move 10 group/member helper queries to Pro

After slices 1-6 the OS classic UI no longer renders RBAC member or
group panels on view_product_details, view_product_type, or view_user.
Pro template overrides still render those panels via context vars OS
views were populating (members, global_members, groups, global_groups,
product_members, product_type_members, global_product_members,
product_groups, product_type_groups, global_product_groups). Move the
underlying queries to Pro and drop the OS-side context entirely.

dojo/product/queries.py: drop get_authorized_members_for_product,
get_authorized_global_members_for_product,
get_authorized_groups_for_product,
get_authorized_global_groups_for_product, and
get_authorized_product_members_for_user.

dojo/product_type/queries.py: drop the matching four product-type
helpers plus get_authorized_product_type_members_for_user.

dojo/product/views.py:view_product, dojo/product_type/views.py:
view_product_type, dojo/user/views.py:view_user: stop computing the
six-or-so RBAC context vars and stop importing the helpers.
edit_product_type also drops a stale `members` context var that no
template referenced.

The remaining helpers in OS (get_authorized_products,
get_authorized_product_types, get_authorized_product_members,
get_authorized_product_type_members, get_authorized_product_groups,
get_authorized_product_type_groups) stay because they are core RBAC
infrastructure or back V3 ViewSets (AssetGroupViewSet,
OrganizationGroupViewSet) that are still in OS.

Pro side moves to a separate commit: pro/{product,product_type}/
queries.py + pro/templatetags/rbac_tags.py with simple_tag wrappers,
and Pro template overrides switch to {% pro_product_members %} etc.

Author: devGregA

dojo/product/queries.py

@@ -34,48 +34,13 @@ def get_authorized_products(permission, user=None):
     return Product.objects.all().order_by("name")
 
 
-def get_authorized_members_for_product(product, permission):
-    impl = get_auth_filter("product.get_authorized_members_for_product")
-    if impl:
-        return impl(product, permission)
-    return Product_Member.objects.filter(product=product).order_by("user__first_name", "user__last_name").select_related("role", "user")
-
-
-def get_authorized_global_members_for_product(product, permission):
-    impl = get_auth_filter("product.get_authorized_global_members_for_product")
-    if impl:
-        return impl(product, permission)
-    return Global_Role.objects.filter(group=None, role__isnull=False).order_by("user__first_name", "user__last_name").select_related("role", "user")
-
-
-def get_authorized_groups_for_product(product, permission):
-    impl = get_auth_filter("product.get_authorized_groups_for_product")
-    if impl:
-        return impl(product, permission)
-    return Product_Group.objects.filter(product=product).order_by("group__name").select_related("role")
-
-
-def get_authorized_global_groups_for_product(product, permission):
-    impl = get_auth_filter("product.get_authorized_global_groups_for_product")
-    if impl:
-        return impl(product, permission)
-    return Global_Role.objects.filter(user=None, role__isnull=False).order_by("group__name").select_related("role")
-
-
 def get_authorized_product_members(permission):
     impl = get_auth_filter("product.get_authorized_product_members")
     if impl:
         return impl(permission)
     return Product_Member.objects.all().order_by("id").select_related("role")
 
 
-def get_authorized_product_members_for_user(user, permission):
-    impl = get_auth_filter("product.get_authorized_product_members_for_user")
-    if impl:
-        return impl(user, permission)
-    return Product_Member.objects.filter(user=user).select_related("role", "product")
-
-
 def get_authorized_product_groups(permission):
     impl = get_auth_filter("product.get_authorized_product_groups")
     if impl:

