diff --git a/CHANGELOG.md b/CHANGELOG.md index fb152b78..75edb3a6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -29,6 +29,7 @@ adhérents ni des cotisations. ### K-Fêt +- Ajoute une exception à la limite d'historique pour les comptes `LIQ` et `#13` - Répare le problème des étiquettes LIQ/Comptes K-Fêt inversées dans les stats des articles K-Fêt ## Version 0.11 - 26/10/2021 diff --git a/gestioasso/settings/cof_prod.py b/gestioasso/settings/cof_prod.py index cbb643c6..ebfef337 100644 --- a/gestioasso/settings/cof_prod.py +++ b/gestioasso/settings/cof_prod.py @@ -7,6 +7,8 @@ Surcharge les settings définis dans common.py import os from datetime import timedelta +from django.utils import timezone + from .common import * # NOQA from .common import ( AUTHENTICATION_BACKENDS, @@ -224,3 +226,8 @@ KFET_HISTORY_DATE_LIMIT = timedelta(days=7) # Limite plus longue pour les chefs/trez # (qui ont la permission kfet.access_old_history) KFET_HISTORY_LONG_DATE_LIMIT = timedelta(days=30) + +# These accounts don't represent actual people and can be freely accessed +# Identification based on trigrammes +KFET_HISTORY_NO_DATE_LIMIT_TRIGRAMMES = ["LIQ", "#13"] +KFET_HISTORY_NO_DATE_LIMIT = timezone.datetime(1794, 10, 30) # AKA the distant past diff --git a/kfet/templates/kfet/history.html b/kfet/templates/kfet/history.html index 03f9bbdf..100e0825 100644 --- a/kfet/templates/kfet/history.html +++ b/kfet/templates/kfet/history.html @@ -57,12 +57,18 @@ $(document).ready(function() { }); } + const history_limit = '{{ history_limit }}'; + // trigrammes speciaux (LIQ, #13) + // Peuvent être consulté a une date plus vielle que history_limit + const history_no_limit_accounts = [{% for id in history_no_limit_account_ids %}'{{ id }}', {% endfor %}]; + const history_no_limit = '{{ history_no_limit }}'; + let defaults_datetimepicker = { timeZone : 'Europe/Paris', format : 'YYYY-MM-DD HH:mm', stepping : 5, locale : 'fr', - minDate : '{{ history_limit }}', + minDate : history_limit, showTodayButton: true, widgetPositioning: { horizontal: "left", @@ -77,11 +83,29 @@ $(document).ready(function() { defaultDate: moment(), })); - $("#from_date").on("dp.change", function (e) { - $('#to_date').data("DateTimePicker").minDate(e.date); + $from_date.on("dp.change", function (e) { + $to_date.data("DateTimePicker").minDate(e.date); }); - $("#to_date").on("dp.change", function (e) { - $('#from_date').data("DateTimePicker").maxDate(e.date); + $to_date.on("dp.change", function (e) { + $from_date.data("DateTimePicker").maxDate(e.date); + }); + + $account.on("change", function (e) { + const selected_id = $account.val(); + if (history_no_limit_accounts.includes(selected_id)) { + // it is a special account + // earlier history limit + $from_date.data("DateTimePicker").minDate(history_no_limit); + } + else { + // normal history limit + reset to date for good measure + if ($to_date.val() < history_limit) { + // setting a min date > max_date causes errors + $from_date.data("DateTimePicker").maxDate(history_limit); + $to_date.data("DateTimePicker").minDate(history_limit); + } + $from_date.data("DateTimePicker").minDate(history_limit); + } }); $("#btn-fetch").on('click', function() { diff --git a/kfet/views.py b/kfet/views.py index b9561f33..569e42a5 100644 --- a/kfet/views.py +++ b/kfet/views.py @@ -3,7 +3,7 @@ import statistics from collections import defaultdict from datetime import datetime, timedelta from decimal import Decimal -from typing import List +from typing import List, Tuple from urllib.parse import urlencode from django.conf import settings @@ -1429,16 +1429,23 @@ def cancel_operations(request): return JsonResponse(data) -def get_history_limit(user) -> datetime: - """returns the earliest date the given user can view history - according to his/her permissions""" +def get_history_limit(user) -> Tuple[datetime, datetime]: + """returns a tuple of 2 dates + - the earliest date the given user can view history of any account + - the earliest date the given user can view history of special accounts + (LIQ and #13)""" now = timezone.now() if user.has_perm("kfet.access_old_history"): - return now - settings.KFET_HISTORY_LONG_DATE_LIMIT + return ( + now - settings.KFET_HISTORY_LONG_DATE_LIMIT, + settings.KFET_HISTORY_NO_DATE_LIMIT, + ) if user.has_perm("kfet.is_team"): - return now - settings.KFET_HISTORY_LONG_DATE_LIMIT + limit = now - settings.KFET_HISTORY_DATE_LIMIT + return limit, limit # should not happen - future earliest date - return now + timedelta(days=1) + future = now + timedelta(days=1) + return future, future @login_required @@ -1527,7 +1534,12 @@ def history_json(request): return JsonResponse({}, status=403) if limit_date: # limiter l'accès à l'historique ancien pour confidentialité - earliest_date = get_history_limit(request.user) + earliest_date, earliest_date_no_limit = get_history_limit(request.user) + if ( + account + and account.trigramme in settings.KFET_HISTORY_NO_DATE_LIMIT_TRIGRAMMES + ): + earliest_date = earliest_date_no_limit opegroups = opegroups.filter(at__gte=earliest_date) transfergroups = transfergroups.filter(at__gte=earliest_date) @@ -1619,10 +1631,19 @@ def kpsul_articles_data(request): @teamkfet_required def history(request): - history_limit = get_history_limit(request.user) + # These limits are only useful for JS datepickers + # They don't enforce anything and can be bypassed + # Serious checks are done in history_json + history_limit, history_no_limit = get_history_limit(request.user) + history_no_limit_account_ids = Account.objects.filter( + trigramme__in=settings.KFET_HISTORY_NO_DATE_LIMIT_TRIGRAMMES + ).values_list("id", flat=True) + format_date = lambda date: date.strftime("%Y-%m-%d %H:%M") data = { "filter_form": FilterHistoryForm(), - "history_limit": history_limit.strftime("%Y-%m-%d %H:%M"), + "history_limit": format_date(history_limit), + "history_no_limit_account_ids": history_no_limit_account_ids, + "history_no_limit": format_date(history_no_limit), } return render(request, "kfet/history.html", data)