Forgot to import PermissionBackend

apps/member/forms.py

@@ -15,6 +15,7 @@ from django.utils.translation import gettext_lazy as _
 from note.models import NoteSpecial, Alias
 from note_kfet.inputs import Autocomplete, AmountInput
 from permission.models import PermissionMask, Role
+from permission.backends import PermissionBackend
 from PIL import Image, ImageSequence
 
 from .models import Profile, Club, Membership
@@ -44,10 +45,10 @@ class ProfileForm(forms.ModelForm):
     """
     A form for the extras field provided by the :model:`member.Profile` model.
     """
-    # Remove widget=forms.HiddenInput() if you want to use report frequency.
-    report_frequency = forms.IntegerField(required=False, initial=0, label=_("Report frequency"), widget=forms.HiddenInput())
 
-    last_report = forms.DateTimeField(required=False, disabled=True, label=_("Last report date"))
+    report_frequency = forms.IntegerField(required=False, initial=0, label=_("Statement frequency (in days)"))
+
+    last_report = forms.DateTimeField(required=False, disabled=True, label=_("Last statement date"))
 
     VSS_charter_read = forms.BooleanField(
         required=True,
@@ -66,6 +67,14 @@ class ProfileForm(forms.ModelForm):
         super().__init__(*args, **kwargs)
         self.fields['address'].widget.attrs.update({"placeholder": "4 avenue des Sciences, 91190 GIF-SUR-YVETTE"})
         self.fields['promotion'].widget.attrs.update({"max": timezone.now().year})
+    
+    def clean(self):
+        """Force the values of fields that the user does not have permission to modify.."""
+        cleaned_data = super().clean()
+        for field_name in self.fields.keys():
+            if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", self.instance):
+                cleaned_data[field_name] = getattr(self.instance, field_name)  # Force the old value
+        return cleaned_data
 
     @transaction.atomic
     def save(self, commit=True):

apps/member/models.py

@@ -114,12 +114,12 @@ class Profile(models.Model):
     )
 
     report_frequency = models.PositiveSmallIntegerField(
-        verbose_name=_("report frequency (in days)"),
+        verbose_name=_("Statement frequency (in days)"),
         default=0,
     )
 
     last_report = models.DateTimeField(
-        verbose_name=_("last report date"),
+        verbose_name=_("Last statement date"),
         default=timezone.now,
     )
 

locale/fr/LC_MESSAGES/django.po

@@ -794,12 +794,12 @@ msgid "Permission mask"
 msgstr "Masque de permissions"
 
 #: apps/member/forms.py:46
-msgid "Report frequency"
-msgstr "Fréquence des rapports (en jours)"
+msgid "Statement frequency (in days)"
+msgstr "Fréquence des relevés (en jours)"
 
 #: apps/member/forms.py:48
-msgid "Last report date"
-msgstr "Date de dernier rapport"
+msgid "Last statement date"
+msgstr "Date de dernier relevé"
 
 #: apps/member/forms.py:52
 msgid ""
@@ -1044,12 +1044,12 @@ msgstr ""
 "artistiques sur le campus (1 mail par semaine)"
 
 #: apps/member/models.py:117
-msgid "report frequency (in days)"
-msgstr "fréquence des rapports (en jours)"
+msgid "Statement frequency (in days)"
+msgstr "Fréquence des relevés (en jours)"
 
 #: apps/member/models.py:122
-msgid "last report date"
-msgstr "date de dernier rapport"
+msgid "Last statement date"
+msgstr "Date de dernier relevé"
 
 #: apps/member/models.py:127
 msgid "email confirmed"