ynerant/nk20
1
0
Fork 0
mirror of https://gitlab.crans.org/bde/nk20 synced 2025-04-27 17:12:38 +00:00
Code Issues Releases Wiki Activity

Merge branch 'respo_comm_permissions' into 'main'

Browse Source 
Draft: Respo comm permissions

See merge request bde/nk20!281
This commit is contained in:
thomasl 2025-02-12 10:18:45 +01:00
commit 007f9cce36
2 changed files with 82 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
apps/member/views.py
View File

@ -26,6 +26,7 @@ from note_kfet.middlewares import _set_current_request
from permission.backends import PermissionBackend
from permission.models import Role
from permission.views import ProtectQuerysetMixin, ProtectedCreateView
from django import forms
from .forms import UserForm, ProfileForm, ImageForm, ClubForm, MembershipForm, \
CustomAuthenticationForm, MembershipRolesForm
@ -72,11 +73,19 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
form.fields['email'].required = True
form.fields['email'].help_text = _("This address must be valid.")
if PermissionBackend.check_perm(self.request, "member.change_profile", context['user_object'].profile):
context['profile_form'] = self.profile_form(instance=context['user_object'].profile,
data=self.request.POST if self.request.POST else None)
if not self.object.profile.report_frequency:
del context['profile_form'].fields["last_report"]
profile_form = self.profile_form(instance=context['user_object'].profile,
data=self.request.POST if self.request.POST else None)
if not self.object.profile.report_frequency:
del profile_form.fields["last_report"]
fields_to_check = list(profile_form.fields.keys())
# Delete the fields for which the user does not have the permission to modify
for field_name in fields_to_check:
if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", context['user_object'].profile):
profile_form.fields[field_name].widget = forms.HiddenInput()
context['profile_form'] = profile_form
return context

68
apps/permission/fixtures/initial.json
View File

@ -3832,6 +3832,74 @@
"description": "Voir les profils des membres du club"
}
},
{
"model": "permission.permission",
"pk": 244,
"fields": {
"model": [
"member",
"profile"
],
"query": "{}",
"type": "change",
"mask": 3,
"field": "ml_events_registration",
"permanent": false,
"description": "Modifier l'abonnement à la Newsletter BDE pour n'importe quel profil"
}
},
{
"model": "permission.permission",
"pk": 245,
"fields": {
"model": [
"member",
"profile"
],
"query": "{}",
"type": "change",
"mask": 3,
"field": "ml_art_registration",
"permanent": false,
"description": "Modifier l'abonnement à la Newsletter Art pour n'importe quel profil"
}
},
{
"model": "permission.permission",
"pk": 246,
"fields": {
"model": [
"member",
"profile"
],
"query": "{}",
"type": "change",
"mask": 3,
"field": "ml_sport_registration",
"permanent": false,
"description": "Modifier l'abonnement à la Newsletter Sport pour n'importe quel profil"
}
},
{
"model": "permission.permission",
"pk": 247,
"fields": {
"model": [
"member",
"profile"
],
"query": "{}",
"type": "view",
"mask": 3,
"field": [
"ml_events_registration",
"ml_art_registration",
"ml_sport_registration"
],
"permanent": false,
"description": "Voir les abonnements aux Newsletters de n'importe quel profil"
}
},
{
"model": "permission.role",
"pk": 1,