Yohann D'ANELLO
|
180cd3e1ec
|
Fix registration permissions and procedure
|
2020-09-14 09:49:30 +02:00 |
ynerant
|
73ca65aa91
|
Merge branch 'atomicity' into 'beta'
Atomicité
See merge request bde/nk20!122
|
2020-09-14 09:38:54 +02:00 |
Yohann D'ANELLO
|
5ed0560953
|
Fix linting
|
2020-09-14 09:09:20 +02:00 |
Yohann D'ANELLO
|
872fd8f86d
|
Don't cache permissions in debug mode, that's very slow
|
2020-09-14 08:58:12 +02:00 |
Yohann D'ANELLO
|
80e3cba4c6
|
BDE Treasurers can see the remittance interface
|
2020-09-12 18:40:14 +02:00 |
Yohann D'ANELLO
|
9b090a145c
|
All transactions are now atomic
|
2020-09-11 22:52:16 +02:00 |
Yohann D'ANELLO
|
72cc1638e6
|
Authenticate correctly users that connect with an authorization token
|
2020-09-10 09:31:27 +02:00 |
Yohann D'ANELLO
|
6a0dc4cb10
|
Users can see every API page since querysets are filtered and modifications are protected
|
2020-09-09 22:27:07 +02:00 |
Yohann D'ANELLO
|
428de69d93
|
Fix permissions to let treasurers to make some initial registrations
|
2020-09-07 23:36:50 +02:00 |
Yohann D'ANELLO
|
fa3c723140
|
The BDE offers 80 € to each new member that registers to the Société générale
|
2020-09-07 21:33:23 +02:00 |
Yohann D'ANELLO
|
346aa94ead
|
Don't trigger signals when we add an object through a permission check
|
2020-09-07 14:57:30 +02:00 |
Yohann D'ANELLO
|
78586b9343
|
Don't trigger signals when we add an object through a permission check
|
2020-09-07 14:52:37 +02:00 |
Alexandre Iooss
|
89b2ff52e3
|
Fix I'm the emitter button
|
2020-09-06 21:38:55 +02:00 |
Yohann D'ANELLO
|
d5f324c2d5
|
Test the render of the rights page (more coverage, yeah)
|
2020-09-06 15:32:18 +02:00 |
Yohann D'ANELLO
|
8aac738c4a
|
Treasurers can see any profile and change the note picture of their clubs
|
2020-09-06 12:55:27 +02:00 |
Yohann D'ANELLO
|
96954b1afd
|
Club managers can change the picture of the club note
|
2020-09-05 14:32:47 +02:00 |
Yohann D'ANELLO
|
751a4291ab
|
We are in production, then we commit migrations
|
2020-09-05 10:05:17 +02:00 |
Yohann D'ANELLO
|
5c7fe716ad
|
Fix JSON
|
2020-09-04 16:43:57 +02:00 |
Yohann D'ANELLO
|
9b4923fc04
|
Fix some permissions, grant temporary all treasurers to make transactions from anyone to anyone while a better system is not implemented
|
2020-09-04 16:37:17 +02:00 |
Yohann D'ANELLO
|
c93c81861d
|
Users can change their password, fix #59
|
2020-09-04 16:28:50 +02:00 |
Yohann D'ANELLO
|
d76aa3fec9
|
Some table accessors weren't updated
|
2020-09-01 19:04:35 +02:00 |
Yohann D'ANELLO
