OM-351: added search all groups for IMIS admin

worker_voucher/apps.py

@@ -15,6 +15,7 @@
     "gql_group_of_worker_create_perms": ["205002"],
     "gql_group_of_worker_update_perms": ["205003"],
     "gql_group_of_worker_delete_perms": ["205004"],
+    "gql_group_of_worker_search_all_perms": ["205005"],
     "unassigned_voucher_enabled": True,
     "price_per_voucher": "100.00",
     "max_generic_vouchers": 1000,
@@ -50,6 +51,7 @@ class WorkerVoucherConfig(AppConfig, ConfigUtilMixin):
     gql_group_of_worker_create_perms = None
     gql_group_of_worker_update_perms = None
     gql_group_of_worker_delete_perms = None
+    gql_group_of_worker_search_all_perms = None
 
     unassigned_voucher_enabled = None
     price_per_voucher = None

worker_voucher/migrations/0016_group_search_all_rights.py

@@ -0,0 +1,46 @@
+from django.db import migrations
+
+rights = ['205005']
+roles = ['IMIS Administrator']
+
+
+def add_rights(role_name, role_model, role_right_model):
+    role = role_model.objects.get(name=role_name, validity_to__isnull=True)
+    for right_id in rights:
+        if not role_right_model.objects.filter(validity_to__isnull=True, role=role, right_id=right_id).exists():
+            _add_right_for_role(role, right_id, role_right_model)
+
+
+def _add_right_for_role(role, right_id, role_right_model):
+    role_right_model.objects.create(role=role, right_id=right_id, audit_user_id=1)
+
+
+def remove_rights(role_id, role_right_model):
+    role_right_model.objects.filter(
+        role__is_system=role_id,
+        right_id__in=rights,
+        validity_to__isnull=True
+    ).delete()
+
+
+def on_migration(apps, schema_editor):
+    role_model = apps.get_model("core", "role")
+    role_right_model = apps.get_model("core", "roleright")
+    for role in roles:
+        add_rights(role, role_model, role_right_model)
+
+
+def on_reverse_migration(apps, schema_editor):
+    role_right_model = apps.get_model("core", "roleright")
+    for role in roles:
+        remove_rights(role, role_right_model)
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ('worker_voucher', '0015_group_of_worker_rights'),
+    ]
+
+    operations = [
+        migrations.RunPython(on_migration, on_reverse_migration),
+    ]

worker_voucher/schema.py

@@ -227,8 +227,10 @@ def resolve_group_of_worker(self, info, economic_unit_code=None, **kwargs):
         client_mutation_id = kwargs.get("client_mutation_id", None)
         if client_mutation_id:
             filters.append(Q(mutations__mutation__client_mutation_id=client_mutation_id))
+        if economic_unit_code:
+            filters.append(Q(policyholder__code=economic_unit_code))
         filters.extend(get_group_worker_user_filters(info.context.user))
-        return gql_optimizer.query(query.filter(*filters, policyholder__code=economic_unit_code), info)
+        return gql_optimizer.query(query.filter(*filters), info)
 
     @staticmethod
     def _check_permissions(user, perms):

worker_voucher/services.py

@@ -88,7 +88,7 @@ def get_group_worker_user_filters(user: InteractiveUser) -> Iterable[Q]:
         policyholder__policyholderuser__is_deleted=False,
         policyholder__policyholderuser__user__validity_to__isnull=True,
         policyholder__policyholderuser__user__i_user__validity_to__isnull=True,
-    )] if user.has_perms(WorkerVoucherConfig.gql_group_of_worker_search_perms) else []
+    )] if not user.has_perms(WorkerVoucherConfig.gql_group_of_worker_search_all_perms) else []
 
 
 def validate_acquire_unassigned_vouchers(user: User, eu_code: str, count: Union[int, str]) -> Dict: