Add another permission for model guest in activity

fix issue with activity entry view

See merge request bde/nk20!282

.gitignore

@@ -48,6 +48,7 @@ backups/
 env/
 venv/
 db.sqlite3
+shell.nix
 
 # ansibles customs host
 ansible/host_vars/*.yaml

.gitlab-ci.yml

@@ -7,21 +7,6 @@ stages:
 variables:
   GIT_SUBMODULE_STRATEGY: recursive
 
-# Debian Bullseye
-py39-django42:
-  stage: test
-  image: debian:bullseye
-  before_script:
-    - >
-        apt-get update &&
-        apt-get install --no-install-recommends -y
-        python3-django python3-django-crispy-forms
-        python3-django-extensions python3-django-filters python3-django-polymorphic
-        python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil
-        python3-babel python3-lockfile python3-pip python3-phonenumbers python3-memcache
-        python3-bs4 python3-setuptools tox texlive-xetex
-  script: tox -e py39-django42
-
 # Ubuntu 22.04
 py310-django42:
   stage: test
@@ -54,8 +39,6 @@ py311-django42:
         python3-bs4 python3-setuptools tox texlive-xetex
   script: tox -e py311-django42
 
-
-
 linters:
   stage: quality-assurance
   image: debian:bookworm

apps/activity/views.py

@@ -265,12 +265,11 @@ class ActivityEntryView(LoginRequiredMixin, SingleTableMixin, TemplateView):
         # Keep only users that have a note
         note_qs = note_qs.filter(note__noteuser__isnull=False)
 
-        # Keep only members
+        # Keep only valid members
         note_qs = note_qs.filter(
             note__noteuser__user__memberships__club=activity.attendees_club,
             note__noteuser__user__memberships__date_start__lte=timezone.now(),
-            note__noteuser__user__memberships__date_end__gte=timezone.now(),
-        )
+            note__noteuser__user__memberships__date_end__gte=timezone.now()).exclude(note__inactivity_reason='forced')
 
         # Filter with permission backend
         note_qs = note_qs.filter(PermissionBackend.filter_queryset(self.request, Alias, "view"))
@@ -330,7 +329,7 @@ class ActivityEntryView(LoginRequiredMixin, SingleTableMixin, TemplateView):
         context["noteuser_ctype"] = ContentType.objects.get_for_model(NoteUser).pk
         context["notespecial_ctype"] = ContentType.objects.get_for_model(NoteSpecial).pk
 
-        activities_open = Activity.objects.filter(open=True).filter(
+        activities_open = Activity.objects.filter(open=True, activity_type__manage_entries=True).filter(
             PermissionBackend.filter_queryset(self.request, Activity, "view")).distinct().all()
         context["activities_open"] = [a for a in activities_open
                                       if PermissionBackend.check_perm(self.request,

apps/member/forms.py

@@ -44,6 +44,7 @@ class ProfileForm(forms.ModelForm):
     """
     A form for the extras field provided by the :model:`member.Profile` model.
     """
+    # Remove widget=forms.HiddenInput() if you want to use report frequency.
     report_frequency = forms.IntegerField(required=False, initial=0, label=_("Report frequency"))
 
     last_report = forms.DateTimeField(required=False, disabled=True, label=_("Last report date"))
@@ -76,7 +77,8 @@ class ProfileForm(forms.ModelForm):
     class Meta:
         model = Profile
         fields = '__all__'
-        exclude = ('user', 'email_confirmed', 'registration_valid', )
+        # Remove ml_[asso]_registration from exclude if the concerned association uses nk20 to manage its mailing list.
+        exclude = ('user', 'email_confirmed', 'registration_valid', 'ml_sport_registration', )
 
 
 class ImageForm(forms.Form):

apps/member/views.py

@@ -26,6 +26,7 @@ from note_kfet.middlewares import _set_current_request
 from permission.backends import PermissionBackend
 from permission.models import Role
 from permission.views import ProtectQuerysetMixin, ProtectedCreateView
+from django import forms
 
 from .forms import UserForm, ProfileForm, ImageForm, ClubForm, MembershipForm, \
     CustomAuthenticationForm, MembershipRolesForm
@@ -72,11 +73,24 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
         form.fields['email'].required = True
         form.fields['email'].help_text = _("This address must be valid.")
 
