feat(access): add organization manger

org managager regardless of permissions can conduct all operations against an organization.

!28 #39

app/access/admin.py

@@ -17,7 +17,7 @@ class TeamInline(admin.TabularInline):
 
 class OrganizationAdmin(admin.ModelAdmin):
     fieldsets = [
-        (None, {"fields": ["name", "slug"]}),
+        (None, {"fields": ["name", 'manager', "slug"]}),
         #("Date information", {"fields": ["slug"], "classes": ["collapse"]}),
     ]
     inlines = [TeamInline]

app/access/forms/organization.py

@@ -13,6 +13,7 @@ class OrganizationForm(forms.ModelForm):
         fields = [
             'name',
             'slug',
+            'manager',
         ]
 
 

app/access/migrations/0005_organization_manager_organization_model_notes.py

@@ -0,0 +1,26 @@
+# Generated by Django 5.0.6 on 2024-06-17 10:03
+
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('access', '0004_team_model_notes'),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='organization',
+            name='manager',
+            field=models.ForeignKey(help_text='Organization Manager', null=True, on_delete=django.db.models.deletion.SET_NULL, to=settings.AUTH_USER_MODEL),
+        ),
+        migrations.AddField(
+            model_name='organization',
+            name='model_notes',
+            field=models.TextField(blank=True, default=None, null=True),
+        ),
+    ]

app/access/mixin.py

@@ -6,7 +6,7 @@ from django.utils.functional import cached_property
 
 
 
-from .models import Team
+from .models import Organization, Team
 
 
 class OrganizationMixin():
@@ -189,9 +189,27 @@ class OrganizationPermission(AccessMixin, OrganizationMixin):
         if not request.user.is_authenticated:
                 return self.handle_no_permission()
 
+        organization_manager_models = [
+            'access.organization',
+            'access.team',
+            'access.teamusers',
+        ]
+
+        is_organization_manager = False
+
         if hasattr(self, 'get_object'):
 
-            if not self.has_organization_permission() and not request.user.is_superuser:
+            if hasattr(self, 'model'):
+
+                if self.model._meta.label_lower in organization_manager_models:
+
+                    organization = Organization.objects.get(pk=self.object_organization())
+
+                    if organization.manager == request.user:
+
+                        is_organization_manager = True
+
+            if not self.has_organization_permission() and not request.user.is_superuser and not is_organization_manager:
                 raise PermissionDenied('You are not part of this organization')
 
         return super().dispatch(self.request, *args, **kwargs)

app/access/models.py

@@ -37,6 +37,14 @@ class Organization(SaveHistory):
         unique = True,
     )
 
+    manager = models.ForeignKey(
+        User,
+        on_delete=models.SET_NULL,
+        blank = False,
+        null = True,
+        help_text = 'Organization Manager'
+    )
+
     slug = AutoSlugField()
 
     created = AutoCreatedField()

app/itam/migrations/0015_alter_device_device_model_alter_device_device_type_and_more.py

@@ -0,0 +1,34 @@
+# Generated by Django 5.0.6 on 2024-06-17 08:56
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('itam', '0014_device_model_notes_devicemodel_model_notes_and_more'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='device',
+            name='device_model',
+            field=models.ForeignKey(blank=True, default=None, help_text='Model of the device.', null=True, on_delete=django.db.models.deletion.CASCADE, to='itam.devicemodel'),
+        ),
+        migrations.AlterField(
+            model_name='device',
+            name='device_type',
+            field=models.ForeignKey(blank=True, default=None, help_text='Type of device.', null=True, on_delete=django.db.models.deletion.CASCADE, to='itam.devicetype'),
+        ),
+        migrations.AlterField(
+            model_name='device',
+            name='serial_number',
+            field=models.CharField(blank=True, default=None, help_text='Serial number of the device.', max_length=50, null=True, unique=True, verbose_name='Serial Number'),
+        ),
+        migrations.AlterField(
+            model_name='device',
+            name='uuid',
+            field=models.CharField(blank=True, default=None, help_text='System GUID/UUID.', max_length=50, null=True, unique=True, verbose_name='UUID'),
+        ),
+    ]