diff --git a/apps/api/viewsets.py b/apps/api/viewsets.py index 5380489d..f7532beb 100644 --- a/apps/api/viewsets.py +++ b/apps/api/viewsets.py @@ -2,7 +2,7 @@ # SPDX-License-Identifier: GPL-3.0-or-later from django.contrib.contenttypes.models import ContentType -from member.backends import PermissionBackend +from permission.backends import PermissionBackend from rest_framework import viewsets from note_kfet.middlewares import get_current_authenticated_user diff --git a/apps/member/admin.py b/apps/member/admin.py index 48fbc035..c7c3ead3 100644 --- a/apps/member/admin.py +++ b/apps/member/admin.py @@ -6,7 +6,7 @@ from django.contrib.auth.admin import UserAdmin from django.contrib.auth.models import User from .forms import ProfileForm -from .models import Club, Membership, Profile, Role, RolePermissions +from .models import Club, Membership, Profile, Role class ProfileInline(admin.StackedInline): @@ -40,4 +40,3 @@ admin.site.register(User, CustomUserAdmin) admin.site.register(Club) admin.site.register(Membership) admin.site.register(Role) -admin.site.register(RolePermissions) diff --git a/apps/member/models.py b/apps/member/models.py index c22d37d4..cdbb9332 100644 --- a/apps/member/models.py +++ b/apps/member/models.py @@ -162,21 +162,3 @@ class Membership(models.Model): verbose_name = _('membership') verbose_name_plural = _('memberships') indexes = [models.Index(fields=['user'])] - - -class RolePermissions(models.Model): - """ - Permissions associated with a Role - """ - role = models.ForeignKey( - Role, - on_delete=models.PROTECT, - related_name='+', - verbose_name=_('role'), - ) - permissions = models.ManyToManyField( - 'permission.Permission' - ) - - def __str__(self): - return str(self.role) diff --git a/apps/member/views.py b/apps/member/views.py index 8e4fff08..5948f59e 100644 --- a/apps/member/views.py +++ b/apps/member/views.py @@ -25,7 +25,7 @@ from note.models import Alias, NoteUser from note.models.transactions import Transaction from note.tables import HistoryTable, AliasTable -from .backends import PermissionBackend +from permission.backends import PermissionBackend from .filters import UserFilter, UserFilterFormHelper from .forms import SignUpForm, ProfileForm, ClubForm, MembershipForm, MemberFormSet, FormSetHelper, \ CustomAuthenticationForm diff --git a/apps/note/api/serializers.py b/apps/note/api/serializers.py index 528f8810..a51b4263 100644 --- a/apps/note/api/serializers.py +++ b/apps/note/api/serializers.py @@ -74,7 +74,6 @@ class AliasSerializer(serializers.ModelSerializer): REST API Serializer for Aliases. The djangorestframework plugin will analyse the model `Alias` and parse all fields in the API. """ - note = serializers.SerializerMethodField() class Meta: model = Alias diff --git a/apps/note/api/views.py b/apps/note/api/views.py index eaf6cd37..f230a646 100644 --- a/apps/note/api/views.py +++ b/apps/note/api/views.py @@ -33,7 +33,9 @@ class NotePolymorphicViewSet(ReadOnlyProtectedModelViewSet): alias = self.request.query_params.get("alias", ".*") queryset = queryset.filter( - Q(alias__name__regex="^" + alias) | Q(alias__normalized_name__regex="^" + alias.lower())) + Q(alias__name__regex="^" + alias) + | Q(alias__normalized_name__regex="^" + Alias.normalize(alias)) + | Q(alias__normalized_name__regex="^" + alias.lower())) return queryset.distinct() @@ -60,7 +62,9 @@ class AliasViewSet(ReadProtectedModelViewSet): alias = self.request.query_params.get("alias", ".