Permissions
Note
Permissions are named in the language of your instance and use your terminology.
juntagrico relies heavily on the Django permission mechanism to customize the system for different users. In this chapter we will explain which permissions can be used for customization and how they work.
Grant Permissions
Create a group
Login with a super admin user.
Open the data management (“Datenverwaltung”) -> Groups -> Add to create a new group or edit an existing one.
Set a name for the group, e.g. “share management”.
Select and add the permissions (using the arrow to the right in the middle) that you want to give to this group and save the group.
What Permissions do I need to set?
There are 4 basic permissions for each entity which are self explanatory:
View
Add
Change
Delete
Hint
If a user should be able to change an entity, they also need access to at least view the related entities. See Dependent Permissions below.
Juntagrico provides some additional permissions, that are described in the sections below.
Add Users to the group
Login with a super admin user.
Open the data management (“Datenverwaltung”) -> User (“Benutzer”) and edit the user of the member you want to give the permissions to.
If the user needs access to the data management, tick staff status (“Mitarbeiter-Status”).
Add the relevant groups for this user and save the user.
You may also give permissions do users directly but this is not recommended as it is then harder to transfer the same permissions to another user.
Testing the user access
To be sure, that the user can do what you intended them to do, it is best to create a test user and give them the same permissions. Try out all actions with the test user, to confirm that they work.
Note
You can also test the permissions of a user by impersonating them. However, by default the data admin is excluded from impersonation.
If you want to check the users permissions in the data admin as well, set the IMPERSONATE_URI_EXCLUSIONS
setting to an empty list.
Read more.
Dependent Permissions
In order to be able to edit some types of entities not only the change
permission of this entity type has to be granted to a member but also
some dependent permissions.
Subscription
Also requires change permissions for subscription parts and subscription membership. And view permission for members.
Jobs
Also requires change permission for assignments and job extras. And view permission for job types and members.
Job Types
Also require at least view permission for locations.
Depot
Also require at least view permission for locations.
Deliveries
Also requires change permission for deliver item.
Area and Depot Admins
juntagrico.is_depot_admin
Should be assigned to members which are administrator of a depot, so that they can filter and communicate with the members in their depot.
- Search Hints:
German: Benutzer ist Depot Admin
juntagrico.is_area_admin
Should be assigned to members which are administrator of an activity area, so that they can filter and communicate with the members in their area. Also it allows them to create new jobs and communicate with the members participating in one of the jobs of their area.
- Search Hints:
German: Benutzer ist Tätigkeitsbereichskoordinator
Notifications
Some entities send a notification email when they are created or cancelled. Should a member be notified on a certain event it has to have the corresponding permission for that entity type and event.
juntagrico.notified_on_member_creation
Member gets notified when a member is created.
- Search Hints:
German: Erstellung informiert
juntagrico.notified_on_member_cancellation
Member gets notified when any member cancels their membership.
- Search Hints:
German: Kündigung informiert
juntagrico.notified_on_subscription_creation
Member gets notified when a subscription is created.
- Search Hints:
German: Erstellung informiert
juntagrico.notified_on_subscription_cancellation
Member gets notified when a subscription is cancelled.
- Search Hints:
German: Kündigung informiert
juntagrico.depot_list_notification
Member gets notified when the depot list is generated.
- Search Hints:
German: Listen-Erstellung informiert
Email Permissions
juntagrico.can_use_general_email
Member can use the email address specified in the setting INFO_EMAIL as sender in the mail form.
- Search Hints:
German: General Email
Edit Permissions
juntagrico.can_edit_past_jobs
Member can edit jobs which are in the past.
- Search Hints:
German: vergangene
juntagrico.can_change_deactivated_subscriptions
Member can edit subscriptions which are deactivated.
- Search Hints:
German: deaktivierte