Merge branch 'respo_comm_permissions' into 'main'

Draft: Respo comm permissions See merge request bde/nk20!281
Some improvements
2025-04-27 17:12:38 +00:00 · 2025-02-13 20:28:53 +01:00 · 2025-02-13 20:09:45 +01:00 · 2025-02-13 19:40:04 +01:00 · 2025-02-13 19:09:27 +01:00 · 2025-02-13 18:59:22 +01:00
3 changed files with 6 additions and 11 deletions
--- a/apps/activity/views.py
+++ b/apps/activity/views.py
@ -329,7 +329,7 @@ class ActivityEntryView(LoginRequiredMixin, SingleTableMixin, TemplateView):
        context["noteuser_ctype"] = ContentType.objects.get_for_model(NoteUser).pk
        context["notespecial_ctype"] = ContentType.objects.get_for_model(NoteSpecial).pk

-        activities_open = Activity.objects.filter(open=True).filter(
+        activities_open = Activity.objects.filter(open=True, activity_type__manage_entries=True).filter(
            PermissionBackend.filter_queryset(self.request, Activity, "view")).distinct().all()
        context["activities_open"] = [a for a in activities_open
                                      if PermissionBackend.check_perm(self.request,
--- a/apps/member/forms.py
+++ b/apps/member/forms.py
@ -15,7 +15,6 @@ from django.utils.translation import gettext_lazy as _
 from note.models import NoteSpecial, Alias
 from note_kfet.inputs import Autocomplete, AmountInput
 from permission.models import PermissionMask, Role
-from permission.backends import PermissionBackend
 from PIL import Image, ImageSequence

 from .models import Profile, Club, Membership
@ -67,14 +66,6 @@ class ProfileForm(forms.ModelForm):
        super().__init__(*args, **kwargs)
        self.fields['address'].widget.attrs.update({"placeholder": "4 avenue des Sciences, 91190 GIF-SUR-YVETTE"})
        self.fields['promotion'].widget.attrs.update({"max": timezone.now().year})
-    
-    def clean(self):
-        """Force the values of fields that the user does not have permission to modify.."""
-        cleaned_data = super().clean()
-        for field_name in self.fields.keys():
-            if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", self.instance):
-                cleaned_data[field_name] = getattr(self.instance, field_name)  # Force the old value
-        return cleaned_data

    @transaction.atomic
    def save(self, commit=True):
--- a/apps/member/views.py
+++ b/apps/member/views.py
@ -79,13 +79,17 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
            del profile_form.fields["last_report"]

        fields_to_check = list(profile_form.fields.keys())
+        fields_modifiable = False 

        # Delete the fields for which the user does not have the permission to modify
        for field_name in fields_to_check:
            if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", context['user_object'].profile):
                profile_form.fields[field_name].widget = forms.HiddenInput()
+            else :
+                fields_modifiable = True

-        context['profile_form'] = profile_form
+        if fields_modifiable :
+            context['profile_form'] = profile_form

        return context
Author	SHA1	Message	Date
thomasl	8570669043	Merge branch 'respo_comm_permissions' into 'main' Draft: Respo comm permissions See merge request bde/nk20!281	2025-02-13 20:28:53 +01:00
thomasl	9e7f7df721	Some improvements	2025-02-13 20:09:45 +01:00
thomasl	62baad7b69	Cancel modifications	2025-02-13 19:40:04 +01:00
thomasl	6e49140900	Fix some errors	2025-02-13 19:09:27 +01:00
thomasl	e5567c6c8a	Fix some errors	2025-02-13 18:59:22 +01:00
quark	694f54e1c4	Merge branch 'fix_activity_view' into 'main' fix issue with activity entry view See merge request bde/nk20!282	2025-02-12 10:18:33 +01:00
quark	0d0fdef363	fix issue with activity entry view	2025-02-09 17:58:38 +01:00