*") queryset = queryset.filter( - Q(name__regex="^" + alias) | Q(normalized_name__regex="^" + alias.lower())) + Q(name__regex="^" + alias) + | Q(normalized_name__regex="^" + Alias.normalize(alias)) + | Q(normalized_name__regex="^" + alias.lower())) return queryset diff --git a/apps/note/fixtures/initial.json b/apps/note/fixtures/initial.json index eac2bda1..3654fa2f 100644 --- a/apps/note/fixtures/initial.json +++ b/apps/note/fixtures/initial.json @@ -3,7 +3,7 @@ "model": "note.note", "pk": 1, "fields": { - "polymorphic_ctype": 41, + "polymorphic_ctype": 40, "balance": 0, "is_active": true, "display_image": "", @@ -14,7 +14,7 @@ "model": "note.note", "pk": 2, "fields": { - "polymorphic_ctype": 41, + "polymorphic_ctype": 40, "balance": 0, "is_active": true, "display_image": "", @@ -25,7 +25,7 @@ "model": "note.note", "pk": 3, "fields": { - "polymorphic_ctype": 41, + "polymorphic_ctype": 40, "balance": 0, "is_active": true, "display_image": "", @@ -36,7 +36,7 @@ "model": "note.note", "pk": 4, "fields": { - "polymorphic_ctype": 41, + "polymorphic_ctype": 40, "balance": 0, "is_active": true, "display_image": "", @@ -47,7 +47,7 @@ "model": "note.note", "pk": 5, "fields": { - "polymorphic_ctype": 40, + "polymorphic_ctype": 39, "balance": 0, "is_active": true, "display_image": "", @@ -58,7 +58,7 @@ "model": "note.note", "pk": 6, "fields": { - "polymorphic_ctype": 40, + "polymorphic_ctype": 39, "balance": 0, "is_active": true, "display_image": "", diff --git a/apps/note/views.py b/apps/note/views.py index bcf679a9..84df2bd7 100644 --- a/apps/note/views.py +++ b/apps/note/views.py @@ -8,7 +8,7 @@ from django.db.models import Q from django.utils.translation import gettext_lazy as _ from django.views.generic import CreateView, ListView, UpdateView from django_tables2 import SingleTableView -from member.backends import PermissionBackend +from permission.backends import PermissionBackend from .forms import TransactionTemplateForm from .models import Transaction, TransactionTemplate, Alias, RecurrentTransaction, NoteSpecial diff --git a/apps/permission/admin.py b/apps/permission/admin.py index fe2e0e74..aaa6f661 100644 --- a/apps/permission/admin.py +++ b/apps/permission/admin.py @@ -3,15 +3,15 @@ from django.contrib import admin -from .models import Permission, PermissionMask +from .models import Permission, PermissionMask, RolePermissions @admin.register(PermissionMask) class PermissionMaskAdmin(admin.ModelAdmin): """ - Admin customisation for Permission + Admin customisation for PermissionMask """ - list_display = ('rank', 'description') + list_display = ('description', 'rank', ) @admin.register(Permission) @@ -19,4 +19,13 @@ class PermissionAdmin(admin.ModelAdmin): """ Admin customisation for Permission """ - list_display = ('type', 'model', 'field', 'mask', 'description') + list_display = ('type', 'model', 'field', 'mask', 'description', ) + + +@admin.register(RolePermissions) +class RolePermissionsAdmin(admin.ModelAdmin): + """ + Admin customisation for RolePermissions + """ + list_display = ('role', ) + diff --git a/apps/member/backends.py b/apps/permission/backends.py similarity index 98% rename from apps/member/backends.py rename to apps/permission/backends.py index b0e026f8..a3b49ae0 100644 --- a/apps/member/backends.py +++ b/apps/permission/backends.py @@ -9,7 +9,7 @@ from note.models import Note, NoteUser, NoteClub, NoteSpecial from note_kfet.middlewares import get_current_session from permission.models import Permission -from .models import Membership, Club +from member.models import Membership, Club class PermissionBackend(ModelBackend): diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index 500af1d0..d91d15da 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -1,4 +1,60 @@ [ + { + "model": "member.role", + "pk": 1, + "fields": { + "name": "Adh\u00e9rent BDE" + } + }, + { + "model": "member.role", + "pk": 2, + "fields": { + "name": "Adh\u00e9rent Kfet" + } + }, + { + "model": "member.role", + "pk": 3, + "fields": { + "name": "Pr\u00e9sident\u00b7e BDE" + } + }, + { + "model": "member.role", + "pk": 4, + "fields": { + "name": "Tr\u00e9sorier\u00b7\u00e8re BDE" + } + }, + { + "model": "member.role", + "pk": 5, + "fields": { + "name": "Respo info" + } + }, + { + "model": "member.role", + "pk": 6, + "fields": { + "name": "GC Kfet" + } + }, + { + "model": "member.role", + "pk": 7, + "fields": { + "name": "Pr\u00e9sident\u00b7e de club" + } + }, + { + "model": "member.role", + "pk": 8, + "fields": { + "name": "Tr\u00e9sorier\u00b7\u00e8re de club" + } + }, { "model": "permission.permissionmask", "pk": 1, @@ -51,7 +107,7 @@ "model": "permission.permission", "pk": 