allows mask for Oauth2

Small features

See merge request bde/nk20!355

apps/permission/backends.py

@@ -39,7 +39,15 @@ class PermissionBackend(ModelBackend):
 
             def permission_filter(membership_obj):
                 query = Q(pk=-1)
+                if 'mask' in request.GET:
+                    try:
+                        rank = int(request.GET['mask'])
+                    except:
+                        rank = 42
+                    query &= Q(mask__rank__lte=rank)
                 for scope in request.auth.scope.split(' '):
+                    if scope == "openid":
+                        continue
                     permission_id, club_id = scope.split('_')
                     if int(club_id) == membership_obj.club_id:
                         query |= Q(pk=permission_id)

apps/permission/scopes.py

@@ -10,6 +10,7 @@ from note_kfet.middlewares import get_current_request
 from .backends import PermissionBackend
 from .models import Permission
 
+from django.utils.translation import gettext_lazy as _
 
 class PermissionScopes(BaseScopes):
     """
@@ -32,7 +33,7 @@ class PermissionScopes(BaseScopes):
 
         scopes = {f"{p.id}_{club.id}": f"{p.description} (club {club.name})"
                   for p in Permission.objects.all() for club in Club.objects.all()}
-        scopes['openid'] = "OpenID Connect"
+        scopes['openid'] = _("OpenID Connect (username and email)")
         return scopes
 
     def get_available_scopes(self, application=None, request=None, *args, **kwargs):

apps/treasury/models.py

@@ -338,13 +338,13 @@ class SogeCredit(models.Model):
                 last_name=self.user.last_name,
                 first_name=self.user.first_name,
                 bank="Société générale",
-                valid=True,
+                valid=False,
             )
             credit_transaction._force_save = True
             credit_transaction.save()
             credit_transaction.refresh_from_db()
             self.credit_transaction = credit_transaction
-        elif not self.valid:
+        elif not self.valid_legacy:
             self.credit_transaction.amount = self.amount
             self.credit_transaction._force_save = True
             self.credit_transaction.save()
@@ -371,7 +371,7 @@ class SogeCredit(models.Model):
         The Sogé credit may be created after the user already paid its memberships.
         We query transactions and update the credit, if it is unvalid.
         """
-        if self.valid or not self.pk:
+        if self.valid_legacy or not self.pk:
             return
 
 # Soge do not pay BDE and kfet memberships since 2022
@@ -403,7 +403,7 @@ class SogeCredit(models.Model):
                         self.transactions.add(m.transaction)
 
         for tr in self.transactions.all():
-            tr.valid = True
+            tr.valid = False
             tr.save()
 
     def invalidate(self):
@@ -411,7 +411,7 @@ class SogeCredit(models.Model):
         Invalidating a Société générale delete the transaction of the bank if it was already created.
         Treasurers must know what they do, With Great Power Comes Great Responsibility...
         """
-        if self.valid:
+        if self.valid_legacy:
             self.credit_transaction.valid = False
             self.credit_transaction.save()
         for tr in self.transactions.all():
@@ -420,7 +420,7 @@ class SogeCredit(models.Model):
             tr.save()
 
     def validate(self, force=False):
-        if self.valid and not force:
+        if self.valid_legacy and not force:
             # The credit is already done
             return
 
@@ -428,7 +428,6 @@ class SogeCredit(models.Model):
         self.invalidate()
         # Refresh credit amount
         self.save()
-        self.valid = True
         self.credit_transaction.valid = True
         self.credit_transaction._force_save = True
         self.credit_transaction.save()

apps/treasury/tables.py

@@ -56,7 +56,6 @@ class InvoiceTable(tables.Table):
         model = Invoice
         template_name = 'django_tables2/bootstrap4.html'
         fields = ('id', 'name', 'object', 'acquitted', 'invoice',)
-        order_by = ('-id',)
 
 
 class RemittanceTable(tables.Table):

apps/treasury/tests/test_treasury.py

@@ -359,7 +359,7 @@ class TestSogeCredits(TestCase):
         ))
         self.assertRedirects(response, reverse("treasury:manage_soge_credit", args=(soge_credit.pk,)), 302, 200)
         soge_credit.refresh_from_db()
-        self.assertTrue(soge_credit.valid)
+        self.assertTrue(soge_credit.valid_legacy)
         self.user.note.refresh_from_db()
         self.assertEqual(
             Transaction.objects.filter(Q(source=self.user.note) | Q(destination=self.user.note)).count(), 3)

apps/treasury/views.py

@@ -417,7 +417,7 @@ class SogeCreditListView(LoginRequiredMixin, ProtectQuerysetMixin, SingleTableVi
                 )
 
         if "valid" not in self.request.GET or not self.request.GET["valid"]:
-            qs = qs.filter(valid=False)
+            qs = qs.filter(credit_transaction__valid=False)
 
         return qs
 

apps/wei/tests/test_wei_registration.py

@@ -680,7 +680,7 @@ class TestWEIRegistration(TestCase):
             self.assertTrue(soge_credit.exists())
             soge_credit = soge_credit.get()
             self.assertTrue(membership.transaction in soge_credit.transactions.all())
-            self.assertTrue(membership.transaction.valid)
+            self.assertFalse(membership.transaction.valid)
 
         # Check that if the WEI is started, we can't update a wei
         self.wei.date_start = date(2000, 1, 1)