From c2a7a4a451bdeacc7cfbfc62b11ec0e30fa04297 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Laura=20Kl=C3=BCnder?= <laura@codingcatgirl.de>
Date: Sun, 29 Dec 2024 19:37:21 +0100
Subject: [PATCH] add scope_load and load write permission

---
 src/c3nav/api/auth.py       | 2 ++
 src/c3nav/api/models.py     | 1 +
 src/c3nav/control/models.py | 1 +
 src/c3nav/site/forms.py     | 2 +-
 4 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/c3nav/api/auth.py b/src/c3nav/api/auth.py
index 3bf77f35..d098ced9 100644
--- a/src/c3nav/api/auth.py
+++ b/src/c3nav/api/auth.py
@@ -89,6 +89,8 @@ class APIKeyAuth(APIKeyHeader):
                 user_permissions.editor_access = False
             if secret.scope_grant_permissions is False:
                 user_permissions.grant_permissions = False
+            if secret.scope_load is False:
+                user_permissions.can_write_laod_data = False
 
             request.user = secret.user
             request.user_permissions = user_permissions
diff --git a/src/c3nav/api/models.py b/src/c3nav/api/models.py
index fcff3674..6a2c81be 100644
--- a/src/c3nav/api/models.py
+++ b/src/c3nav/api/models.py
@@ -27,6 +27,7 @@ class Secret(models.Model):
     scope_grant_permissions = models.BooleanField(_('grant map access permissions'), default=False)
     scope_editor = models.BooleanField(_('editor access'), default=False)
     scope_mesh = models.BooleanField(_('mesh access'), default=False)
+    scope_load = models.BooleanField(_('load write access'), default=False)
     valid_until = models.DateTimeField(null=True, verbose_name=_('valid_until'))
 
     objects = models.Manager.from_queryset(SecretQuerySet)()
diff --git a/src/c3nav/control/models.py b/src/c3nav/control/models.py
index 9549d18c..ee25fb7a 100644
--- a/src/c3nav/control/models.py
+++ b/src/c3nav/control/models.py
@@ -45,6 +45,7 @@ class UserPermissions(models.Model):
     quests: list[str] = SchemaField(schema=list[str], default=list)
     impolite_quests = models.BooleanField(default=False, verbose_name=_('dont say thanks after completing a quest'))
     passive_ap_name_scanning = models.BooleanField(default=False, verbose_name=_('passive ap name scanning'))
+    can_write_laod_data = models.BooleanField(default=False, verbose_name=_('write load data'))
 
     class Meta:
         verbose_name = _('User Permissions')
diff --git a/src/c3nav/site/forms.py b/src/c3nav/site/forms.py
index 1f98071f..44a5398e 100644
--- a/src/c3nav/site/forms.py
+++ b/src/c3nav/site/forms.py
@@ -108,7 +108,7 @@ class APISecretForm(ModelForm):
 
     class Meta:
         model = Secret
-        fields = ['name', 'readonly', 'scope_grant_permissions', 'scope_editor', 'scope_mesh']
+        fields = ['name', 'readonly', 'scope_grant_permissions', 'scope_editor', 'scope_mesh', "scope_load"]
 
     def clean(self):
         try: