mirror of https://gitlab.crans.org/bde/nk20
Compare commits
4 Commits
09027ea35e
...
76a6260b18
| Author | SHA1 | Date |
|---|---|---|
Yohann D'ANELLO
|
76a6260b18 | |
|
Yohann D'ANELLO
|
7b3512c0be | |
|
Yohann D'ANELLO
|
0bfc3b9454 | |
|
Yohann D'ANELLO
|
84e8b02594 |
|
|
@ -38,6 +38,9 @@ class ActivityListView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTableView
|
|||
table_class = ActivityTable
|
||||
ordering = ('-date_start',)
|
||||
|
||||
def get_queryset(self):
|
||||
return super().get_queryset().distinct()
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super().get_context_data(**kwargs)
|
||||
|
||||
|
|
|
|||
|
|
@ -642,7 +642,7 @@ class ClubManageRolesView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
|
|||
del form.fields['bank']
|
||||
|
||||
club = self.object.club
|
||||
form.fields['roles'].queryset = Role.objects.filter(Q(weirole__isnull=isinstance(club, WEIClub))
|
||||
form.fields['roles'].queryset = Role.objects.filter(Q(weirole__isnull=not isinstance(club, WEIClub))
|
||||
& (Q(for_club__isnull=True) | Q(for_club=club))).all()
|
||||
|
||||
return form
|
||||
|
|
|
|||
|
|
@ -36,27 +36,20 @@ class PermissionBackend(ModelBackend):
|
|||
# Unauthenticated users have no permissions
|
||||
return Permission.objects.none()
|
||||
|
||||
qs = Permission.objects.annotate(
|
||||
club=F("role__membership__club"),
|
||||
membership=F("role__membership"),
|
||||
).filter(
|
||||
(
|
||||
Q(
|
||||
role__membership__date_start__lte=timezone.now().today(),
|
||||
role__membership__date_end__gte=timezone.now().today(),
|
||||
)
|
||||
| Q(permanent=True)
|
||||
)
|
||||
& Q(role__membership__user=user)
|
||||
& Q(type=t)
|
||||
& Q(mask__rank__lte=get_current_session().get("permission_mask", 0))
|
||||
)
|
||||
memberships = Membership.objects.filter(user=user).all()
|
||||
|
||||
perms = []
|
||||
|
||||
for membership in memberships:
|
||||
for role in membership.roles.all():
|
||||
for perm in role.permissions.filter(type=t, mask__rank__lte=get_current_session().get("permission_mask", 42)).all():
|
||||
if not perm.permanent:
|
||||
if membership.date_start > timezone.now().date() or membership.date_end < timezone.now().date():
|
||||
continue
|
||||
perm.membership = membership
|
||||
perms.append(perm)
|
||||
return perms
|
||||
|
||||
if settings.DATABASES[qs.db]["ENGINE"] == 'django.db.backends.postgresql_psycopg2':
|
||||
qs = qs.distinct('pk', 'club')
|
||||
else: # SQLite doesn't support distinct fields.
|
||||
qs = qs.distinct()
|
||||
return qs
|
||||
|
||||
@staticmethod
|
||||
def permissions(user, model, type):
|
||||
|
|
@ -67,22 +60,13 @@ class PermissionBackend(ModelBackend):
|
|||
:param type: The type of the permissions: view, change, add or delete
|
||||
:return: A generator of the requested permissions
|
||||
"""
|
||||
clubs = {}
|
||||
memberships = {}
|
||||
|
||||
for permission in PermissionBackend.get_raw_permissions(user, type):
|
||||
if not isinstance(model.model_class()(), permission.model.model_class()) or not permission.club:
|
||||
if not isinstance(model.model_class()(), permission.model.model_class()) or not permission.membership:
|
||||
continue
|
||||
|
||||
if permission.club not in clubs:
|
||||
clubs[permission.club] = club = Club.objects.get(pk=permission.club)
|
||||
else:
|
||||
club = clubs[permission.club]
|
||||
|
||||
if permission.membership not in memberships:
|
||||
memberships[permission.membership] = membership = Membership.objects.get(pk=permission.membership)
|
||||
else:
|
||||
membership = memberships[permission.membership]
|
||||
membership = permission.membership
|
||||
club = membership.club
|
||||
|
||||
permission = permission.about(
|
||||
user=user,
|
||||
|
|
@ -113,7 +97,6 @@ class PermissionBackend(ModelBackend):
|
|||
:param field: The field of the model to test, if concerned
|
||||
