ynerant/nk20
1
0
Fork 0
mirror of https://gitlab.crans.org/bde/nk20 synced 2025-06-14 22:07:31 +02:00
Code Issues Releases Wiki Activity

Compare commits

base: ynerant:02453e07ba9c02e9e97e33e3ce60730d74c39819
Branches Tags
ynerant:main
ynerant:oidc
ynerant:food_traceability
ynerant:wei
ynerant:darbonne
ynerant:potvieux
ynerant:ehouarn-main-patch-70724
ynerant:food_bugs
ynerant:delete_activity
ynerant:update_invoice_template
ynerant:time-display
ynerant:guests_schools
ynerant:export_members_ml
ynerant:notekfet_wrapped
ynerant:Add_some_permissions
ynerant:permissions_fo_parent_clubs
ynerant:respo_comm_permissionsV2
ynerant:fix_activity_view
ynerant:Automation_mailing_lists
ynerant:New_permission
ynerant:finito_sda
ynerant:beta
ynerant:non-BDE-members-permission-fix
ynerant:survey_wei_2024
ynerant:migration-django-4-2
ynerant:summary_notes
ynerant:traduction_inclusive_fr
ynerant:migration-django-5-0
ynerant:qrcode
ynerant:VSS
ynerant:update_permission
ynerant:fix_pipeline
ynerant:permission_var
ynerant:inclusive
ynerant:nix-shell
ynerant:sheets
ynerant:svg_icons
ynerant:faster_ci
ynerant:v1.0.3
ynerant:v1.0.2
ynerant:v1.0.1
ynerant:v1.0.0
..
compare: ynerant:16cfaa809a867b3e06d652747347cf9bd08bf3bb
Branches Tags
ynerant:main
ynerant:oidc
ynerant:food_traceability
ynerant:wei
ynerant:darbonne
ynerant:potvieux
ynerant:ehouarn-main-patch-70724
ynerant:food_bugs
ynerant:delete_activity
ynerant:update_invoice_template
ynerant:time-display
ynerant:guests_schools
ynerant:export_members_ml
ynerant:notekfet_wrapped
ynerant:Add_some_permissions
ynerant:permissions_fo_parent_clubs
ynerant:respo_comm_permissionsV2
ynerant:fix_activity_view
ynerant:Automation_mailing_lists
ynerant:New_permission
ynerant:finito_sda
ynerant:beta
ynerant:non-BDE-members-permission-fix
ynerant:survey_wei_2024
ynerant:migration-django-4-2
ynerant:summary_notes
ynerant:traduction_inclusive_fr
ynerant:migration-django-5-0
ynerant:qrcode
ynerant:VSS
ynerant:update_permission
ynerant:fix_pipeline
ynerant:permission_var
ynerant:inclusive
ynerant:nix-shell
ynerant:sheets
ynerant:svg_icons
ynerant:faster_ci
ynerant:v1.0.3
ynerant:v1.0.2
ynerant:v1.0.1
ynerant:v1.0.0

No commits in common. "02453e07ba9c02e9e97e33e3ce60730d74c39819" and "16cfaa809a867b3e06d652747347cf9bd08bf3bb" have entirely different histories.
02453e07ba ... 16cfaa809a

4 changed files with 35 additions and 51 deletions
Show Stats Expand all files Collapse all files

5
apps/permission/tests/test_permission_denied.py
View File

@ -10,7 +10,7 @@ from django.utils import timezone
from django.utils.crypto import get_random_string
from activity.models import Activity
from member.models import Club, Membership
from note.models import NoteUser, NoteClub
from note.models import NoteUser
from wei.models import WEIClub, Bus, WEIRegistration
@ -122,13 +122,10 @@ class TestPermissionDenied(TestCase):
def test_validate_weiregistration(self):
wei = WEIClub.objects.create(
name="WEI Test",
membership_start=date.today(),
date_start=date.today() + timedelta(days=1),
date_end=date.today() + timedelta(days=1),
parent_club=Club.objects.get(name="Kfet"),
)
NoteClub.objects.create(club=wei)
registration = WEIRegistration.objects.create(wei=wei, user=self.user, birth_date="2000-01-01")
response = self.client.get(reverse("wei:validate_registration", kwargs=dict(pk=registration.pk)))
self.assertEqual(response.status_code, 403)