-        if PermissionBackend.check_perm(self.request, "member.change_profile", context['user_object'].profile):
-            context['profile_form'] = self.profile_form(instance=context['user_object'].profile,
+        profile_form = self.profile_form(instance=context['user_object'].profile,
                                          data=self.request.POST if self.request.POST else None)
+
         if not self.object.profile.report_frequency:
-                del context['profile_form'].fields["last_report"]
+            del profile_form.fields["last_report"]
+
+        fields_to_check = list(profile_form.fields.keys())
+        fields_modifiable = False
+
+        # Delete the fields for which the user does not have the permission to modify
+        for field_name in fields_to_check:
+            if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", context['user_object'].profile):
+                profile_form.fields[field_name].widget = forms.HiddenInput()
+            else:
+                fields_modifiable = True
+
+        if fields_modifiable:
+            context['profile_form'] = profile_form
 
         return context
 

apps/permission/admin.py

@@ -31,3 +31,4 @@ class RoleAdmin(admin.ModelAdmin):
     Admin customisation for Role
     """
     list_display = ('name', )
+    filter_horizontal = ('permissions',)

apps/permission/fixtures/initial.json

@@ -127,7 +127,7 @@
                 "auth",
                 "user"
             ],
-			"query": "{\"pk\": [\"user\", \"pk\"]}",
+            "query": "[\"AND\", {\"pk\": [\"user\", \"pk\"]}, {\"memberships__club__parent_club__isnull\": true}]",
             "type": "change",
             "mask": 1,
             "field": "last_login",
@@ -3752,6 +3752,150 @@
             "description": "Modifier bouffe"
         }
     },
+    {
+        "model": "permission.permission",
+        "pk": 239,
+        "fields": {
+            "model": [
+                "note",
+                "alias"
+            ],
+            "query": "[\"AND\", {\"note__noteuser__user__memberships__club\": [\"club\"], \"note__noteuser__user__memberships__date_start__lte\": [\"today\"], \"note__noteuser__user__memberships__date_end__gte\": [\"today\"]}, {\"note__is_active\": true}]",
+            "type": "view",
+            "mask": 2,
+            "field": "",
+            "permanent": false,
+            "description": "Voir les alias des notes des adhérent⋅es du club"
+        }
+    },
+    {
+        "model": "permission.permission",
+        "pk": 240,
+        "fields": {
+            "model": [
+                "note",
+                "alias"
+            ],
+            "query": "[\"AND\", {\"note__noteuser__user__memberships__club\": [\"club\", \"parent_club\"], \"note__noteuser__user__memberships__date_start__lte\": [\"today\"], \"note__noteuser__user__memberships__date_end__gte\": [\"today\"]}, {\"note__is_active\": true}]",
+            "type": "view",
+            "mask": 2,
+            "field": "",
+            "permanent": false,
+            "description": "Voir les alias des notes des adhérent⋅es du club parent"
+        }
+    },
+    {
+        "model": "permission.permission",
+        "pk": 241,
+        "fields": {
+            "model": [
+                "auth",
+                "user"
+            ],
+            "query": "[\"AND\", {\"memberships__club\": [\"club\", \"parent_club\"], \"memberships__date_start__lte\": [\"today\"], \"memberships__date_end__gte\": [\"today\"]}, {\"note__is_active\": true}]",
+            "type": "view",
+            "mask": 2,
+            "field": "",
+            "permanent": false,
+            "description": "Voir les utilisateurs adhérents au club parent"
+        }
+    },
+    {
+        "model": "permission.permission",
+        "pk": 242,
+        "fields": {
+            "model": [
+                "note",
+                "transaction"
+            ],
+            "query": "[\"AND\", {\"destination\": [\"club\", \"note\"]}, [\"OR\", {\"source__balance__gte\": {\"F\": [\"SUB\", [\"MUL\", [\"F\", \"amount\"], [\"F\", \"quantity\"]], 2000]}}, {\"valid\": false}]]",
+            "type": "add",
+            "mask": 2,
+            "field": "",
+            "permanent": false,
+            "description": "Créer une transaction vers la note d'un club"
+        }
+    },
+    {
+        "model": "permission.permission",
+        "pk": 243,
+        "fields": {
+            "model": [
+                "member",
+                "profile"
+            ],
+            "query": "{\"user__memberships__club\": [\"club\"], \"user__memberships__date_start__lte\": [\"today\"],\"user__memberships__date_end__gte\": [\"today\"]}",
+            "type": "view",
+            "mask": 3,
+            "field": "",
+            "permanent": false,
+            "description": "Voir les profils des membres du club"
+        }
+    },
+    {
+        "model": "permission.permission",
+        "pk": 244,
+        "fields": {
+            "model": [
+                "member",
+                "profile"
+            ],
+            "query": "{}",
+            "type": "change",
+            "mask": 3,
+            "field": "ml_events_registration",
+            "permanent": false,
+            "description": "Modifier l'abonnement à la Newsletter BDE pour n'importe quel profil"
+        }
+    },
+    {
+        "model": "permission.permission",
+        "pk": 245,
+        "fields": {
+            "model": [
+                "member",
+                "profile"
+            ],
+            "query": "{}",
+            "type": "change",
+            "mask": 3,
+            "field": "ml_art_registration",
+            "permanent": false,
+            "description": "Modifier l'abonnement à la Newsletter Art pour n'importe quel profil"
+        }
+    },
+    {
+        "model": "permission.permission",
+        "pk": 246,
+        "fields": {
+            "model": [
+                "member",
+                "profile"
+            ],
+            "query": "{}",
+            "type": "change",
+            "mask": 3,
+            "field": "ml_sport_registration",
+            "permanent": false,
+            "description": "Modifier l'abonnement à la Newsletter Sport pour n'importe quel profil"
+        }
+    },
+    {
+        "model": "permission.permission",
+        "pk": 247,
+        "fields": {
+            "model": [
+                "activity",
+                "guest"
+            ],
+            "query": "{\"activity__organizer\": [\"club\"]}",
+            "type": "view",
+            "mask": 2,
+            "field": "",
+            "permanent": false,
+            "description": "Voir les personnes invitées aux événements organisés par son club"
+        }
+    },
     {
         "model": "permission.role",
         "pk": 1,
@@ -3851,7 +3995,21 @@
             "for_club": null,
             "name": "Membre de club",
             "permissions": [
-				22
+                1,
+                2,
+                3,
+                4,
+                5,
+                7,
+                8,
+                9,
+                10,
+                11,
+                12,
+                13,
+                14,
+                22,
+                48
             ]
         }
     },
@@ -3900,6 +4058,7 @@
             "for_club": null,
             "name": "Tr\u00e9sorièr\u22c5e de club",
             "permissions": [
+                6,
                 19,
                 20,
                 21,
@@ -3913,7 +4072,10 @@
                 142,
                 182,
                 184,
-				185
+                185,
+                239,
+                240,
+                241
             ]
         }
     },

apps/registration/views.py

@@ -300,9 +300,13 @@ class FutureUserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin,
 #            join_bde = True
 #            join_kfet = True
 
-        if not join_bde:
+        if not (join_bde or any(b for _, b in join_clubs)):
             # This software belongs to the BDE.
-            form.add_error('join_bde', _("You must join the BDE."))
+            form.add_error('join_bde', _("You must join a club."))
+            return super().form_invalid(form)
+
+        if join_kfet and not join_bde:
+            form.add_error('join_bde', _("You must also join the parent club BDE."))
             return super().form_invalid(form)
 
         # Calculate required registration fee

apps/wei/forms/surveys/wei2024.py

@@ -276,11 +276,22 @@ class WEISurveyAlgorithm2024(WEISurveyAlgorithm):
         surveys = list(self.get_survey_class()(r) for r in self.get_registrations())  # All surveys
         surveys = [s for s in surveys if s.is_complete()]  # Don't consider invalid surveys
         # Don't manage hardcoded people
-        surveys = [s for s in surveys if not hasattr(s.information, 'hardcoded') or not s.information.hardcoded]
+        # surveys = [s for s in surveys if s.bus_id != None]
+        # surveys = [s for s in surveys if not hasattr(s.information, 'hardcoded') or not s.information.hardcoded]
+
+        # surveys = [s for s in surveys if s.registration.user_id in free_users]
+
+        # hardcoded_first_year_mb = WEIMembership.objects.filter(bus != None,registration__first_year=True)
+        # hardcoded_first_year = hardcoded_first_year_mb.values_list('user__id', 'bus__id')
+
+        hardcoded_first_year_mb = WEIMembership.objects.filter(registration__first_year=True)
+        hardcoded_first_year = {mb.user.id if mb.bus else None: mb.bus.id if mb.bus else None for mb in hardcoded_first_year_mb}
 
