🎨 Update activity interface

2020-08-03 16:11:05 +02:00 · 2020-08-03 16:11:05 +02:00 · 5ea8d8f870
parent 0a2c9d9c87
commit 5ea8d8f870
5 changed files with 61 additions and 10 deletions
--- a/apps/activity/views.py
+++ b/apps/activity/views.py
@ -182,8 +182,11 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView):
        context["noteuser_ctype"] = ContentType.objects.get_for_model(NoteUser).pk
        context["notespecial_ctype"] = ContentType.objects.get_for_model(NoteSpecial).pk

-        context["activities_open"] = Activity.objects.filter(open=True).filter(
-            PermissionBackend.filter_queryset(self.request.user, Activity, "view")).filter(
-            PermissionBackend.filter_queryset(self.request.user, Activity, "change")).all()
+        activities_open = Activity.objects.filter(open=True).filter(
+            PermissionBackend.filter_queryset(self.request.user, Activity, "view")).distinct().all()
+        context["activities_open"] = [a for a in activities_open
+                                      if PermissionBackend.check_perm(self.request.user,
+                                                                      "activity.add_entry",
+                                                                      Entry(activity=a, note=self.request.user.note,))]

        return context
--- a/apps/api/viewsets.py
+++ b/apps/api/viewsets.py
@ -18,7 +18,7 @@ class ReadProtectedModelViewSet(viewsets.ModelViewSet):

    def get_queryset(self):
        user = get_current_authenticated_user()
-        return self.model.objects.filter(PermissionBackend.filter_queryset(user, self.model, "view"))
+        return self.model.objects.filter(PermissionBackend.filter_queryset(user, self.model, "view")).distinct()


 class ReadOnlyProtectedModelViewSet(viewsets.ReadOnlyModelViewSet):
@ -32,4 +32,4 @@ class ReadOnlyProtectedModelViewSet(viewsets.ReadOnlyModelViewSet):

    def get_queryset(self):
        user = get_current_authenticated_user()
-        return self.model.objects.filter(PermissionBackend.filter_queryset(user, self.model, "view"))
+        return self.model.objects.filter(PermissionBackend.filter_queryset(user, self.model, "view")).distinct()
--- a/apps/note/api/views.py
+++ b/apps/note/api/views.py
@ -9,6 +9,8 @@ from rest_framework import viewsets
 from rest_framework.response import Response
 from rest_framework import status
 from api.viewsets import ReadProtectedModelViewSet, ReadOnlyProtectedModelViewSet
+from note_kfet.middlewares import get_current_authenticated_user
+from permission.backends import PermissionBackend

 from .serializers import NotePolymorphicSerializer, AliasSerializer, ConsumerSerializer,\
    TemplateCategorySerializer, TransactionTemplateSerializer, TransactionPolymorphicSerializer
@ -150,3 +152,7 @@ class TransactionViewSet(ReadProtectedModelViewSet):
    serializer_class = TransactionPolymorphicSerializer
    filter_backends = [SearchFilter]
    search_fields = ['$reason', ]
+
+    def get_queryset(self):
+        user = get_current_authenticated_user()
+        return self.model.objects.filter(PermissionBackend.filter_queryset(user, self.model, "view"))
--- a/apps/note/views.py
+++ b/apps/note/views.py
@ -10,6 +10,8 @@ from django.utils.translation import gettext_lazy as _
 from django.views.generic import CreateView, UpdateView
 from django_tables2 import SingleTableView
 from django.urls import reverse_lazy
+
+from activity.models import Entry
 from note_kfet.inputs import AmountInput
 from permission.backends import PermissionBackend
 from permission.views import ProtectQuerysetMixin
@ -52,9 +54,13 @@ class TransactionCreateView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTabl
        # Add a shortcut for entry page for open activities
        if "activity" in settings.INSTALLED_APPS:
            from activity.models import Activity
-            context["activities_open"] = Activity.objects.filter(open=True).filter(
-                PermissionBackend.filter_queryset(self.request.user, Activity, "view")).filter(
-                PermissionBackend.filter_queryset(self.request.user, Activity, "change")).all()
+            activities_open = Activity.objects.filter(open=True).filter(
+                PermissionBackend.filter_queryset(self.request.user, Activity, "view")).distinct().all()
+            context["activities_open"] = [a for a in activities_open
+                                          if PermissionBackend.check_perm(self.request.user,
+                                                                          "activity.add_entry",
+                                                                          Entry(activity=a,
+                                                                                note=self.request.user.note, ))]

        return context

--- a/apps/permission/fixtures/initial.json
+++ b/apps/permission/fixtures/initial.json
@ -2311,6 +2311,38 @@
 			"description": "Ajouter un membre à n'importe quel club"
 		}
 	},
+	{
+		"model": "permission.permission",
+		"pk": 148,
+		"fields": {
+			"model": [
+				"activity",
+				"activity"
+			],
+			"query": "{\"valid\": false}",
+			"type": "change",
+			"mask": 2,
+			"field": "",
+			"permanent": false,
+			"description": "Modifier une activité non validée"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 149,
+		"fields": {
+			"model": [
+				"activity",
+				"activity"
+			],
+			"query": "{\"valid\": false}",
+			"type": "delete",
+			"mask": 2,
+			"field": "",
+			"permanent": false,
+			"description": "Supprimer une activité non validée"
+		}
+	},
 	{
 		"model": "permission.role",
 		"pk": 1,
@ -2643,7 +2675,9 @@
 				144,
 				145,
 				146,
-				147
+				147,
+				148,
+				149
 			]
 		}
 	},
@ -2690,7 +2724,9 @@
 				43,
 				44,
 				45,
-				46
+				46,
+				148,
+				149
 			]
 		}
 	},