Commit Graph

156 Commits

Author SHA1 Message Date
Yohann D'ANELLO 58fe8914cf 🐛 Fix infinite loop in permission check 2020-08-02 22:39:30 +02:00
Yohann D'ANELLO f870af139e Typos 2020-08-02 09:51:39 +02:00
Yohann D'ANELLO 7742358b8f Secretaries can view and add memberships 2020-08-02 09:49:45 +02:00
Yohann D'ANELLO 8de7ba14bd Add permission for secretaries 2020-08-02 09:35:32 +02:00
Yohann D'ANELLO 8497dbb25c Club members can see the club 2020-08-02 09:30:18 +02:00
Yohann D'ANELLO 2f018f8c9d Always query distinct objects 2020-08-02 08:57:16 +02:00
Yohann D'ANELLO b706efe463 2A+ can change their selected bus or team if the registration is not validated 2020-08-01 23:27:07 +02:00
Yohann D'ANELLO 8434841ec5 Fix one permission 2020-08-01 22:28:28 +02:00
Yohann D'ANELLO b6453ce03d 💄 Improve Django Admin 2020-08-01 15:13:29 +02:00
Yohann D'ANELLO d7b834d908 Translate rights 2020-07-31 22:29:23 +02:00
Yohann D'ANELLO dca655949e Improve transfer UI 2020-07-31 21:24:23 +02:00
Yohann D'ANELLO 72dcc93136 Club managers can register new members to a club, even if they don't have the right to create a transaction 2020-07-31 09:49:43 +02:00
Yohann D'ANELLO ae629b55ad Add HTML titles 2020-07-30 17:30:21 +02:00
Yohann D'ANELLO aa66361ac7 Update permissions to create clubs.
For now, only superusers can edit the roles of a user.
2020-07-30 16:36:44 +02:00
Yohann D'ANELLO e9cbc8e623 Fix linters 2020-07-30 15:53:23 +02:00
Yohann D'ANELLO 9361f3f2f0 Aliases should load really faster 2020-07-30 15:07:30 +02:00
Yohann D'ANELLO e63219f7ad Force delete some objects 2020-07-30 14:58:18 +02:00
Yohann D'ANELLO 0c0aed0234 🐛 Force delete didn't work as well when trying to check add permissions 2020-07-30 13:10:03 +02:00
Yohann D'ANELLO fb775de923 Add backdoor to login as other users (in debug mode only) 2020-07-30 12:50:48 +02:00
Yohann D'ANELLO cbd36f110a Another uplicated permission 2020-07-29 19:13:29 +02:00
Yohann D'ANELLO c9e68ca66b Duplicated permission 2020-07-29 19:12:16 +02:00
Yohann D'ANELLO 5a91cac08d Add permissions to see clubs and users 2020-07-29 18:37:42 +02:00
Yohann D'ANELLO 4549255198 Treasurers can update invalidity reason 2020-07-29 17:42:06 +02:00
Yohann D'ANELLO 750bdcb2c5 Treasurers can of course click on buttons. Fix PATCH requests on the API 2020-07-29 12:25:53 +02:00
Yohann D'ANELLO b8a88eeda4 Only staff with good permission mask can visit Django Admin 2020-07-29 11:38:59 +02:00
Yohann D'ANELLO 3a4145e4d9 Woops, roles didn't have the permissions 2020-07-28 20:56:22 +02:00
Yohann D'ANELLO 54ce157019 Store clothing cut and size in WEI registration 2020-07-28 20:49:32 +02:00
Yohann D'ANELLO 7c6bab88f4 Update permissions to see buses 2020-07-28 20:22:10 +02:00
Yohann D'ANELLO 0bfc3b9454 Not-yet-registered WEI members can see their registrations 2020-07-28 18:09:43 +02:00
Yohann D'ANELLO 84e8b02594 🐛 Calculating permissions faster 2020-07-28 15:25:08 +02:00
Yohann D'ANELLO 4c29d855d2 Fix RolePermissions merge 2020-07-25 20:07:45 +02:00
Yohann D'ANELLO 55bc288deb Some roles can only be given in some clubs 2020-07-25 19:59:04 +02:00
Yohann D'ANELLO fb5e2578af Merge Role and RolePermissions 2020-07-25 19:40:30 +02:00
Yohann D'ANELLO 2eb601bd66 💥 Improve performances 2020-07-25 17:25:57 +02:00
Yohann D'ANELLO 71f6daf0e8 Add permission for treasurers to update the validation status of a transaction 2020-07-13 12:10:01 +02:00