         # Reset previous algorithm run
         for survey in surveys:
             survey.free()
+            if survey.registration.user_id in hardcoded_first_year.keys():
+                survey.select_bus(hardcoded_first_year[survey.registration.user_id])
             survey.save()
 
         non_men = [s for s in surveys if s.registration.gender != 'male']
@@ -291,9 +302,7 @@ class WEISurveyAlgorithm2024(WEISurveyAlgorithm):
         non_men_total = registrations.filter(~Q(gender='male')).count()
         for bus in self.get_buses():
             free_seats = bus.size - WEIMembership.objects.filter(bus=bus, registration__first_year=False).count()
-            # Remove hardcoded people
-            free_seats -= WEIMembership.objects.filter(bus=bus, registration__first_year=True,
-                                                       registration__information_json__icontains="hardcoded").count()
+            free_seats -= sum(1 for s in non_men if s.information.selected_bus_pk == bus.pk)
             quotas[bus] = 4 + int(non_men_total / registrations.count() * free_seats)
 
         tqdm_obj = None
@@ -308,9 +317,6 @@ class WEISurveyAlgorithm2024(WEISurveyAlgorithm):
         for bus in self.get_buses():
             free_seats = bus.size - WEIMembership.objects.filter(bus=bus, registration__first_year=False).count()
             free_seats -= sum(1 for s in non_men if s.information.selected_bus_pk == bus.pk)
-            # Remove hardcoded people
-            free_seats -= WEIMembership.objects.filter(bus=bus, registration__first_year=True,
-                                                       registration__information_json__icontains="hardcoded").count()
             quotas[bus] = free_seats
 
         if display_tqdm:

locale/fr/LC_MESSAGES/django.po

@@ -795,11 +795,11 @@ msgstr "Masque de permissions"
 
 #: apps/member/forms.py:46
 msgid "Report frequency"
-msgstr "Fréquence des rapports (en jours)"
+msgstr "Fréquence des relevés (en jours)"
 
 #: apps/member/forms.py:48
 msgid "Last report date"
-msgstr "Date de dernier rapport"
+msgstr "Date de dernier relevé"
 
 #: apps/member/forms.py:52
 msgid ""
@@ -1032,6 +1032,7 @@ msgid ""
 "Register on the mailing list to stay informed of the sport events of the "
 "campus (1 mail/week)"
 msgstr ""
+"S'inscrire sur la liste de diffusion pour rester informé·e des actualités "
 "sportives sur le campus (1 mail par semaine)"
 
 #: apps/member/models.py:113
@@ -1044,11 +1045,11 @@ msgstr ""
 
 #: apps/member/models.py:117
 msgid "report frequency (in days)"
-msgstr "fréquence des rapports (en jours)"
+msgstr "fréquence des relevés (en jours)"
 
 #: apps/member/models.py:122
 msgid "last report date"
-msgstr "date de dernier rapport"
+msgstr "date de dernier relevé"
 
 #: apps/member/models.py:127
 msgid "email confirmed"

note.cron

@@ -9,6 +9,7 @@ MAILTO=notekfet2020@lists.crans.org
  *   *     *   *   *     root   cd /var/www/note_kfet && env/bin/python manage.py send_mail -c 1 -v 0
  *   *     *   *   *     root   cd /var/www/note_kfet && env/bin/python manage.py retry_deferred -c 1 -v 0
  00  0     *   *   *     root   cd /var/www/note_kfet && env/bin/python manage.py purge_mail_log 7 -v 0
+ 00  0     *   *   *     root   cd /var/www/note_kfet && env/bin/python manage.py purge_mail_log -r failure 30 -v 0
 # Faire une sauvegarde de la base de données
  00  2     *   *   *     root   cd /var/www/note_kfet && apps/scripts/shell/backup_db
 # Vérifier la cohérence de la base et mailer en cas de problème
@@ -25,3 +26,5 @@ MAILTO=notekfet2020@lists.crans.org
  00  9     *   *   *     root   cd /var/www/note_kfet && env/bin/python manage.py refresh_highlighted_buttons -v 0
 # Vider les tokens Oauth2
  00  6     *   *   *     root   cd /var/www/note_kfet && env/bin/python manage.py cleartokens -v 0
+# Envoyer la liste des abonnés à la NL BDA
+ 00  8     *   *   0     root   cd /var/www/note_kfet && env/bin/python manage.py extract_ml_registrations -t art -v 0

