~homeworkprod/byceps

74f9f897ec5d6587dd927bad9a18e38283bffcdc — Jochen Kupperschmidt 1 year, 1 month ago 16451a6
Change format of persisted permissions and roles file from JSON to TOML

While TOML is intented for configuration files, the permissions export
can be considered one.

In this case, using TOML compared to JSON cuts a lot of noise and
indentation, allows for trailing commas, and supports unescaped Unicode
characters.
7 files changed, 635 insertions(+), 651 deletions(-)

M docs/installation.rst
M pyproject.toml
M requirements.txt
D scripts/data/permissions_and_roles.json
A scripts/data/permissions_and_roles.toml
M scripts/export_permissions_and_roles.py
M scripts/import_permissions_and_roles.py
M docs/installation.rst => docs/installation.rst +2 -2
@@ 218,11 218,11 @@ Create the necessary tables:
   Creating database tables ... done.

An initial set of authorization permissions and roles is provided as a
JSON file. Import it into the database:
TOML file. Import it into the database:

.. code-block:: sh

   $ BYCEPS_CONFIG=../config/yourconfig.py ./import_permissions_and_roles.py data/permissions_and_roles.json
   $ BYCEPS_CONFIG=../config/yourconfig.py ./import_permissions_and_roles.py data/permissions_and_roles.toml
   Importing 75 permissions ... done.
   Importing 29 roles ... done.


M pyproject.toml => pyproject.toml +1 -0
@@ 35,6 35,7 @@ redis = "^3.5.3"
requests = "^2.24.0"
rq = "^1.5.1"
rq-dashboard = "^0.6.1"
rtoml = "^0.4.0"
SQLAlchemy = "^1.3.19"
Werkzeug = "^1.0.1"
WTForms = "^2.3.3"

M requirements.txt => requirements.txt +1 -0
@@ 20,6 20,7 @@ redis==3.5.3
requests==2.24.0
rq==1.5.1
rq-dashboard==0.6.1
rtoml==0.4.0
sqlalchemy==1.3.19
werkzeug==1.0.1
wtforms==2.3.3