Yohann D'ANELLO 2c7995a79e A transaction can only be created between active notes 2020-06-21 22:47:05 +02:00
Yohann D'ANELLO 302f9e752c Create a test to check that permission queries are well formed 2020-05-30 15:46:09 +02:00
Yohann D'ANELLO a9ccf46010 Linters 2020-05-29 21:43:24 +02:00
Yohann D'ANELLO f567b1a343 Activity list is displayed in the right order 2020-05-29 21:37:44 +02:00
Yohann D'ANELLO 155b2df330 Fix some permissions, users can log in 2020-05-29 21:26:05 +02:00
Yohann D'ANELLO 716232e27f With distinct permissions, we don't need to check ~ 100 000 permissions to check if someone can log in 2020-05-29 21:11:51 +02:00
Yohann D'ANELLO 4108babdb4 Permissions can be permanent 2020-05-07 21:14:36 +02:00
ynerant 395c52220f Merge branch 'master' into 'tranfer_front'
# Conflicts:
#   apps/activity/views.py
#   apps/permission/backends.py
#   locale/de/LC_MESSAGES/django.po
#   locale/fr/LC_MESSAGES/django.po
#   static/js/base.js
#   templates/base.html
#   templates/member/user_list.html
2020-05-07 18:48:35 +02:00
Yohann D'ANELLO a83ab4bf85 Add a public rights page to view which permissions are granted to which role, update Font Awesome to 5.13 2020-04-26 01:20:46 +02:00
Yohann D'ANELLO 957344922b Custom error pages 2020-04-25 19:29:18 +02:00
Yohann D'ANELLO cdff0d3893 We can view and update our WEI registration while we are not fully registered to the WEI. 2020-04-24 14:30:18 +02:00
Yohann D'ANELLO 16079e3cc5 Fix broken WEI permissions 2020-04-24 14:03:25 +02:00
Yohann D'ANELLO b81f186866 Add PDF member lists 2020-04-23 18:28:16 +02:00
Yohann D'ANELLO a85a5bf8fe Add initial WEI permissions 2020-04-22 13:28:52 +02:00
Yohann D'ANELLO 0c9409fd4b Improve WEI UI 2020-04-18 03:27:12 +02:00
Yohann D'ANELLO 751147f254 Don't display a note that we can't see, fix CI, fix distinct fields on PostgresSQL DB 2020-04-10 00:02:22 +02:00
Pierre-antoine Comby 68808ddece Merge branch 'master' into 'fix_distinct'
# Conflicts:
#   apps/activity/views.py
2020-04-09 22:30:19 +02:00
Pierre-antoine Comby 9fbfac7bdb distinct on field not supported by sqlite 2020-04-06 11:44:02 +02:00
Yohann D'ANELLO 6fedbe2a2a Some model translations were missing 2020-04-06 10:58:16 +02:00
Yohann D'ANELLO bd41560f45 Update permission fixtures 2020-04-06 10:45:32 +02:00
Yohann D'ANELLO 0cdc8ae004 RolePermissions were missing in the API 2020-04-02 16:06:58 +02:00
Yohann D'ANELLO be42801709 The memoization doesn't work when objects don't have a primary key. 2020-04-02 14:50:28 +02:00
Yohann D'ANELLO 8ad464ae0c Fix CI 2020-04-02 00:42:00 +02:00
Yohann D'ANELLO 5c9c0bbc2a Optimize permissions, use memoization 2020-04-02 00:30:22 +02:00
Yohann D'ANELLO 3f5faa0b05 Add tab for user list 2020-04-01 20:56:24 +02:00
Yohann D'ANELLO 0df0f3f66b Membership fees for paid and unpaid students, closes #43 2020-04-01 04:07:55 +02:00
Yohann D'ANELLO d5b010980b Full membership support 2020-04-01 03:42:19 +02:00
Yohann D'ANELLO bf9789bd9e Restructurate memberships, closes #16 2020-03-31 23:54:14 +02:00
Yohann D'ANELLO e98693b214 Memberships are optional for clubs 2020-03-31 16:22:11 +02:00
Yohann D'ANELLO dd3b7bd7e5 Remove note activities 2020-03-31 14:57:44 +02:00
Yohann D'ANELLO 1aae18e6a6 Improved permissions, 404 and 403 errors will be more frequent (when we type an invalid URL) 2020-03-31 04:16:30 +02:00