note_kfet/settings/base.py

@@ -225,6 +225,7 @@ MEDIA_URL = '/media/'
 # Use mailer in production to place emails in a queue before sending them to avoid spam
 EMAIL_BACKEND = 'mailer.backend.DbBackend'
 MAILER_EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
+MAILER_EMAIL_MAX_BATCH = 10
 EMAIL_USE_SSL = os.getenv('EMAIL_USE_SSL', False)
 EMAIL_HOST = os.getenv('EMAIL_HOST', 'smtp.example.org')
 EMAIL_PORT = os.getenv('EMAIL_PORT', 25)

note_kfet/templates/base.html

@@ -72,7 +72,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
                             <a class="nav-link {% if request.path_info == url %}active{% endif %}" href="{{ url }}"><i class="fa fa-cutlery"></i> {% trans 'Food' %}</a>
                         </li>
                     {% endif %}
-                    {% if user.is_authenticated and user|is_member:"Kfet" %}
+                    {% if user.is_authenticated %}
                         <li class="nav-item">
                             {% url 'note:transfer' as url %}
                             <a class="nav-link {% if request.path_info == url %}active{% endif %}" href="{{ url }}"><i class="fa fa-exchange"></i> {% trans 'Transfer' %}</a>

shell-static.nix

@@ -1,34 +0,0 @@
-# This is a workaround meant for use with the nix package manager. If you don't know what it is or don't use it, please ignore this file.
-# 
-# The nk20 javascript static location are hardcoded for imperative system.
-# This make ./manage.py collectstatic hard to use with nixos.
-# 
-# A workaround is to enter a FHSUserEnv with the static placed under /share/javascript/<static>.
-# This emulate a debian like system and enable collecting static normally with ./manage.py collectstatics.
-# The regular shell.nix should be enough for other configurations.
-#
-# Warning, you are still supposed to use pip package with a venv !
-{ pkgs ? import <nixpkgs> {} }:
-(pkgs.buildFHSUserEnv {
-  name = "pipzone";
-  targetPkgs = pkgs: (with pkgs;
-  let
-    fhs-static = stdenv.mkDerivation {
-      name = "fhs-static";
-      buildCommand = ''
-      mkdir -p $out/share/javascript/bootstrap4
-      mkdir -p $out/share/javascript/jquery
-      ln -s ${python39Packages.xstatic-bootstrap}/lib/python3.9/site-packages/xstatic/pkg/bootstrap/data/* $out/share/javascript/bootstrap4
-      ln -s ${python39Packages.xstatic-jquery}/lib/python3.9/site-packages/xstatic/pkg/jquery/data/* $out/share/javascript/jquery
-    '';
-    };
-  in [
-    fhs-static
-    python39
-    gettext
-    python39Packages.pip
-    python39Packages.virtualenv
-    python39Packages.setuptools
-  ]);
-  runScript = "bash";
-}).env

shell.nix

@@ -1,23 +0,0 @@
-# This is meant for use with the nix package manager. If you don't know what it is or don't use it, please ignore this file.
-#
-# This shell.nix contains all dependencies require to create a venv and pip install -r requirements.txt.
-#
-# Please check shell-static.nix for running ./manage.py collectstatics.
-{ pkgs ? import <nixpkgs> {} }:
-pkgs.mkShell {
-  buildInputs = with pkgs; [
-    python39
-    python39Packages.pip
-    python39Packages.setuptools
-    gettext
-
-  ];
-  shellHook = ''
-    # Tells pip to put packages into $PIP_PREFIX instead of the usual locations.
-    # See https://pip.pypa.io/en/stable/user_guide/#environment-variables.
-    export PIP_PREFIX=$(pwd)/_build/pip_packages
-    export PYTHONPATH="$PIP_PREFIX/${pkgs.python39.sitePackages}:$PYTHONPATH"
-    export PATH="$PIP_PREFIX/bin:$PATH"
-    unset SOURCE_DATE_EPOCH
-  '';
-}

tox.ini

@@ -1,14 +1,14 @@
 [tox]
 envlist =
-    # Debian Bullseye Python
-    py39-django42
-
     # Ubuntu 22.04 Python
     py310-django42
 
     # Debian Bookworm Python
     py311-django42
 
+    # Ubuntu 24.04 Python
+    py312-django42
+
     linters
 skipsdist = True