From 691a03ecadaa5b4d9bf441af4410b703294d0921 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Sat, 28 Mar 2020 19:05:21 +0100 Subject: [PATCH] Add some initial permissions for activities --- apps/activity/forms.py | 2 +- apps/activity/models.py | 9 + apps/activity/views.py | 20 +- apps/permission/fixtures/initial.json | 233 +++++++++++++++++++++++- templates/activity/activity_detail.html | 5 + 5 files changed, 263 insertions(+), 6 deletions(-) diff --git a/apps/activity/forms.py b/apps/activity/forms.py index 7fafd15e..c5a9e7f3 100644 --- a/apps/activity/forms.py +++ b/apps/activity/forms.py @@ -13,7 +13,7 @@ from .models import Activity, Guest class ActivityForm(forms.ModelForm): class Meta: model = Activity - exclude = ('valid', 'open', ) + exclude = ('creater', 'valid', 'open', ) widgets = { "organizer": AutocompleteModelSelect( model=Club, diff --git a/apps/activity/models.py b/apps/activity/models.py index 1645d9ae..948e0919 100644 --- a/apps/activity/models.py +++ b/apps/activity/models.py @@ -1,6 +1,7 @@ # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay # SPDX-License-Identifier: GPL-3.0-or-later +from django.contrib.auth.models import User from django.db import models from django.db.models import Q from django.utils.translation import gettext_lazy as _ @@ -58,6 +59,12 @@ class Activity(models.Model): verbose_name=_('type'), ) + creater = models.ForeignKey( + User, + on_delete=models.PROTECT, + verbose_name=_("user"), + ) + organizer = models.ForeignKey( 'member.Club', on_delete=models.PROTECT, @@ -68,6 +75,8 @@ class Activity(models.Model): note = models.ForeignKey( 'note.Note', on_delete=models.PROTECT, + blank=True, + null=True, related_name='+', verbose_name=_('note'), ) diff --git a/apps/activity/views.py b/apps/activity/views.py index af871d99..518d7c10 100644 --- a/apps/activity/views.py +++ b/apps/activity/views.py @@ -21,21 +21,31 @@ class ActivityCreateView(LoginRequiredMixin, CreateView): model = Activity form_class = ActivityForm + def form_valid(self, form): + form.instance.creater = self.request.user + return super().form_valid(form) + def get_success_url(self, **kwargs): - return reverse_lazy('activity:activity_detail', kwargs={"pk": self.kwargs["pk"]}) + self.object.refresh_from_db() + return reverse_lazy('activity:activity_detail', kwargs={"pk": self.object.pk}) class ActivityListView(LoginRequiredMixin, SingleTableView): model = Activity table_class = ActivityTable + def get_queryset(self): + return super().get_queryset()\ + .filter(PermissionBackend.filter_queryset(self.request.user, Activity, "view")).reverse() + def get_context_data(self, **kwargs): ctx = super().get_context_data(**kwargs) ctx['title'] = _("Activities") upcoming_activities = Activity.objects.filter(date_end__gt=datetime.now()) - ctx['upcoming'] = ActivityTable(data=upcoming_activities) + ctx['upcoming'] = ActivityTable(data=upcoming_activities + .filter(PermissionBackend.filter_queryset(self.request.user, Activity, "view"))) return ctx @@ -100,7 +110,8 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView): .annotate(balance=F("inviter__balance"), note_name=F("inviter__user__username"))\ .filter(Q(first_name__regex=pattern) | Q(last_name__regex=pattern) | Q(inviter__alias__name__regex=pattern) - | Q(inviter__alias__normalized_name__regex=Alias.normalize(pattern)))\ + | Q(inviter__alias__normalized_name__regex=Alias.normalize(pattern))) \ + .filter(PermissionBackend.filter_queryset(self.request.user, Guest, "view"))\ .distinct()[:20] for guest in guest_qs: guest.type = "Invité" @@ -115,7 +126,8 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView): & (Q(note__noteuser__user__first_name__regex=pattern) | Q(note__noteuser__user__last_name__regex=pattern) | Q(name__regex=pattern) - | Q(normalized_name__regex=Alias.normalize(pattern))))\ + | Q(normalized_name__regex=Alias.normalize(pattern)))) \ + .filter(PermissionBackend.filter_queryset(self.request.user, Alias, "view"))\ .distinct("username")[:20] for note in note_qs: note.type = "Adhérent" diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index 43d39a36..31b59069 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -55,6 +55,20 @@ "name": "Tr\u00e9sorier\u00b7\u00e8re de club" } }, + { + "model": "member.role", + "pk": 