Update permissions to see our own note

2025-06-21 18:08:21 +02:00 · 2020-08-05 12:22:35 +02:00
parent 2222175d4e
commit 6c9cf73848
3 changed files with 52 additions and 8 deletions
--- a/apps/member/models.py
+++ b/apps/member/models.py
@ -8,12 +8,15 @@ from django.conf import settings
 from django.contrib.auth.models import User
 from django.core.exceptions import ValidationError
 from django.db import models
+from django.db.models import Q
 from django.template import loader
 from django.urls import reverse, reverse_lazy
 from django.utils import timezone
 from django.utils.encoding import force_bytes
 from django.utils.http import urlsafe_base64_encode
 from django.utils.translation import gettext_lazy as _
+
+from permission.models import Role
 from registration.tokens import email_validation_token
 from note.models import MembershipTransaction

@ -382,6 +385,17 @@ class Membership(models.Model):
                        if hasattr(self, '_force_save'):
                            parent_membership._force_save = True
                        parent_membership.save()
+                        parent_membership.refresh_from_db()
+
+                        if self.club.parent_club.name == "BDE":
+                            parent_membership.roles.set(
+                                Role.objects.filter(Q(name="Adhérent BDE") | Q(name="Membre de club")).all())
+                        elif self.club.parent_club.name == "Kfet":
+                            parent_membership.roles.set(
+                                Role.objects.filter(Q(name="Adhérent Kfet") | Q(name="Membre de club")).all())
+                        else:
+                            parent_membership.roles.set(Role.objects.filter(name="Membre de club").all())
+                        parent_membership.save()
                else:
                    raise ValidationError(_('User is not a member of the parent club')
                                          + ' ' + self.club.parent_club.name)
--- a/apps/member/views.py
+++ b/apps/member/views.py
@ -631,7 +631,12 @@ class ClubAddMemberView(ProtectQuerysetMixin, LoginRequiredMixin, CreateView):

        ret = super().form_valid(form)

-        member_role = Role.objects.filter(name="Membre de club").all()
+        if club.name == "BDE":
+            member_role = Role.objects.filter(Q(name="Adhérent BDE") | Q(name="Membre de club")).all()
+        elif club.name == "Kfet":
+            member_role = Role.objects.filter(Q(name="Adhérent Kfet") | Q(name="Membre de club")).all()
+        else:
+            member_role = Role.objects.filter(name="Membre de club").all()
        form.instance.roles.set(member_role)
        form.instance._force_save = True
        form.instance.save()
@ -670,8 +675,10 @@ class ClubAddMemberView(ProtectQuerysetMixin, LoginRequiredMixin, CreateView):
                membership.refresh_from_db()
                if old_membership.exists():
                    membership.roles.set(old_membership.get().roles.all())
-                else:
-                    membership.roles.add(Role.objects.get(name="Adhérent Kfet"))
+                elif c.name == "BDE":
+                    membership.roles.set(Role.objects.filter(Q(name="Adhérent BDE") | Q(name="Membre de club")).all())
+                elif c.name == "Kfet":
+                    membership.roles.set(Role.objects.filter(Q(name="Adhérent Kfet") | Q(name="Membre de club")).all())
                membership.save()

        return ret