18
apps/wei/forms/registration.py
View File

@ -39,11 +39,9 @@ class WEIRegistrationForm(forms.ModelForm):
class Meta:
model = WEIRegistration
fields = [
'user', 'soge_credit', 'birth_date', 'gender', 'clothing_size',
'health_issues', 'emergency_contact_name', 'emergency_contact_phone',
'first_year', 'information_json', 'caution_check'
]
fields = ['user', 'soge_credit', 'birth_date', 'gender', 'clothing_size',
'health_issues', 'emergency_contact_name', 'emergency_contact_phone', 'first_year',
'information_json']
widgets = {
"user": Autocomplete(
User,
@ -53,14 +51,8 @@ class WEIRegistrationForm(forms.ModelForm):
'placeholder': 'Nom ...',
},
),
"birth_date": DatePickerInput(options={
'minDate': '1900-01-01',
'maxDate': '2100-01-01'
}),
"caution_check": forms.BooleanField(
label=_("I confirm that I have read the caution and that I am aware of the risks involved."),
required=False,
),
"birth_date": DatePickerInput(options={'minDate': '1900-01-01',
'maxDate': '2100-01-01'}),
}

7
apps/wei/tests/test_wei_registration.py
View File

@ -510,7 +510,7 @@ class TestWEIRegistration(TestCase):
)
qs = WEIRegistration.objects.filter(user_id=self.user.id, soge_credit=False, clothing_size="M")
self.assertTrue(qs.exists())
self.assertRedirects(response, reverse("wei:wei_detail", kwargs=dict(pk=qs.get().wei.pk)), 302, 200)
self.assertRedirects(response, reverse("wei:validate_registration", kwargs=dict(pk=qs.get().pk)), 302, 200)
# Check the page when the registration is already validated
membership = WEIMembership(
@ -564,7 +564,7 @@ class TestWEIRegistration(TestCase):
)
qs = WEIRegistration.objects.filter(user_id=self.user.id, clothing_size="L")
self.assertTrue(qs.exists())
self.assertRedirects(response, reverse("wei:wei_detail", kwargs=dict(pk=qs.get().wei.pk)), 302, 200)
self.assertRedirects(response, reverse("wei:validate_registration", kwargs=dict(pk=qs.get().pk)), 302, 200)
# Test invalid form
response = self.client.post(
@ -632,7 +632,6 @@ class TestWEIRegistration(TestCase):
last_name="admin",
first_name="admin",
bank="Société générale",
caution_check=True,
))
self.assertEqual(response.status_code, 200)
self.assertFalse(response.context["form"].is_valid())
@ -647,10 +646,8 @@ class TestWEIRegistration(TestCase):
last_name="admin",
first_name="admin",
bank="Société générale",
caution_check=True,
))
self.assertRedirects(response, reverse("wei:wei_registrations", kwargs=dict(pk=self.registration.wei.pk)), 302, 200)
# Check if the membership is successfully created
membership = WEIMembership.objects.filter(user_id=self.user.id, club=self.wei)
self.assertTrue(membership.exists())

