ynerant/nk20
1
0
Fork 0
mirror of https://gitlab.crans.org/bde/nk20 synced 2025-04-28 01:22:37 +00:00
Code Issues Releases Wiki Activity

Merge branch 'respo_comm_permissions' into 'main'

Browse Source 
Draft: Respo comm permissions

See merge request bde/nk20!281
This commit is contained in:
thomasl 2025-02-13 00:54:58 +01:00
commit 9a90b1cb5e
5 changed files with 104 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
apps/member/forms.py
View File

@ -15,6 +15,7 @@ from django.utils.translation import gettext_lazy as _
from note.models import NoteSpecial, Alias from note.models import NoteSpecial, Alias
from note_kfet.inputs import Autocomplete, AmountInput from note_kfet.inputs import Autocomplete, AmountInput
from permission.models import PermissionMask, Role from permission.models import PermissionMask, Role
from permission.backends import PermissionBackend
from PIL import Image, ImageSequence from PIL import Image, ImageSequence
from .models import Profile, Club, Membership from .models import Profile, Club, Membership
@ -44,10 +45,10 @@ class ProfileForm(forms.ModelForm):
""" """
A form for the extras field provided by the :model:`member.Profile` model. A form for the extras field provided by the :model:`member.Profile` model.
""" """
# Remove widget=forms.HiddenInput() if you want to use report frequency.
report_frequency = forms.IntegerField(required=False, initial=0, label=_("Report frequency"), widget=forms.HiddenInput())
last_report = forms.DateTimeField(required=False, disabled=True, label=_("Last report date")) report_frequency = forms.IntegerField(required=False, initial=0, label=_("Statement frequency (in days)"))
last_report = forms.DateTimeField(required=False, disabled=True, label=_("Last statement date"))
VSS_charter_read = forms.BooleanField( VSS_charter_read = forms.BooleanField(
required=True, required=True,
@ -67,6 +68,14 @@ class ProfileForm(forms.ModelForm):
self.fields['address'].widget.attrs.update({"placeholder": "4 avenue des Sciences, 91190 GIF-SUR-YVETTE"}) self.fields['address'].widget.attrs.update({"placeholder": "4 avenue des Sciences, 91190 GIF-SUR-YVETTE"})
self.fields['promotion'].widget.attrs.update({"max": timezone.now().year}) self.fields['promotion'].widget.attrs.update({"max": timezone.now().year})
def clean(self):
"""Force the values of fields that the user does not have permission to modify.."""
cleaned_data = super().clean()
for field_name in self.fields.keys():
if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", self.instance):
cleaned_data[field_name] = getattr(self.instance, field_name) # Force the old value
return cleaned_data
@transaction.atomic @transaction.atomic
def save(self, commit=True): def save(self, commit=True):
if not self.instance.section or (("department" in self.changed_data if not self.instance.section or (("department" in self.changed_data

4
apps/member/models.py
View File

@ -114,12 +114,12 @@ class Profile(models.Model):
) )
report_frequency = models.PositiveSmallIntegerField( report_frequency = models.PositiveSmallIntegerField(
verbose_name=_("report frequency (in days)"), verbose_name=_("Statement frequency (in days)"),
default=0, default=0,
) )
last_report = models.DateTimeField( last_report = models.DateTimeField(
verbose_name=_("last report date"), verbose_name=_("Last statement date"),
default=timezone.now, default=timezone.now,
) )