|
361ea8cad3
|
Update Django Tables 2, change accessor from dot to __
|
2020-09-01 17:58:58 +02:00 |
erdnaxe
|
08defd84e6
|
Merge branch 'debian_deps' into 'beta'
Debian deps
See merge request bde/nk20!103
|
2020-09-01 16:09:00 +02:00 |
Yohann D'ANELLO
|
7c9287e387
|
Test and cover note app
|
2020-09-01 15:54:56 +02:00 |
Alexandre Iooss
|
5feb23ad51
|
Use Debian font awesome
|
2020-09-01 14:33:38 +02:00 |
Alexandre Iooss
|
dd9ca315fa
|
Clean up templates header
|
2020-09-01 10:20:16 +02:00 |
Alexandre Iooss
|
d9e003a8f4
|
Remove contenttitle
|
2020-09-01 10:13:05 +02:00 |
Yohann D'ANELLO
|
ee26850e34
|
Add a line to describe superusers, remove useless roles in rights table
|
2020-08-31 21:49:02 +02:00 |
Yohann D'ANELLO
|
a9da4a38e1
|
Order superusers by last name
|
2020-08-31 21:15:09 +02:00 |
Yohann D'ANELLO
|
b8c1cfba40
|
Display superusers in rights list
|
2020-08-31 21:11:00 +02:00 |
Yohann D'ANELLO
|
5e65e2d74a
|
✨ Add "Lock note" feature
|
2020-08-31 20:15:48 +02:00 |
Yohann D'ANELLO
|
56c41258b9
|
Highlight non-validated activities
|
2020-08-30 23:54:54 +02:00 |
Yohann D'ANELLO
|
7d539d44e5
|
Display form error when a permission is missing rather than display a 403 page
|
2020-08-30 16:23:55 +02:00 |
Yohann D'ANELLO
|
374e6ed7f8
|
💚 Fix CI
|
2020-08-30 11:59:10 +02:00 |
Alexandre Iooss
|
891955cedf
|
Cards for all rights template
|
2020-08-22 10:01:22 +02:00 |
Rida Lali
|
2672721235
|
Add blocks with collapse animation instead of display all
|
2020-08-21 08:18:00 +02:00 |
Yohann D'ANELLO
|
b8c3dda95b
|
Replace timezone.now().date() by date.today()
|
2020-08-16 00:35:13 +02:00 |
Yohann D'ANELLO
|
da23df05cb
|
Kfet members can edit their own WEI registration
|
2020-08-16 00:15:33 +02:00 |
Yohann D'ANELLO
|
4997a37058
|
Ensure that the user is authenticated before that it has the permission to see page
|
2020-08-15 23:27:58 +02:00 |
Yohann D'ANELLO
|
5abbb84254
|
Permissions for activities must be more specific to prevent that anyone can validate its own activity
|
2020-08-15 22:24:48 +02:00 |
Yohann D'ANELLO
|
a43abee00b
|
Don't log database changes when we check a permission
|
2020-08-14 19:00:57 +02:00 |
Yohann D'ANELLO
|
bb2704323a
|
Spam click on invalidity button is no longer possible
|
2020-08-13 17:04:10 +02:00 |
Yohann D'ANELLO
|
c466715e8a
|
Raise permission denied on CreateView if you don't have the permission to create a sample instance, see #53
|
2020-08-13 15:20:15 +02:00 |
Yohann D'ANELLO
|
b7a88a387c
|
More tests in WEI app, but we can still go further
