1
0
mirror of https://gitlab.crans.org/bde/nk20 synced 2024-12-23 07:52:23 +00:00

Improve add permissions

This commit is contained in:
Yohann D'ANELLO 2020-03-18 15:49:52 +01:00
parent 057f42fdb6
commit e461d70b14
3 changed files with 24 additions and 7 deletions

View File

@ -129,14 +129,13 @@ class Transaction(PolymorphicModel):
models.Index(fields=['destination']), models.Index(fields=['destination']),
] ]
def save(self, *args, **kwargs): def post_save(self, *args, **kwargs):
""" """
When saving, also transfer money between two notes When saving, also transfer money between two notes
""" """
if self.source.pk == self.destination.pk: if self.source.pk == self.destination.pk:
# When source == destination, no money is transfered # When source == destination, no money is transfered
super().save(*args, **kwargs)
return return
created = self.pk is None created = self.pk is None
@ -152,10 +151,12 @@ class Transaction(PolymorphicModel):
self.source.balance -= to_transfer self.source.balance -= to_transfer
self.destination.balance += to_transfer self.destination.balance += to_transfer
# We save first the transaction, in case of the user has no right to transfer money
super().save(*args, **kwargs)
# Save notes # Save notes
self.source.save() self.source.save()
self.destination.save() self.destination.save()
super().save(*args, **kwargs)
@property @property
def total(self): def total(self):

View File

@ -25,13 +25,14 @@ class InstancedPermission:
Returns True if the permission applies to Returns True if the permission applies to
the field `field_name` object `obj` the field `field_name` object `obj`
""" """
if ContentType.objects.get_for_model(obj) != self.model:
# The permission does not apply to the model
return False
if self.type == 'add': if self.type == 'add':
if permission_type == self.type: if permission_type == self.type:
return self.query(obj) return self.query(obj)
if ContentType.objects.get_for_model(obj) != self.model:
# The permission does not apply to the model
return False
if permission_type == self.type: if permission_type == self.type:
if self.field and field_name != self.field: if self.field and field_name != self.field:
return False return False
@ -202,7 +203,18 @@ class Permission(models.Model):
def func(obj): def func(obj):
nonlocal q_kwargs nonlocal q_kwargs
for arg in q_kwargs: for arg in q_kwargs:
if getattr(obj, arg) != q_kwargs[arg]: spl = arg.split('__')
value = obj
last = None
for s in spl:
if not hasattr(obj, s):
last = s
break
value = getattr(obj, s)
if last == "lte": # TODO Add more filters
if value > q_kwargs[arg]:
return False
elif value != q_kwargs[arg]:
return False return False
return True return True
return func return func

View File

@ -14,6 +14,10 @@ EXCLUDED = [
'contenttypes.contenttype', 'contenttypes.contenttype',
'logs.changelog', 'logs.changelog',
'migrations.migration', 'migrations.migration',
'note.note',
'note.noteuser',
'note.noteclub',
'note.notespecial',
'sessions.session', 'sessions.session',
] ]