3, "fields": { - "model": 35, + "model": 34, "query": "{\"pk\": [\"user\", \"note\", \"pk\"]}", "type": "view", "mask": 1, @@ -75,7 +131,7 @@ "model": "permission.permission", "pk": 5, "fields": { - "model": 37, + "model": 36, "query": "[\"OR\", {\"source\": [\"user\", \"note\"]}, {\"destination\": [\"user\", \"note\"]}]", "type": "view", "mask": 1, @@ -87,7 +143,7 @@ "model": "permission.permission", "pk": 6, "fields": { - "model": 34, + "model": 33, "query": "[\"OR\", {\"note__in\": [\"NoteUser\", \"objects\", [\"filter\", {\"user__membership__club__name\": \"Kfet\"}], [\"all\"]]}, {\"note__in\": [\"NoteClub\", \"objects\", [\"all\"]]}]", "type": "view", "mask": 1, @@ -183,7 +239,7 @@ "model": "permission.permission", "pk": 14, "fields": { - "model": 34, + "model": 33, "query": "{\"note\": [\"user\", \"note\"]}", "type": "delete", "mask": 1, @@ -195,7 +251,7 @@ "model": "permission.permission", "pk": 15, "fields": { - "model": 34, + "model": 33, "query": "{\"note\": [\"user\", \"note\"]}", "type": "add", "mask": 1, @@ -207,7 +263,7 @@ "model": "permission.permission", "pk": 16, "fields": { - "model": 35, + "model": 34, "query": "{\"pk\": [\"user\", \"note\", \"pk\"]}", "type": "change", "mask": 1, @@ -219,7 +275,7 @@ "model": "permission.permission", "pk": 17, "fields": { - "model": 37, + "model": 36, "query": "[\"AND\", {\"source\": [\"user\", \"note\"]}, {\"amount__lte\": [\"user\", \"note\", \"balance\"]}]", "type": "add", "mask": 1, @@ -231,7 +287,7 @@ "model": "permission.permission", "pk": 18, "fields": { - "model": 35, + "model": 34, "query": "{}", "type": "change", "mask": 1, @@ -243,7 +299,7 @@ "model": "permission.permission", "pk": 19, "fields": { - "model": 35, + "model": 34, "query": "[\"OR\", {\"pk\": [\"club\", \"note\", \"pk\"]}, {\"pk__in\": [\"NoteUser\", \"objects\", [\"filter\", {\"user__membership__club\": [\"club\"]}], [\"all\"]]}]", "type": "view", "mask": 2, @@ -255,7 +311,7 @@ "model": "permission.permission", "pk": 20, "fields": { - "model": 37, + "model": 36, "query": "[\"AND\", [\"OR\", {\"source\": [\"club\", \"note\"]}, {\"destination\": [\"club\", \"note\"]}], {\"amount__lte\": {\"F\": [\"ADD\", [\"F\", \"source__balance\"], 5000]}}]", "type": "add", "mask": 2, @@ -267,7 +323,7 @@ "model": "permission.permission", "pk": 21, "fields": { - "model": 44, + "model": 42, "query": "[\"AND\", {\"destination\": [\"club\", \"note\"]}, {\"amount__lte\": {\"F\": [\"ADD\", [\"F\", \"source__balance\"], 50]}}]", "type": "add", "mask": 2, @@ -291,7 +347,7 @@ "model": "permission.permission", "pk": 23, "fields": { - "model": 37, + "model": 36, "query": "{}", "type": "change", "mask": 1, @@ -303,7 +359,7 @@ "model": "permission.permission", "pk": 24, "fields": { - "model": 37, + "model": 36, "query": "{}", "type": "view", "mask": 2, @@ -315,7 +371,7 @@ "model": "permission.permission", "pk": 25, "fields": { - "model": 43, + "model": 40, "query": "{}", "type": "view", "mask": 2, @@ -339,7 +395,7 @@ "model": "permission.permission", "pk": 27, "fields": { - "model": 36, + "model": 35, "query": "{}", "type": "view", "mask": 2, @@ -351,7 +407,7 @@ "model": "permission.permission", "pk": 28, "fields": { - "model": 36, + "model": 35, "query": "{}", "type": "change", "mask": 3, @@ -363,7 +419,7 @@ "model": "permission.permission", "pk": 29, "fields": { - "model": 36, + "model": 35, "query": "{}", "type": "add", "mask": 3, @@ -375,7 +431,7 @@ "model": "permission.permission", "pk": 30, "fields": { - "model": 38, + "model": 37, "query": "{}", "type": "view", "mask": 2, @@ -387,7 +443,7 @@ "model": "permission.permission", "pk": 31, "fields": { - "model": 38, + "model": 37, "query": "{}", "type": "add", "mask": 3, @@ -399,7 +455,7 @@ "model": "permission.permission", "pk": 32, "fields": { - "model": 38, + "model": 37, "query": "{}", "type": "change", "mask": 3, @@ -411,7 +467,7 @@ "model": "permission.permission", "pk": 33, "fields": { - "model": 37, + "model": 36, "query": "{}", "type": "add", "mask": 2, @@ -420,63 +476,7 @@ } }, { - "model": "member.role", - "pk": 