✨ Add "Lock note" feature

2025-06-21 18:08:21 +02:00 · 2020-08-31 20:15:48 +02:00
parent 0c753c3288
commit 5e65e2d74a
11 changed files with 279 additions and 81 deletions
--- a/apps/member/templates/member/base.html
+++ b/apps/member/templates/member/base.html
@ -12,7 +12,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
 <div class="row mt-4">
    <div class="col-xl-4">
        {% block profile_info %}
-        <div class="card bg-light">
+        <div class="card bg-light" id="card-infos">
            <h4 class="card-header text-center">
                {% if user_object %}
                {% trans "Account #" %}{{ user_object.pk }}
@ -31,6 +31,11 @@ SPDX-License-Identifier: GPL-3.0-or-later
                </a>
                {% endif %}
            </div>
+            {% if note.inactivity_reason %}
+                <div class="alert alert-danger polymorphic-add-choice">
+                    {{ note.get_inactivity_reason_display }}
+                </div>
+            {% endif %}
            <div class="card-body" id="profile_infos">
                {% if user_object %}
                {% include "member/includes/profile_info.html" %}
@ -50,11 +55,11 @@ SPDX-License-Identifier: GPL-3.0-or-later
                {% elif club and not club.weiclub %}
                {% if can_add_members %}
                <a class="btn btn-sm btn-success" href="{% url 'member:club_add_member' club_pk=club.pk %}"
-                    data-turbolinks="false"> {% trans "Add member" %}</a>
+                   data-turbolinks="false"> {% trans "Add member" %}</a>
                {% endif %}
                {% if ".change_"|has_perm:club %}
                <a class="btn btn-sm btn-secondary" href="{% url 'member:club_update' pk=club.pk %}"
-                    data-turbolinks="false">
+                   data-turbolinks="false">
                    <i class="fa fa-edit"></i> {% trans 'Update Profile' %}
                </a>
                {% endif %}
@ -63,6 +68,15 @@ SPDX-License-Identifier: GPL-3.0-or-later
                <a class="btn btn-sm btn-primary" href="{{ club_detail_url }}">{% trans 'View Profile' %}</a>
                {% endif %}
                {% endif %}
+                {% if can_lock_note %}
+                <button class="btn btn-sm btn-danger" data-toggle="modal" data-target="#lock-note-modal">
+                    <i class="fas fa-ban"></i> {% trans 'Lock note' %}
+                </button>
+                {% elif can_unlock_note %}
+                <button class="btn btn-sm btn-success" data-toggle="modal" data-target="#unlock-note-modal">
+                    <i class="fas fa-check-circle"></i> {% trans 'Unlock note' %}
+                </button>
+                {% endif %}
            </div>
        </div>
        {% endblock %}
@ -70,16 +84,102 @@ SPDX-License-Identifier: GPL-3.0-or-later
    <div class="col-xl-8">
        {% block profile_content %}{% endblock %}
    </div>
+
+    {# Popup to confirm the action of locking the note. Managed by a button #}
+    <div class="modal fade" id="lock-note-modal" tabindex="-1" role="dialog" aria-labelledby="lockNote"
+         aria-hidden="true">
+        <div class="modal-dialog" role="document">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h5 class="modal-title" id="lockNote">{% trans "Lock note" %}</h5>
+                    <button type="button" class="close btn-modal" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    {% blocktrans trimmed %}
+                        Are you sure you want to lock this note? This will prevent any transaction that would be performed,
+                        until the note is unlocked.
+                    {% endblocktrans %}
+                    {% if can_force_lock %}
+                    {% blocktrans trimmed %}
+                        If you use the force mode, the user won't be able to unlock the note by itself.
+                    {% endblocktrans %}
+                    {% endif %}
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary btn-modal" data-dismiss="modal">{% trans "Close" %}</button>
+                    {% if can_force_lock %}
+                    <button type="button" class="btn btn-danger btn-modal" onclick="lock_note(true, 'forced')">{% trans "Force mode" %}</button>
+                    {% endif %}
+                    <button type="button" class="btn btn-warning btn-modal" onclick="lock_note(true, 'manual')">{% trans "Lock note" %}</button>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    {# Popup to confirm the action of unlocking the note. Managed by a button #}
+    <div class="modal fade" id="unlock-note-modal" tabindex="-1" role="dialog" aria-labelledby="unlockNote"
+         aria-hidden="true">
+        <div class="modal-dialog" role="document">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h5 class="modal-title" id="unlockNote">{% trans "Unlock note" %}</h5>
+                    <button type="button" class="close btn-modal" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    {% blocktrans trimmed %}
+                        Are you sure you want to unlock this note? Transactions will be re-enabled.
+                    {% endblocktrans %}
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary btn-modal" data-dismiss="modal">{% trans "Close" %}</button>
+                    <button type="button" class="btn btn-success btn-modal" onclick="lock_note(false, null)">{% trans "Unlock note" %}</button>
+                </div>
+            </div>
+        </div>
+    </div>
 </div>
 {% endblock %}

