Merge branch 'Aufinal/editable_accounts' into 'master'
Harmonise les comptes non-lisibles ou éditables Closes #234 See merge request klub-dev-ens/gestioCOF!412
This commit is contained in:
commit
3b2251a1d6
3 changed files with 20 additions and 2 deletions
|
@ -24,6 +24,8 @@ from kfet.models import (
|
||||||
TransferGroup,
|
TransferGroup,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
from . import KFET_DELETED_TRIGRAMME
|
||||||
|
from .auth import KFET_GENERIC_TRIGRAMME
|
||||||
from .auth.forms import UserGroupForm # noqa
|
from .auth.forms import UserGroupForm # noqa
|
||||||
|
|
||||||
# -----
|
# -----
|
||||||
|
@ -324,7 +326,10 @@ class KPsulOperationGroupForm(forms.ModelForm):
|
||||||
widget=forms.HiddenInput(),
|
widget=forms.HiddenInput(),
|
||||||
)
|
)
|
||||||
on_acc = forms.ModelChoiceField(
|
on_acc = forms.ModelChoiceField(
|
||||||
queryset=Account.objects.exclude(trigramme="GNR"), widget=forms.HiddenInput()
|
queryset=Account.objects.exclude(
|
||||||
|
trigramme__in=[KFET_DELETED_TRIGRAMME, KFET_GENERIC_TRIGRAMME]
|
||||||
|
),
|
||||||
|
widget=forms.HiddenInput(),
|
||||||
)
|
)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
|
@ -150,6 +150,15 @@ class Account(models.Model):
|
||||||
def readable(self):
|
def readable(self):
|
||||||
return self.trigramme not in [KFET_DELETED_TRIGRAMME, KFET_GENERIC_TRIGRAMME]
|
return self.trigramme not in [KFET_DELETED_TRIGRAMME, KFET_GENERIC_TRIGRAMME]
|
||||||
|
|
||||||
|
@property
|
||||||
|
def editable(self):
|
||||||
|
return self.trigramme not in [
|
||||||
|
KFET_DELETED_TRIGRAMME,
|
||||||
|
KFET_GENERIC_TRIGRAMME,
|
||||||
|
"LIQ",
|
||||||
|
"#13",
|
||||||
|
]
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def is_team(self):
|
def is_team(self):
|
||||||
return self.has_perm("kfet.is_team")
|
return self.has_perm("kfet.is_team")
|
||||||
|
|
|
@ -328,7 +328,9 @@ def account_update(request, trigramme):
|
||||||
account = get_object_or_404(Account, trigramme=trigramme)
|
account = get_object_or_404(Account, trigramme=trigramme)
|
||||||
|
|
||||||
# Checking permissions
|
# Checking permissions
|
||||||
if not request.user.has_perm("kfet.is_team") and request.user != account.user:
|
if not account.editable or (
|
||||||
|
not request.user.has_perm("kfet.is_team") and request.user != account.user
|
||||||
|
):
|
||||||
raise Http404
|
raise Http404
|
||||||
|
|
||||||
user_info_form = UserInfoForm(instance=account.user)
|
user_info_form = UserInfoForm(instance=account.user)
|
||||||
|
@ -911,6 +913,8 @@ def kpsul_get_settings(request):
|
||||||
@teamkfet_required
|
@teamkfet_required
|
||||||
def account_read_json(request, trigramme):
|
def account_read_json(request, trigramme):
|
||||||
account = get_object_or_404(Account, trigramme=trigramme)
|
account = get_object_or_404(Account, trigramme=trigramme)
|
||||||
|
if not account.readable:
|
||||||
|
raise Http404
|
||||||
data = {
|
data = {
|
||||||
"id": account.pk,
|
"id": account.pk,
|
||||||
"name": account.name,
|
"name": account.name,
|
||||||
|
|
Loading…
Reference in a new issue