allows mask for Oauth2

Small features

See merge request bde/nk20!355

apps/member/models.py

@@ -417,7 +417,7 @@ class Membership(models.Model):
         A membership is valid if today is between the start and the end date.
         """
         if self.date_end is not None:
-            return self.date_start.toordinal() <= datetime.datetime.now().toordinal() < self.date_end.toordinal()
+            return self.date_start.toordinal() <= datetime.datetime.now().toordinal() <= self.date_end.toordinal()
         else:
             return self.date_start.toordinal() <= datetime.datetime.now().toordinal()
 

apps/note/static/note/js/consos.js

@@ -228,7 +228,7 @@ function consume (source, source_alias, dest, quantity, amount, reason, type, ca
           addMsg(interpolate(gettext('Warning, the transaction from the note %s succeed, ' +
               'but the emitter note %s is negative.'), [source_alias, source_alias]), 'warning', 30000)
         }
-        if (source.membership && source.membership.date_end < new Date().toISOString()) {
+        if (source.membership && source.membership.date_end <= new Date().toISOString()) {
           addMsg(interpolate(gettext('Warning, the emitter note %s is no more a BDE member.'), [source_alias]),
               'danger', 30000)
         }

apps/note/static/note/js/transfer.js

@@ -310,10 +310,10 @@ $('#btn_transfer').click(function () {
             destination: dest.note.id,
             destination_alias: dest.name
           }).done(function () {
-          if (source.note.membership && source.note.membership.date_end < new Date().toISOString()) {
+          if (source.note.membership && source.note.membership.date_end <= new Date().toISOString()) {
             addMsg(interpolate(gettext('Warning, the emitter note %s is no more a BDE member.'), [source.name]), 'danger', 30000)
           }
-          if (dest.note.membership && dest.note.membership.date_end < new Date().toISOString()) {
+          if (dest.note.membership && dest.note.membership.date_end <= new Date().toISOString()) {
             addMsg(interpolate(gettext('Warning, the destination note %s is no more a BDE member.'), [dest.name]), 'danger', 30000)
           }
 
@@ -414,7 +414,7 @@ $('#btn_transfer').click(function () {
         bank: $('#bank').val()
       }).done(function () {
       addMsg(gettext('Credit/debit succeed!'), 'success', 10000)
-      if (user_note.membership && user_note.membership.date_end < new Date().toISOString()) { addMsg(gettext('Warning, the emitter note %s is no more a BDE member.'), 'danger', 10000) }
+      if (user_note.membership && user_note.membership.date_end <= new Date().toISOString()) { addMsg(gettext('Warning, the emitter note %s is no more a BDE member.'), 'danger', 10000) }
       reset()
     }).fail(function (err) {
       const errObj = JSON.parse(err.responseText)

apps/permission/backends.py

@@ -39,7 +39,15 @@ class PermissionBackend(ModelBackend):
 
             def permission_filter(membership_obj):
                 query = Q(pk=-1)
+                if 'mask' in request.GET:
+                    try:
+                        rank = int(request.GET['mask'])
+                    except:
+                        rank = 42
+                    query &= Q(mask__rank__lte=rank)
                 for scope in request.auth.scope.split(' '):
+                    if scope == "openid":
+                        continue
                     permission_id, club_id = scope.split('_')
                     if int(club_id) == membership_obj.club_id:
                         query |= Q(pk=permission_id)

apps/permission/scopes.py

@@ -10,6 +10,7 @@ from note_kfet.middlewares import get_current_request
 from .backends import PermissionBackend
 from .models import Permission
 
+from django.utils.translation import gettext_lazy as _
 
 class PermissionScopes(BaseScopes):
     """
@@ -32,7 +33,7 @@ class PermissionScopes(BaseScopes):
 
         scopes = {f"{p.id}_{club.id}": f"{p.description} (club {club.name})"
                   for p in Permission.objects.all() for club in Club.objects.all()}
-        scopes['openid'] = "OpenID Connect"
+        scopes['openid'] = _("OpenID Connect (username and email)")
         return scopes
 
     def get_available_scopes(self, application=None, request=None, *args, **kwargs):

apps/treasury/tests/test_treasury.py

@@ -359,7 +359,7 @@ class TestSogeCredits(TestCase):
         ))
         self.assertRedirects(response, reverse("treasury:manage_soge_credit", args=(soge_credit.pk,)), 302, 200)
         soge_credit.refresh_from_db()
-        self.assertTrue(soge_credit.valid)
+        self.assertTrue(soge_credit.valid_legacy)
         self.user.note.refresh_from_db()
         self.assertEqual(
             Transaction.objects.filter(Q(source=self.user.note) | Q(destination=self.user.note)).count(), 3)

requirements.txt

@@ -12,7 +12,7 @@ django-filter~=25.1
 django-mailer~=2.3.2
 django-oauth-toolkit~=3.0.1
 django-phonenumber-field~=8.1.0
-django-polymorphic~=3.1.0
+django-polymorphic~=4.1.0
 djangorestframework~=3.16.0
 django-rest-polymorphic~=0.1.10
 django-tables2~=2.7.5