D scripts/data/permissions_and_roles.json => scripts/data/permissions_and_roles.json +0 -640
@@ 1,640 0,0 @@
{
  "permissions": [
    {
      "id": "admin.access",
      "title": "auf den Admin-Bereich zugreifen"
    },
    {
      "id": "admin_dashboard.view_brand",
      "title": "Admin-Dashboard f\u00fcr Marken anzeigen"
    },
    {
      "id": "admin_dashboard.view_global",
      "title": "globales Admin-Dashboard anzeigen"
    },
    {
      "id": "admin_dashboard.view_party",
      "title": "Admin-Dashboard f\u00fcr Partys anzeigen"
    },
    {
      "id": "board.announce",
      "title": "Ankündigungen erstellen"
    },
    {
      "id": "board_category.create",
      "title": "Foren-Kategorien erstellen"
    },
    {
      "id": "board_category.update",
      "title": "Foren-Kategorien bearbeiten"
    },
    {
      "id": "board_category.view",
      "title": "Foren-Kategorien anzeigen"
    },
    {
      "id": "board.create",
      "title": "Foren erstellen"
    },
    {
      "id": "board.hide",
      "title": "Themen und Beitr\u00e4ge im Forum verstecken"
    },
    {
      "id": "board_posting.create",
      "title": "Beitr\u00e4ge im Forum erstellen"
    },
    {
      "id": "board_posting.update",
      "title": "Beitr\u00e4ge im Forum bearbeiten"
    },
    {
      "id": "board_topic.create",
      "title": "Themen im Forum erstellen"
    },
    {
      "id": "board_topic.lock",
      "title": "Themen im Forum schlie\u00dfen"
    },
    {
      "id": "board_topic.move",
      "title": "Themen im Forum in anderen Kategorien verschieben"
    },
    {
      "id": "board_topic.pin",
      "title": "Themen im Forum anpinnen"
    },
    {
      "id": "board_topic.update",
      "title": "Themen im Forum bearbeiten"
    },
    {
      "id": "board.update_of_others",
      "title": "Themen und Beitr\u00e4ge anderer Benutzer im Forum bearbeiten"
    },
    {
      "id": "board.view_hidden",
      "title": "versteckte Themen und Beitr\u00e4ge im Forum anzeigen"
    },
    {
      "id": "brand.create",
      "title": "Marken erstellen"
    },
    {
      "id": "brand.update",
      "title": "Marken bearbeiten"
    },
    {
      "id": "brand.view",
      "title": "Marken anzeigen"
    },
    {
      "id": "consent.administrate",
      "title": "Zustimmungen verwalten"
    },
    {
      "id": "email_config.create",
      "title": "E-Mail-Konfigurationen erstellen"
    },
    {
      "id": "email_config.delete",
      "title": "E-Mail-Konfigurationen l\u00f6schen"
    },
    {
      "id": "email_config.update",
      "title": "E-Mail-Konfigurationen bearbeiten"
    },
    {
      "id": "email_config.view",
      "title": "E-Mail-Konfigurationen anzeigen"
    },
    {
      "id": "jobs.view",
      "title": "Jobs anzeigen"
    },
    {
      "id": "news_channel.create",
      "title": "News-Kan\u00e4le erstellen"
    },
    {
      "id": "news_item.create",
      "title": "News erstellen"
    },
    {
      "id": "news_item.publish",
      "title": "News veröffentlichen"
    },
    {
      "id": "news_item.update",
      "title": "News bearbeiten"
    },
    {
      "id": "news_item.view",
      "title": "News anzeigen"
    },
    {
      "id": "news_item.view_draft",
      "title": "News-Entwürfe anzeigen"
    },
    {
      "id": "newsletter.export_subscribers",
      "title": "Abonnenten exportieren"
    },
    {
      "id": "newsletter.view_subscriptions",
      "title": "Newsletter-Bestellstatus einsehen"
    },
    {
      "id": "orga_birthday.view",
      "title": "Geburtstage von Orgas anzeigen"
    },
    {
      "id": "orga_detail.view",
      "title": "Orga-Details anzeigen"
    },
    {
      "id": "orga_presence.update",
      "title": "Anwesenheiten eintragen"
    },
    {
      "id": "orga_presence.view",
      "title": "Anwesenheiten anzeigen"
    },
    {
      "id": "orga_team.administrate_memberships",
      "title": "Orga-Team-Mitgliedschaften verwalten"
    },
    {
      "id": "orga_team.create",
      "title": "Orga-Teams erstellen"
    },
    {
      "id": "orga_team.delete",
      "title": "Orga-Teams l\u00f6schen"
    },
    {
      "id": "orga_team.view",
      "title": "Orga-Teams anzeigen"
    },
    {
      "id": "party.create",
      "title": "Partys erstellen"
    },
    {
      "id": "party.update",
      "title": "Partys bearbeiten"
    },
    {
      "id": "party.view",
      "title": "Partys anzeigen"
    },
    {
      "id": "role.assign",
      "title": "Rollen an Benutzer zuweisen"
    },
    {
      "id": "role.view",
      "title": "Rollen anzeigen"
    },
    {
      "id": "seating.administrate",
      "title": "Sitzpl\u00e4tze administrieren"
    },
    {
      "id": "seating.view",
      "title": "Sitzpl\u00e4ne anzeigen"
    },
    {
      "id": "shop_article.create",
      "title": "Shop-Artikel erstellen"
    },
