Add-information_class-5-and-security_level-0 (#2318)

* Add information_class 5 and security_level 0

* Show security_level 0 information

* Fix test for security_level 0

* Use windows 2019 for github tests

* try to fix windows access denied

* try with chmod

* try 3

* Exclude win32 from test of file permissions

* Fix linting

ESSArch_Core/configuration/migrations/0032_alter_storagepolicy_information_class.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.0.6 on 2024-06-28 14:04
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('configuration', '0031_alter_parameter_id_alter_path_id_and_more'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='storagepolicy',
+            name='information_class',
+            field=models.IntegerField(choices=[(0, '0'), (1, '1'), (2, '2'), (3, '3'), (4, '4'), (5, '5')], default=0, verbose_name='Information class'),
+        ),
+    ]

ESSArch_Core/configuration/models.py

@@ -196,6 +196,7 @@ class StoragePolicy(models.Model):
         (2, '2'),
         (3, '3'),
         (4, '4'),
+        (5, '5'),
     )
 
     id = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)

ESSArch_Core/frontend/static/frontend/scripts/controllers/AccessAidModalInstanceCtrl.js

@@ -66,7 +66,7 @@ export default class AccessAidModalInstanceCtrl {
             label: $translate.instant('ACCESS.SECURITY_LEVEL'),
             type: 'number',
             required: false,
-            min: 1,
+            min: 0,
             max: 5,
           },
           type: 'input',

ESSArch_Core/frontend/static/frontend/scripts/controllers/AddNodeModalInstanceCtrl.js

@@ -116,7 +116,7 @@ export default class AddNodeModalInstanceCtrl {
             label: $translate.instant('ACCESS.SECURITY_LEVEL'),
             type: 'number',
             required: false,
-            min: 1,
+            min: 0,
             max: 5,
           },
           type: 'input',

ESSArch_Core/frontend/static/frontend/scripts/controllers/EditNodeModalInstanceCtrl.js

@@ -161,7 +161,7 @@ export default class EditNodeModalInstanceCtrl {
             label: $translate.instant('ACCESS.SECURITY_LEVEL'),
             type: 'number',
             required: false,
-            min: 1,
+            min: 0,
             max: 5,
           },
           type: 'input',

ESSArch_Core/frontend/static/frontend/views/search_detail.html

@@ -42,7 +42,9 @@ <h4>{{'PAGE_DOES_NOT_EXIST' | translate}}</h4>
       </div>
     </div>
     <hr class="small" />
-    <div ng-if="vm.record.security_level">{{'ACCESS.SECURITY_LEVEL' | translate}}: {{vm.record.security_level}}</div>
+    <div ng-if="vm.record.security_level !== null">
+      {{'ACCESS.SECURITY_LEVEL' | translate}}: {{vm.record.security_level}}
+    </div>
     <div class="type-specific-results" ng-switch="vm.record._index">
       <div ng-switch-when="component">
         <div ng-switch="vm.record.type.name.toLowerCase()">

ESSArch_Core/frontend/static/frontend/views/search_personakt_detail.html

@@ -312,14 +312,14 @@ <h4>{{'TRANSFERS' | translate}}</h4>
       <result-field label="Personnummer" data="vm.record.custom_fields['brukare_personnummer']"></result-field>
     </div>
     <div
-      ng-if="vm.record.security_level && 
+      ng-if="vm.record.security_level !== null && 
                 checkPermission('tags.security_level_' + vm.record.security_level)"
     >
       <result-field label="Brukare" data="vm.record.custom_fields['brukare']"></result-field>
       <result-field label="Personnummer" data="vm.record.custom_fields['brukare_personnummer']"></result-field>
     </div>
     <div
-      ng-if="vm.record.security_level && 
+      ng-if="vm.record.security_level !== null && 
                 !checkPermission('tags.security_level_' + vm.record.security_level) && 
                 checkPermission('tags.security_level_exists_' + vm.record.security_level)"
     >

ESSArch_Core/install/install_default_config.py

@@ -744,6 +744,8 @@ def installDefaultUsers():
             ['change_archive', 'tags', 'tag'],  # Can change archives
             ['delete_archive', 'tags', 'tag'],  # Can delete archives
             ['change_tag_location', 'tags', 'tag'],  # Can change tag location
+            ['security_level_0', 'tags', 'tag'],  # Can see security level 0
+            ['security_level_exists_0', 'tags', 'tag'],  # Can see security level 0 exists
             ['security_level_1', 'tags', 'tag'],  # Can see security level 1
             ['security_level_exists_1', 'tags', 'tag'],  # Can see security level 1 exists
             ['security_level_2', 'tags', 'tag'],  # Can see security level 2

ESSArch_Core/ip/migrations/0105_alter_informationpackage_information_class.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.0.6 on 2024-06-28 14:04
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('ip', '0104_alter_eventip_eventidentifiervalue_and_more'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='informationpackage',
+            name='information_class',
+            field=models.IntegerField(choices=[(0, '0'), (1, '1'), (2, '2'), (3, '3'), (4, '4'), (5, '5')], null=True),
+        ),
+    ]

ESSArch_Core/ip/models.py

@@ -367,6 +367,7 @@ class InformationPackage(models.Model):
         (2, '2'),
         (3, '3'),
         (4, '4'),
+        (5, '5'),
     )
 
     id = models.UUIDField(

ESSArch_Core/maintenance/tests/test_models.py

@@ -3,7 +3,7 @@
 import shutil
 import tempfile
 from stat import S_IWRITE
-from unittest import mock
+from unittest import mock, skipIf
 
 from celery import states as celery_states
 from django.contrib.auth import get_user_model
@@ -258,6 +258,8 @@ def test_call_run_when_report_dir_does_not_exists(self, apr_run, con_run, get_re
         self.assertEqual(self.conversion_job.status, celery_states.FAILURE)
         self.assertTrue(before <= self.conversion_job.end_date <= after)
 
