diff --git a/kfet/forms.py b/kfet/forms.py index 2c01c3c2..50873987 100644 --- a/kfet/forms.py +++ b/kfet/forms.py @@ -163,9 +163,11 @@ class KPsulOperationForm(forms.ModelForm): raise ValidationError("Charge non positive") if type_ope == Operation.WITHDRAW and amount >= 0: raise ValidationError("Retrait non négatif") + self.cleaned_data['article'] = None + self.cleaned_data['article_nb'] = None KPsulOperationFormSet = modelformset_factory( - Operation, - form = KPsulOperationForm, - extra = 1, - min_num = 1, validate_min = True) + Operation, + form = KPsulOperationForm, + extra = 1, + min_num = 1, validate_min = True) diff --git a/kfet/migrations/0014_auto_20160807_2314.py b/kfet/migrations/0014_auto_20160807_2314.py new file mode 100644 index 00000000..50417091 --- /dev/null +++ b/kfet/migrations/0014_auto_20160807_2314.py @@ -0,0 +1,18 @@ +# -*- coding: utf-8 -*- +from __future__ import unicode_literals + +from django.db import models, migrations + + +class Migration(migrations.Migration): + + dependencies = [ + ('kfet', '0013_auto_20160807_1840'), + ] + + operations = [ + migrations.AlterModelOptions( + name='globalpermissions', + options={'permissions': (('is_team', 'Is part of the team'), ('can_perform_deposit', 'Peut effectuer une charge')), 'managed': False}, + ), + ] diff --git a/kfet/migrations/0015_auto_20160807_2324.py b/kfet/migrations/0015_auto_20160807_2324.py new file mode 100644 index 00000000..a1789fc2 --- /dev/null +++ b/kfet/migrations/0015_auto_20160807_2324.py @@ -0,0 +1,18 @@ +# -*- coding: utf-8 -*- +from __future__ import unicode_literals + +from django.db import models, migrations + + +class Migration(migrations.Migration): + + dependencies = [ + ('kfet', '0014_auto_20160807_2314'), + ] + + operations = [ + migrations.AlterModelOptions( + name='globalpermissions', + options={'permissions': (('is_team', 'Is part of the team'), ('can_perform_deposit', 'Peut effectuer une charge'), ('can_perform_negative_operations', 'Peut enregistrer des commandes en négatif')), 'managed': False}, + ), + ] diff --git a/kfet/models.py b/kfet/models.py index 31eac33e..5db871be 100644 --- a/kfet/models.py +++ b/kfet/models.py @@ -93,6 +93,13 @@ class Account(models.Model): data['is_free'] = True return data + def perms_to_perform_operation(self, amount): + new_balance = self.balance + amount + perms = [] + if new_balance < 0: + perms.append('kfet.can_perform_negative_operations') + return perms + # Surcharge Méthode save() avec gestions de User et CofProfile # Args: # - data : datas pour User et CofProfile @@ -415,6 +422,9 @@ class GlobalPermissions(models.Model): managed = False permissions = ( ('is_team', 'Is part of the team'), + ('can_perform_deposit', 'Peut effectuer une charge'), + ('can_perform_negative_operations', + 'Peut enregistrer des commandes en négatif') ) class Settings(models.Model): @@ -437,4 +447,5 @@ class Settings(models.Model): return 0 class SettingsError(Exception): - pass + def __init__(self, msg): + self.msg = msg diff --git a/kfet/views.py b/kfet/views.py index c8ca4836..b9384231 100644 --- a/kfet/views.py +++ b/kfet/views.py @@ -6,7 +6,7 @@ from django.core.urlresolvers import reverse_lazy from django.contrib import messages from django.contrib.messages.views import SuccessMessageMixin from django.contrib.auth.decorators import login_required, permission_required -from django.contrib.auth.models import User +from django.contrib.auth.models import User, Permission from django.http import HttpResponse, JsonResponse, Http404 from django.forms import modelformset_factory from gestioncof.models import CofProfile, Clipper @@ -398,7 +398,7 @@ def kpsul_perform_operations(request): if not operation_formset.is_valid(): data['errors'].append({'operations': list(operation_formset.errors) }) - # Returning bad request if errors + # Returning BAD REQUEST if errors if 'errors' in data: return JsonResponse(data, status=400) @@ -410,14 +410,43 @@ def kpsul_perform_operations(request): cof_grant = Settings.SUBVENTION_COF() cof_grant_divisor = 1 + cof_grant / 100 - # Calculating amount of each PURCHASE operations - # and total amount for operation group + # Initializing required perms + required_perms = [] + + # 1. Calculating amount of each PURCHASE operations + # 2. and total amount for operation group + # 3. Adding required permissions to perform each operation for operation in operations: + # 1 if operation.type == Operation.PURCHASE: operation.amount = - operation.article.price * operation.article_nb if operationgroup.on_acc.is_cof: operation.amount = operation.amount / cof_grant_divisor + # 2 operationgroup.amount += operation.amount + # 3 + if operation.type == Operation.DEPOSIT: + required_perms.append('kfet.can_perform_deposit') + + + # Adding required permissions to perform operation group + opegroup_perms = operationgroup.on_acc.perms_to_perform_operation( + amount = operationgroup.amount) + required_perms += opegroup_perms + + # Checking authenticated user has all perms + if not request.user.has_perms(required_perms): + # Sending BAD_REQUEST with missing perms + missing_perms = \ + [ Permission.objects.get(codename=codename).name for codename in ( + (perm.split('.'))[1] for perm in + required_perms if not request.user.has_perm(perm) + )] + data['errors'].append({'missing_perms': missing_perms }) + return JsonResponse(data, status=400) + + # If 1 perm is required, saving who perform the operations + operationgroup.valid_by = request.user.profile.account_kfet # Filling cof status for statistics operationgroup.is_cof = operationgroup.on_acc.is_cof