Upload all authorizations

apps/registration/views.py

@@ -17,9 +17,10 @@ from django.views.generic import CreateView, DetailView, RedirectView, TemplateV
 from django_tables2 import SingleTableView
 from magic import Magic
 from tfjm.tokens import email_validation_token
-from tfjm.views import AdminMixin
+from tfjm.views import AdminMixin, UserMixin
 
-from .forms import CoachRegistrationForm, PhotoAuthorizationForm, SignupForm, StudentRegistrationForm, UserForm
+from .forms import CoachRegistrationForm, HealthSheetForm, ParentalAuthorizationForm, PhotoAuthorizationForm,\
+    SignupForm, StudentRegistrationForm, UserForm
 from .models import Registration, StudentRegistration
 from .tables import RegistrationTable
 
@@ -150,7 +151,7 @@ class MyAccountDetailView(LoginRequiredMixin, RedirectView):
         return reverse_lazy("registration:user_detail", args=(self.request.user.pk,))
 
 
-class UserDetailView(LoginRequiredMixin, DetailView):
+class UserDetailView(UserMixin, DetailView):
     """
     Display the detail about a user.
     """
@@ -159,15 +160,6 @@ class UserDetailView(LoginRequiredMixin, DetailView):
     context_object_name = "user_object"
     template_name = "registration/user_detail.html"
 
-    def dispatch(self, request, *args, **kwargs):
-        user = request.user
-        if not user.is_authenticated:
-            return self.handle_no_permission()
-        # Only an admin or the concerned user can see the information
-        if not user.registration.is_admin and user.pk != kwargs["pk"]:
-            raise PermissionDenied
-        return super().dispatch(request, *args, **kwargs)
-
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
         context["title"] = _("Detail of user {user}").format(user=str(self.object.registration))
@@ -183,7 +175,7 @@ class UserListView(AdminMixin, SingleTableView):
     template_name = "registration/user_list.html"
 
 
-class UserUpdateView(LoginRequiredMixin, UpdateView):
+class UserUpdateView(UserMixin, UpdateView):
     """
     Update the detail about a user and its registration.
     """
@@ -191,12 +183,6 @@ class UserUpdateView(LoginRequiredMixin, UpdateView):
     form_class = UserForm
     template_name = "registration/update_user.html"
 
-    def dispatch(self, request, *args, **kwargs):
-        user = request.user
-        if not user.registration.is_admin and user.pk != kwargs["pk"]:
-            raise PermissionDenied
-        return super().dispatch(request, *args, **kwargs)
-
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
         user = self.get_object()
@@ -229,7 +215,7 @@ class UserUpdateView(LoginRequiredMixin, UpdateView):
         return reverse_lazy("registration:user_detail", args=(self.object.pk,))
 
 
-class UserUploadPhotoAuthorizationView(LoginRequiredMixin, UpdateView):
+class UserUploadPhotoAuthorizationView(UserMixin, UpdateView):
     """
     A participant can send its photo authorization.
     """
@@ -238,12 +224,6 @@ class UserUploadPhotoAuthorizationView(LoginRequiredMixin, UpdateView):
     template_name = "registration/upload_photo_authorization.html"
     extra_context = dict(title=_("Upload photo authorization"))
 
-    def dispatch(self, request, *args, **kwargs):
-        user = request.user
-        if not user.registration.is_admin and user.registration.pk != kwargs["pk"]:
-            raise PermissionDenied
-        return super().dispatch(request, *args, **kwargs)
-
     @transaction.atomic
     def form_valid(self, form):
         old_instance = StudentRegistration.objects.get(pk=self.object.pk)
@@ -255,6 +235,46 @@ class UserUploadPhotoAuthorizationView(LoginRequiredMixin, UpdateView):
         return reverse_lazy("registration:user_detail", args=(self.object.user.pk,))
 
 
+class UserUploadHealthSheetView(UserMixin, UpdateView):
+    """
+    A participant can send its health sheet.
+    """
+    model = StudentRegistration
+    form_class = HealthSheetForm
+    template_name = "registration/upload_health_sheet.html"
+    extra_context = dict(title=_("Upload health sheet"))
+
+    @transaction.atomic
+    def form_valid(self, form):
+        old_instance = StudentRegistration.objects.get(pk=self.object.pk)
+        if old_instance.health_sheet:
+            old_instance.health_sheet.delete()
+        return super().form_valid(form)
+
+    def get_success_url(self):
+        return reverse_lazy("registration:user_detail", args=(self.object.user.pk,))
+
+
+class UserUploadParentalAuthorizationView(UserMixin, UpdateView):
+    """
+    A participant can send its parental authorization.
+    """
+    model = StudentRegistration
+    form_class = ParentalAuthorizationForm
+    template_name = "registration/upload_parental_authorization.html"
+    extra_context = dict(title=_("Upload parental authorization"))
+
+    @transaction.atomic
+    def form_valid(self, form):
+        old_instance = StudentRegistration.objects.get(pk=self.object.pk)
+        if old_instance.parental_authorization:
+            old_instance.parental_authorization.delete()
+        return super().form_valid(form)
+
+    def get_success_url(self):
+        return reverse_lazy("registration:user_detail", args=(self.object.user.pk,))
+
+
 class PhotoAuthorizationView(LoginRequiredMixin, View):
     """
     Display the sent photo authorization.