15
apps/member/views.py
View File

@ -26,6 +26,7 @@ from note_kfet.middlewares import _set_current_request
from permission.backends import PermissionBackend from permission.backends import PermissionBackend
from permission.models import Role from permission.models import Role
from permission.views import ProtectQuerysetMixin, ProtectedCreateView from permission.views import ProtectQuerysetMixin, ProtectedCreateView
from django import forms
from .forms import UserForm, ProfileForm, ImageForm, ClubForm, MembershipForm, \ from .forms import UserForm, ProfileForm, ImageForm, ClubForm, MembershipForm, \
CustomAuthenticationForm, MembershipRolesForm CustomAuthenticationForm, MembershipRolesForm
@ -72,11 +73,19 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
form.fields['email'].required = True form.fields['email'].required = True
form.fields['email'].help_text = _("This address must be valid.") form.fields['email'].help_text = _("This address must be valid.")
if PermissionBackend.check_perm(self.request, "member.change_profile", context['user_object'].profile): profile_form = self.profile_form(instance=context['user_object'].profile,
context['profile_form'] = self.profile_form(instance=context['user_object'].profile,
data=self.request.POST if self.request.POST else None) data=self.request.POST if self.request.POST else None)
if not self.object.profile.report_frequency: if not self.object.profile.report_frequency:
del context['profile_form'].fields["last_report"] del profile_form.fields["last_report"]
fields_to_check = list(profile_form.fields.keys())
# Delete the fields for which the user does not have the permission to modify
for field_name in fields_to_check:
if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", context['user_object'].profile):
profile_form.fields[field_name].widget = forms.HiddenInput()
context['profile_form'] = profile_form
return context return context

68
apps/permission/fixtures/initial.json
View File

@ -3832,6 +3832,74 @@
"description": "Voir les profils des membres du club" "description": "Voir les profils des membres du club"
} }
}, },
{
"model": "permission.permission",
"pk": 244,
"fields": {
"model": [
"member",
"profile"
],
"query": "{}",
"type": "change",
"mask": 3,
"field": "ml_events_registration",
"permanent": false,
"description": "Modifier l'abonnement à la Newsletter BDE pour n'importe quel profil"
}
},
{
"model": "permission.permission",
"pk": 245,
"fields": {
"model": [
"member",
"profile"
],
"query": "{}",
"type": "change",
"mask": 3,
"field": "ml_art_registration",
"permanent": false,
"description": "Modifier l'abonnement à la Newsletter Art pour n'importe quel profil"
}
},
{
"model": "permission.permission",
"pk": 246,
"fields": {
"model": [
"member",
"profile"
],
"query": "{}",
"type": "change",
"mask": 3,
"field": "ml_sport_registration",
"permanent": false,
"description": "Modifier l'abonnement à la Newsletter Sport pour n'importe quel profil"
}
},
{
"model": "permission.permission",
"pk": 247,
"fields": {
"model": [
"member",
"profile"
],
"query": "{}",
"type": "view",
"mask": 3,
"field": [
"ml_events_registration",
"ml_art_registration",
"ml_sport_registration"
],
"permanent": false,
"description": "Voir les abonnements aux Newsletters de n'importe quel profil"
}
},
{ {
"model": "permission.role", "model": "permission.role",
"pk": 1, "pk": 1,

16
locale/fr/LC_MESSAGES/django.po
View File

@ -794,12 +794,12 @@ msgid "Permission mask"
msgstr "Masque de permissions" msgstr "Masque de permissions"
#: apps/member/forms.py:46 #: apps/member/forms.py:46
msgid "Report frequency" msgid "Statement frequency (in days)"
msgstr "Fréquence des rapports (en jours)" msgstr "Fréquence des relevés (en jours)"
#: apps/member/forms.py:48 #: apps/member/forms.py:48
msgid "Last report date" msgid "Last statement date"
msgstr "Date de dernier rapport" msgstr "Date de dernier relevé"
#: apps/member/forms.py:52 #: apps/member/forms.py:52
msgid "" msgid ""
@ -1044,12 +1044,12 @@ msgstr ""
"artistiques sur le campus (1 mail par semaine)" "artistiques sur le campus (1 mail par semaine)"
#: apps/member/models.py:117 #: apps/member/models.py:117
msgid "report frequency (in days)" msgid "Statement frequency (in days)"
msgstr "fréquence des rapports (en jours)" msgstr "Fréquence des relevés (en jours)"
#: apps/member/models.py:122 #: apps/member/models.py:122
msgid "last report date" msgid "Last statement date"
msgstr "date de dernier rapport" msgstr "Date de dernier relevé"
#: apps/member/models.py:127 #: apps/member/models.py:127
msgid "email confirmed" msgid "email confirmed"