Harmonise les comptes non-lisibles ou éditables

kfet/forms.py

@@ -24,6 +24,8 @@ from kfet.models import (
     TransferGroup,
 )
 
+from . import KFET_DELETED_TRIGRAMME
+from .auth import KFET_GENERIC_TRIGRAMME
 from .auth.forms import UserGroupForm  # noqa
 
 # -----
@@ -324,7 +326,10 @@ class KPsulOperationGroupForm(forms.ModelForm):
         widget=forms.HiddenInput(),
     )
     on_acc = forms.ModelChoiceField(
-        queryset=Account.objects.exclude(trigramme="GNR"), widget=forms.HiddenInput()
+        queryset=Account.objects.exclude(
+            trigramme__in=[KFET_DELETED_TRIGRAMME, KFET_GENERIC_TRIGRAMME]
+        ),
+        widget=forms.HiddenInput(),
     )
 
     class Meta:

kfet/models.py

@@ -150,6 +150,15 @@ class Account(models.Model):
     def readable(self):
         return self.trigramme not in [KFET_DELETED_TRIGRAMME, KFET_GENERIC_TRIGRAMME]
 
+    @property
+    def editable(self):
+        return self.trigramme not in [
+            KFET_DELETED_TRIGRAMME,
+            KFET_GENERIC_TRIGRAMME,
+            "LIQ",
+            "#13",
+        ]
+
     @property
     def is_team(self):
         return self.has_perm("kfet.is_team")

kfet/views.py

@@ -328,7 +328,9 @@ def account_update(request, trigramme):
     account = get_object_or_404(Account, trigramme=trigramme)
 
     # Checking permissions
-    if not request.user.has_perm("kfet.is_team") and request.user != account.user:
+    if not account.editable or (
+        not request.user.has_perm("kfet.is_team") and request.user != account.user
+    ):
         raise Http404
 
     user_info_form = UserInfoForm(instance=account.user)
@@ -911,6 +913,8 @@ def kpsul_get_settings(request):
 @teamkfet_required
 def account_read_json(request, trigramme):
     account = get_object_or_404(Account, trigramme=trigramme)
+    if not account.readable:
+        raise Http404
     data = {
         "id": account.pk,
         "name": account.name,