56
apps/wei/views.py
View File

@ -4,7 +4,7 @@
import os
import shutil
import subprocess
from datetime import date
from datetime import date, timedelta
from tempfile import mkdtemp
from django.conf import settings
@ -21,7 +21,7 @@ from django.shortcuts import redirect
from django.template.loader import render_to_string
from django.urls import reverse_lazy
from django.views import View
from django.views.generic import DetailView, UpdateView, RedirectView, TemplateView
from django.views.generic import DetailView, UpdateView, RedirectView, TemplateView, CreateView
from django.utils.translation import gettext_lazy as _
from django.views.generic.edit import BaseFormView, DeleteView
from django_tables2 import SingleTableView, MultiTableMixin
@ -39,6 +39,7 @@ from .forms import WEIForm, WEIRegistrationForm, BusForm, BusTeamForm, WEIMember
WEIMembershipForm, CurrentSurvey
from .tables import BusRepartitionTable, BusTable, BusTeamTable, WEITable, WEIRegistrationTable, \
WEIRegistration1ATable, WEIMembershipTable
from .forms.surveys import CurrentSurvey
class CurrentWEIDetailView(LoginRequiredMixin, RedirectView):
@ -442,10 +443,13 @@ class BusTeamCreateView(ProtectQuerysetMixin, ProtectedCreateView):
def get_success_url(self):
self.object.refresh_from_db()
return reverse_lazy("wei:manage_bus_team", kwargs={"pk": self.object.pk})
def get_template_names(self):
names = super().get_template_names()
return names
class BusTeamUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
@ -478,10 +482,13 @@ class BusTeamUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
def get_success_url(self):
self.object.refresh_from_db()
return reverse_lazy("wei:manage_bus_team", kwargs={"pk": self.object.pk})
def get_template_names(self):
names = super().get_template_names()
return names
class BusTeamManageView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
@ -556,7 +563,7 @@ class WEIRegister1AView(ProtectQuerysetMixin, ProtectedCreateView):
def get_form(self, form_class=None):
form = super().get_form(form_class)
form.fields["user"].initial = self.request.user
# Cacher les champs pendant l'inscription initiale
if "first_year" in form.fields:
del form.fields["first_year"]
@ -564,7 +571,7 @@ class WEIRegister1AView(ProtectQuerysetMixin, ProtectedCreateView):
del form.fields["caution_check"]
if "information_json" in form.fields:
del form.fields["information_json"]
return form
@transaction.atomic
@ -790,22 +797,22 @@ class WEIUpdateRegistrationView(ProtectQuerysetMixin, LoginRequiredMixin, Update
membership = form.instance.membership
if membership is None:
raise ValueError(_("No membership found for this registration"))
membership_form = self.get_membership_form(self.request.POST, instance=membership)
if not membership_form.is_valid():
return self.form_invalid(form)
# Vérifier que l'utilisateur a la permission de modifier le membership
# On vérifie d'abord si l'utilisateur a la permission générale de modification
if not self.request.user.has_perm("wei.change_weimembership"):
raise PermissionDenied(_("You don't have the permission to update memberships"))
# On vérifie ensuite les permissions spécifiques pour chaque champ modifié
for field_name in membership_form.changed_data:
perm = f"wei.change_weimembership_{field_name}"
if not self.request.user.has_perm(perm):
raise PermissionDenied(_("You don't have the permission to update the field %(field)s") % {'field': field_name})
membership_form.save()
except (WEIMembership.DoesNotExist, ValueError, PermissionDenied) as e:
form.add_error(None, str(e))
@ -869,29 +876,20 @@ class WEIDeleteRegistrationView(ProtectQuerysetMixin, LoginRequiredMixin, Delete
return reverse_lazy('wei:wei_detail', args=(self.object.wei.pk,))
class WEIValidateRegistrationView(ProtectQuerysetMixin, ProtectedCreateView):
class WEIValidateRegistrationView(LoginRequiredMixin, CreateView):
"""
Validate WEI Registration
"""
model = WEIMembership
extra_context = {"title": _("Validate WEI registration")}
def get_sample_object(self):
"""
Return a sample object for permission checking
"""
registration = WEIRegistration.objects.get(pk=self.kwargs["pk"])
return WEIMembership(
user=registration.user,
club=registration.wei,
date_start=registration.wei.date_start,
# Add any fields needed for proper permission checking
registration=registration,
)
def dispatch(self, request, *args, **kwargs):
# Vérifier d'abord si l'utilisateur a la permission générale
if not request.user.has_perm("wei.add_weimembership"):
raise PermissionDenied(_("You don't have the permission to validate registrations"))
registration = WEIRegistration.objects.get(pk=self.kwargs["pk"])
wei = registration.wei
today = date.today()
# We can't validate anyone once the WEI is started and before the membership start date
@ -1340,7 +1338,7 @@ class WEIAttributeBus1ANextView(LoginRequiredMixin, RedirectView):
if not wei.exists():
raise Http404
wei = wei.get()
# On cherche d'abord les 1A qui ont une inscription validée (membership) mais pas de bus
qs = WEIRegistration.objects.filter(
wei=wei,
@ -1348,14 +1346,14 @@ class WEIAttributeBus1ANextView(LoginRequiredMixin, RedirectView):
membership__isnull=False,
membership__bus__isnull=True
)
# Parmi eux, on prend ceux qui ont répondu au questionnaire (ont un bus préféré)
qs = qs.filter(information_json__contains='selected_bus_pk')
if not qs.exists():
# Si on ne trouve personne, on affiche un message et on retourne à la liste
messages.info(self.request, _("No first year student without a bus found. Either all of them have a bus, or none has filled the survey yet."))
return reverse_lazy('wei:wei_1A_list', args=(wei.pk,))
# On redirige vers la page d'attribution pour le premier étudiant trouvé
return reverse_lazy('wei:wei_bus_1A', args=(qs.first().pk,))