    {
      "id": "shop_article.update",
      "title": "Shop-Artikel bearbeiten"
    },
    {
      "id": "shop_article.view",
      "title": "Shop-Artikel anzeigen"
    },
    {
      "id": "shop_order.cancel",
      "title": "Bestellungen stornieren"
    },
    {
      "id": "shop_order.mark_as_paid",
      "title": "Bestellungen als bezahlt markieren"
    },
    {
      "id": "shop_order.update",
      "title": "Shop-Bestellungen bearbeiten"
    },
    {
      "id": "shop_order.view",
      "title": "Shop-Bestellungen anzeigen"
    },
    {
      "id": "shop.create",
      "title": "Shops und Storefronts erstellen"
    },
    {
      "id": "shop.update",
      "title": "Shops und Storefronts bearbeiten"
    },
    {
      "id": "shop.view",
      "title": "Shops und Storefronts anzeigen"
    },
    {
      "id": "site.create",
      "title": "Sites erstellen"
    },
    {
      "id": "site.update",
      "title": "Sites bearbeiten"
    },
    {
      "id": "site.view",
      "title": "Sites anzeigen"
    },
    {
      "id": "snippet_mountpoint.create",
      "title": "Snippet-Mountpoints erstellen"
    },
    {
      "id": "snippet_mountpoint.delete",
      "title": "Snippet-Mountpoints l\u00f6schen"
    },
    {
      "id": "snippet.create",
      "title": "Snippets erstellen"
    },
    {
      "id": "snippet.delete",
      "title": "Snippets l\u00f6schen"
    },
    {
      "id": "snippet.update",
      "title": "Snippets bearbeiten"
    },
    {
      "id": "snippet.view",
      "title": "Snippets anzeigen"
    },
    {
      "id": "snippet.view_history",
      "title": "Versionsverlauf von Snippets anzeigen"
    },
    {
      "id": "terms.create",
      "title": "neue AGB-Versionen erstellen"
    },
    {
      "id": "terms.view",
      "title": "AGB-Versionen anzeigen"
    },
    {
      "id": "ticketing.administrate_seat_occupancy",
      "title": "Belegung von Sitzpl\u00e4tzen verwalten"
    },
    {
      "id": "ticketing.checkin",
      "title": "G\u00e4ste am Einlass einchecken"
    },
    {
      "id": "ticketing.view",
      "title": "Tickets anzeigen"
    },
    {
      "id": "tourney_category.create",
      "title": "Turnierkategorien erstellen"
    },
    {
      "id": "tourney_category.update",
      "title": "Turnierkategorien bearbeiten"
    },
    {
      "id": "tourney_category.view",
      "title": "Turnierkategorien anzeigen"
    },
    {
      "id": "user.administrate",
      "title": "Benutzer verwalten"
    },
    {
      "id": "user.create",
      "title": "Benutzer erstellen"
    },
    {
      "id": "user_badge.award",
      "title": "Abzeichen verleihen"
    },
    {
      "id": "user_badge.create",
      "title": "Abzeichen erstellen"
    },
    {
      "id": "user_badge.update",
      "title": "Abzeichen bearbeiten"
    },
    {
      "id": "user_badge.view",
      "title": "Abzeichen anzeigen"
    },
    {
      "id": "user.set_password",
      "title": "Benutzerpasswörter ändern"
    },
    {
      "id": "user.view",
      "title": "Benutzer anzeigen"
    }
  ],
  "roles": [
    {
      "assigned_permissions": [
        "role.assign",
        "role.view"
      ],
      "id": "authorization_admin",
      "title": "Rechte und Rollen verwalten"
    },
    {
      "assigned_permissions": [
        "board_category.create",
        "board_category.update",
        "board_category.view",
        "board.create"
      ],
      "id": "board_admin",
      "title": "Forum verwalten"
    },
    {
      "assigned_permissions": [
        "board.announce",
        "board.hide",
        "board.update_of_others",
        "board.view_hidden",
        "board_topic.lock",
        "board_topic.move",
        "board_topic.pin"
      ],
      "id": "board_moderator",
      "title": "Forum moderieren"
    },
    {
      "assigned_permissions": [
        "board_posting.create",
        "board_posting.update",
        "board_topic.create",
        "board_topic.update"
      ],
      "id": "board_user",
      "title": "im Forum schreiben"
    },
    {
      "assigned_permissions": [
        "brand.create",
        "brand.update",
        "brand.view"
      ],
      "id": "brand_admin",
      "title": "Marken verwalten"
    },
    {
      "assigned_permissions": [
        "shop_order.view",
        "ticketing.administrate_seat_occupancy",
        "user.administrate",
        "user.create",
        "user.set_password",
        "user.view"
      ],
      "id": "checkin_boss",
      "title": "Abendkasse und Nutzerzuweisung"
    },
    {
      "assigned_permissions": [
        "consent.administrate"
      ],
      "id": "consent_admin",
      "title": "Zustimmungen verwalten"
    },
    {
      "assigned_permissions": [
        "email_config.create",
        "email_config.delete",
        "email_config.update",
        "email_config.view"
      ],
