Merge branch 'respo_comm_permissionsV2' into 'main'

Respo comm permissions v2

See merge request bde/nk20!283

apps/member/forms.py

@@ -45,7 +45,7 @@ class ProfileForm(forms.ModelForm):
     A form for the extras field provided by the :model:`member.Profile` model.
     """
     # Remove widget=forms.HiddenInput() if you want to use report frequency.
-    report_frequency = forms.IntegerField(required=False, initial=0, label=_("Report frequency"), widget=forms.HiddenInput())
+    report_frequency = forms.IntegerField(required=False, initial=0, label=_("Report frequency"))
 
     last_report = forms.DateTimeField(required=False, disabled=True, label=_("Last report date"))
 

apps/member/views.py

@@ -26,6 +26,7 @@ from note_kfet.middlewares import _set_current_request
 from permission.backends import PermissionBackend
 from permission.models import Role
 from permission.views import ProtectQuerysetMixin, ProtectedCreateView
+from django import forms
 
 from .forms import UserForm, ProfileForm, ImageForm, ClubForm, MembershipForm, \
     CustomAuthenticationForm, MembershipRolesForm
@@ -72,11 +73,24 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
         form.fields['email'].required = True
         form.fields['email'].help_text = _("This address must be valid.")
 
-        if PermissionBackend.check_perm(self.request, "member.change_profile", context['user_object'].profile):
+        profile_form = self.profile_form(instance=context['user_object'].profile,
-            context['profile_form'] = self.profile_form(instance=context['user_object'].profile,
+                                         data=self.request.POST if self.request.POST else None)
-                                                        data=self.request.POST if self.request.POST else None)
+
-            if not self.object.profile.report_frequency:
+        if not self.object.profile.report_frequency:
-                del context['profile_form'].fields["last_report"]
+            del profile_form.fields["last_report"]
+
+        fields_to_check = list(profile_form.fields.keys())
+        fields_modifiable = False
+
+        # Delete the fields for which the user does not have the permission to modify
+        for field_name in fields_to_check:
+            if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", context['user_object'].profile):
+                profile_form.fields[field_name].widget = forms.HiddenInput()
+            else:
+                fields_modifiable = True
+
+        if fields_modifiable:
+            context['profile_form'] = profile_form
 
         return context
 

apps/permission/fixtures/initial.json

@@ -127,7 +127,7 @@
                 "auth",
                 "user"
             ],
-            "query": "{\"pk\": [\"user\", \"pk\"]}",
+            "query": "[\"AND\", {\"pk\": [\"user\", \"pk\"]}, {\"memberships__club__parent_club__isnull\": true}]",
             "type": "change",
             "mask": 1,
             "field": "last_login",
@@ -3832,6 +3832,70 @@
             "description": "Voir les profils des membres du club"
         }
     },
+    {
+        "model": "permission.permission",
+        "pk": 244,
+        "fields": {
+            "model": [
+                "member",
+                "profile"
+            ],
+            "query": "{}",
+            "type": "change",
+            "mask": 3,
+            "field": "ml_events_registration",
+            "permanent": false,
+            "description": "Modifier l'abonnement à la Newsletter BDE pour n'importe quel profil"
+        }
+    },
+    {
+        "model": "permission.permission",
+        "pk": 245,
+        "fields": {
+            "model": [
+                "member",
+                "profile"
+            ],
+            "query": "{}",
+            "type": "change",
+            "mask": 3,
+            "field": "ml_art_registration",
+            "permanent": false,
+            "description": "Modifier l'abonnement à la Newsletter Art pour n'importe quel profil"
+        }
+    },
+    {
+        "model": "permission.permission",
+        "pk": 246,
+        "fields": {
+            "model": [
+                "member",
+                "profile"
+            ],
+            "query": "{}",
+            "type": "change",
+            "mask": 3,
+            "field": "ml_sport_registration",
+            "permanent": false,
+            "description": "Modifier l'abonnement à la Newsletter Sport pour n'importe quel profil"
+        }
+    },
+    {
+        "model": "permission.permission",
+        "pk": 247,
+        "fields": {
+            "model": [
+                "activity",
+                "guest"
+            ],
+            "query": "{\"activity__organizer\": [\"club\"]}",
+            "type": "view",
+            "mask": 2,
+            "field": "",
+            "permanent": false,
+            "description": "Voir les personnes invitées aux événements organisés par son club"
+        }
+    },
     {
         "model": "permission.role",
         "pk": 1,

locale/fr/LC_MESSAGES/django.po

@@ -795,11 +795,11 @@ msgstr "Masque de permissions"
 
 #: apps/member/forms.py:46
 msgid "Report frequency"
-msgstr "Fréquence des rapports (en jours)"
+msgstr "Fréquence des relevés (en jours)"
 
 #: apps/member/forms.py:48
 msgid "Last report date"
-msgstr "Date de dernier rapport"
+msgstr "Date de dernier relevé"
 
 #: apps/member/forms.py:52
 msgid ""
@@ -1045,11 +1045,11 @@ msgstr ""
 
 #: apps/member/models.py:117
 msgid "report frequency (in days)"
-msgstr "fréquence des rapports (en jours)"
+msgstr "fréquence des relevés (en jours)"
 
 #: apps/member/models.py:122
 msgid "last report date"
-msgstr "date de dernier rapport"
+msgstr "date de dernier relevé"
 
 #: apps/member/models.py:127
 msgid "email confirmed"