+    @skipIf(os.name == 'nt', "Skip test on win32, do not work after 202406, Access denied when \
+try to reset permissions")
     @mock.patch('ESSArch_Core.maintenance.models.MaintenanceJob._mark_as_complete')
     @mock.patch('ESSArch_Core.maintenance.models.MaintenanceJob._get_report_directory')
     @mock.patch('ESSArch_Core.maintenance.models.ConversionJob._run')

ESSArch_Core/tags/migrations/0078_alter_tag_options.py

@@ -0,0 +1,17 @@
+# Generated by Django 5.0.6 on 2024-06-28 14:04
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('tags', '0077_alter_nodeidentifier_id_alter_nodenote_id_and_more'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='tag',
+            options={'permissions': (('search', 'Can search'), ('create_archive', 'Can create new archives'), ('change_archive', 'Can change archives'), ('delete_archive', 'Can delete archives'), ('change_tag_location', 'Can change tag location'), ('security_level_0', 'Can see security level 0'), ('security_level_exists_0', 'Can see security level 0 exists'), ('security_level_1', 'Can see security level 1'), ('security_level_exists_1', 'Can see security level 1 exists'), ('security_level_2', 'Can see security level 2'), ('security_level_exists_2', 'Can see security level 2 exists'), ('security_level_3', 'Can see security level 3'), ('security_level_exists_3', 'Can see security level 3 exists'), ('security_level_4', 'Can see security level 4'), ('security_level_exists_4', 'Can see security level 4 exists'), ('security_level_5', 'Can see security level 5'), ('security_level_exists_5', 'Can see security level 5 exists'))},
+        ),
+    ]

ESSArch_Core/tags/models.py

@@ -862,6 +862,8 @@ class Meta:
             ('change_archive', 'Can change archives'),
             ('delete_archive', 'Can delete archives'),
             ('change_tag_location', 'Can change tag location'),
+            ('security_level_0', 'Can see security level 0'),
+            ('security_level_exists_0', 'Can see security level 0 exists'),
             ('security_level_1', 'Can see security level 1'),
             ('security_level_exists_1', 'Can see security level 1 exists'),
             ('security_level_2', 'Can see security level 2'),

ESSArch_Core/tags/search.py

@@ -177,12 +177,10 @@ def search(self):
             s = s.filter(Q('bool', minimum_should_match=1, should=[
                 Q('terms', security_level=user_security_levels),
                 Q('bool', must_not=Q('exists', field='security_level')),
-                Q('term', security_level=0),
             ]))
         else:
             s = s.filter(Q('bool', minimum_should_match=1, should=[
                 Q('bool', must_not=Q('exists', field='security_level')),
-                Q('term', security_level=0),
             ]))
 
         if self.personal_identification_number not in EMPTY_VALUES:

ESSArch_Core/tags/serializers.py

@@ -1046,7 +1046,7 @@ class NodeWriteSerializer(serializers.Serializer):
     notes = NodeNoteWriteSerializer(many=True, required=False)
     identifiers = NodeIdentifierWriteSerializer(many=True, required=False)
     appraisal_date = serializers.DateTimeField(required=False, allow_null=True)
-    security_level = serializers.IntegerField(allow_null=True, required=False, min_value=1, max_value=5)
+    security_level = serializers.IntegerField(allow_null=True, required=False, min_value=0, max_value=5)
 
     @staticmethod
     def create_notes(tag_version: TagVersion, notes_data):
@@ -1279,7 +1279,7 @@ def validate(self, data):
 
 class ArchiveWriteSerializer(NodeWriteSerializer):
     type = serializers.PrimaryKeyRelatedField(queryset=TagVersionType.objects.filter(archive_type=True))
-    security_level = serializers.IntegerField(allow_null=True, required=False, min_value=1, max_value=5)
+    security_level = serializers.IntegerField(allow_null=True, required=False, min_value=0, max_value=5)
     structures = serializers.PrimaryKeyRelatedField(
         queryset=Structure.objects.filter(is_template=True, published_date__isnull=False),
         many=True,

ESSArch_Core/tags/tests/test_search.py

@@ -458,7 +458,7 @@ def setUpTestData(cls):
         cls.url = reverse('search-list')
         Feature.objects.create(name='archival descriptions', enabled=True)
         cls.component_type = TagVersionType.objects.create(name='component', archive_type=False)
-        cls.security_levels = [1, 2, 3, 4, 5]
+        cls.security_levels = [0, 1, 2, 3, 4, 5]
 
     def setUp(self):
         super().setUp()
@@ -531,8 +531,9 @@ def test_user_with_security_level_3(self):
 
     def test_user_with_multiple_security_levels(self):
         self.user.user_permissions.add(
-            Permission.objects.get(codename='security_level_1'),
+            Permission.objects.get(codename='security_level_0'),
             Permission.objects.get(codename='security_level_3'),
+            Permission.objects.get(codename='security_level_5'),
         )
         self.user = User.objects.get(pk=self.user.pk)
 
@@ -557,7 +558,7 @@ def test_user_with_multiple_security_levels(self):
                 component_tag_version.save()
                 Component.from_obj(component_tag_version).save(refresh='true')
 
-                if lvl in [1, 3]:
+                if lvl in [0, 3, 5]:
                     res = self.client.get(self.url)
                     self.assertEqual(res.status_code, status.HTTP_200_OK)
                     self.assertEqual(len(res.data['hits']), 1)