diff --git a/apps/activity/views.py b/apps/activity/views.py index 579f7dc5..17446947 100644 --- a/apps/activity/views.py +++ b/apps/activity/views.py @@ -329,7 +329,7 @@ class ActivityEntryView(LoginRequiredMixin, SingleTableMixin, TemplateView): context["noteuser_ctype"] = ContentType.objects.get_for_model(NoteUser).pk context["notespecial_ctype"] = ContentType.objects.get_for_model(NoteSpecial).pk - activities_open = Activity.objects.filter(open=True,activity_type__manage_entries=True).filter( + activities_open = Activity.objects.filter(open=True, activity_type__manage_entries=True).filter( PermissionBackend.filter_queryset(self.request, Activity, "view")).distinct().all() context["activities_open"] = [a for a in activities_open if PermissionBackend.check_perm(self.request, diff --git a/apps/member/forms.py b/apps/member/forms.py index 352a5625..ef9cb24d 100644 --- a/apps/member/forms.py +++ b/apps/member/forms.py @@ -45,7 +45,7 @@ class ProfileForm(forms.ModelForm): A form for the extras field provided by the :model:`member.Profile` model. """ # Remove widget=forms.HiddenInput() if you want to use report frequency. - report_frequency = forms.IntegerField(required=False, initial=0, label=_("Report frequency"), widget=forms.HiddenInput()) + report_frequency = forms.IntegerField(required=False, initial=0, label=_("Report frequency")) last_report = forms.DateTimeField(required=False, disabled=True, label=_("Last report date")) diff --git a/apps/member/views.py b/apps/member/views.py index 348bf089..4d18a40a 100644 --- a/apps/member/views.py +++ b/apps/member/views.py @@ -26,6 +26,7 @@ from note_kfet.middlewares import _set_current_request from permission.backends import PermissionBackend from permission.models import Role from permission.views import ProtectQuerysetMixin, ProtectedCreateView +from django import forms from .forms import UserForm, ProfileForm, ImageForm, ClubForm, MembershipForm, \ CustomAuthenticationForm, MembershipRolesForm @@ -72,11 +73,24 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView): form.fields['email'].required = True form.fields['email'].help_text = _("This address must be valid.") - if PermissionBackend.check_perm(self.request, "member.change_profile", context['user_object'].profile): - context['profile_form'] = self.profile_form(instance=context['user_object'].profile, - data=self.request.POST if self.request.POST else None) - if not self.object.profile.report_frequency: - del context['profile_form'].fields["last_report"] + profile_form = self.profile_form(instance=context['user_object'].profile, + data=self.request.POST if self.request.POST else None) + + if not self.object.profile.report_frequency: + del profile_form.fields["last_report"] + + fields_to_check = list(profile_form.fields.keys()) + fields_modifiable = False + + # Delete the fields for which the user does not have the permission to modify + for field_name in fields_to_check: + if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", context['user_object'].profile): + profile_form.fields[field_name].widget = forms.HiddenInput() + else: + fields_modifiable = True + + if fields_modifiable: + context['profile_form'] = profile_form return context diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index 4a34f99a..bf9171fc 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -127,7 +127,7 @@ "auth", "user" ], - "query": "{\"pk\": [\"user\", \"pk\"]}", + "query": "[\"AND\", {\"pk\": [\"user\", \"pk\"]}, {\"memberships__club__parent_club__isnull\": true}]", "type": "change", "mask": 1, "field": "last_login", @@ -3832,9 +3832,185 @@ "description": "Voir les profils des membres du club" } }, + { + "model": "permission.permission", + "pk": 244, + "fields": { + "model": [ + "member", + "profile" + ], + "query": "{}", + "type": "change", + "mask": 3, + "field": "ml_events_registration", + "permanent": false, + "description": "Modifier l'abonnement à la Newsletter BDE pour n'importe quel profil" + } + }, + { + "model": "permission.permission", + "pk": 245, + "fields": { + "model": [ + "member", + "profile" + ], + "query": "{}", + "type": "change", + "mask": 3, + "field": "ml_art_registration", + "permanent": false, + "description": "Modifier l'abonnement à la Newsletter Art pour n'importe quel profil" + } + }, + { + "model": "permission.permission", + "pk": 246, + "fields": { + "model": [ + "member", + "profile" + ], + "query": "{}", + "type": "change", + "mask": 3, + "field": "ml_sport_registration", + "permanent": false, + "description": "Modifier l'abonnement à la Newsletter Sport pour n'importe quel profil" + } + }, + { + "model": "permission.permission", + "pk": 247, + "fields": { + "model": [ + "activity", + "guest" + ], + "query": "{\"activity__organizer\": [\"club\"]}", + "type": "view", + "mask": 2, + "field": "", + "permanent": false, + "description": "Voir