      "id": "email_admin",
      "title": "E-Mail-Konfigurationen verwalten"
    },
    {
      "assigned_permissions": [
        "news_channel.create"
      ],
      "id": "news_admin",
      "title": "News verwalten"
    },
    {
      "assigned_permissions": [
        "news_item.create",
        "news_item.publish",
        "news_item.update",
        "news_item.view",
        "news_item.view_draft"
      ],
      "id": "news_editor",
      "title": "Newsredakteur"
    },
    {
      "assigned_permissions": [
        "newsletter.export_subscribers",
        "newsletter.view_subscriptions"
      ],
      "id": "newsletter_admin",
      "title": "Newsletter-Abonnements verwalten"
    },
    {
      "assigned_permissions": [
        "jobs.view"
      ],
      "id": "jobs_admin",
      "title": "Jobs verwalten"
    },
    {
      "assigned_permissions": [
        "admin.access",
        "admin_dashboard.view_brand",
        "admin_dashboard.view_global",
        "admin_dashboard.view_party",
        "board.view_hidden",
        "brand.view",
        "news_item.view",
        "orga_birthday.view",
        "orga_detail.view",
        "orga_presence.update",
        "orga_presence.view",
        "orga_team.view",
        "party.view",
        "seating.view",
        "snippet.view",
        "snippet.view_history",
        "terms.view",
        "ticketing.checkin",
        "ticketing.view",
        "tourney_category.view"
      ],
      "id": "orga",
      "title": "Organisator"
    },
    {
      "assigned_permissions": [
        "orga_team.administrate_memberships",
        "orga_team.create",
        "orga_team.delete",
        "orga_team.view"
      ],
      "id": "orga_team_admin",
      "title": "Orgateams verwalten"
    },
    {
      "assigned_permissions": [
        "party.create",
        "party.update",
        "party.view"
      ],
      "id": "party_admin",
      "title": "Partys verwalten"
    },
    {
      "assigned_permissions": [
        "seating.administrate",
        "seating.view"
      ],
      "id": "seating_admin",
      "title": "Sitzpl\u00e4ne verwalten"
    },
    {
      "assigned_permissions": [
        "shop.create",
        "shop.update",
        "shop.view"
      ],
      "id": "shop_admin",
      "title": "Shops verwalten"
    },
    {
      "assigned_permissions": [
        "shop_article.create",
        "shop_article.update",
        "shop_article.view"
      ],
      "id": "shop_article_admin",
      "title": "Shop-Artikel verwalten"
    },
    {
      "assigned_permissions": [
        "shop_order.cancel",
        "shop_order.update",
        "shop_order.view"
      ],
      "id": "shop_order_admin",
      "title": "Shop-Bestellungen verwalten"
    },
    {
      "assigned_permissions": [
        "shop_order.mark_as_paid",
        "shop_order.view"
      ],
      "id": "shop_order_payment_approver",
      "title": "Zahlungseing\u00e4nge best\u00e4tigen"
    },
    {
      "assigned_permissions": [
        "site.create",
        "site.update",
        "site.view"
      ],
      "id": "site_admin",
      "title": "Sites verwalten"
    },
    {
      "assigned_permissions": [
        "snippet_mountpoint.create",
        "snippet_mountpoint.delete",
        "snippet.delete"
      ],
      "id": "snippet_admin",
      "title": "Snippets verwalten"
    },
    {
      "assigned_permissions": [
        "snippet.create",
        "snippet.update",
        "snippet.view",
        "snippet.view_history"
      ],
      "id": "snippet_editor",
      "title": "Snippets bearbeiten"
    },
    {
      "assigned_permissions": [
        "shop_order.view",
        "user.view"
      ],
      "id": "support_orga",
      "title": "Support-Orga"
    },
    {
      "assigned_permissions": [
        "terms.create",
        "terms.view"
      ],
      "id": "terms_editor",
      "title": "AGB verwalten"
    },
    {
      "assigned_permissions": [
        "ticketing.view"
      ],
      "id": "ticketing_admin",
      "title": "Tickets verwalten"
    },
    {
      "assigned_permissions": [
        "tourney_category.create",
        "tourney_category.update",
        "tourney_category.view"
      ],
      "id": "tourney_category_admin",
      "title": "Turnierkategorien verwalten"
    },
    {
      "assigned_permissions": [
        "user.administrate",
        "user.create",
        "user.view"
      ],
      "id": "user_admin",
      "title": "Benutzer verwalten"
    },
    {
      "assigned_permissions": [
        "user.set_password"
      ],
      "id": "user_authn_admin",
      "title": "Benutzer-Authentifizierung verwalten"
    },
    {
      "assigned_permissions": [
        "user_badge.award",
        "user_badge.create",
        "user_badge.update",
        "user_badge.view"
      ],
      "id": "user_badge_admin",
      "title": "Abzeichen verwalten"
    }
  ]
}

