mirror of https://gitlab.crans.org/bde/nk20
Compare commits
5 Commits
a9ccf46010
...
518de596bb
Author | SHA1 | Date |
---|---|---|
Yohann D'ANELLO | 518de596bb | |
Yohann D'ANELLO | c8fe3435de | |
Yohann D'ANELLO | 8751b3936e | |
Yohann D'ANELLO | 302f9e752c | |
Yohann D'ANELLO | 7bda0bb31f |
|
@ -1,13 +1,12 @@
|
|||
# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
import datetime
|
||||
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.backends import ModelBackend
|
||||
from django.contrib.auth.models import User, AnonymousUser
|
||||
from django.contrib.contenttypes.models import ContentType
|
||||
from django.db.models import Q, F
|
||||
from django.utils import timezone
|
||||
from note.models import Note, NoteUser, NoteClub, NoteSpecial
|
||||
from note_kfet.middlewares import get_current_session
|
||||
from member.models import Membership, Club
|
||||
|
@ -43,8 +42,8 @@ class PermissionBackend(ModelBackend):
|
|||
).filter(
|
||||
(
|
||||
Q(
|
||||
rolepermissions__role__membership__date_start__lte=datetime.date.today(),
|
||||
rolepermissions__role__membership__date_end__gte=datetime.date.today(),
|
||||
rolepermissions__role__membership__date_start__lte=timezone.now().today(),
|
||||
rolepermissions__role__membership__date_end__gte=timezone.now().today(),
|
||||
)
|
||||
| Q(permanent=True)
|
||||
)
|
||||
|
@ -98,8 +97,8 @@ class PermissionBackend(ModelBackend):
|
|||
NoteSpecial=NoteSpecial,
|
||||
F=F,
|
||||
Q=Q,
|
||||
now=datetime.datetime.now(),
|
||||
today=datetime.date.today(),
|
||||
now=timezone.now(),
|
||||
today=timezone.now().date(),
|
||||
)
|
||||
yield permission
|
||||
|
||||
|
|
|
@ -272,7 +272,7 @@
|
|||
"note",
|
||||
"alias"
|
||||
],
|
||||
"query": "[\"OR\", {\"note__in\": [\"NoteUser\", \"objects\", [\"filter\", {\"user__membership__club__name\": \"Kfet\"}], [\"all\"]]}, {\"note__in\": [\"NoteClub\", \"objects\", [\"all\"]]}]",
|
||||
"query": "[\"OR\", {\"note__in\": [\"NoteUser\", \"objects\", [\"filter\", {\"user__memberships__club__name\": \"Kfet\"}], [\"all\"]]}, {\"note__in\": [\"NoteClub\", \"objects\", [\"all\"]]}]",
|
||||
"type": "view",
|
||||
"mask": 1,
|
||||
"field": "",
|
||||
|
@ -480,7 +480,7 @@
|
|||
"note",
|
||||
"note"
|
||||
],
|
||||
"query": "[\"OR\", {\"pk\": [\"club\", \"note\", \"pk\"]}, {\"pk__in\": [\"NoteUser\", \"objects\", [\"filter\", {\"user__membership__club\": [\"club\"]}], [\"all\"]]}]",
|
||||
"query": "[\"OR\", {\"pk\": [\"club\", \"note\", \"pk\"]}, {\"pk__in\": [\"NoteUser\", \"objects\", [\"filter\", {\"user__memberships__club\": [\"club\"]}], [\"all\"]]}]",
|
||||
"type": "view",
|
||||
"mask": 2,
|
||||
"field": "",
|
||||
|
@ -1872,7 +1872,7 @@
|
|||
"wei",
|
||||
"busteam"
|
||||
],
|
||||
"query": "{\"wei\": [\"club\"], \"wei__membership_end__gte\": [\"today\"]}",
|
||||
"query": "{\"bus__wei\": [\"club\"], \"bus__wei__membership_end__gte\": [\"today\"]}",
|
||||
"type": "add",
|
||||
"mask": 3,
|
||||
"field": "",
|
||||
|
@ -1888,7 +1888,7 @@
|
|||
"wei",
|
||||
"busteam"
|
||||
],
|
||||
