feat: Add Plugin Private Access control to model (#21680)

latest_migrations.manifest

@@ -5,7 +5,7 @@ contenttypes: 0002_remove_content_type_name
 ee: 0016_rolemembership_organization_member
 otp_static: 0002_throttling
 otp_totp: 0002_auto_20190420_0723
-posthog: 0402_externaldatajob_schema
+posthog: 0403_plugin_has_private_access
 sessions: 0001_initial
 social_django: 0010_uid_db_index
 two_factor: 0007_auto_20201201_1019

posthog/migrations/0403_plugin_has_private_access.py

@@ -0,0 +1,17 @@
+# Generated by Django 4.1.13 on 2024-04-19 14:27
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("posthog", "0402_externaldatajob_schema"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="plugin",
+            name="has_private_access",
+            field=models.ManyToManyField(to="posthog.organization"),
+        ),
+    ]

posthog/models/plugin.py

@@ -197,6 +197,11 @@ class Plugin(models.Model):
     updated_at: models.DateTimeField = models.DateTimeField(null=True, blank=True)
     log_level: models.IntegerField = models.IntegerField(null=True, blank=True)
 
+    # Some plugins are private, only certain organizations should be able to access them
+    # Sometimes we want to deprecate plugins, where the first step is limiting access to organizations using them
+    # Sometimes we want to test out new plugins by only enabling them for certain organizations at first
+    has_private_access = models.ManyToManyField(Organization)
+
     objects: PluginManager = PluginManager()
 
     def get_default_config(self) -> Dict[str, Any]: