mirror of
https://gitlab.crans.org/bde/nk20
synced 2024-11-26 18:37:12 +00:00
Merge branch 'beta' into 'main'
Corrections de bugs See merge request bde/nk20!195
This commit is contained in:
commit
3633f66a87
@ -60,12 +60,12 @@ class OAuthSerializer(serializers.ModelSerializer):
|
|||||||
def get_profile(self, obj):
|
def get_profile(self, obj):
|
||||||
# Display the profile of the user only if we have rights to see it.
|
# Display the profile of the user only if we have rights to see it.
|
||||||
return ProfileSerializer().to_representation(obj.profile) \
|
return ProfileSerializer().to_representation(obj.profile) \
|
||||||
if PermissionBackend.has_perm(get_current_request(), obj.profile, 'view') else None
|
if PermissionBackend.check_perm(get_current_request(), 'member.view_profile', obj.profile) else None
|
||||||
|
|
||||||
def get_note(self, obj):
|
def get_note(self, obj):
|
||||||
# Display the note of the user only if we have rights to see it.
|
# Display the note of the user only if we have rights to see it.
|
||||||
return NoteSerializer().to_representation(obj.note) \
|
return NoteSerializer().to_representation(obj.note) \
|
||||||
if PermissionBackend.has_perm(get_current_request(), obj.note, 'view') else None
|
if PermissionBackend.check_perm(get_current_request(), 'note.view_note', obj.note) else None
|
||||||
|
|
||||||
def get_memberships(self, obj):
|
def get_memberships(self, obj):
|
||||||
# Display only memberships that we are allowed to see.
|
# Display only memberships that we are allowed to see.
|
||||||
|
@ -258,7 +258,7 @@ class Club(models.Model):
|
|||||||
This function is called each time the club detail view is displayed.
|
This function is called each time the club detail view is displayed.
|
||||||
Update the year of the membership dates.
|
Update the year of the membership dates.
|
||||||
"""
|
"""
|
||||||
if not self.membership_start:
|
if not self.membership_start or not self.membership_end:
|
||||||
return
|
return
|
||||||
|
|
||||||
today = datetime.date.today()
|
today = datetime.date.today()
|
||||||
|
@ -120,7 +120,7 @@ class MembershipTable(tables.Table):
|
|||||||
club=record.club,
|
club=record.club,
|
||||||
user=record.user,
|
user=record.user,
|
||||||
date_start__gte=record.club.membership_start,
|
date_start__gte=record.club.membership_start,
|
||||||
date_end__lte=record.club.membership_end,
|
date_end__lte=record.club.membership_end or date(9999, 12, 31),
|
||||||
).exists(): # If the renew is not yet performed
|
).exists(): # If the renew is not yet performed
|
||||||
empty_membership = Membership(
|
empty_membership = Membership(
|
||||||
club=record.club,
|
club=record.club,
|
||||||
|
@ -2903,6 +2903,70 @@
|
|||||||
"description": "(Dé)bloquer la note de son club et indiquer que cela a été fait manuellement"
|
"description": "(Dé)bloquer la note de son club et indiquer que cela a été fait manuellement"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"model": "permission.permission",
|
||||||
|
"pk": 186,
|
||||||
|
"fields": {
|
||||||
|
"model": [
|
||||||
|
"oauth2_provider",
|
||||||
|
"application"
|
||||||
|
],
|
||||||
|
"query": "{\"user\": [\"user\"]}",
|
||||||
|
"type": "view",
|
||||||
|
"mask": 1,
|
||||||
|
"field": "",
|
||||||
|
"permanent": true,
|
||||||
|
"description": "Voir ses applications OAuth2"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"model": "permission.permission",
|
||||||
|
"pk": 187,
|
||||||
|
"fields": {
|
||||||
|
"model": [
|
||||||
|
"oauth2_provider",
|
||||||
|
"application"
|
||||||
|
],
|
||||||
|
"query": "{\"user\": [\"user\"]}",
|
||||||
|
"type": "create",
|
||||||
|
"mask": 1,
|
||||||
|
"field": "",
|
||||||
|
"permanent": true,
|
||||||
|
"description": "Créer une application OAuth2"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"model": "permission.permission",
|
||||||
|
"pk": 188,
|
||||||
|
"fields": {
|
||||||
|
"model": [
|
||||||
|
"oauth2_provider",
|
||||||
|
"application"
|
||||||
|
],
|
||||||
|
"query": "{\"user\": [\"user\"]}",
|
||||||
|
"type": "change",
|
||||||
|
"mask": 1,
|
||||||
|
"field": "",
|
||||||
|
"permanent": true,
|
||||||
|
"description": "Modifier une application OAuth2"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"model": "permission.permission",
|
||||||
|
"pk": 189,
|
||||||
|
"fields": {
|
||||||
|
"model": [
|
||||||
|
"oauth2_provider",
|
||||||
|
"application"
|
||||||
|
],
|
||||||
|
"query": "{\"user\": [\"user\"]}",
|
||||||
|
"type": "delete",
|
||||||
|
"mask": 1,
|
||||||
|
"field": "",
|
||||||
|
"permanent": true,
|
||||||
|
"description": "Supprimer une application OAuth2"
|
||||||
|
}
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"model": "permission.role",
|
"model": "permission.role",
|
||||||
"pk": 1,
|
"pk": 1,
|
||||||
@ -2933,7 +2997,11 @@
|
|||||||
126,
|
126,
|
||||||
161,
|
161,
|
||||||
162,
|
162,
|
||||||
165
|
165,
|
||||||
|
186,
|
||||||
|
187,
|
||||||
|
188,
|
||||||
|
189
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
@ -3314,7 +3382,11 @@
|
|||||||
182,
|
182,
|
||||||
183,
|
183,
|
||||||
184,
|
184,
|
||||||
185
|
185,
|
||||||
|
186,
|
||||||
|
187,
|
||||||
|
188,
|
||||||
|
189
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
@ -24,6 +24,15 @@ ALLOWED_HOSTS = [
|
|||||||
os.getenv('NOTE_URL', 'localhost'),
|
os.getenv('NOTE_URL', 'localhost'),
|
||||||
]
|
]
|
||||||
|
|
||||||
|
# Use secure cookies in production
|
||||||
|
SESSION_COOKIE_SECURE = not DEBUG
|
||||||
|
CSRF_COOKIE_SECURE = not DEBUG
|
||||||
|
|
||||||
|
# Remember HTTPS for 1 year
|
||||||
|
SECURE_HSTS_SECONDS = 31536000
|
||||||
|
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
|
||||||
|
SECURE_HSTS_PRELOAD = True
|
||||||
|
|
||||||
|
|
||||||
# Application definition
|
# Application definition
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user