Merge branch 'Aufinal/editable_accounts' into 'master'

Harmonise les comptes non-lisibles ou éditables

Closes #234

See merge request klub-dev-ens/gestioCOF!412
This commit is contained in:
Martin Pepin 2020-05-07 18:07:07 +02:00
commit 3b2251a1d6
3 changed files with 20 additions and 2 deletions

View file

@ -24,6 +24,8 @@ from kfet.models import (
TransferGroup,
)
from . import KFET_DELETED_TRIGRAMME
from .auth import KFET_GENERIC_TRIGRAMME
from .auth.forms import UserGroupForm # noqa
# -----
@ -324,7 +326,10 @@ class KPsulOperationGroupForm(forms.ModelForm):
widget=forms.HiddenInput(),
)
on_acc = forms.ModelChoiceField(
queryset=Account.objects.exclude(trigramme="GNR"), widget=forms.HiddenInput()
queryset=Account.objects.exclude(
trigramme__in=[KFET_DELETED_TRIGRAMME, KFET_GENERIC_TRIGRAMME]
),
widget=forms.HiddenInput(),
)
class Meta:

View file

@ -150,6 +150,15 @@ class Account(models.Model):
def readable(self):
return self.trigramme not in [KFET_DELETED_TRIGRAMME, KFET_GENERIC_TRIGRAMME]
@property
def editable(self):
return self.trigramme not in [
KFET_DELETED_TRIGRAMME,
KFET_GENERIC_TRIGRAMME,
"LIQ",
"#13",
]
@property
def is_team(self):
return self.has_perm("kfet.is_team")

View file

@ -328,7 +328,9 @@ def account_update(request, trigramme):
account = get_object_or_404(Account, trigramme=trigramme)
# Checking permissions
if not request.user.has_perm("kfet.is_team") and request.user != account.user:
if not account.editable or (
not request.user.has_perm("kfet.is_team") and request.user != account.user
):
raise Http404
user_info_form = UserInfoForm(instance=account.user)
@ -911,6 +913,8 @@ def kpsul_get_settings(request):
@teamkfet_required
def account_read_json(request, trigramme):
account = get_object_or_404(Account, trigramme=trigramme)
if not account.readable:
raise Http404
data = {
"id": account.pk,
"name": account.name,