"query": "{\"wei\": [\"club\"], \"wei__membership_end__gte\": [\"today\"]}",
|
||||
"query": "{\"bus__wei\": [\"club\"], \"bus__wei__membership_end__gte\": [\"today\"]}",
|
||||
"type": "change",
|
||||
"mask": 3,
|
||||
"field": "",
|
||||
|
@ -1920,7 +1920,7 @@
|
|||
"wei",
|
||||
"busteam"
|
||||
],
|
||||
"query": "[\"AND\", {\"wei\": [\"club\"]}, [\"OR\", [\"NOT\", [\"membership\", \"registration\", \"first_year\"]], {\"wei__date_end__lte\": [\"today\"]}]]",
|
||||
"query": "[\"AND\", {\"bus__wei\": [\"club\"]}, [\"OR\", [\"NOT\", [\"membership\", \"registration\", \"first_year\"]], {\"bus__wei__date_end__lte\": [\"today\"]}]]",
|
||||
"type": "view",
|
||||
"mask": 1,
|
||||
"field": "",
|
||||
|
@ -1936,7 +1936,7 @@
|
|||
"wei",
|
||||
"weimembership"
|
||||
],
|
||||
"query": "[\"AND\", {\"club\": [\"club\"], \"club__weiclub__membership_end__gte\": [\"today\"]}, [\"OR\", {\"registration__soge_credit\": true}, {\"user__note__balance__gte\": [\"F\", \"fee\"]}]]",
|
||||
"query": "[\"AND\", {\"club\": [\"club\"], \"club__weiclub__membership_end__gte\": [\"today\"]}, [\"OR\", {\"registration__soge_credit\": true}, {\"user__note__balance__gte\": {\"F\": [\"F\", \"fee\"]}}]]",
|
||||
"type": "add",
|
||||
"mask": 3,
|
||||
"field": "",
|
||||
|
@ -2048,7 +2048,7 @@
|
|||
"wei",
|
||||
"bus"
|
||||
],
|
||||
"query": "{\"pk\": [\"membership\", \"bus\", \"pk\"], \"wei__date_end__gte\": [\"today\"]}",
|
||||
"query": "{\"pk\": [\"membership\", \"weimembership\", \"bus\", \"pk\"], \"wei__date_end__gte\": [\"today\"]}",
|
||||
"type": "change",
|
||||
"mask": 1,
|
||||
"field": "name",
|
||||
|
@ -2064,7 +2064,7 @@
|
|||
"wei",
|
||||
"bus"
|
||||
],
|
||||
"query": "{\"pk\": [\"membership\", \"bus\", \"pk\"], \"wei__date_end__gte\": [\"today\"]}",
|
||||
"query": "{\"pk\": [\"membership\", \"weimembership\", \"bus\", \"pk\"], \"wei__date_end__gte\": [\"today\"]}",
|
||||
"type": "change",
|
||||
"mask": 1,
|
||||
"field": "description",
|
||||
|
@ -2080,7 +2080,7 @@
|
|||
"wei",
|
||||
"busteam"
|
||||
],
|
||||
"query": "{\"bus\": [\"membership\", \"bus\"], \"wei__date_end__gte\": [\"today\"]}",
|
||||
"query": "{\"bus\": [\"membership\", \"weimembership\", \"bus\"], \"bus__wei__date_end__gte\": [\"today\"]}",
|
||||
"type": "add",
|
||||
"mask": 1,
|
||||
"field": "",
|
||||
|
@ -2096,7 +2096,7 @@
|
|||
"wei",
|
||||
"busteam"
|
||||
],
|
||||
"query": "{\"bus\": [\"membership\", \"bus\"], \"wei__date_end__gte\": [\"today\"]}",
|
||||
"query": "{\"bus\": [\"membership\", \"weimembership\", \"bus\"], \"bus__wei__date_end__gte\": [\"today\"]}",
|
||||
"type": "change",
|
||||
"mask": 1,
|
||||
"field": "name",
|
||||
|
@ -2112,7 +2112,7 @@
|
|||
"wei",
|
||||
"busteam"
|
||||
],
|
||||
"query": "{\"bus\": [\"membership\", \"bus\"], \"wei__date_end__gte\": [\"today\"]}",
|
||||
"query": "{\"bus\": [\"membership\", \"weimembership\", \"bus\"], \"bus__wei__date_end__gte\": [\"today\"]}",
|
||||
"type": "change",
|
||||
"mask": 1,
|
||||
"field": "color",
|
||||
|
@ -2128,7 +2128,7 @@
|
|||
