IA-3102: Permissions : Org unit “view only” permission

[hakifran]

Explain what problem this PR is resolving

• Permissions : Org unit “view only” permission
  Related JIRA tickets : IA-3102

Self proofreading checklist

• Did I use eslint and black formatters
• Is my code clear enough and well documented
• Are my typescript files well typed
• New translations have been added or updated if new strings have been introduced in the frontend
• My migrations file are included
• Are there enough tests
• Documentation has been included (for new feature)

Changes

• Add new Organisation units - Read permission
• Check on create_org_unit and edit org unit the Organisation units management permission
• Hide some button and action if the user has not Organisation units management permission on frontend

How to test

• Create or update a user and remove the Organisation units management and add Organisation units - Read permission to it
• Check all the actions for create and update org units are possible

Print screen / video

Screencast.from.2024-08-19.14-23-35.webm

Notes

Things that the reviewers should know: known bugs that are out of the scope of the PR, other trade-offs that were made.
If the PR depends on a PR in bluesquare-components, or merges into another PR (i.o. main), it should also be mentioned here

[kemar]

I've tested it locally by adding just the read-only perm to a user but I can't see any org unit in the list and I've got a bunch of 403.

Is this normal?

Screen.Recording.2024-08-21.at.15.54.46.mov

[hakifran]

I've tested it locally by adding just the read-only perm to a user but I can't see any org unit in the list and I've got a bunch of 403.

Is this normal?
Screen.Recording.2024-08-21.at.15.54.46.mov

That's right, I omitted the read permission on the groups, data source. It is fixed with the commit . Thank you

[kemar]

Almost good to me.

My last concern is a UI problem:

• if you can just READ org units
• only form buttons are removed
• so you still see inputs elements
• this can make a user believe an input can be changed

I guess it's OK because there are no spec on this in the Jira ticket…

What do you think?

[hakifran]

Almost good to me.

My last concern is a UI problem:

* if you can just READ org units

* only form buttons are removed

* so you still see inputs elements

* this can make a user believe an input can be changed

I guess it's OK because there are no spec on this in the Jira ticket…

What do you think?

I think you are right we should disable the inputs too. Thank you, let me fix it!

[hakifran]

Almost good to me.

My last concern is a UI problem:

* if you can just READ org units

* only form buttons are removed

* so you still see inputs elements

* this can make a user believe an input can be changed

I guess it's OK because there are no spec on this in the Jira ticket…

What do you think?

I'v just pushed the commit about disabling inputs when the use has not org unit managament permission. But there is on input <InputComponent keyValue="aliases" onChange={onChangeInfo} value={orgUnitState.aliases.value} type="arrayInput" /> Which I made a fix but which I think the change(disabled should be added to bluesquare-component)

[kemar]

LGTM