A scripts/data/permissions_and_roles.toml => scripts/data/permissions_and_roles.toml +623 -0
@@ 0,0 1,623 @@
[[permissions]]
id = 'admin.access'
title = 'auf den Admin-Bereich zugreifen'

[[permissions]]
id = 'admin_dashboard.view_brand'
title = 'Admin-Dashboard für Marken anzeigen'

[[permissions]]
id = 'admin_dashboard.view_global'
title = 'globales Admin-Dashboard anzeigen'

[[permissions]]
id = 'admin_dashboard.view_party'
title = 'Admin-Dashboard für Partys anzeigen'

[[permissions]]
id = 'board.announce'
title = 'Ankündigungen erstellen'

[[permissions]]
id = 'board.create'
title = 'Foren erstellen'

[[permissions]]
id = 'board.hide'
title = 'Themen und Beiträge im Forum verstecken'

[[permissions]]
id = 'board.update_of_others'
title = 'Themen und Beiträge anderer Benutzer im Forum bearbeiten'

[[permissions]]
id = 'board.view_hidden'
title = 'versteckte Themen und Beiträge im Forum anzeigen'

[[permissions]]
id = 'board_category.create'
title = 'Foren-Kategorien erstellen'

[[permissions]]
id = 'board_category.update'
title = 'Foren-Kategorien bearbeiten'

[[permissions]]
id = 'board_category.view'
title = 'Foren-Kategorien anzeigen'

[[permissions]]
id = 'board_posting.create'
title = 'Beiträge im Forum erstellen'

[[permissions]]
id = 'board_posting.update'
title = 'Beiträge im Forum bearbeiten'

[[permissions]]
id = 'board_topic.create'
title = 'Themen im Forum erstellen'

[[permissions]]
id = 'board_topic.lock'
title = 'Themen im Forum schließen'

[[permissions]]
id = 'board_topic.move'
title = 'Themen im Forum in anderen Kategorien verschieben'

[[permissions]]
id = 'board_topic.pin'
title = 'Themen im Forum anpinnen'

[[permissions]]
id = 'board_topic.update'
title = 'Themen im Forum bearbeiten'

[[permissions]]
id = 'brand.create'
title = 'Marken erstellen'

[[permissions]]
id = 'brand.update'
title = 'Marken bearbeiten'

[[permissions]]
id = 'brand.view'
title = 'Marken anzeigen'

[[permissions]]
id = 'consent.administrate'
title = 'Zustimmungen verwalten'

[[permissions]]
id = 'email_config.create'
title = 'E-Mail-Konfigurationen erstellen'

[[permissions]]
id = 'email_config.delete'
title = 'E-Mail-Konfigurationen löschen'

[[permissions]]
id = 'email_config.update'
title = 'E-Mail-Konfigurationen bearbeiten'

[[permissions]]
id = 'email_config.view'
title = 'E-Mail-Konfigurationen anzeigen'

[[permissions]]
id = 'jobs.view'
title = 'Jobs anzeigen'

[[permissions]]
id = 'news_channel.create'
title = 'News-Kanäle erstellen'

[[permissions]]
id = 'news_item.create'
title = 'News erstellen'

[[permissions]]
id = 'news_item.publish'
title = 'News veröffentlichen'

[[permissions]]
id = 'news_item.update'
title = 'News bearbeiten'

[[permissions]]
id = 'news_item.view'
title = 'News anzeigen'

[[permissions]]
id = 'news_item.view_draft'
title = 'News-Entwürfe anzeigen'

[[permissions]]
id = 'newsletter.export_subscribers'
title = 'Abonnenten exportieren'