|
2020-08-11 01:03:29 +02:00 |
Yohann D'ANELLO
|
c612e159cf
|
See user information does not imply see the note balance
|
2020-08-10 16:32:45 +02:00 |
Yohann D'ANELLO
|
1b84c8c603
|
🐛 The balance must be greater than the *total* amount of a transaction, not the unit price
|
2020-08-10 16:05:50 +02:00 |
Alexandre Iooss
|
7b40ee1ca4
|
Reorder templates
|
2020-08-09 19:06:57 +02:00 |
Yohann D'ANELLO
|
29f84ea007
|
Remove test code
|
2020-08-09 15:42:07 +02:00 |
Yohann D'ANELLO
|
679ac3a652
|
Lock invoices, delete them
|
2020-08-07 11:04:54 +02:00 |
Yohann D'ANELLO
|
0de69cbfaf
|
💚 Fix linters
|
2020-08-06 12:50:24 +02:00 |
Yohann D'ANELLO
|
24ac3ce45f
|
Display users that have surnormal roles
|
2020-08-05 21:07:31 +02:00 |
Yohann D'ANELLO
|
c205219d47
|
🐛 Fix transaction update concurency
|
2020-08-05 19:42:44 +02:00 |
Yohann D'ANELLO
|
6c9cf73848
|
Update permissions to see our own note
|
2020-08-05 12:22:35 +02:00 |
Yohann D'ANELLO
|
5ea8d8f870
|
🎨 Update activity interface
|
2020-08-03 16:11:05 +02:00 |
Yohann D'ANELLO
|
0e8174aacd
|
🐛 Fix objects with pk 0
|
2020-08-03 10:50:55 +02:00 |
Yohann D'ANELLO
|
58fe8914cf
|
🐛 Fix infinite loop in permission check
|
2020-08-02 22:39:30 +02:00 |
Yohann D'ANELLO
|
f870af139e
|
Typos
|
2020-08-02 09:51:39 +02:00 |
Yohann D'ANELLO
|
7742358b8f
|
Secretaries can view and add memberships
|
2020-08-02 09:49:45 +02:00 |
Yohann D'ANELLO
|
8de7ba14bd
|
Add permission for secretaries
|
2020-08-02 09:35:32 +02:00 |
Yohann D'ANELLO
|
8497dbb25c
|
Club members can see the club
|
2020-08-02 09:30:18 +02:00 |
Yohann D'ANELLO
|
2f018f8c9d
|
Always query distinct objects
|
2020-08-02 08:57:16 +02:00 |
Yohann D'ANELLO
|
b706efe463
|
2A+ can change their selected bus or team if the registration is not validated
|
2020-08-01 23:27:07 +02:00 |
Yohann D'ANELLO
|
8434841ec5
|
Fix one permission
|
2020-08-01 22:28:28 +02:00 |
Yohann D'ANELLO
|
b6453ce03d
|
💄 Improve Django Admin
|
2020-08-01 15:13:29 +02:00 |
Yohann D'ANELLO
|
d7b834d908
|
Translate rights
|
2020-07-31 22:29:23 +02:00 |
Yohann D'ANELLO
|
dca655949e
|
Improve transfer UI
|
2020-07-31 21:24:23 +02:00 |
Yohann D'ANELLO
|
72dcc93136
|
Club managers can register new members to a club, even if they don't have the right to create a transaction
|
2020-07-31 09:49:43 +02:00 |
Yohann D'ANELLO
|
ae629b55ad
|
Add HTML titles
|
2020-07-30 17:30:21 +02:00 |
Yohann D'ANELLO
|
aa66361ac7
|
Update permissions to create clubs.
For now, only superusers can edit the roles of a user.