:return: A query that corresponds to the filter to give to a queryset
|
||||
"""
|
||||
|
||||
if user is None or isinstance(user, AnonymousUser):
|
||||
# Anonymous users can't do anything
|
||||
return Q(pk=-1)
|
||||
|
|
@ -163,6 +146,7 @@ class PermissionBackend(ModelBackend):
|
|||
perm = perm.split('.')[-1].split('_', 2)
|
||||
perm_type = perm[0]
|
||||
perm_field = perm[2] if len(perm) == 3 else None
|
||||
|
||||
ct = ContentType.objects.get_for_model(obj)
|
||||
if any(permission.applies(obj, perm_type, perm_field)
|
||||
for permission in PermissionBackend.permissions(user_obj, ct, perm_type)):
|
||||
|
|
|
|||
|
|
@ -2094,8 +2094,6 @@
|
|||
39,
|
||||
40,
|
||||
70,
|
||||
108,
|
||||
109,
|
||||
14,
|
||||
15,
|
||||
16,
|
||||
|
|
@ -2103,7 +2101,15 @@
|
|||
18,
|
||||
78,
|
||||
79,
|
||||
83
|
||||
83,
|
||||
90,
|
||||
93,
|
||||
95,
|
||||
97,
|
||||
99,
|
||||
101,
|
||||
108,
|
||||
109
|
||||
]
|
||||
}
|
||||
},
|
||||
|
|
@ -2493,18 +2499,18 @@
|
|||
"for_club": null,
|
||||
"name": "Adhérent WEI",
|
||||
"permissions": [
|
||||
97,
|
||||
99,
|
||||
101,
|
||||
108,
|
||||
77,
|
||||
109,
|
||||
114,
|
||||
84,
|
||||
87,
|
||||
90,
|
||||
93,
|
||||
95
|
||||
95,
|
||||
97,
|
||||
99,
|
||||
101,
|
||||
108,
|
||||
109,
|
||||
114
|
||||
]
|
||||
}
|
||||
},
|
||||
|
|
|
|||
|
|
@ -1 +0,0 @@
|
|||
Subproject commit fc29147c876c33d4cf41a86d46d736ff69d176ff
|
||||
|
|
@ -132,6 +132,7 @@ class WEIDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
|
|||
else:
|
||||
# Check if the user has the right to create a registration of a random first year member.
|
||||
empty_fy_registration = WEIRegistration(
|
||||
wei=club,
|
||||
user=random_user,
|
||||
first_year=True,
|
||||
birth_date="1970-01-01",
|
||||
|
|
@ -144,6 +145,7 @@ class WEIDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
|
|||
|
||||
# Check if the user has the right to create a registration of a random old member.
|
||||
empty_old_registration = WEIRegistration(
|
||||
wei=club,
|
||||
user=User.objects.filter(~Q(wei__wei__in=[club])).first(),
|
||||
first_year=False,
|
||||
birth_date="1970-01-01",
|
||||
|
|
|
|||
|
|
@ -37,10 +37,11 @@ EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
|
|||
EMAIL_USE_SSL = False
|
||||
EMAIL_HOST = os.getenv('EMAIL_HOST', 'smtp.example.org')
|
||||
EMAIL_PORT = os.getenv('EMAIL_PORT', 465)
|
||||
EMAIL_HOST_USER = os.getenv('EMAIL_USER', 'change_me')
|
||||
EMAIL_HOST_PASSWORD = os.getenv('EMAIL_PASSWORD', 'change_me')
|
||||
EMAIL_HOST_USER = os.getenv('EMAIL_USER', None)
|
||||
EMAIL_HOST_PASSWORD = os.getenv('EMAIL_PASSWORD', None)
|
||||
|
||||
SERVER_EMAIL = os.getenv("NOTE_MAIL", "notekfet@example.com")
|
||||
DEFAULT_FROM_EMAIL = "NoteKfet2020 <" + SERVER_EMAIL + ">"
|
||||
|
||||
# Security settings
|
||||
SECURE_CONTENT_TYPE_NOSNIFF = False
|
||||
|
|
|
|||
|
|
@ -178,6 +178,16 @@ SPDX-License-Identifier: GPL-3.0-or-later
|
|||
</div>
|
||||
{% endif %}
|
||||
{% block contenttitle %}<h1>{{ title }}</h1>{% endblock %}
|
||||
<div class="alert alert-warning">
|
||||
Attention : la Note Kfet 2020 est en phase de beta. Des fonctionnalités pourront être rajoutées d'ici à la version
|
||||
finale, et des bugs peuvent survenir. Pour tout problème, merci d'envoyer un mail à l'adresse
|
||||
<a href="mailto:notekfet2020@lists.crans.org">
|
||||
notekfet2020@lists.crans.org</a>,
|
||||
ou bien levez une issue sur le dépôt <a href="https://gitlab.crans.org/bde/nk20/-/issues">Gitlab</a>,
|
||||
ou encore posez un commentaire sur le <a href="https://pad.crans.org/p/todoNK20">pad</a>.<br><br>
|
||||
|
||||
Certaines données ont été anonymisées afin de limiter les fuites de données, et peuvent ne pas correspondre avec vos données réelles.
|
||||
</div>
|
||||
<div id="messages"></div>
|
||||
{% block content %}
|
||||
<p>Default content...</p>
|
||||
|
|
|
|||
Loading…
Reference in New Issue