Skip to content

Commit

Permalink
Fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
@benjackwhite
benjackwhite committed Mar 21, 2024
1 parent 3cb6f31 commit 9734354
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 2 deletions.
5 changes: 4 additions & 1 deletion posthog/api/notebook.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@
from posthog.models.notebook.notebook import Notebook
from posthog.models.utils import UUIDT
from posthog.rbac.access_control_api_mixin import AccessControlViewSetMixin
from posthog.rbac.user_access_control import UserAccessControlSerializerMixin
from posthog.utils import relative_date_parse
from loginas.utils import is_impersonated_session

Expand Down Expand Up @@ -94,7 +95,7 @@ class Meta:
read_only_fields = fields


class NotebookSerializer(NotebookMinimalSerializer):
class NotebookSerializer(NotebookMinimalSerializer, UserAccessControlSerializerMixin):
class Meta:
model = Notebook
fields = [
Expand All @@ -109,6 +110,7 @@ class Meta:
"created_by",
"last_modified_at",
"last_modified_by",
"user_access_level",
]
read_only_fields = [
"id",
Expand All @@ -117,6 +119,7 @@ class Meta:
"created_by",
"last_modified_at",
"last_modified_by",
"user_access_level",
]

def create(self, validated_data: Dict, *args, **kwargs) -> Notebook:
Expand Down
16 changes: 15 additions & 1 deletion posthog/rbac/user_access_control.py
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
from functools import cached_property
from django.db.models import Model, Q, QuerySet
from typing import TYPE_CHECKING, List, Optional
from rest_framework import serializers
from typing import TYPE_CHECKING, List, Optional, cast

from posthog.constants import AvailableFeature
from posthog.models import (
Expand Down Expand Up @@ -205,3 +206,16 @@ def filter_queryset_by_access_level(self, queryset: QuerySet) -> QuerySet:
# )

return queryset


class UserAccessControlSerializerMixin(serializers.Serializer):
user_access_level = serializers.SerializerMethodField(
read_only=True,
help_text="The effective access level the user has for this object",
)

def get_user_access_level(self, obj: Model) -> Optional[str]:
access_control = cast(UserAccessControl, self.context["view"].user_access_control).access_control_for_object(
obj
)
return access_control.access_level if access_control else None

0 comments on commit 9734354

Please sign in to comment.