|
2020-07-30 16:36:44 +02:00 |
Yohann D'ANELLO
|
e9cbc8e623
|
Fix linters
|
2020-07-30 15:53:23 +02:00 |
Yohann D'ANELLO
|
9361f3f2f0
|
Aliases should load really faster
|
2020-07-30 15:07:30 +02:00 |
Yohann D'ANELLO
|
e63219f7ad
|
Force delete some objects
|
2020-07-30 14:58:18 +02:00 |
Yohann D'ANELLO
|
0c0aed0234
|
🐛 Force delete didn't work as well when trying to check add permissions
|
2020-07-30 13:10:03 +02:00 |
Yohann D'ANELLO
|
fb775de923
|
Add backdoor to login as other users (in debug mode only)
|
2020-07-30 12:50:48 +02:00 |
Yohann D'ANELLO
|
cbd36f110a
|
Another uplicated permission
|
2020-07-29 19:13:29 +02:00 |
Yohann D'ANELLO
|
c9e68ca66b
|
Duplicated permission
|
2020-07-29 19:12:16 +02:00 |
Yohann D'ANELLO
|
5a91cac08d
|
Add permissions to see clubs and users
|
2020-07-29 18:37:42 +02:00 |
Yohann D'ANELLO
|
4549255198
|
Treasurers can update invalidity reason
|
2020-07-29 17:42:06 +02:00 |
Yohann D'ANELLO
|
750bdcb2c5
|
Treasurers can of course click on buttons. Fix PATCH requests on the API
|
2020-07-29 12:25:53 +02:00 |
Yohann D'ANELLO
|
b8a88eeda4
|
Only staff with good permission mask can visit Django Admin
|
2020-07-29 11:38:59 +02:00 |
Yohann D'ANELLO
|
3a4145e4d9
|
Woops, roles didn't have the permissions
|
2020-07-28 20:56:22 +02:00 |
Yohann D'ANELLO
|
54ce157019
|
Store clothing cut and size in WEI registration
|
2020-07-28 20:49:32 +02:00 |
Yohann D'ANELLO
|
7c6bab88f4
|
Update permissions to see buses
|
2020-07-28 20:22:10 +02:00 |
Yohann D'ANELLO
|
0bfc3b9454
|
Not-yet-registered WEI members can see their registrations
|
2020-07-28 18:09:43 +02:00 |
Yohann D'ANELLO
|
84e8b02594
|
🐛 Calculating permissions faster
|
2020-07-28 15:25:08 +02:00 |
Yohann D'ANELLO
|
4c29d855d2
|
Fix RolePermissions merge
|
2020-07-25 20:07:45 +02:00 |
Yohann D'ANELLO
|
55bc288deb
|
Some roles can only be given in some clubs
|
2020-07-25 19:59:04 +02:00 |
Yohann D'ANELLO
|
fb5e2578af
|
Merge Role and RolePermissions
|
2020-07-25 19:40:30 +02:00 |
Yohann D'ANELLO
|
2eb601bd66
|
💥 Improve performances
|
2020-07-25 17:25:57 +02:00 |
Yohann D'ANELLO
|
71f6daf0e8
|
Add permission for treasurers to update the validation status of a transaction
|
2020-07-13 12:10:01 +02:00 |
Yohann D'ANELLO
|
2c7995a79e
|
A transaction can only be created between active notes
|
2020-06-21 22:47:05 +02:00 |
Yohann D'ANELLO
|
302f9e752c
|
Create a test to check that permission queries are well formed
|
2020-05-30 15:46:09 +02:00 |
Yohann D'ANELLO
|
a9ccf46010
|
Linters
|
2020-05-29 21:43:24 +02:00 |
Yohann D'ANELLO
|
f567b1a343
|
Activity list is displayed in the right order
|
2020-05-29 21:37:44 +02:00 |
Yohann D'ANELLO
|
155b2df330
|
Fix some permissions, users can log in
|
2020-05-29 21:26:05 +02:00 |
Yohann D'ANELLO
|
716232e27f
|
With distinct permissions, we don't need to check ~ 100 000 permissions to check if someone can log in
|
2020-05-29 21:11:51 +02:00 |
Yohann D'ANELLO
|
4108babdb4
|
Permissions can be permanent
|
2020-05-07 21:14:36 +02:00 |
ynerant
|
395c52220f
|
Merge branch 'master' into 'tranfer_front'
# Conflicts:
# apps/activity/views.py
# apps/permission/backends.py
# locale/de/LC_MESSAGES/django.po
# locale/fr/LC_MESSAGES/django.po
# static/js/base.js
# templates/base.html
# templates/member/user_list.html
|
2020-05-07 18:48:35 +02:00 |
Yohann D'ANELLO
|
a83ab4bf85
|
Add a public rights page to view which permissions are granted to which role, update Font Awesome to 5.13
|
2020-04-26 01:20:46 +02:00 |
Yohann D'ANELLO
|
957344922b
|
Custom error pages
|
2020-04-25 19:29:18 +02:00 |
Yohann D'ANELLO
|
cdff0d3893
|
We can view and update our WEI registration while we are not fully registered to the WEI.
