🎨 Update activity interface

apps/activity/views.py

@@ -182,8 +182,11 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView):
         context["noteuser_ctype"] = ContentType.objects.get_for_model(NoteUser).pk
         context["notespecial_ctype"] = ContentType.objects.get_for_model(NoteSpecial).pk
 
-        context["activities_open"] = Activity.objects.filter(open=True).filter(
+        activities_open = Activity.objects.filter(open=True).filter(
-            PermissionBackend.filter_queryset(self.request.user, Activity, "view")).filter(
+            PermissionBackend.filter_queryset(self.request.user, Activity, "view")).distinct().all()
-            PermissionBackend.filter_queryset(self.request.user, Activity, "change")).all()
+        context["activities_open"] = [a for a in activities_open
+                                      if PermissionBackend.check_perm(self.request.user,
+                                                                      "activity.add_entry",
+                                                                      Entry(activity=a, note=self.request.user.note,))]
 
         return context

apps/api/viewsets.py

@@ -18,7 +18,7 @@ class ReadProtectedModelViewSet(viewsets.ModelViewSet):
 
     def get_queryset(self):
         user = get_current_authenticated_user()
-        return self.model.objects.filter(PermissionBackend.filter_queryset(user, self.model, "view"))
+        return self.model.objects.filter(PermissionBackend.filter_queryset(user, self.model, "view")).distinct()
 
 
 class ReadOnlyProtectedModelViewSet(viewsets.ReadOnlyModelViewSet):
@@ -32,4 +32,4 @@ class ReadOnlyProtectedModelViewSet(viewsets.ReadOnlyModelViewSet):
 
     def get_queryset(self):
         user = get_current_authenticated_user()
-        return self.model.objects.filter(PermissionBackend.filter_queryset(user, self.model, "view"))
+        return self.model.objects.filter(PermissionBackend.filter_queryset(user, self.model, "view")).distinct()

apps/note/api/views.py

@@ -9,6 +9,8 @@ from rest_framework import viewsets
 from rest_framework.response import Response
 from rest_framework import status
 from api.viewsets import ReadProtectedModelViewSet, ReadOnlyProtectedModelViewSet
+from note_kfet.middlewares import get_current_authenticated_user
+from permission.backends import PermissionBackend
 
 from .serializers import NotePolymorphicSerializer, AliasSerializer, ConsumerSerializer,\
     TemplateCategorySerializer, TransactionTemplateSerializer, TransactionPolymorphicSerializer
@@ -150,3 +152,7 @@ class TransactionViewSet(ReadProtectedModelViewSet):
     serializer_class = TransactionPolymorphicSerializer
     filter_backends = [SearchFilter]
     search_fields = ['$reason', ]
+
+    def get_queryset(self):
+        user = get_current_authenticated_user()
+        return self.model.objects.filter(PermissionBackend.filter_queryset(user, self.model, "view"))

apps/note/views.py

@@ -10,6 +10,8 @@ from django.utils.translation import gettext_lazy as _
 from django.views.generic import CreateView, UpdateView
 from django_tables2 import SingleTableView
 from django.urls import reverse_lazy
+
+from activity.models import Entry
 from note_kfet.inputs import AmountInput
 from permission.backends import PermissionBackend
 from permission.views import ProtectQuerysetMixin
@@ -52,9 +54,13 @@ class TransactionCreateView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTabl
         # Add a shortcut for entry page for open activities
         if "activity" in settings.INSTALLED_APPS:
             from activity.models import Activity
-            context["activities_open"] = Activity.objects.filter(open=True).filter(
+            activities_open = Activity.objects.filter(open=True).filter(
-                PermissionBackend.filter_queryset(self.request.user, Activity, "view")).filter(
+                PermissionBackend.filter_queryset(self.request.user, Activity, "view")).distinct().all()
-                PermissionBackend.filter_queryset(self.request.user, Activity, "change")).all()
+            context["activities_open"] = [a for a in activities_open
+                                          if PermissionBackend.check_perm(self.request.user,
+                                                                          "activity.add_entry",
+                                                                          Entry(activity=a,
+                                                                                note=self.request.user.note, ))]
 
         return context
 

apps/permission/fixtures/initial.json

@@ -2311,6 +2311,38 @@
 			"description": "Ajouter un membre à n'importe quel club"
 		}
 	},
+	{
+		"model": "permission.permission",
+		"pk": 148,
+		"fields": {
+			"model": [
+				"activity",
+				"activity"
+			],
+			"query": "{\"valid\": false}",
+			"type": "change",
+			"mask": 2,
+			"field": "",
+			"permanent": false,
+			"description": "Modifier une activité non validée"
+		}
+	},
+	{
+		"model": "permission.permission",
+		"pk": 149,
+		"fields": {
+			"model": [
+				"activity",
+				"activity"
+			],
+			"query": "{\"valid\": false}",
+			"type": "delete",
+			"mask": 2,
+			"field": "",
+			"permanent": false,
+			"description": "Supprimer une activité non validée"
+		}
+	},
 	{
 		"model": "permission.role",
 		"pk": 1,
@@ -2643,7 +2675,9 @@
 				144,
 				145,
 				146,
-				147
+				147,
+				148,
+				149
 			]
 		}
 	},
@@ -2690,7 +2724,9 @@
 				43,
 				44,
 				45,
-				46
+				46,
+				148,
+				149
 			]
 		}
 	},