diff --git a/app/access/views/team.py b/app/access/views/team.py index 2f13b4f9..559e36e6 100644 --- a/app/access/views/team.py +++ b/app/access/views/team.py @@ -43,6 +43,9 @@ def get(self, request, *args, **kwargs): def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) + context['model_docs_path'] = self.model._meta.app_label + '/' + self.model._meta.model_name + '/' + + organization = Organization.objects.get(pk=self.kwargs['organization_id']) context['organization'] = organization diff --git a/docs/projects/django-template/user/access/team.md b/docs/projects/django-template/user/access/team.md new file mode 100644 index 00000000..1f568390 --- /dev/null +++ b/docs/projects/django-template/user/access/team.md @@ -0,0 +1,14 @@ +--- +title: Team +description: No Fuss Computings Team Documentation for Django ITSM +date: 2024-06-17 +template: project.html +about: https://gitlab.com/nofusscomputing/infrastructure/configuration-management/django_app +--- + +A Team is subordinate to an organization and is a way of grouping permissions with users. A team as the name implies contains application users whom once assigned to a team will be granted the permissions of that team. Permission assigned are an _"allowed"_ to conduct that action. It is not possible to add deny permissions + +Team permission are not application wide, their scope is limited to objects that are a part of the same team. In addition any object that is marked `is_global` a user with the objects view permission can see that object. + +!!! warning + An Organization manager can conduct **ALL** operations against a team regardless of their permissions. diff --git a/mkdocs.yml b/mkdocs.yml index ac3b9529..6eefa179 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -126,6 +126,8 @@ nav: - projects/django-template/user/access/organization.md + - projects/django-template/user/access/team.md + - projects/django-template/user/configuration.md - projects/django-template/user/api.md