ynerant/nk20
1
0
Fork 0
mirror of https://gitlab.crans.org/bde/nk20 synced 2025-04-28 09:32:43 +00:00
Code Issues Releases Wiki Activity

Compare commits

base: ynerant:238ba78f4fa8ef61bce4eb22b3656343b314b018
Branches Tags
ynerant:main
ynerant:food_traceability
ynerant:update_invoice_template
ynerant:time-display
ynerant:guests_schools
ynerant:export_members_ml
ynerant:notekfet_wrapped
ynerant:Add_some_permissions
ynerant:permissions_fo_parent_clubs
ynerant:respo_comm_permissionsV2
ynerant:fix_activity_view
ynerant:Automation_mailing_lists
ynerant:potvieux
ynerant:New_permission
ynerant:finito_sda
ynerant:beta
ynerant:non-BDE-members-permission-fix
ynerant:survey_wei_2024
ynerant:migration-django-4-2
ynerant:summary_notes
ynerant:traduction_inclusive_fr
ynerant:migration-django-5-0
ynerant:qrcode
ynerant:VSS
ynerant:update_permission
ynerant:fix_pipeline
ynerant:permission_var
ynerant:inclusive
ynerant:nix-shell
ynerant:sheets
ynerant:svg_icons
ynerant:faster_ci
ynerant:v1.0.3
ynerant:v1.0.2
ynerant:v1.0.1
ynerant:v1.0.0
..
compare: ynerant:9e7f7df7218722079b0afd5bf38b5c5b3901138b
Branches Tags
ynerant:food_traceability
ynerant:main
ynerant:update_invoice_template
ynerant:time-display
ynerant:guests_schools
ynerant:export_members_ml
ynerant:notekfet_wrapped
ynerant:Add_some_permissions
ynerant:permissions_fo_parent_clubs
ynerant:respo_comm_permissionsV2
ynerant:fix_activity_view
ynerant:Automation_mailing_lists
ynerant:potvieux
ynerant:New_permission
ynerant:finito_sda
ynerant:beta
ynerant:non-BDE-members-permission-fix
ynerant:survey_wei_2024
ynerant:migration-django-4-2
ynerant:summary_notes
ynerant:traduction_inclusive_fr
ynerant:migration-django-5-0
ynerant:qrcode
ynerant:VSS
ynerant:update_permission
ynerant:fix_pipeline
ynerant:permission_var
ynerant:inclusive
ynerant:nix-shell
ynerant:sheets
ynerant:svg_icons
ynerant:faster_ci
ynerant:v1.0.3
ynerant:v1.0.2
ynerant:v1.0.1
ynerant:v1.0.0

4 Commits
238ba78f4f ... 9e7f7df721

Author SHA1 Message Date
thomasl
9e7f7df721 Some improvements 2025-02-13 20:09:45 +01:00
thomasl
62baad7b69 Cancel modifications 2025-02-13 19:40:04 +01:00
thomasl
6e49140900 Fix some errors 2025-02-13 19:09:27 +01:00
thomasl
e5567c6c8a Fix some errors 2025-02-13 18:59:22 +01:00
2 changed files with 5 additions and 10 deletions
Show Stats Expand all files Collapse all files

9
apps/member/forms.py
View File

@ -15,7 +15,6 @@ from django.utils.translation import gettext_lazy as _
from note.models import NoteSpecial, Alias from note.models import NoteSpecial, Alias
from note_kfet.inputs import Autocomplete, AmountInput from note_kfet.inputs import Autocomplete, AmountInput
from permission.models import PermissionMask, Role from permission.models import PermissionMask, Role
from permission.backends import PermissionBackend
from PIL import Image, ImageSequence from PIL import Image, ImageSequence
from .models import Profile, Club, Membership from .models import Profile, Club, Membership
@ -68,14 +67,6 @@ class ProfileForm(forms.ModelForm):
self.fields['address'].widget.attrs.update({"placeholder": "4 avenue des Sciences, 91190 GIF-SUR-YVETTE"}) self.fields['address'].widget.attrs.update({"placeholder": "4 avenue des Sciences, 91190 GIF-SUR-YVETTE"})
self.fields['promotion'].widget.attrs.update({"max": timezone.now().year}) self.fields['promotion'].widget.attrs.update({"max": timezone.now().year})
def clean(self):
"""Force the values of fields that the user does not have permission to modify.."""
cleaned_data = super().clean()
for field_name in self.fields.keys():
if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", self.instance):
cleaned_data[field_name] = getattr(self.instance, field_name) # Force the old value
return cleaned_data
@transaction.atomic @transaction.atomic
def save(self, commit=True): def save(self, commit=True):
if not self.instance.section or (("department" in self.changed_data if not self.instance.section or (("department" in self.changed_data

6
apps/member/views.py
View File

@ -79,13 +79,17 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
del profile_form.fields["last_report"] del profile_form.fields["last_report"]
fields_to_check = list(profile_form.fields.keys()) fields_to_check = list(profile_form.fields.keys())
fields_modifiable = False
# Delete the fields for which the user does not have the permission to modify # Delete the fields for which the user does not have the permission to modify
for field_name in fields_to_check: for field_name in fields_to_check:
if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", context['user_object'].profile): if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", context['user_object'].profile):
profile_form.fields[field_name].widget = forms.HiddenInput() profile_form.fields[field_name].widget = forms.HiddenInput()
else :
fields_modifiable = True
context['profile_form'] = profile_form if fields_modifiable :
context['profile_form'] = profile_form
return context return context