete=models.CASCADE, related_name="memberships"
+    )
+    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE, related_name="boundary_memberships")
+
+    # Attributes - Mandatory
+    role = models.CharField(max_length=1, choices=RoleType.choices, db_index=True)
+
+    # Attributes - Optional
+
+    # Object Manager
+    # Custom Properties
+    # Methods
+    # Meta and String
+    class Meta(TimeStampedModel.Meta):
+        pass

mosquito_alert/authorization/migrations/__init__.py

@@ -0,0 +1,23 @@
+import factory
+from factory.django import DjangoModelFactory
+
+from mosquito_alert.geo.tests.factories import BoundaryFactory
+from mosquito_alert.users.tests.factories import UserFactory
+
+from ..models import BoundaryAuthorization, BoundaryMembership
+
+
+class BoundaryAuthorizationFactory(DjangoModelFactory):
+    boundary = factory.SubFactory(BoundaryFactory)
+
+    class Meta:
+        model = BoundaryAuthorization
+
+
+class BoundaryMembershipFactory(factory.django.DjangoModelFactory):
+    boundary_authorization = factory.SubFactory(BoundaryAuthorizationFactory)
+    user = factory.SubFactory(UserFactory)
+    role = factory.Faker("random_element", elements=BoundaryMembership.RoleType.values)
+
+    class Meta:
+        model = BoundaryMembership

mosquito_alert/authorization/models.py

@@ -0,0 +1,42 @@
+from django.urls import reverse
+
+from mosquito_alert.geo.tests.factories import BoundaryFactory
+from mosquito_alert.users.tests.factories import UserFactory
+
+from ..models import BoundaryAuthorization, BoundaryMembership
+from .factories import BoundaryAuthorizationFactory
+
+
+class TestBoundaryAuthorizationAdmin:
+    def test_changelist(self, admin_client):
+        url = reverse("admin:authorization_boundaryauthorization_changelist")
+        response = admin_client.get(url)
+        assert response.status_code == 200
+
+    def test_add(self, admin_client, freezer):
+        url = reverse("admin:authorization_boundaryauthorization_add")
+        response = admin_client.get(url)
+        assert response.status_code == 200
+
+        boundary = BoundaryFactory()
+        user = UserFactory()
+
+        response = admin_client.post(
+            url,
+            data={
+                "boundary": boundary.pk,
+                "supervisor_exclusivity_days": "15",
+                "memberships-TOTAL_FORMS": "1",
+                "memberships-INITIAL_FORMS": "0",
+                "memberships-0-user": user.pk,
+                "memberships-0-role": BoundaryMembership.RoleType.SUPERVISOR.value,
+            },
+        )
+        assert response.status_code == 302
+        assert BoundaryAuthorization.objects.filter(boundary=boundary).exists()
+
+    def test_view(self, admin_client):
+        boundary_auth = BoundaryAuthorizationFactory()
+        url = reverse("admin:authorization_boundaryauthorization_change", kwargs={"object_id": boundary_auth.pk})
+        response = admin_client.get(url)
+        assert response.status_code == 200