From aa66361ac71fe39ddb42e75c9aca1a24f8b6bfe2 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Thu, 30 Jul 2020 16:36:44 +0200 Subject: [PATCH] Update permissions to create clubs. For now, only superusers can edit the roles of a user. --- apps/member/views.py | 9 ++-- apps/permission/fixtures/initial.json | 69 ++++++++++++++++++++++++--- 2 files changed, 66 insertions(+), 12 deletions(-) diff --git a/apps/member/views.py b/apps/member/views.py index bc555acf..f106a8e5 100644 --- a/apps/member/views.py +++ b/apps/member/views.py @@ -26,7 +26,6 @@ from note_kfet.middlewares import _set_current_user_and_ip from permission.backends import PermissionBackend from permission.models import Role from permission.views import ProtectQuerysetMixin -from wei.models import WEIClub from .forms import ProfileForm, ClubForm, MembershipForm, CustomAuthenticationForm, UserForm from .models import Club, Membership @@ -432,7 +431,7 @@ class ClubAddMemberView(ProtectQuerysetMixin, LoginRequiredMixin, CreateView): club = Club.objects.filter(PermissionBackend.filter_queryset(self.request.user, Club, "view"))\ .get(pk=self.kwargs["club_pk"], weiclub=None) form.fields['credit_amount'].initial = club.membership_fee_paid - form.fields['roles'].queryset = Role.objects.filter(Q(weirole__isnull=not isinstance(club, WEIClub)) + form.fields['roles'].queryset = Role.objects.filter(Q(weirole__isnull=not hasattr(club, 'weiclub')) & (Q(for_club__isnull=True) | Q(for_club=club))).all() form.fields['roles'].initial = Role.objects.filter(name="Membre de club").all() @@ -453,7 +452,7 @@ class ClubAddMemberView(ProtectQuerysetMixin, LoginRequiredMixin, CreateView): user = old_membership.user form.fields['user'].initial = user form.fields['user'].disabled = True - form.fields['roles'].queryset = Role.objects.filter(Q(weirole__isnull=not isinstance(club, WEIClub)) + form.fields['roles'].queryset = Role.objects.filter(Q(weirole__isnull=not hasattr(club, 'weiclub')) & (Q(for_club__isnull=True) | Q(for_club=club))).all() form.fields['roles'].initial = old_membership.roles.all() form.fields['date_start'].initial = old_membership.date_end + timedelta(days=1) @@ -647,10 +646,10 @@ class ClubManageRolesView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView): del form.fields['bank'] club = self.object.club - form.fields['roles'].queryset = Role.objects.filter(Q(weirole__isnull=not isinstance(club, WEIClub)) + form.fields['roles'].queryset = Role.objects.filter(Q(weirole__isnull=not hasattr(club, 'weiclub')) & (Q(for_club__isnull=True) | Q(for_club=club))).all() return form def get_success_url(self): - return reverse_lazy('member:club_detail', kwargs={'pk': self.object.club.id}) + return reverse_lazy('member:user_detail', kwargs={'pk': self.object.user.id}) diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index c95776c5..572e0716 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -801,7 +801,7 @@ ], "query": "{\"club\": [\"club\"]}", "type": "view", - "mask": 1, + "mask": 3, "field": "", "permanent": false, "description": "View club's memberships" @@ -833,7 +833,7 @@ ], "query": "{\"club\": [\"club\"]}", "type": "change", - "mask": 2, + "mask": 3, "field": "roles", "permanent": false, "description": "Update user roles" @@ -2234,6 +2234,22 @@ { "model": "permission.permission", "pk": 139, + "fields": { + "model": [ + "note", + "noteclub" + ], + "query": "{}", + "type": "add", + "mask": 3, + "field": "", + "permanent": false, + "description": "Create any noteclub" + } + }, + { + "model": "permission.permission", + "pk": 140, "fields": { "model": [ "member", @@ -2247,6 +2263,38 @@ "description": "Create any club" } }, + { + "model": "permission.permission", + "pk": 141, + "fields": { + "model": [ + "auth", + "user" + ], + "query": "{\"memberships__club\": [\"club\"], \"memberships__date__start__lte\": [\"today\"], \"memberships__date__end__gte\": [\"today\"]}", + "type": "view", + "mask": 3, + "field": "", + "permanent": false, + "description": "View members of our club" + } + }, + { + "model": "permission.permission", + "pk": 142, + "fields": { + "model": [ + "note", + "noteclub" + ], + "query": "{\"club\": [\"club\"]}", + "type": "view", + "mask": 2, + "field": "", + "permanent": false, + "description": "View club note" + } + }, { "model": "permission.role", "pk": 1, @@ -2323,7 +2371,8 @@ "permissions": [ 22, 47, - 49 + 49, + 140 ] } }, @@ -2335,8 +2384,9 @@ "name": "Pr\u00e9sident\u00b7e de club", "permissions": [ 50, - 51, - 62 + 62, + 141, + 142 ] } }, @@ -2356,7 +2406,9 @@ 61, 62, 127, - 133 + 133, + 141, + 142 ] } }, @@ -2564,7 +2616,10 @@ 136, 137, 138, - 139 + 139, + 140, + 141, + 142 ] } },