Yohann D'ANELLO 691a03ecad Add some initial permissions for activities 2020-03-28 19:05:21 +01:00
Yohann D'ANELLO 8c1d902c30 Open and validate activities 2020-03-27 22:48:20 +01:00
Yohann D'ANELLO d6e202a26f Display guests list 2020-03-27 21:18:27 +01:00
ynerant bef4958759 Merge branch 'master' into 'devalidation_reason'
# Conflicts:
#   locale/de/LC_MESSAGES/django.po
#   locale/fr/LC_MESSAGES/django.po
2020-03-27 13:52:48 +01:00
Yohann D'ANELLO 5cf75ebf9e When a transaction can't becreated because the user don't have the permission to take too much money, then we create an invalid transaction 2020-03-25 15:27:38 +01:00
Yohann D'ANELLO 9a7f1bba21 Fix CI (no idea of why this error happened) 2020-03-25 00:39:40 +01:00
ynerant 57a01c48a8 Merge branch 'master' into 'tresorerie'
# Conflicts:
#   apps/note/fixtures/initial.json
#   templates/base.html
2020-03-25 00:30:14 +01:00
Pierre-antoine Comby 41568916b8 error fixes 2020-03-24 22:28:03 +01:00
Pierre-antoine Comby 8ab142c122 no need to be static after all 2020-03-24 20:25:08 +01:00
Pierre-antoine Comby d4b8d35206 check permission with PermissionBackend.
taking connection permission mask into account.
2020-03-24 20:19:24 +01:00
Yohann D'ANELLO b9fac82d89 Fixtures are more natural 2020-03-22 22:09:41 +01:00
Yohann D'ANELLO f6027e9edd Fix CI 2020-03-22 14:57:51 +01:00
Yohann D'ANELLO 1e5065b80b Fixtures are more natural 2020-03-22 14:54:05 +01:00
Yohann D'ANELLO 70cf186233 Fix fixtures, another time... 2020-03-22 14:12:45 +01:00
Yohann D'ANELLO e2d2d2cc99 Anonymous users have no right 2020-03-20 18:23:20 +01:00
Yohann D'ANELLO 93bd8489df Amounts are in cents... 2020-03-20 18:02:12 +01:00
Yohann D'ANELLO 24ea4c0a52 Comment code 2020-03-20 15:58:14 +01:00
Yohann D'ANELLO 091c427707 Restructurate code 2020-03-20 14:43:35 +01:00
Yohann D'ANELLO 6fc43e651e More optimisation 2020-03-20 01:46:59 +01:00
Yohann D'ANELLO f80cb635d3 Optimize permissions, full support add perms, more fixtures 2020-03-20 00:06:28 +01:00
Yohann D'ANELLO c653e0986e Remove UserPermission model 2020-03-19 20:39:19 +01:00
Yohann D'ANELLO 74c0fcca83 Notes are read-only in the API, but can be modified with scripts (ie. transactions) 2020-03-19 19:29:52 +01:00
Yohann D'ANELLO 7794210cc8 Being superuser is not enough (must have the correct mask), add some initial fixtures 2020-03-19 18:53:06 +01:00
Yohann D'ANELLO 022997f923 Add unique tags on permission masks 2020-03-19 16:27:25 +01:00
Yohann D'ANELLO 95315cdbe2 Implements permission masks 2020-03-19 16:12:52 +01:00
Yohann D'ANELLO d083894e9b Fix note display for users that don't have enough rights 2020-03-19 14:25:43 +01:00
Yohann D'ANELLO 730d37c620 Protect views from viewing if the user has no right to view an object 2020-03-19 02:26:06 +01:00
Yohann D'ANELLO e461d70b14 Improve add permissions 2020-03-18 15:49:52 +01:00
Yohann D'ANELLO 057f42fdb6 Handle permissions (and it seems working!) 2020-03-18 14:42:35 +01:00
Yohann D'ANELLO 30ce17b644 Update a lot of things 2020-03-07 13:12:17 +01:00
Benjamin Graillot 5df1f42f43 [permission] Syntax error 2020-03-07 10:48:38 +01:00
Benjamin Graillot 8a9ad0a6e5 [permission] Handle add rights 2020-03-07 09:30:22 +01:00
Benjamin Graillot 982a5ae009 [permission] Add F object support 2020-02-13 15:59:19 +01:00
Benjamin Graillot 2b49effebb [permission] Update admin 2020-02-09 18:30:37 +01:00