8, + "fields": { + "name": "Tr\u00e9sorier\u00b7\u00e8re de club" + } + }, + { + "model": "member.role", + "pk": 9, + "fields": { + "name": "Res[pot]" + } + }, { "model": "permission.permissionmask", "pk": 1, @@ -574,6 +588,201 @@ "description": "Create any transaction" } }, + { + "model": "permission.permission", + "pk": 34, + "fields": { + "model": [ + "activity", + "activity" + ], + "query": "[\"OR\", {\"valid\": true}, {\"creater\": [\"user\"]}]", + "type": "view", + "mask": 1, + "field": "", + "description": "View valid activites" + } + }, + { + "model": "permission.permission", + "pk": 35, + "fields": { + "model": [ + "activity", + "activity" + ], + "query": "[\"AND\", {\"valid\": false}, {\"creater\": [\"user\"]}]", + "type": "change", + "mask": 1, + "field": "", + "description": "Change our activities" + } + }, + { + "model": "permission.permission", + "pk": 36, + "fields": { + "model": [ + "activity", + "activity" + ], + "query": "{\"creater\": [\"user\"], \"valid\": false}", + "type": "add", + "mask": 1, + "field": "", + "description": "Add activities" + } + }, + { + "model": "permission.permission", + "pk": 37, + "fields": { + "model": [ + "activity", + "activity" + ], + "query": "{}", + "type": "change", + "mask": 2, + "field": "valid", + "description": "Validate activities" + } + }, + { + "model": "permission.permission", + "pk": 38, + "fields": { + "model": [ + "activity", + "activity" + ], + "query": "{}", + "type": "change", + "mask": 2, + "field": "open", + "description": "Open activities" + } + }, + { + "model": "permission.permission", + "pk": 39, + "fields": { + "model": [ + "activity", + "guest" + ], + "query": "{\"inviter\": [\"user\", \"note\"], \"activity__activity_type__can_invite\": true}", + "type": "add", + "mask": 1, + "field": "", + "description": "Invite people to activities" + } + }, + { + "model": "permission.permission", + "pk": 40, + "fields": { + "model": [ + "activity", + "guest" + ], + "query": "{\"inviter\": [\"user\", \"note\"]}", + "type": "view", + "mask": 1, + "field": "", + "description": "View invited people" + } + }, + { + "model": "permission.permission", + "pk": 41, + "fields": { + "model": [ + "activity", + "activity" + ], + "query": "{}", + "type": "view", + "mask": 2, + "field": "", + "description": "View all activities" + } + }, + { + "model": "permission.permission", + "pk": 42, + "fields": { + "model": [ + "activity", + "guest" + ], + "query": "{}", + "type": "view", + "mask": 2, + "field": "", + "description": "View all invited people" + } + }, + { + "model": "permission.permission", + "pk": 43, + "fields": { + "model": [ + "activity", + "entry" + ], + "query": "{}", + "type": "add", + "mask": 2, + "field": "", + "description": "Manage entries" + } + }, + { + "model": "permission.permission", + "pk": 44, + "fields": { + "model": [ + "activity", + "guesttransaction" + ], + "query": "{}", + "type": "add", + "mask": 2, + "field": "", + "description": "Add invitation transactions" + } + }, + { + "model": "permission.permission", + "pk": 45, + "fields": { + "model": [ + "activity", + "guesttransaction" + ], + "query": "{}", + "type": "view", + "mask": 1, + "field": "", + "description": "View invitation transactions" + } + }, + { + "model": "permission.permission", + "pk": 46, + "fields": { + "model": [ + "activity", + "guesttransaction" + ], + "query": "{}", + "type": "change", + "mask": 2, + "field": "valid", + "description": "Validate invitation transactions" + } + }, { "model": "permission.rolepermissions", "pk": 1, @@ -613,7 +822,12 @@ 15, 16, 17, - 18 + 18, + 34, + 35, + 36, + 39, + 40 ] } }, @@ -649,5 +863,22 @@ 33 ] } + }, + { + "model": "permission.rolepermissions", + "pk": 5, + "fields": { + "role": 9, + "permissions": [ + 37, + 38, + 41, + 42, + 43, + 44, + 45, + 46 + ] + } } ] diff --git a/templates/activity/activity_detail.html b/templates/activity/activity_detail.html index ccd64803..07c10a15 100644 --- a/templates/activity/activity_detail.html +++ b/templates/activity/activity_detail.html @@ -25,6 +25,11 @@
{% trans 'end date'|capfirst %}
{{ activity.date_end }}
+ {% if "view_"|has_perm:activity.creater %} +
{% trans 'creater'|capfirst %}
+
{{ activity.creater }}
+ {% endif %} +
{% trans 'organizer'|capfirst %}
{{ activity.organizer }}