ynerant/nk20
1
0
Fork 0
mirror of https://gitlab.crans.org/bde/nk20 synced 2025-04-29 18:12:38 +00:00
Code Issues Releases Wiki Activity

Compare commits

base: ynerant:85706690435cd9420d675d4db4a448aaf7f37fd2
Branches Tags
ynerant:main
ynerant:food_traceability
ynerant:update_invoice_template
ynerant:time-display
ynerant:guests_schools
ynerant:export_members_ml
ynerant:notekfet_wrapped
ynerant:Add_some_permissions
ynerant:permissions_fo_parent_clubs
ynerant:respo_comm_permissionsV2
ynerant:fix_activity_view
ynerant:Automation_mailing_lists
ynerant:potvieux
ynerant:New_permission
ynerant:finito_sda
ynerant:beta
ynerant:non-BDE-members-permission-fix
ynerant:survey_wei_2024
ynerant:migration-django-4-2
ynerant:summary_notes
ynerant:traduction_inclusive_fr
ynerant:migration-django-5-0
ynerant:qrcode
ynerant:VSS
ynerant:update_permission
ynerant:fix_pipeline
ynerant:permission_var
ynerant:inclusive
ynerant:nix-shell
ynerant:sheets
ynerant:svg_icons
ynerant:faster_ci
ynerant:v1.0.3
ynerant:v1.0.2
ynerant:v1.0.1
ynerant:v1.0.0
..
compare: ynerant:9a90b1cb5e91be3a6f3c30d3c39b13ab38c640be
Branches Tags
ynerant:main
ynerant:food_traceability
ynerant:update_invoice_template
ynerant:time-display
ynerant:guests_schools
ynerant:export_members_ml
ynerant:notekfet_wrapped
ynerant:Add_some_permissions
ynerant:permissions_fo_parent_clubs
ynerant:respo_comm_permissionsV2
ynerant:fix_activity_view
ynerant:Automation_mailing_lists
ynerant:potvieux
ynerant:New_permission
ynerant:finito_sda
ynerant:beta
ynerant:non-BDE-members-permission-fix
ynerant:survey_wei_2024
ynerant:migration-django-4-2
ynerant:summary_notes
ynerant:traduction_inclusive_fr
ynerant:migration-django-5-0
ynerant:qrcode
ynerant:VSS
ynerant:update_permission
ynerant:fix_pipeline
ynerant:permission_var
ynerant:inclusive
ynerant:nix-shell
ynerant:sheets
ynerant:svg_icons
ynerant:faster_ci
ynerant:v1.0.3
ynerant:v1.0.2
ynerant:v1.0.1
ynerant:v1.0.0

1 Commits
8570669043 ... 9a90b1cb5e

Author SHA1 Message Date
thomasl
9a90b1cb5e Merge branch 'respo_comm_permissions' into 'main' 
Draft: Respo comm permissions

See merge request bde/nk20!281
 2025-02-13 00:54:58 +01:00
2 changed files with 10 additions and 5 deletions
Show Stats Expand all files Collapse all files

9
apps/member/forms.py
View File

@ -15,6 +15,7 @@ from django.utils.translation import gettext_lazy as _
from note.models import NoteSpecial, Alias
from note_kfet.inputs import Autocomplete, AmountInput
from permission.models import PermissionMask, Role
from permission.backends import PermissionBackend
from PIL import Image, ImageSequence
from .models import Profile, Club, Membership
@ -67,6 +68,14 @@ class ProfileForm(forms.ModelForm):
self.fields['address'].widget.attrs.update({"placeholder": "4 avenue des Sciences, 91190 GIF-SUR-YVETTE"})
self.fields['promotion'].widget.attrs.update({"max": timezone.now().year})
def clean(self):
"""Force the values of fields that the user does not have permission to modify.."""
cleaned_data = super().clean()
for field_name in self.fields.keys():
if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", self.instance):
cleaned_data[field_name] = getattr(self.instance, field_name) # Force the old value
return cleaned_data
@transaction.atomic
def save(self, commit=True):
if not self.instance.section or (("department" in self.changed_data

6
apps/member/views.py
View File

@ -79,17 +79,13 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
del profile_form.fields["last_report"]
fields_to_check = list(profile_form.fields.keys())
fields_modifiable = False
# Delete the fields for which the user does not have the permission to modify
for field_name in fields_to_check:
if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", context['user_object'].profile):
profile_form.fields[field_name].widget = forms.HiddenInput()
else :
fields_modifiable = True
if fields_modifiable :
context['profile_form'] = profile_form
context['profile_form'] = profile_form
return context