1, - "fields": { - "name": "Adh\u00e9rent BDE" - } - }, - { - "model": "member.role", - "pk": 2, - "fields": { - "name": "Adh\u00e9rent Kfet" - } - }, - { - "model": "member.role", - "pk": 3, - "fields": { - "name": "Pr\u00e9sident\u00b7e BDE" - } - }, - { - "model": "member.role", - "pk": 4, - "fields": { - "name": "Tr\u00e9sorier\u00b7\u00e8re BDE" - } - }, - { - "model": "member.role", - "pk": 5, - "fields": { - "name": "Respo info" - } - }, - { - "model": "member.role", - "pk": 6, - "fields": { - "name": "GC Kfet" - } - }, - { - "model": "member.role", - "pk": 7, - "fields": { - "name": "Pr\u00e9sident\u00b7e de club" - } - }, - { - "model": "member.role", - "pk": 8, - "fields": { - "name": "Tr\u00e9sorier\u00b7\u00e8re de club" - } - }, - { - "model": "member.rolepermissions", + "model": "permission.rolepermissions", "pk": 1, "fields": { "role": 1, @@ -492,7 +492,7 @@ } }, { - "model": "member.rolepermissions", + "model": "permission.rolepermissions", "pk": 2, "fields": { "role": 2, @@ -519,7 +519,7 @@ } }, { - "model": "member.rolepermissions", + "model": "permission.rolepermissions", "pk": 3, "fields": { "role": 8, @@ -532,7 +532,7 @@ } }, { - "model": "member.rolepermissions", + "model": "permission.rolepermissions", "pk": 4, "fields": { "role": 4, diff --git a/apps/permission/models.py b/apps/permission/models.py index fca4b36b..1c076918 100644 --- a/apps/permission/models.py +++ b/apps/permission/models.py @@ -11,6 +11,8 @@ from django.db import models from django.db.models import F, Q, Model from django.utils.translation import gettext_lazy as _ +from member.models import Role + class InstancedPermission: @@ -234,3 +236,21 @@ class Permission(models.Model): else: return _("Can {type} {model} in {query}").format(type=self.type, model=self.model, query=self.query) + +class RolePermissions(models.Model): + """ + Permissions associated with a Role + """ + role = models.ForeignKey( + Role, + on_delete=models.PROTECT, + related_name='+', + verbose_name=_('role'), + ) + permissions = models.ManyToManyField( + Permission, + ) + + def __str__(self): + return str(self.role) + diff --git a/apps/permission/signals.py b/apps/permission/signals.py index a3b6b189..aebca39d 100644 --- a/apps/permission/signals.py +++ b/apps/permission/signals.py @@ -5,7 +5,7 @@ from django.core.exceptions import PermissionDenied from django.db.models.signals import pre_save, pre_delete, post_save, post_delete from logs import signals as logs_signals -from member.backends import PermissionBackend +from permission.backends import PermissionBackend from note_kfet.middlewares import get_current_authenticated_user diff --git a/apps/permission/templatetags/perms.py b/apps/permission/templatetags/perms.py index 79a9640f..33cd46a6 100644 --- a/apps/permission/templatetags/perms.py +++ b/apps/permission/templatetags/perms.py @@ -7,7 +7,7 @@ from django.template.defaultfilters import stringfilter from note_kfet.middlewares import get_current_authenticated_user, get_current_session from django import template -from member.backends import PermissionBackend +from permission.backends import PermissionBackend @stringfilter @@ -22,7 +22,7 @@ def not_empty_model_list(model_name): return session.get("not_empty_model_list_" + model_name, None) == 1 spl = model_name.split(".") ct = ContentType.objects.get(app_label=spl[0], model=spl[1]) - qs = ct.model_class().objects.filter(PermissionBackend.filter_queryset(user, ct, "view")) + qs = ct.model_class().objects.filter(PermissionBackend.filter_queryset(user, ct, "view")).all() session["not_empty_model_list_" + model_name] = 1 if qs.exists() else 2 return session.get("not_empty_model_list_" + model_name) == 1 diff --git a/note_kfet/settings/base.py b/note_kfet/settings/base.py index 1ebaf2b9..e56555bd 100644 --- a/note_kfet/settings/base.py +++ b/note_kfet/settings/base.py @@ -130,7 +130,7 @@ PASSWORD_HASHERS = [ # Django Guardian object permissions AUTHENTICATION_BACKENDS = ( - 'member.backends.PermissionBackend', + 'permission.backends.PermissionBackend', 'cas.backends.CASBackend', )