dojo/product/views.py

@@ -96,15 +96,9 @@
     Test_Type,
 )
 from dojo.product.queries import (
-    get_authorized_global_groups_for_product,
-    get_authorized_global_members_for_product,
-    get_authorized_groups_for_product,
-    get_authorized_members_for_product,
     get_authorized_products,
 )
 from dojo.product_type.queries import (
-    get_authorized_groups_for_product_type,
-    get_authorized_members_for_product_type,
     get_authorized_product_types,
 )
 from dojo.query_utils import build_count_subquery
@@ -252,14 +246,6 @@ def view_product(request, pid):
                                       .prefetch_related("prod_type__members")
     prod = get_object_or_404(prod_query, id=pid)
     authorized_users = prod.authorized_users.order_by("first_name", "last_name", "username")
-    # kept for Pro template override `{% block rbac_members_panel %}` /
-    # `{% block rbac_groups_panel %}` at pro/templates/dojo/view_product_details.html
-    product_members = get_authorized_members_for_product(prod, "view")
-    global_product_members = get_authorized_global_members_for_product(prod, "view")
-    product_type_members = get_authorized_members_for_product_type(prod.prod_type, "view")
-    product_groups = get_authorized_groups_for_product(prod, "view")
-    global_product_groups = get_authorized_global_groups_for_product(prod, "view")
-    product_type_groups = get_authorized_groups_for_product_type(prod.prod_type, "view")
     personal_notifications_form = ProductNotificationsForm(
         instance=Notifications.objects.filter(user=request.user).filter(product=prod).first())
     langSummary = Languages.objects.filter(product=prod).aggregate(Sum("files"), Sum("code"), Count("files"))
@@ -336,12 +322,6 @@ def view_product(request, pid):
         "benchmarks": benchmarks,
         "benchmark_type": product_tab.benchmark_type,
         "authorized_users": authorized_users,
-        "product_members": product_members,
-        "global_product_members": global_product_members,
-        "product_type_members": product_type_members,
-        "product_groups": product_groups,
-        "global_product_groups": global_product_groups,
-        "product_type_groups": product_type_groups,
         "personal_notifications_form": personal_notifications_form,
         "enabled_notifications": get_enabled_notifications_list(),
         "sla": sla})

dojo/product_type/queries.py

@@ -23,48 +23,13 @@ def get_authorized_product_types(permission):
     return Product_Type.objects.all().order_by("name")
 
 
-def get_authorized_members_for_product_type(product_type, permission):
-    impl = get_auth_filter("product_type.get_authorized_members_for_product_type")
-    if impl:
-        return impl(product_type, permission)
-    return Product_Type_Member.objects.filter(product_type=product_type).order_by("user__first_name", "user__last_name").select_related("role", "product_type", "user")
-
-
-def get_authorized_global_members_for_product_type(product_type, permission):
-    impl = get_auth_filter("product_type.get_authorized_global_members_for_product_type")
-    if impl:
-        return impl(product_type, permission)
-    return Global_Role.objects.filter(group=None, role__isnull=False).order_by("user__first_name", "user__last_name").select_related("role", "user")
-
-
-def get_authorized_groups_for_product_type(product_type, permission):
-    impl = get_auth_filter("product_type.get_authorized_groups_for_product_type")
-    if impl:
-        return impl(product_type, permission)
-    return Product_Type_Group.objects.filter(product_type=product_type).order_by("group__name").select_related("role", "group")
-
-
-def get_authorized_global_groups_for_product_type(product_type, permission):
-    impl = get_auth_filter("product_type.get_authorized_global_groups_for_product_type")
-    if impl:
-        return impl(product_type, permission)
-    return Global_Role.objects.filter(user=None, role__isnull=False).order_by("group__name").select_related("role", "group")
-
-
 def get_authorized_product_type_members(permission):
     impl = get_auth_filter("product_type.get_authorized_product_type_members")
     if impl:
         return impl(permission)
     return Product_Type_Member.objects.all().order_by("id").select_related("role")
 
