diff --git a/registration/templates/registration/payment_form.html b/registration/templates/registration/payment_form.html index f865187..33c1557 100644 --- a/registration/templates/registration/payment_form.html +++ b/registration/templates/registration/payment_form.html @@ -24,25 +24,27 @@
- {% if payment.grouped %} - {% blocktrans trimmed %} - You want finally that each member pays its own registration? Then click on the button: - {% endblocktrans %} -
- {% else %} - {% blocktrans trimmed %} - You want to pay for the registrations of all members of your team, - or your school will pay for all registrations? Then click on the button: - {% endblocktrans %} - + {% if can_group %} + {% if payment.grouped %} + {% blocktrans trimmed %} + You want finally that each member pays its own registration? Then click on the button: + {% endblocktrans %} + + {% else %} + {% blocktrans trimmed %} + You want to pay for the registrations of all members of your team, + or your school will pay for all registrations? Then click on the button: + {% endblocktrans %} + + {% endif %} {% endif %} diff --git a/registration/views.py b/registration/views.py index 490a187..08e08c6 100644 --- a/registration/views.py +++ b/registration/views.py @@ -459,6 +459,9 @@ class PaymentUpdateView(LoginRequiredMixin, UpdateView): def get_context_data(self, **kwargs): context = super().get_context_data() context['title'] = _("Update payment") + # Grouping is only possible if there isn't any validated payment in the team + context['can_group'] = all(p.valid is False for reg in self.object.team.students.all() + for p in reg.payments.filter(valid=self.object.valid).all()) context['bank_transfer_form'] = PaymentForm(payment_type='bank_transfer', data=self.request.POST or None, instance=self.object) @@ -489,11 +492,18 @@ class PaymentUpdateGroupView(LoginRequiredMixin, DetailView): model = Payment def dispatch(self, request, *args, **kwargs): + payment = self.get_object() + if not self.request.user.is_authenticated or \ not self.request.user.registration.is_admin \ and (self.request.user.registration not in self.get_object().registrations.all() - or self.get_object().valid is not False): + or payment.valid is not False): return self.handle_no_permission() + + if any(p.valid is not False for reg in payment.team.students.all() + for p in reg.payments.filter(valid=payment.valid).all()): + raise PermissionDenied(_("Since one payment is already validated, or pending validation, " + "grouping is not possible.")) return super().dispatch(request, *args, **kwargs) def get(self, request, *args, **kwargs):