Merge branch 'respo_comm_permissions' into 'main'

Draft: Respo comm permissions See merge request bde/nk20!281
Some improvements
2025-10-30 23:39:54 +01:00 · 2025-02-13 20:28:53 +01:00 · 2025-02-13 20:09:45 +01:00 · 2025-02-13 19:40:04 +01:00 · 2025-02-13 19:09:27 +01:00 · 2025-02-13 18:59:22 +01:00
2 changed files with 5 additions and 10 deletions
--- a/apps/member/forms.py
+++ b/apps/member/forms.py
@@ -15,7 +15,6 @@ from django.utils.translation import gettext_lazy as _
 from note.models import NoteSpecial, Alias
 from note_kfet.inputs import Autocomplete, AmountInput
 from permission.models import PermissionMask, Role
-from permission.backends import PermissionBackend
 from PIL import Image, ImageSequence

 from .models import Profile, Club, Membership
@@ -68,14 +67,6 @@ class ProfileForm(forms.ModelForm):
        self.fields['address'].widget.attrs.update({"placeholder": "4 avenue des Sciences, 91190 GIF-SUR-YVETTE"})
        self.fields['promotion'].widget.attrs.update({"max": timezone.now().year})

-    def clean(self):
-        """Force the values of fields that the user does not have permission to modify.."""
-        cleaned_data = super().clean()
-        for field_name in self.fields.keys():
-            if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", self.instance):
-                cleaned_data[field_name] = getattr(self.instance, field_name)  # Force the old value
-        return cleaned_data
-
    @transaction.atomic
    def save(self, commit=True):
        if not self.instance.section or (("department" in self.changed_data
--- a/apps/member/views.py
+++ b/apps/member/views.py
@@ -79,12 +79,16 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
            del profile_form.fields["last_report"]

        fields_to_check = list(profile_form.fields.keys())
+        fields_modifiable = False 

        # Delete the fields for which the user does not have the permission to modify
        for field_name in fields_to_check:
            if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", context['user_object'].profile):
                profile_form.fields[field_name].widget = forms.HiddenInput()
+            else :
+                fields_modifiable = True

+        if fields_modifiable :
            context['profile_form'] = profile_form

        return context
Author	SHA1	Message	Date
thomasl	8570669043	Merge branch 'respo_comm_permissions' into 'main' Draft: Respo comm permissions See merge request bde/nk20!281	2025-02-13 20:28:53 +01:00
thomasl	9e7f7df721	Some improvements	2025-02-13 20:09:45 +01:00
thomasl	62baad7b69	Cancel modifications	2025-02-13 19:40:04 +01:00
thomasl	6e49140900	Fix some errors	2025-02-13 19:09:27 +01:00
thomasl	e5567c6c8a	Fix some errors	2025-02-13 18:59:22 +01:00