les personnes invitées aux événements organisés par son club" + } + }, + { + "model": "permission.permission", + "pk": 248, + "fields": { + "model": [ + "auth", + "user" + ], + "query": "[\"NOT\", {\"pk__isnull\": [\"user\", \"note\", \"activity_responsible\", [\"filter\", {\"activity__open\": true, \"activity__activity_type__manage_entries\":true}], [\"exists\"]]}]", + "type": "view", + "mask": 3, + "field": "", + "permanent": false, + "description": "Voir n'importe quel⋅le utilisateur⋅rice pour les ouvreur⋅ses" + } + }, + { + "model": "permission.permission", + "pk": 249, + "fields": { + "model": [ + "note", + "note" + ], + "query": "[\"NOT\", {\"pk__isnull\": [\"user\", \"note\", \"activity_responsible\", [\"filter\", {\"activity__open\": true, \"activity__activity_type__manage_entries\":true}], [\"exists\"]]}]", + "type": "view", + "mask": 2, + "field": "", + "permanent": false, + "description": "Voir toutes les notes lorsque utilisateur⋅rice est ouvreur⋅ses" + } + }, + { + "model": "permission.permission", + "pk": 250, + "fields": { + "model": [ + "activity", + "guest" + ], + "query": "{\"activity__organizer\": [\"club\"]}", + "type": "delete", + "mask": 1, + "field": "", + "permanent": false, + "description": "Supprimer des personnes invitées aux événements organisés par son club" + } + }, + { + "model": "permission.permission", + "pk": 251, + "fields": { + "model": [ + "activity", + "opener" + ], + "query": "{\"activity__organizer\": [\"club\"]}", + "type": "view", + "mask": 2, + "field": "", + "permanent": false, + "description": "Voir les ouvreur⋅ses des activités organisées par son club" + } + }, + { + "model": "permission.permission", + "pk": 252, + "fields": { + "model": [ + "activity", + "opener" + ], + "query": "{\"activity__organizer\": [\"club\"]}", + "type": "add", + "mask": 2, + "field": "", + "permanent": false, + "description": "Ajouter des ouvreur⋅ses aux activités organisées par son club" + } + }, + { + "model": "permission.permission", + "pk": 253, + "fields": { + "model": [ + "activity", + "opener" + ], + "query": "{\"activity__organizer\": [\"club\"]}", + "type": "delete", + "mask": 2, + "field": "", + "permanent": false, + "description": "Supprimer des ouvreur⋅ses aux activités organisées par son club" + } + }, + { + "model": "permission.permission", + "pk": 254, + "fields": { + "model": [ + "activity", + "activity" + ], + "query": "{\"organizer\": [\"club\"]}", + "type": "change", + "mask": 2, + "field": "opener", + "permanent": false, + "description": "Voir le tableau des ouvreur⋅ses pour les activités organisées par son club" + } + }, { "model": "permission.permission", - "pk": 244, + "pk": 255, "fields": { "model": [ "wrapped", @@ -3850,7 +4026,7 @@ }, { "model": "permission.permission", - "pk": 245, + "pk": 256, "fields": { "model": [ "wrapped", @@ -3866,7 +4042,7 @@ }, { "model": "permission.permission", - "pk": 246, + "pk": 257, "fields": { "model": [ "wrapped", @@ -3882,7 +4058,7 @@ }, { "model": "permission.permission", - "pk": 247, + "pk": 258, "fields": { "model": [ "wrapped", @@ -3898,7 +4074,7 @@ }, { "model": "permission.permission", - "pk": 248, + "pk": 259, "fields": { "model": [ "wrapped", @@ -3962,9 +4138,11 @@ 204, 205, 206, - 244, - 245, - 246 + 248, + 249, + 255, + 256, + 257 ] } }, @@ -4055,7 +4233,8 @@ 234, 237, 247, - 248 + 258, + 259 ] } }, diff --git a/locale/fr/LC_MESSAGES/django.po b/locale/fr/LC_MESSAGES/django.po index 44ac4a35..79814474 100644 --- a/locale/fr/LC_MESSAGES/django.po +++ b/locale/fr/LC_MESSAGES/django.po @@ -828,11 +828,11 @@ msgstr "Masque de permissions" #: apps/member/forms.py:48 msgid "Report frequency" -msgstr "Fréquence des rapports (en jours)" +msgstr "Fréquence des relevés (en jours)" #: apps/member/forms.py:50 msgid "Last report date" -msgstr "Date de dernier rapport" +msgstr "Date de dernier relevé" #: apps/member/forms.py:54 msgid "" @@ -1078,11 +1078,11 @@ msgstr "" #: apps/member/models.py:117 msgid "report frequency (in days)" -msgstr "fréquence des rapports (en jours)" +msgstr "fréquence des relevés (en jours)" #: apps/member/models.py:122 msgid "last report date" -msgstr "date de dernier rapport" +msgstr "date de dernier relevé" #: apps/member/models.py:127 msgid "email confirmed" diff --git a/note.cron b/note.cron index 2f75f989..5509deaf 100644 --- a/note.cron +++ b/note.cron @@ -27,4 +27,5 @@ MAILTO=notekfet2020@lists.crans.org # Vider les tokens Oauth2 00 6 * * * root cd /var/www/note_kfet && env/bin/python manage.py cleartokens -v 0 # Envoyer la liste des abonnés à la NL BDA - 00 8 * * 0 root cd /var/www/note_kfet && env/bin/python manage.py extract_ml_registrations -t art -v 0 \ No newline at end of file + 00 10 * * 0 root cd /var/www/note_kfet && env/bin/python manage.py extract_ml_registrations -t art + \ No newline at end of file