 {% block extrajavascript %}
-{% if object %}
 <script>
    function refreshHistory() {
-        $("#history_list").load("{% url 'member:user_detail' pk=object.pk %} #history_list");
-        $("#profile_infos").load("{% url 'member:user_detail' pk=object.pk %} #profile_infos");
+        {% if user_object %}
+        $("#history_list").load("{% url 'member:user_detail' pk=user_object.pk %} #history_list");
+        $("#profile_infos").load("{% url 'member:user_detail' pk=user_object.pk %} #profile_infos");
+        {% else %}
+        $("#history_list").load("{% url 'member:club_detail' pk=club.pk %} #history_list");
+        $("#profile_infos").load("{% url 'member:club_detail' pk=club.pk %} #profile_infos");
+        {% endif %}
+    }
+
+    function lock_note(locked, mode) {
+        $("button.btn-modal").attr("disabled", "disabled");
+        $.ajax({
+            url: "/api/note/note/{{ note.pk }}/",
+            type: "PATCH",
+            dataType: "json",
+            headers: {
+                "X-CSRFTOKEN": CSRF_TOKEN
+            },
+            data: {
+                is_active: !locked,
+                inactivity_reason: mode,
+                resourcetype: "{% if user_object %}NoteUser{% else %}NoteClub{% endif %}"
+            }
+        }).done(function () {
+            $("#card-infos").load("#card-infos #card-infos", function () {
+                $(".modal").modal("hide");
+                $("button.btn-modal").removeAttr("disabled");
+            });
+        }).fail(function(xhr, textStatus, error) {
+            $(".modal").modal("hide");
+            $("button.btn-modal").removeAttr("disabled");
+            errMsg(xhr.responseJSON);
+        });
    }
 </script>
-{% endif %}
 {% endblock %}
--- a/apps/member/templates/member/club_detail.html
+++ b/apps/member/templates/member/club_detail.html
@ -46,12 +46,3 @@ SPDX-License-Identifier: GPL-3.0-or-later
 </div>
 {% endif %}
 {% endblock %}
-
-{% block extrajavascript %}
-<script>
-    function refreshHistory() {
-        $("#history_list").load("{% url 'member:club_detail' pk=object.pk %} #history_list");
-        $("#profile_infos").load("{% url 'member:club_detail' pk=object.pk %} #profile_infos");
-    }
-</script>
-{% endblock %}
--- a/apps/member/templates/member/profile_detail.html
+++ b/apps/member/templates/member/profile_detail.html
@ -37,12 +37,3 @@ SPDX-License-Identifier: GPL-3.0-or-later
    </div>
 </div>
 {% endblock %}
-
-{% block extrajavascript %}
-<script>
-    function refreshHistory() {
-        $("#history_list").load("{% url 'member:user_detail' pk=user_object.pk %} #history_list");
-        $("#profile_infos").load("{% url 'member:user_detail' pk=user_object.pk %} #profile_infos");
-    }
-</script>
-{% endblock %}
--- a/apps/member/views.py
+++ b/apps/member/views.py
@ -10,6 +10,7 @@ from django.contrib.auth import logout
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.models import User
 from django.contrib.auth.views import LoginView
+from django.db import transaction
 from django.db.models import Q, F
 from django.shortcuts import redirect
 from django.urls import reverse_lazy
@ -151,6 +152,7 @@ class UserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
        """
        context = super().get_context_data(**kwargs)
        user = context['user_object']
+        context["note"] = user.note
        history_list = \
            Transaction.objects.all().filter(Q(source=user.note) | Q(destination=user.note))\
            .order_by("-created_at")\
@ -164,6 +166,28 @@ class UserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
        membership_table = MembershipTable(data=club_list, prefix='membership-')
        membership_table.paginate(per_page=10, page=self.request.GET.get("membership-page", 1))
        context['club_list'] = membership_table
+
+        # Check permissions to see if the authenticated user can lock/unlock the note
+        with transaction.atomic():
+            modified_note = NoteUser.objects.get(pk=user.note.pk)
+            modified_note.is_active = True
+            modified_note.inactivity_reason = 'manual'
+            context["can_lock_note"] = user.note.is_active and PermissionBackend\
+                                           .check_perm(self.request.user, "note.change_noteuser_is_active",
+                                                       modified_note)
+            old_note = NoteUser.objects.select_for_update().get(pk=user.note.pk)
+            modified_note.inactivity_reason = 'forced'
+            modified_note._force_save = True
+            modified_note.save()
+            context["can_force_lock"] = user.note.is_active and PermissionBackend\
+                .check_perm(self.request.user, "note.change_note_is_active", modified_note)
+            old_note._force_save = True
+            old_note.save()
+            modified_note.refresh_from_db()
+            modified_note.is_active = True
+            context["can_unlock_note"] = not user.note.is_active and PermissionBackend\
+                .check_perm(self.request.user, "note.change_note_is_active", modified_note)
+
        return context


@ -203,7 +227,7 @@ class UserListView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableView):
        else:
            qs = qs.none()

-        return qs[:20]
+        return qs


 class ProfileAliasView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):