Merge branch 'beta' into 'main'

Corrections de bugs

See merge request bde/nk20!195

apps/api/serializers.py

@@ -60,12 +60,12 @@ class OAuthSerializer(serializers.ModelSerializer):
     def get_profile(self, obj):
         # Display the profile of the user only if we have rights to see it.
         return ProfileSerializer().to_representation(obj.profile) \
-            if PermissionBackend.has_perm(get_current_request(), obj.profile, 'view') else None
+            if PermissionBackend.check_perm(get_current_request(), 'member.view_profile', obj.profile) else None
 
     def get_note(self, obj):
         # Display the note of the user only if we have rights to see it.
         return NoteSerializer().to_representation(obj.note) \
-            if PermissionBackend.has_perm(get_current_request(), obj.note, 'view') else None
+            if PermissionBackend.check_perm(get_current_request(), 'note.view_note', obj.note) else None
 
     def get_memberships(self, obj):
         # Display only memberships that we are allowed to see.

apps/member/models.py

@@ -258,7 +258,7 @@ class Club(models.Model):
         This function is called each time the club detail view is displayed.
         Update the year of the membership dates.
         """
-        if not self.membership_start:
+        if not self.membership_start or not self.membership_end:
             return
 
         today = datetime.date.today()

apps/member/tables.py

@@ -120,7 +120,7 @@ class MembershipTable(tables.Table):
                     club=record.club,
                     user=record.user,
                     date_start__gte=record.club.membership_start,
-                    date_end__lte=record.club.membership_end,
+                    date_end__lte=record.club.membership_end or date(9999, 12, 31),
             ).exists():  # If the renew is not yet performed
                 empty_membership = Membership(
                     club=record.club,

apps/permission/fixtures/initial.json

@@ -2903,6 +2903,70 @@
 			"description": "(Dé)bloquer la note de son club et indiquer que cela a été fait manuellement"
 		}
 	},
+	{
+		"model": "permission.permission",
+		"pk": 186,
+		"fields": {
+			"model": [
+				"oauth2_provider",
+				"application"
+			],
+			"query": "{\"user\": [\"user\"]}",
+			"type": "view",
+			"mask": 1,
+			"field": "",
+			"permanent": true,
+			"description": "Voir ses applications OAuth2"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 187,
+		"fields": {
+			"model": [
+				"oauth2_provider",
+				"application"
+			],
+			"query": "{\"user\": [\"user\"]}",
+			"type": "create",
+			"mask": 1,
+			"field": "",
+			"permanent": true,
+			"description": "Créer une application OAuth2"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 188,
+		"fields": {
+			"model": [
+				"oauth2_provider",
+				"application"
+			],
+			"query": "{\"user\": [\"user\"]}",
+			"type": "change",
+			"mask": 1,
+			"field": "",
+			"permanent": true,
+			"description": "Modifier une application OAuth2"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 189,
+		"fields": {
+			"model": [
+				"oauth2_provider",
+				"application"
+			],
+			"query": "{\"user\": [\"user\"]}",
+			"type": "delete",
+			"mask": 1,
+			"field": "",
+			"permanent": true,
+			"description": "Supprimer une application OAuth2"
+		}
+	},
 	{
 		"model": "permission.role",
 		"pk": 1,
@@ -2933,7 +2997,11 @@
 				126,
 				161,
 				162,
-				165
+				165,
+				186,
+				187,
+				188,
+				189
 			]
 		}
 	},
@@ -3314,7 +3382,11 @@
 				182,
 				183,
 				184,
-				185
+				185,
+				186,
+				187,
+				188,
+				189
 			]
 		}
 	},

note_kfet/settings/base.py

@@ -24,6 +24,15 @@ ALLOWED_HOSTS = [
     os.getenv('NOTE_URL', 'localhost'),
 ]
 
+# Use secure cookies in production
+SESSION_COOKIE_SECURE = not DEBUG
+CSRF_COOKIE_SECURE = not DEBUG
+
+# Remember HTTPS for 1 year
+SECURE_HSTS_SECONDS = 31536000
+SECURE_HSTS_INCLUDE_SUBDOMAINS = True
+SECURE_HSTS_PRELOAD = True
+
 
 # Application definition