1
0
mirror of https://gitlab.crans.org/bde/nk20 synced 2024-12-22 15:32:22 +00:00

Update permissions to see our own note

This commit is contained in:
Yohann D'ANELLO 2020-08-05 12:22:35 +02:00
parent 2222175d4e
commit 6c9cf73848
3 changed files with 52 additions and 8 deletions

View File

@ -8,12 +8,15 @@ from django.conf import settings
from django.contrib.auth.models import User
from django.core.exceptions import ValidationError
from django.db import models
from django.db.models import Q
from django.template import loader
from django.urls import reverse, reverse_lazy
from django.utils import timezone
from django.utils.encoding import force_bytes
from django.utils.http import urlsafe_base64_encode
from django.utils.translation import gettext_lazy as _
from permission.models import Role
from registration.tokens import email_validation_token
from note.models import MembershipTransaction
@ -382,6 +385,17 @@ class Membership(models.Model):
if hasattr(self, '_force_save'):
parent_membership._force_save = True
parent_membership.save()
parent_membership.refresh_from_db()
if self.club.parent_club.name == "BDE":
parent_membership.roles.set(
Role.objects.filter(Q(name="Adhérent BDE") | Q(name="Membre de club")).all())
elif self.club.parent_club.name == "Kfet":
parent_membership.roles.set(
Role.objects.filter(Q(name="Adhérent Kfet") | Q(name="Membre de club")).all())
else:
parent_membership.roles.set(Role.objects.filter(name="Membre de club").all())
parent_membership.save()
else:
raise ValidationError(_('User is not a member of the parent club')
+ ' ' + self.club.parent_club.name)

View File

@ -631,7 +631,12 @@ class ClubAddMemberView(ProtectQuerysetMixin, LoginRequiredMixin, CreateView):
ret = super().form_valid(form)
member_role = Role.objects.filter(name="Membre de club").all()
if club.name == "BDE":
member_role = Role.objects.filter(Q(name="Adhérent BDE") | Q(name="Membre de club")).all()
elif club.name == "Kfet":
member_role = Role.objects.filter(Q(name="Adhérent Kfet") | Q(name="Membre de club")).all()
else:
member_role = Role.objects.filter(name="Membre de club").all()
form.instance.roles.set(member_role)
form.instance._force_save = True
form.instance.save()
@ -670,8 +675,10 @@ class ClubAddMemberView(ProtectQuerysetMixin, LoginRequiredMixin, CreateView):
membership.refresh_from_db()
if old_membership.exists():
membership.roles.set(old_membership.get().roles.all())
else:
membership.roles.add(Role.objects.get(name="Adhérent Kfet"))
elif c.name == "BDE":
membership.roles.set(Role.objects.filter(Q(name="Adhérent BDE") | Q(name="Membre de club")).all())
elif c.name == "Kfet":
membership.roles.set(Role.objects.filter(Q(name="Adhérent Kfet") | Q(name="Membre de club")).all())
membership.save()
return ret

View File

@ -61,7 +61,7 @@
"fields": {
"model": [
"note",
"noteuser"
"note"
],
"query": "{\"pk\": [\"user\", \"note\", \"pk\"]}",
"type": "view",
@ -2221,9 +2221,9 @@
"fields": {
"model": [
"note",
"noteclub"
"note"
],
"query": "{\"club\": [\"club\"]}",
"query": "{\"noteclub__club\": [\"club\"]}",
"type": "view",
"mask": 2,
"field": "",
@ -2343,6 +2343,22 @@
"description": "Supprimer une activité non validée"
}
},
{
"model": "permission.permission",
"pk": 150,
"fields": {
"model": [
"note",
"note"
],
"query": "{}",
"type": "view",
"mask": 2,
"field": "",
"permanent": false,
"description": "Voir toutes les notes"
}
},
{
"model": "permission.role",
"pk": 1,
@ -2522,7 +2538,8 @@
139,
143,
146,
147
147,
150
]
}
},
@ -2677,7 +2694,8 @@
146,
147,
148,
149
149,
150
]
}
},
@ -2737,6 +2755,7 @@
"for_club": null,
"name": "GC WEI",
"permissions": [
22,
76,
85,
86,
@ -2770,6 +2789,7 @@
"for_club": null,
"name": "Chef de bus",
"permissions": [
22,
84,
117,
118,
@ -2787,6 +2807,7 @@
"for_club": null,
"name": "Chef d'\u00e9quipe",
"permissions": [
22,
84,
116,
123,
@ -2802,6 +2823,7 @@
"for_club": null,
"name": "\u00c9lectron libre",
"permissions": [
22,
84
]
}
@ -2813,6 +2835,7 @@
"for_club": null,
"name": "\u00c9lectron libre (avec perm)",
"permissions": [
22,
84
]
}