diff --git a/apps/accounts/api/automations/push_account.py b/apps/accounts/api/automations/push_account.py index 7b27cc7ca..b91bad379 100644 --- a/apps/accounts/api/automations/push_account.py +++ b/apps/accounts/api/automations/push_account.py @@ -30,6 +30,7 @@ class PushAccountExecutionViewSet(AutomationExecutionViewSet): ("list", "accounts.view_pushaccountexecution"), ("retrieve", "accounts.view_pushaccountexecution"), ("create", "accounts.add_pushaccountexecution"), + ("report", "accounts.view_pushaccountexecution"), ) tp = AutomationTypes.push_account @@ -44,9 +45,15 @@ class PushAccountRecordViewSet(ChangeSecretRecordViewSet): serializer_class = serializers.ChangeSecretRecordSerializer tp = AutomationTypes.push_account + rbac_perms = { + 'list': 'accounts.view_pushsecretrecord', + 'execute': 'accounts.add_pushsecretexecution', + 'secret': 'accounts.view_pushsecretrecord', + } + def get_queryset(self): qs = ChangeSecretRecord.get_valid_records() - return qs.objects.filter( + return qs.filter( execution__automation__type=self.tp ) diff --git a/apps/accounts/migrations/0022_alter_changesecretrecord_options_and_more.py b/apps/accounts/migrations/0022_alter_changesecretrecord_options_and_more.py new file mode 100644 index 000000000..21bbc2c08 --- /dev/null +++ b/apps/accounts/migrations/0022_alter_changesecretrecord_options_and_more.py @@ -0,0 +1,24 @@ +# Generated by Django 4.1.13 on 2024-12-09 03:15 + +from django.db import migrations +import private_storage.fields +import private_storage.storage.files + + +class Migration(migrations.Migration): + + dependencies = [ + ('accounts', '0021_remove_pushaccountautomation_action_and_more'), + ] + + operations = [ + migrations.AlterModelOptions( + name='changesecretrecord', + options={'permissions': [('view_pushsecretrecord', 'Can view change secret execution'), ('add_pushsecretexecution', 'Can add change secret execution')], 'verbose_name': 'Change secret record'}, + ), + migrations.AlterField( + model_name='integrationapplication', + name='logo', + field=private_storage.fields.PrivateImageField(max_length=128, storage=private_storage.storage.files.PrivateFileSystemStorage(), upload_to='images', verbose_name='Logo'), + ), + ] diff --git a/apps/accounts/models/automations/change_secret.py b/apps/accounts/models/automations/change_secret.py index 00e7cad04..d79c6660c 100644 --- a/apps/accounts/models/automations/change_secret.py +++ b/apps/accounts/models/automations/change_secret.py @@ -45,8 +45,11 @@ class ChangeSecretRecord(JMSBaseModel): error = models.TextField(blank=True, null=True, verbose_name=_('Error')) class Meta: - ordering = ('-date_created',) verbose_name = _("Change secret record") + permissions = [ + ('view_pushsecretrecord', _('Can view change secret execution')), + ('add_pushsecretexecution', _('Can add change secret execution')), + ] def __str__(self): return f'{self.account.username}@{self.asset}' diff --git a/apps/accounts/templates/accounts/change_secret_report.html b/apps/accounts/templates/accounts/change_secret_report.html index 5459d23d6..2f836b2f8 100644 --- a/apps/accounts/templates/accounts/change_secret_report.html +++ b/apps/accounts/templates/accounts/change_secret_report.html @@ -1,7 +1,7 @@ {% load i18n %}
-

{% trans 'The following is a summary of account change secret tasks, please review and handle them' %}

+

{% trans 'The following is a summary of account change secret or push tasks, please read and process' %}