 
-def get_authorized_product_type_members_for_user(user, permission):
-    impl = get_auth_filter("product_type.get_authorized_product_type_members_for_user")
-    if impl:
-        return impl(user, permission)
-    return Product_Type_Member.objects.filter(user=user).select_related("role", "product_type")
-
-
 def get_authorized_product_type_groups(permission):
     impl = get_auth_filter("product_type.get_authorized_product_type_groups")
     if impl:

dojo/product_type/views.py

@@ -29,10 +29,6 @@
 from dojo.models import Dojo_User, Finding, Product, Product_Type
 from dojo.product.queries import get_authorized_products
 from dojo.product_type.queries import (
-    get_authorized_global_groups_for_product_type,
-    get_authorized_global_members_for_product_type,
-    get_authorized_groups_for_product_type,
-    get_authorized_members_for_product_type,
     get_authorized_product_types,
 )
 from dojo.query_utils import build_count_subquery
@@ -126,12 +122,6 @@ def view_product_type(request, ptid):
     page_name = str(labels.ORG_READ_LABEL)
     pt = get_object_or_404(Product_Type, pk=ptid)
     authorized_users = pt.authorized_users.order_by("first_name", "last_name", "username")
-    # kept for Pro template override `{% block rbac_members_panel %}` /
-    # `{% block rbac_groups_panel %}` at pro/templates/dojo/view_product_type.html
-    members = get_authorized_members_for_product_type(pt, "view")
-    global_members = get_authorized_global_members_for_product_type(pt, "view")
-    groups = get_authorized_groups_for_product_type(pt, "view")
-    global_groups = get_authorized_global_groups_for_product_type(pt, "view")
     products = get_authorized_products("view").filter(prod_type=pt)
     filter_string_matching = get_system_setting("filter_string_matching", False)
     filter_class = ProductFilterWithoutObjectLookups if filter_string_matching else ProductFilter
@@ -145,10 +135,6 @@ def view_product_type(request, ptid):
         "products": products,
         "prod_filter": prod_filter,
         "authorized_users": authorized_users,
-        "groups": groups,
-        "members": members,
-        "global_groups": global_groups,
-        "global_members": global_members,
     })
 
 
@@ -191,7 +177,6 @@ def delete_product_type(request, ptid):
 def edit_product_type(request, ptid):
     page_name = str(labels.ORG_UPDATE_LABEL)
     pt = get_object_or_404(Product_Type, pk=ptid)
-    members = get_authorized_members_for_product_type(pt, "staff_only")
     pt_form = Product_TypeForm(instance=pt)
     if request.method == "POST" and request.POST.get("edit_product_type"):
         pt_form = Product_TypeForm(request.POST, instance=pt)
@@ -210,8 +195,7 @@ def edit_product_type(request, ptid):
         "name": page_name,
         "label_edit_with_name": labels.ORG_UPDATE_WITH_NAME_LABEL % {"name": pt.name},
         "pt_form": pt_form,
-        "pt": pt,
-        "members": members})
+        "pt": pt})
 
 
 def add_product_type_member(request, ptid):

dojo/user/views.py

@@ -47,8 +47,6 @@
 )
 from dojo.labels import get_labels
 from dojo.models import Alerts, Dojo_User, Product, Product_Type, UserContactInfo
-from dojo.product.queries import get_authorized_product_members_for_user
-from dojo.product_type.queries import get_authorized_product_type_members_for_user
 from dojo.user.authentication import reset_token_for_user
 from dojo.utils import add_breadcrumb, get_page_items, get_setting, get_system_setting
 
@@ -345,19 +343,13 @@ def view_user(request, uid):
     accessible_products = Product.objects.filter(
         Q(authorized_users=user) | Q(prod_type__authorized_users=user),
     ).distinct().order_by("name")
-    # kept for Pro template override `{% block user_product_types_panel %}` /
-    # `{% block user_products_panel %}` at pro/templates/dojo/view_user.html
-    product_members = get_authorized_product_members_for_user(user, "view")
-    product_type_members = get_authorized_product_type_members_for_user(user, "view")
     configuration_permission_form = ConfigurationPermissionsForm(user=user)
 
     add_breadcrumb(title=_("View User"), top_level=False, request=request)
     return render(request, "dojo/view_user.html", {
         "user": user,
         "accessible_product_types": accessible_product_types,
         "accessible_products": accessible_products,
-        "product_members": product_members,
-        "product_type_members": product_type_members,
         "configuration_permission_form": configuration_permission_form})