[[permissions]]
id = 'newsletter.view_subscriptions'
title = 'Newsletter-Bestellstatus einsehen'

[[permissions]]
id = 'orga_birthday.view'
title = 'Geburtstage von Orgas anzeigen'

[[permissions]]
id = 'orga_detail.view'
title = 'Orga-Details anzeigen'

[[permissions]]
id = 'orga_presence.update'
title = 'Anwesenheiten eintragen'

[[permissions]]
id = 'orga_presence.view'
title = 'Anwesenheiten anzeigen'

[[permissions]]
id = 'orga_team.administrate_memberships'
title = 'Orga-Team-Mitgliedschaften verwalten'

[[permissions]]
id = 'orga_team.create'
title = 'Orga-Teams erstellen'

[[permissions]]
id = 'orga_team.delete'
title = 'Orga-Teams löschen'

[[permissions]]
id = 'orga_team.view'
title = 'Orga-Teams anzeigen'

[[permissions]]
id = 'party.create'
title = 'Partys erstellen'

[[permissions]]
id = 'party.update'
title = 'Partys bearbeiten'

[[permissions]]
id = 'party.view'
title = 'Partys anzeigen'

[[permissions]]
id = 'role.assign'
title = 'Rollen an Benutzer zuweisen'

[[permissions]]
id = 'role.view'
title = 'Rollen anzeigen'

[[permissions]]
id = 'seating.administrate'
title = 'Sitzplätze administrieren'

[[permissions]]
id = 'seating.view'
title = 'Sitzpläne anzeigen'

[[permissions]]
id = 'shop.create'
title = 'Shops und Storefronts erstellen'

[[permissions]]
id = 'shop.update'
title = 'Shops und Storefronts bearbeiten'

[[permissions]]
id = 'shop.view'
title = 'Shops und Storefronts anzeigen'

[[permissions]]
id = 'shop_article.create'
title = 'Shop-Artikel erstellen'

[[permissions]]
id = 'shop_article.update'
title = 'Shop-Artikel bearbeiten'

[[permissions]]
id = 'shop_article.view'
title = 'Shop-Artikel anzeigen'

[[permissions]]
id = 'shop_order.cancel'
title = 'Bestellungen stornieren'

[[permissions]]
id = 'shop_order.mark_as_paid'
title = 'Bestellungen als bezahlt markieren'

[[permissions]]
id = 'shop_order.update'
title = 'Shop-Bestellungen bearbeiten'

[[permissions]]
id = 'shop_order.view'
title = 'Shop-Bestellungen anzeigen'

[[permissions]]
id = 'site.create'
title = 'Sites erstellen'

[[permissions]]
id = 'site.update'
title = 'Sites bearbeiten'

[[permissions]]
id = 'site.view'
title = 'Sites anzeigen'

[[permissions]]
id = 'snippet.create'
title = 'Snippets erstellen'

[[permissions]]
id = 'snippet.delete'
title = 'Snippets löschen'

[[permissions]]
id = 'snippet.update'
title = 'Snippets bearbeiten'

[[permissions]]
id = 'snippet.view'
title = 'Snippets anzeigen'

[[permissions]]
id = 'snippet.view_history'
title = 'Versionsverlauf von Snippets anzeigen'

[[permissions]]
id = 'snippet_mountpoint.create'
title = 'Snippet-Mountpoints erstellen'

[[permissions]]
id = 'snippet_mountpoint.delete'
title = 'Snippet-Mountpoints löschen'

[[permissions]]
id = 'terms.create'
title = 'neue AGB-Versionen erstellen'

[[permissions]]
id = 'terms.view'
title = 'AGB-Versionen anzeigen'

[[permissions]]
id = 'ticketing.administrate_seat_occupancy'
title = 'Belegung von Sitzplätzen verwalten'

[[permissions]]
id = 'ticketing.checkin'
title = 'Gäste am Einlass einchecken'

[[permissions]]
id = 'ticketing.view'
title = 'Tickets anzeigen'

[[permissions]]
id = 'tourney_category.create'
title = 'Turnierkategorien erstellen'

[[permissions]]
id = 'tourney_category.update'
title = 'Turnierkategorien bearbeiten'

[[permissions]]
id = 'tourney_category.view'
title = 'Turnierkategorien anzeigen'

