permissions: disable write operations when read-only mode is on

max-moser · max-moser · commit 7474d4bb5bf0 · 2022-11-08T13:13:14.000+01:00
diff --git a/invenio_requests/services/permissions.py b/invenio_requests/services/permissions.py
@@ -1,8 +1,8 @@
 # -*- coding: utf-8 -*-
 #
-# Copyright (C) 2021 CERN.
-# Copyright (C) 2021 Northwestern University.
-# Copyright (C) 2021 TU Wien.
+# Copyright (C) 2021      CERN.
+# Copyright (C) 2021      Northwestern University.
+# Copyright (C) 2021-2022 TU Wien.
 #
 # Invenio-Requests is free software; you can redistribute it and/or
 # modify it under the terms of the MIT License; see LICENSE file for more
@@ -15,6 +15,7 @@
     AnyUser,
     AuthenticatedUser,
     Disable,
+    DisableIfReadOnly,
     SystemProcess,
     SystemProcessWithoutSuperUser,
 )
@@ -26,7 +27,8 @@ class PermissionPolicy(RecordPermissionPolicy):
     """Permission policy."""
 
     # Ability in general to create requests (not which request you can create)
-    can_create = [AuthenticatedUser(), SystemProcess()]
+    can_create = [AuthenticatedUser(), SystemProcess(), DisableIfReadOnly()]
+
     # Just about ability to perform a search (not what requests you can access)
     can_search = [AuthenticatedUser(), SystemProcess()]
 
@@ -47,6 +49,7 @@ class PermissionPolicy(RecordPermissionPolicy):
         Status(["created"], [Creator()]),
         Status(["submitted"], [Creator(), Receiver()]),
         SystemProcess(),
+        DisableIfReadOnly(),
     ]
 
     can_delete = [
@@ -56,32 +59,35 @@ class PermissionPolicy(RecordPermissionPolicy):
             [Disable()],
         ),
         SystemProcess(),
+        DisableIfReadOnly(),
     ]
 
     # Submit, cancel, expire, accept and decline actions only deals
     # with requests in a **single state** and thus doesn't need to take the
     # request status into account.
-    can_action_submit = [Creator(), SystemProcess()]
-    can_action_cancel = [Creator(), SystemProcess()]
+    can_action_submit = [Creator(), SystemProcess(), DisableIfReadOnly()]
+    can_action_cancel = [Creator(), SystemProcess(), DisableIfReadOnly()]
     # `SystemProcessWithoutSuperUser`: expire is an automatic action done only by
     # the system, therefore the `superuser-action` must be explicitly excluded
     # as it's added by default to any permission.
-    can_action_expire = [SystemProcessWithoutSuperUser()]
-    can_action_accept = [Receiver(), SystemProcess()]
-    can_action_decline = [Receiver(), SystemProcess()]
+    can_action_expire = [SystemProcessWithoutSuperUser(), DisableIfReadOnly()]
+    can_action_accept = [Receiver(), SystemProcess(), DisableIfReadOnly()]
+    can_action_decline = [Receiver(), SystemProcess(), DisableIfReadOnly()]
 
     # Request events/comments
     # Events are in most cases protected by the associated request.
     can_update_comment = [
         Commenter(),
         SystemProcess(),
+        DisableIfReadOnly(),
     ]
     can_delete_comment = [
         Commenter(),
         SystemProcess(),
+        DisableIfReadOnly(),
     ]
     # If you can read the request you can create events for the request.
-    can_create_comment = can_read
+    can_create_comment = can_read + [DisableIfReadOnly()]
 
     # Needed by the search events permission because a permission_action must
     # be provided to create_search(), but the event search is already protected