|
2020-04-24 14:30:18 +02:00 |
Yohann D'ANELLO
|
16079e3cc5
|
Fix broken WEI permissions
|
2020-04-24 14:03:25 +02:00 |
Yohann D'ANELLO
|
b81f186866
|
Add PDF member lists
|
2020-04-23 18:28:16 +02:00 |
Yohann D'ANELLO
|
a85a5bf8fe
|
Add initial WEI permissions
|
2020-04-22 13:28:52 +02:00 |
Yohann D'ANELLO
|
0c9409fd4b
|
Improve WEI UI
|
2020-04-18 03:27:12 +02:00 |
Yohann D'ANELLO
|
751147f254
|
Don't display a note that we can't see, fix CI, fix distinct fields on PostgresSQL DB
|
2020-04-10 00:02:22 +02:00 |
Pierre-antoine Comby
|
68808ddece
|
Merge branch 'master' into 'fix_distinct'
# Conflicts:
# apps/activity/views.py
|
2020-04-09 22:30:19 +02:00 |
Pierre-antoine Comby
|
9fbfac7bdb
|
distinct on field not supported by sqlite
|
2020-04-06 11:44:02 +02:00 |
Yohann D'ANELLO
|
6fedbe2a2a
|
Some model translations were missing
|
2020-04-06 10:58:16 +02:00 |
Yohann D'ANELLO
|
bd41560f45
|
Update permission fixtures
|
2020-04-06 10:45:32 +02:00 |
Yohann D'ANELLO
|
0cdc8ae004
|
RolePermissions were missing in the API
|
2020-04-02 16:06:58 +02:00 |
Yohann D'ANELLO
|
be42801709
|
The memoization doesn't work when objects don't have a primary key.
|
2020-04-02 14:50:28 +02:00 |
Yohann D'ANELLO
|
8ad464ae0c
|
Fix CI
|
2020-04-02 00:42:00 +02:00 |
Yohann D'ANELLO
|
5c9c0bbc2a
|
Optimize permissions, use memoization
|
2020-04-02 00:30:22 +02:00 |
Yohann D'ANELLO
|
3f5faa0b05
|
Add tab for user list
|
2020-04-01 20:56:24 +02:00 |
Yohann D'ANELLO
|
0df0f3f66b
|
Membership fees for paid and unpaid students, closes #43
|
2020-04-01 04:07:55 +02:00 |
Yohann D'ANELLO
|
d5b010980b
|
Full membership support
|
2020-04-01 03:42:19 +02:00 |
Yohann D'ANELLO
|
bf9789bd9e
|
Restructurate memberships, closes #16
|
2020-03-31 23:54:14 +02:00 |
Yohann D'ANELLO
|
e98693b214
|
Memberships are optional for clubs
|
2020-03-31 16:22:11 +02:00 |
Yohann D'ANELLO
|
dd3b7bd7e5
|
Remove note activities
|
2020-03-31 14:57:44 +02:00 |
Yohann D'ANELLO
|
1aae18e6a6
|
Improved permissions, 404 and 403 errors will be more frequent (when we type an invalid URL)
|
2020-03-31 04:16:30 +02:00 |
Yohann D'ANELLO
|
691a03ecad
|
Add some initial permissions for activities
|
2020-03-28 19:05:21 +01:00 |
Yohann D'ANELLO
|
8c1d902c30
|
Open and validate activities
|
2020-03-27 22:48:20 +01:00 |
Yohann D'ANELLO
|
d6e202a26f
|
Display guests list
|
2020-03-27 21:18:27 +01:00 |
ynerant
|
bef4958759
|
Merge branch 'master' into 'devalidation_reason'
# Conflicts:
# locale/de/LC_MESSAGES/django.po
# locale/fr/LC_MESSAGES/django.po
|
2020-03-27 13:52:48 +01:00 |
Yohann D'ANELLO
|
5cf75ebf9e
|
When a transaction can't becreated because the user don't have the permission to take too much money, then we create an invalid transaction
|
2020-03-25 15:27:38 +01:00 |
Yohann D'ANELLO
|
9a7f1bba21
|
Fix CI (no idea of why this error happened)
|
2020-03-25 00:39:40 +01:00 |
ynerant
|
57a01c48a8
|
Merge branch 'master' into 'tresorerie'
# Conflicts:
# apps/note/fixtures/initial.json
# templates/base.html
|
2020-03-25 00:30:14 +01:00 |
Pierre-antoine Comby
|
41568916b8
|
error fixes
|
2020-03-24 22:28:03 +01:00 |
Pierre-antoine Comby
|
8ab142c122
|
no need to be static after all
|
2020-03-24 20:25:08 +01:00 |
Pierre-antoine Comby
|
d4b8d35206
|
check permission with PermissionBackend.