[[permissions]]
id = 'user.administrate'
title = 'Benutzer verwalten'

[[permissions]]
id = 'user.create'
title = 'Benutzer erstellen'

[[permissions]]
id = 'user.set_password'
title = 'Benutzerpasswörter ändern'

[[permissions]]
id = 'user.view'
title = 'Benutzer anzeigen'

[[permissions]]
id = 'user_badge.award'
title = 'Abzeichen verleihen'

[[permissions]]
id = 'user_badge.create'
title = 'Abzeichen erstellen'

[[permissions]]
id = 'user_badge.update'
title = 'Abzeichen bearbeiten'

[[permissions]]
id = 'user_badge.view'
title = 'Abzeichen anzeigen'

[[roles]]
id = 'authorization_admin'
title = 'Rechte und Rollen verwalten'
assigned_permissions = [
    'role.assign',
    'role.view',
]

[[roles]]
id = 'board_admin'
title = 'Forum verwalten'
assigned_permissions = [
    'board.create',
    'board_category.create',
    'board_category.update',
    'board_category.view',
]

[[roles]]
id = 'board_moderator'
title = 'Forum moderieren'
assigned_permissions = [
    'board.announce',
    'board.hide',
    'board.update_of_others',
    'board.view_hidden',
    'board_topic.lock',
    'board_topic.move',
    'board_topic.pin',
]

[[roles]]
id = 'board_user'
title = 'im Forum schreiben'
assigned_permissions = [
    'board_posting.create',
    'board_posting.update',
    'board_topic.create',
    'board_topic.update',
]

[[roles]]
id = 'brand_admin'
title = 'Marken verwalten'
assigned_permissions = [
    'brand.create',
    'brand.update',
    'brand.view',
]

[[roles]]
id = 'checkin_boss'
title = 'Abendkasse und Nutzerzuweisung'
assigned_permissions = [
    'shop_order.view',
    'ticketing.administrate_seat_occupancy',
    'user.administrate',
    'user.create',
    'user.set_password',
    'user.view',
]

[[roles]]
id = 'consent_admin'
title = 'Zustimmungen verwalten'
assigned_permissions = ['consent.administrate']

[[roles]]
id = 'email_admin'
title = 'E-Mail-Konfigurationen verwalten'
assigned_permissions = [
    'email_config.create',
    'email_config.delete',
    'email_config.update',
    'email_config.view',
]

[[roles]]
id = 'jobs_admin'
title = 'Jobs verwalten'
assigned_permissions = ['jobs.view']

[[roles]]
id = 'news_admin'
title = 'News verwalten'
assigned_permissions = ['news_channel.create']

[[roles]]
id = 'news_editor'
title = 'Newsredakteur'
assigned_permissions = [
    'news_item.create',
    'news_item.publish',
    'news_item.update',
    'news_item.view',
    'news_item.view_draft',
]

[[roles]]
id = 'newsletter_admin'
title = 'Newsletter-Abonnements verwalten'
assigned_permissions = [
    'newsletter.export_subscribers',
    'newsletter.view_subscriptions',
]

[[roles]]
id = 'orga'
title = 'Organisator'
assigned_permissions = [
    'admin.access',
    'admin_dashboard.view_brand',
    'admin_dashboard.view_global',
    'admin_dashboard.view_party',
    'board.view_hidden',
    'brand.view',
    'news_item.view',
    'orga_birthday.view',
    'orga_detail.view',
    'orga_presence.update',
    'orga_presence.view',
    'orga_team.view',
    'party.view',
    'seating.view',
    'snippet.view',
    'snippet.view_history',
    'terms.view',
    'ticketing.checkin',
    'ticketing.view',
    'tourney_category.view',
]

[[roles]]
id = 'orga_team_admin'
title = 'Orgateams verwalten'
assigned_permissions = [
    'orga_team.administrate_memberships',
    'orga_team.create',
    'orga_team.delete',
    'orga_team.view',
]

[[roles]]
id = 'party_admin'
title = 'Partys verwalten'
assigned_permissions = [
    'party.create',
    'party.update',
    'party.view',
]

[[roles]]
id = 'seating_admin'
title = 'Sitzpläne verwalten'
assigned_permissions = [
    'seating.administrate',
    'seating.view',
]

