Support for draft projects & private draft permissions

[mohamedelabbas1996]

Summary

This PR implements view permission restrictions for draft projects, ensuring that only authorized users (owners, members, or superusers) can view them across the platform.

List of Changes

1. Added draft boolean field to the Project model.

2. Updated the Django admin interface to allow editing the draft field.

3. Created BaseQuerySet class to standardize queryset behavior and made relevant models inherit from it.

4. Added visible_for_user(user) to BaseQuerySet to filter draft projects and related objects visible to the user.

5. Added project_accessor string to models only when they have an indirect one-to-many relationship to the Project model. For models with a direct one-to-many or many-to-many relationship, the accessor is inferred dynamically in the visible_for_user method of BaseQuerySet. .

Related Issues

Closes #913
Closes #899

Detailed Description

To support the concept of draft or scratch projects, we introduce a new draft boolean field on the Project model. Draft projects are meant to be private by default and not accessible to users outside the project team.

This PR implements logic to restrict visibility of these projects using the existing permission system, with the addition of:

• A reusable visible_for_user(user, project_accessor) filter method on BaseQuerySet which limits queryset results to objects belonging to draft projects the user is allowed to view.

• Integration of this filtering logic into the API DefaultViewSet by overriding get_queryset(), ensuring endpoints automatically respect draft visibility.

How to Test the Changes

1. Create a draft project and assign different users as owner, member, or outsider.

2. Use the API or admin panel to verify:

   • Owners and members can access draft project details.

   • Outsiders (non-members) are denied access.

   • Superusers have access regardless of membership.

3. Ensure related models also respect draft project visibility.

Screenshots

Deployment Notes

N/A

Checklist

• I have tested these changes appropriately.
• I have added and/or modified relevant tests.
• I updated relevant documentation or comments.
• I have verified that this PR follows the project's coding standards.
• Any dependent changes have already been merged to main.

[annavik]

Hey @mohamedelabbas1996, I have tested this and it worked great! Nice work.

• Admins can always access draft projects and related entities ✅
• Other users can only access draft projects and related entities if they are a member of the project ✅

I tested this by trying to access projects (regular and drafts) from different user types (admin, members, non members). For related entities, I only tested deployments, but I tried both list and detail endpoints.

Some questions:

• Do you think I should do a full test with all entities? Let me know!
• We have talked briefly about limiting drafts to one user. Do you think something to consider now or more for later?

[Copilot]

Pull Request Overview

This PR implements draft project functionality by adding a draft boolean field to the Project model and introducing visibility restrictions. Draft projects are only accessible to authorized users (owners, members, or superusers) across the platform.

• Added draft field to Project model with visibility controls
• Refactored queryset architecture with new BaseQuerySet class for consistent filtering
• Updated API endpoints and admin interface to respect draft project visibility

Reviewed Changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
ami/base/models.py	Added BaseQuerySet with visible_for_user filtering and project accessor logic
ami/main/models.py	Added draft field to Project model and updated managers to use BaseQuerySet
ami/main/migrations/0070_project_draft.py	Database migration to add draft field
ami/main/api/views.py	Updated API views to apply draft visibility filtering
ami/main/api/serializers.py	Added draft field to Project serializer
ami/main/admin.py	Added draft field to admin interface
ami/main/signals.py	Updated permission constants
ami/users/roles.py	Updated permission constants
ami/main/tests.py	Added comprehensive tests for draft project permissions
ami/ml/models/pipeline.py	Updated to use BaseQuerySet
ami/ml/models/algorithm.py	Updated to use BaseQuerySet
ami/ml/models/processing_service.py	Updated to use BaseQuerySet

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[mihow]

@mohamedelabbas1996 this seems to be working great. I added one test and addressed my own suggestions! will you review my changes? then I am ready to merge.

[mohamedelabbas1996]

@mohamedelabbas1996 this seems to be working great. I added one test and addressed my own suggestions! will you review my changes? then I am ready to merge.

@mihow I have tested and reviewed this and I think it's good to go!

[mihow]

Merging!