taking connection permission mask into account.
|
2020-03-24 20:19:24 +01:00 |
Yohann D'ANELLO
|
b9fac82d89
|
Fixtures are more natural
|
2020-03-22 22:09:41 +01:00 |
Yohann D'ANELLO
|
f6027e9edd
|
Fix CI
|
2020-03-22 14:57:51 +01:00 |
Yohann D'ANELLO
|
1e5065b80b
|
Fixtures are more natural
|
2020-03-22 14:54:05 +01:00 |
Yohann D'ANELLO
|
70cf186233
|
Fix fixtures, another time...
|
2020-03-22 14:12:45 +01:00 |
Yohann D'ANELLO
|
e2d2d2cc99
|
Anonymous users have no right
|
2020-03-20 18:23:20 +01:00 |
Yohann D'ANELLO
|
93bd8489df
|
Amounts are in cents...
|
2020-03-20 18:02:12 +01:00 |
Yohann D'ANELLO
|
24ea4c0a52
|
Comment code
|
2020-03-20 15:58:14 +01:00 |
Yohann D'ANELLO
|
091c427707
|
Restructurate code
|
2020-03-20 14:43:35 +01:00 |
Yohann D'ANELLO
|
6fc43e651e
|
More optimisation
|
2020-03-20 01:46:59 +01:00 |
Yohann D'ANELLO
|
f80cb635d3
|
Optimize permissions, full support add perms, more fixtures
|
2020-03-20 00:06:28 +01:00 |
Yohann D'ANELLO
|
c653e0986e
|
Remove UserPermission model
|
2020-03-19 20:39:19 +01:00 |
Yohann D'ANELLO
|
74c0fcca83
|
Notes are read-only in the API, but can be modified with scripts (ie. transactions)
|
2020-03-19 19:29:52 +01:00 |
Yohann D'ANELLO
|
7794210cc8
|
Being superuser is not enough (must have the correct mask), add some initial fixtures
|
2020-03-19 18:53:06 +01:00 |
Yohann D'ANELLO
|
022997f923
|
Add unique tags on permission masks
|
2020-03-19 16:27:25 +01:00 |
Yohann D'ANELLO
|
95315cdbe2
|
Implements permission masks
|
2020-03-19 16:12:52 +01:00 |
Yohann D'ANELLO
|
d083894e9b
|
Fix note display for users that don't have enough rights
|
2020-03-19 14:25:43 +01:00 |
Yohann D'ANELLO
|
730d37c620
|
Protect views from viewing if the user has no right to view an object
|
2020-03-19 02:26:06 +01:00 |
Yohann D'ANELLO
|
e461d70b14
|
Improve add permissions
|
2020-03-18 15:49:52 +01:00 |
Yohann D'ANELLO
|
057f42fdb6
|
Handle permissions (and it seems working!)
|
2020-03-18 14:42:35 +01:00 |