Update permissions to see our own note

apps/member/models.py

@@ -8,12 +8,15 @@ from django.conf import settings
 from django.contrib.auth.models import User
 from django.core.exceptions import ValidationError
 from django.db import models
+from django.db.models import Q
 from django.template import loader
 from django.urls import reverse, reverse_lazy
 from django.utils import timezone
 from django.utils.encoding import force_bytes
 from django.utils.http import urlsafe_base64_encode
 from django.utils.translation import gettext_lazy as _
+
+from permission.models import Role
 from registration.tokens import email_validation_token
 from note.models import MembershipTransaction
 
@@ -382,6 +385,17 @@ class Membership(models.Model):
                         if hasattr(self, '_force_save'):
                             parent_membership._force_save = True
                         parent_membership.save()
+                        parent_membership.refresh_from_db()
+
+                        if self.club.parent_club.name == "BDE":
+                            parent_membership.roles.set(
+                                Role.objects.filter(Q(name="Adhérent BDE") | Q(name="Membre de club")).all())
+                        elif self.club.parent_club.name == "Kfet":
+                            parent_membership.roles.set(
+                                Role.objects.filter(Q(name="Adhérent Kfet") | Q(name="Membre de club")).all())
+                        else:
+                            parent_membership.roles.set(Role.objects.filter(name="Membre de club").all())
+                        parent_membership.save()
                 else:
                     raise ValidationError(_('User is not a member of the parent club')
                                           + ' ' + self.club.parent_club.name)

apps/member/views.py

@@ -631,7 +631,12 @@ class ClubAddMemberView(ProtectQuerysetMixin, LoginRequiredMixin, CreateView):
 
         ret = super().form_valid(form)
 
-        member_role = Role.objects.filter(name="Membre de club").all()
+        if club.name == "BDE":
+            member_role = Role.objects.filter(Q(name="Adhérent BDE") | Q(name="Membre de club")).all()
+        elif club.name == "Kfet":
+            member_role = Role.objects.filter(Q(name="Adhérent Kfet") | Q(name="Membre de club")).all()
+        else:
+            member_role = Role.objects.filter(name="Membre de club").all()
         form.instance.roles.set(member_role)
         form.instance._force_save = True
         form.instance.save()
@@ -670,8 +675,10 @@ class ClubAddMemberView(ProtectQuerysetMixin, LoginRequiredMixin, CreateView):
                 membership.refresh_from_db()
                 if old_membership.exists():
                     membership.roles.set(old_membership.get().roles.all())
-                else:
+                elif c.name == "BDE":
-                    membership.roles.add(Role.objects.get(name="Adhérent Kfet"))
+                    membership.roles.set(Role.objects.filter(Q(name="Adhérent BDE") | Q(name="Membre de club")).all())
+                elif c.name == "Kfet":
+                    membership.roles.set(Role.objects.filter(Q(name="Adhérent Kfet") | Q(name="Membre de club")).all())
                 membership.save()
 
         return ret

apps/permission/fixtures/initial.json

@@ -61,7 +61,7 @@
 		"fields": {
 			"model": [
 				"note",
-				"noteuser"
+				"note"
 			],
 			"query": "{\"pk\": [\"user\", \"note\", \"pk\"]}",
 			"type": "view",
@@ -2221,9 +2221,9 @@
 		"fields": {
 			"model": [
 				"note",
-				"noteclub"
+				"note"
 			],
-			"query": "{\"club\": [\"club\"]}",
+			"query": "{\"noteclub__club\": [\"club\"]}",
 			"type": "view",
 			"mask": 2,
 			"field": "",
@@ -2343,6 +2343,22 @@
 			"description": "Supprimer une activité non validée"
 		}
 	},
+	{
+		"model": "permission.permission",
+		"pk": 150,
+		"fields": {
+			"model": [
+				"note",
+				"note"
+			],
+			"query": "{}",
+			"type": "view",
+			"mask": 2,
+			"field": "",
+			"permanent": false,
+			"description": "Voir toutes les notes"
+		}
+	},
 	{
 		"model": "permission.role",
 		"pk": 1,
@@ -2522,7 +2538,8 @@
 				139,
 				143,
 				146,
-				147
+				147,
+				150
 			]
 		}
 	},
@@ -2677,7 +2694,8 @@
 				146,
 				147,
 				148,
-				149
+				149,
+				150
 			]
 		}
 	},
@@ -2737,6 +2755,7 @@
 			"for_club": null,
 			"name": "GC WEI",
 			"permissions": [
+				22,
 				76,
 				85,
 				86,
@@ -2770,6 +2789,7 @@
 			"for_club": null,
 			"name": "Chef de bus",
 			"permissions": [
+				22,
 				84,
 				117,
 				118,
@@ -2787,6 +2807,7 @@
 			"for_club": null,
 			"name": "Chef d'\u00e9quipe",
 			"permissions": [
+				22,
 				84,
 				116,
 				123,
@@ -2802,6 +2823,7 @@
 			"for_club": null,
 			"name": "\u00c9lectron libre",
 			"permissions": [
+				22,
 				84
 			]
 		}
@@ -2813,6 +2835,7 @@
 			"for_club": null,
 			"name": "\u00c9lectron libre (avec perm)",
 			"permissions": [
+				22,
 				84
 			]
 		}

templates/note/search_transactions.html

@@ -12,7 +12,7 @@
             {% include "member/club_info.html" %}
         {% endwith %}
     {% elif note.user %}
-        {% with user=note.user %}
+        {% with user_object=note.user %}
             {% include "member/profile_info.html"  %}
         {% endwith %}
     {% endif %}