"wei",
|
||||
"busteam"
|
||||
],
|
||||
"query": "{\"bus\": [\"membership\", \"bus\"], \"wei__date_end__gte\": [\"today\"]}",
|
||||
"query": "{\"bus\": [\"membership\", \"weimembership\", \"bus\"], \"bus__wei__date_end__gte\": [\"today\"]}",
|
||||
"type": "change",
|
||||
"mask": 1,
|
||||
"field": "description",
|
||||
|
@ -2144,7 +2144,7 @@
|
|||
"wei",
|
||||
"busteam"
|
||||
],
|
||||
"query": "{\"pk\": [\"membership\", \"team\", \"pk\"], \"wei__date_end__gte\": [\"today\"]}",
|
||||
"query": "{\"pk\": [\"membership\", \"weimembership\", \"team\", \"pk\"], \"bus__wei__date_end__gte\": [\"today\"]}",
|
||||
"type": "change",
|
||||
"mask": 1,
|
||||
"field": "name",
|
||||
|
@ -2160,7 +2160,7 @@
|
|||
"wei",
|
||||
"busteam"
|
||||
],
|
||||
"query": "{\"pk\": [\"membership\", \"team\", \"pk\"], \"wei__date_end__gte\": [\"today\"]}",
|
||||
"query": "{\"pk\": [\"membership\", \"weimembership\", \"team\", \"pk\"], \"bus__wei__date_end__gte\": [\"today\"]}",
|
||||
"type": "change",
|
||||
"mask": 1,
|
||||
"field": "color",
|
||||
|
@ -2176,7 +2176,7 @@
|
|||
"wei",
|
||||
"busteam"
|
||||
],
|
||||
"query": "{\"pk\": [\"membership\", \"team\", \"pk\"], \"wei__date_end__gte\": [\"today\"]}",
|
||||
"query": "{\"pk\": [\"membership\", \"weimembership\", \"team\", \"pk\"], \"bus__wei__date_end__gte\": [\"today\"]}",
|
||||
"type": "change",
|
||||
"mask": 1,
|
||||
"field": "description",
|
||||
|
|
|
@ -0,0 +1,86 @@
|
|||
# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
from django.contrib.auth.models import User
|
||||
from django.core.exceptions import FieldError
|
||||
from django.db.models import F, Q
|
||||
from django.test import TestCase
|
||||
from django.utils import timezone
|
||||
from member.models import Club, Membership
|
||||
from note.models import NoteUser, Note, NoteClub, NoteSpecial
|
||||
from wei.models import WEIMembership, WEIRegistration, WEIClub, Bus, BusTeam
|
||||
|
||||
from .models import Permission
|
||||
|
||||
|
||||
class PermissionQueryTestCase(TestCase):
|
||||
fixtures = ('initial', )
|
||||
|
||||
@classmethod
|
||||
def setUpTestData(cls):
|
||||
user = User.objects.create(username="user")
|
||||
NoteUser.objects.create(user=user)
|
||||
wei = WEIClub.objects.create(
|
||||
name="wei",
|
||||
date_start=timezone.now().date(),
|
||||
date_end=timezone.now().date(),
|
||||
)
|
||||
NoteClub.objects.create(club=wei)
|
||||
weiregistration = WEIRegistration.objects.create(
|
||||
user=user,
|
||||
wei=wei,
|
||||
birth_date=timezone.now().date(),
|
||||
)
|
||||
bus = Bus.objects.create(
|
||||
name="bus",
|
||||
wei=wei,
|
||||
)
|
||||
team = BusTeam.objects.create(
|
||||
name="team",
|
||||
bus=bus,
|
||||
color=0xFFFFFF,
|
||||
)
|
||||
WEIMembership.objects.create(
|
||||
user=user,
|
||||
club=wei,
|
||||
registration=weiregistration,
|
||||
bus=bus,
|
||||
team=team,
|
||||
)
|
||||
|
||||
def test_permission_queries(self):
|
||||
"""
|
||||
Check for all permissions that the query is compilable and that the database can parse the query.