[[roles]]
id = 'shop_admin'
title = 'Shops verwalten'
assigned_permissions = [
    'shop.create',
    'shop.update',
    'shop.view',
]

[[roles]]
id = 'shop_article_admin'
title = 'Shop-Artikel verwalten'
assigned_permissions = [
    'shop_article.create',
    'shop_article.update',
    'shop_article.view',
]

[[roles]]
id = 'shop_order_admin'
title = 'Shop-Bestellungen verwalten'
assigned_permissions = [
    'shop_order.cancel',
    'shop_order.update',
    'shop_order.view',
]

[[roles]]
id = 'shop_order_payment_approver'
title = 'Zahlungseingänge bestätigen'
assigned_permissions = [
    'shop_order.mark_as_paid',
    'shop_order.view',
]

[[roles]]
id = 'site_admin'
title = 'Sites verwalten'
assigned_permissions = [
    'site.create',
    'site.update',
    'site.view',
]

[[roles]]
id = 'snippet_admin'
title = 'Snippets verwalten'
assigned_permissions = [
    'snippet.delete',
    'snippet_mountpoint.create',
    'snippet_mountpoint.delete',
]

[[roles]]
id = 'snippet_editor'
title = 'Snippets bearbeiten'
assigned_permissions = [
    'snippet.create',
    'snippet.update',
    'snippet.view',
    'snippet.view_history',
]

[[roles]]
id = 'support_orga'
title = 'Support-Orga'
assigned_permissions = [
    'shop_order.view',
    'user.view',
]

[[roles]]
id = 'terms_editor'
title = 'AGB verwalten'
assigned_permissions = [
    'terms.create',
    'terms.view',
]

[[roles]]
id = 'ticketing_admin'
title = 'Tickets verwalten'
assigned_permissions = ['ticketing.view']

[[roles]]
id = 'tourney_category_admin'
title = 'Turnierkategorien verwalten'
assigned_permissions = [
    'tourney_category.create',
    'tourney_category.update',
    'tourney_category.view',
]

[[roles]]
id = 'user_admin'
title = 'Benutzer verwalten'
assigned_permissions = [
    'user.administrate',
    'user.create',
    'user.view',
]

[[roles]]
id = 'user_authn_admin'
title = 'Benutzer-Authentifizierung verwalten'
assigned_permissions = ['user.set_password']

[[roles]]
id = 'user_badge_admin'
title = 'Abzeichen verwalten'
assigned_permissions = [
    'user_badge.award',
    'user_badge.create',
    'user_badge.update',
    'user_badge.view',
]

M scripts/export_permissions_and_roles.py => scripts/export_permissions_and_roles.py +3 -3
@@ 1,15 1,15 @@
#!/usr/bin/env python

"""Export all permissions, roles, and their relations as JSON to STDOUT.
"""Export all permissions, roles, and their relations as TOML to STDOUT.

:Copyright: 2006-2020 Jochen Kupperschmidt
:License: Modified BSD, see LICENSE for details.
"""

import json
import sys

import click
import rtoml

from byceps.database import db
from byceps.services.authorization.models import Permission, Role


@@ 28,7 28,7 @@ def execute():
        'roles': roles,
    }

    json.dump(data, sys.stdout, indent=2, sort_keys=True)
    rtoml.dump(data, sys.stdout, pretty=True)


def collect_permissions():

M scripts/import_permissions_and_roles.py => scripts/import_permissions_and_roles.py +5 -6
@@ 1,14 1,13 @@
#!/usr/bin/env python

"""Import permissions, roles, and their relations from a JSON file.
"""Import permissions, roles, and their relations from a TOML file.

:Copyright: 2006-2020 Jochen Kupperschmidt
:License: Modified BSD, see LICENSE for details.
"""

import json

import click
import rtoml

from byceps.services.authorization import service as authz_service
from byceps.util.system import get_config_filename_from_env_or_exit


@@ 17,9 16,9 @@ from _util import app_context


@click.command()
@click.argument('json_file', type=click.File())
def execute(json_file):
    data = json.load(json_file)
@click.argument('data_file', type=click.File())
def execute(data_file):
    data = rtoml.load(data_file)

    permissions = data['permissions']
    roles = data['roles']