|
||||
We use a random user with a random WEIClub (to use permissions for the WEI) in a random team in a random bus.
|
||||
"""
|
||||
for perm in Permission.objects.all():
|
||||
instanced = perm.about(
|
||||
user=User.objects.get(),
|
||||
club=WEIClub.objects.get(),
|
||||
membership=Membership.objects.get(),
|
||||
User=User,
|
||||
Club=Club,
|
||||
Membership=Membership,
|
||||
Note=Note,
|
||||
NoteUser=NoteUser,
|
||||
NoteClub=NoteClub,
|
||||
NoteSpecial=NoteSpecial,
|
||||
F=F,
|
||||
Q=Q,
|
||||
now=timezone.now(),
|
||||
today=timezone.now().date(),
|
||||
)
|
||||
try:
|
||||
instanced.update_query()
|
||||
query = instanced.query
|
||||
model = perm.model.model_class()
|
||||
model.objects.filter(query).all()
|
||||
# print("Good query for permission", perm)
|
||||
except (FieldError, AttributeError, ValueError):
|
||||
print("Query error for permission", perm)
|
||||
print("Query:", perm.query)
|
||||
if instanced.query:
|
||||
print("Compiled query:", instanced.query)
|
||||
raise
|
||||
|
||||
print("All permission queries are well formed")
|
|
@ -1739,7 +1739,7 @@ msgstr "Consommer"
|
|||
#: templates/note/conso_form.html:39 templates/note/transaction_form.html:61
|
||||
#: templates/note/transaction_form.html:76
|
||||
msgid "Name or alias..."
|
||||
msgstr ""
|
||||
msgstr "Pseudo ou alias ..."
|
||||
|
||||
#: templates/note/conso_form.html:48
|
||||
msgid "Select consumptions"
|
||||
|
|
|
@ -335,7 +335,15 @@ function autoCompleteNote(field_id, note_list_id, notes, notes_display, alias_pr
|
|||
})
|
||||
});
|
||||
|
||||
$("#validate_" + id).html("<i class='fa fa-spinner'></i>");
|
||||
});// end getJSON alias
|
||||
});
|
||||
}// end function autocomplete
|
||||
|
||||
|
||||
// When a validate button is clicked, we switch the validation status
|
||||
function de_validate(id, validated) {
|
||||
let invalidity_reason = $("#invalidity_reason_" + id).val();
|
||||
$("#validate_" + id).html("<strong style=\"font-size: 16pt;\">⟳ ...</strong>");
|
||||
|
||||
// Perform a PATCH request to the API in order to update the transaction
|
||||
// If the user has insufficient rights, an error message will appear
|
||||
|
|
|
@ -63,7 +63,7 @@
|
|||
{% if not activity.open and ".change__valid"|has_perm:activity %}
|
||||
<a class="btn btn-success btn-sm my-1" id="validate_activity"> {% if activity.valid %}{% trans "invalidate"|capfirst %}{% else %}{% trans "validate"|capfirst %}{% endif %}</a>
|
||||
{% endif %}
|
||||
{% if ".view_"|has_perm:activity %}
|
||||
{% if ".change_"|has_perm:activity %}
|
||||
<a class="btn btn-primary btn-sm my-1" href="{% url 'activity:activity_update' pk=activity.pk %}"> {% trans "edit"|capfirst %}</a>
|
||||
{% endif %}
|
||||
{% if activity.activity_type.can_invite and not activity_started %}
|
||||
|
|
Loading…
Reference in New Issue