Fix de la plupart des bugs

apps/wei/forms/registration.py

@@ -39,7 +39,9 @@ class WEIRegistrationForm(forms.ModelForm):
 
     class Meta:
         model = WEIRegistration
-        exclude = ('wei', 'clothing_cut')
+        fields = ['user', 'soge_credit', 'birth_date', 'gender', 'clothing_size', 
+                'health_issues', 'emergency_contact_name', 'emergency_contact_phone', 'first_year',
+                'information_json']
         widgets = {
             "user": Autocomplete(
                 User,
@@ -50,7 +52,7 @@ class WEIRegistrationForm(forms.ModelForm):
                 },
             ),
             "birth_date": DatePickerInput(options={'minDate': '1900-01-01',
-                                                   'maxDate': '2100-01-01'}),
+                                                'maxDate': '2100-01-01'}),
         }
 
 
@@ -81,11 +83,6 @@ class WEIChooseBusForm(forms.Form):
 
 
 class WEIMembershipForm(forms.ModelForm):
-    caution_check = forms.BooleanField(
-        required=False,
-        label=_("Caution check given"),
-    )
-
     roles = forms.ModelMultipleChoiceField(
         queryset=WEIRole.objects,
         label=_("WEI Roles"),

apps/wei/tables.py

@@ -98,7 +98,7 @@ class WEIRegistrationTable(tables.Table):
         if not hasperm:
             return format_html("<span class='no-perm'></span>")
 
-        url = reverse_lazy('wei:validate_registration', args=(record.pk,))
+        url = reverse_lazy('wei:wei_update_registration', args=(record.pk,)) + '?validate=true'
         text = _('Validate')
         if record.fee > record.user.note.balance and not record.soge_credit:
             btn_class = 'btn-secondary'

apps/wei/views.py

@@ -8,18 +8,20 @@ from datetime import date, timedelta
 from tempfile import mkdtemp
 
 from django.conf import settings
+from django.contrib import messages
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.models import User
 from django.core.exceptions import PermissionDenied
 from django.db import transaction
 from django.db.models import Q, Count
 from django.db.models.functions.text import Lower
+from django import forms
 from django.http import HttpResponse, Http404
 from django.shortcuts import redirect
 from django.template.loader import render_to_string
 from django.urls import reverse_lazy
 from django.views import View
-from django.views.generic import DetailView, UpdateView, RedirectView, TemplateView
+from django.views.generic import DetailView, UpdateView, RedirectView, TemplateView, CreateView
 from django.utils.translation import gettext_lazy as _
 from django.views.generic.edit import BaseFormView, DeleteView
 from django_tables2 import SingleTableView, MultiTableMixin
@@ -37,6 +39,7 @@ from .forms import WEIForm, WEIRegistrationForm, BusForm, BusTeamForm, WEIMember
     WEIMembershipForm, CurrentSurvey
 from .tables import BusRepartitionTable, BusTable, BusTeamTable, WEITable, WEIRegistrationTable, \
     WEIRegistration1ATable, WEIMembershipTable
+from .forms.surveys import CurrentSurvey
 
 
 class CurrentWEIDetailView(LoginRequiredMixin, RedirectView):
@@ -560,9 +563,15 @@ class WEIRegister1AView(ProtectQuerysetMixin, ProtectedCreateView):
     def get_form(self, form_class=None):
         form = super().get_form(form_class)
         form.fields["user"].initial = self.request.user
-        del form.fields["first_year"]
-        del form.fields["caution_check"]
-        del form.fields["information_json"]
+        
+        # Cacher les champs pendant l'inscription initiale
+        if "first_year" in form.fields:
+            del form.fields["first_year"]
+        if "caution_check" in form.fields:
+            del form.fields["caution_check"]
+        if "information_json" in form.fields:
+            del form.fields["information_json"]
+            
         return form
 
     @transaction.atomic
@@ -658,9 +667,13 @@ class WEIRegister2AView(ProtectQuerysetMixin, ProtectedCreateView):
             form.fields["soge_credit"].disabled = True
             form.fields["soge_credit"].help_text = _("You already opened an account in the Société générale.")
 
-        del form.fields["caution_check"]
-        del form.fields["first_year"]
-        del form.fields["information_json"]
+        # Cacher les champs pendant l'inscription initiale
+        if "first_year" in form.fields:
+            del form.fields["first_year"]
+        if "caution_check" in form.fields:
+            del form.fields["caution_check"]
+        if "information_json" in form.fields:
+            del form.fields["information_json"]
 
         return form
 
@@ -716,11 +729,15 @@ class WEIUpdateRegistrationView(ProtectQuerysetMixin, LoginRequiredMixin, Update
         # We can't update a registration once the WEI is started and before the membership start date
         if today >= wei.date_start or today < wei.membership_start:
             return redirect(reverse_lazy('wei:wei_closed', args=(wei.pk,)))
+        # Store the validate parameter in the view's state
+        self.should_validate = request.GET.get('validate', False)
         return super().dispatch(request, *args, **kwargs)
 
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
         context["club"] = self.object.wei
+        # Pass the validate parameter to the template
+        context["should_validate"] = self.should_validate
 
         if self.object.is_validated:
             membership_form = self.get_membership_form(instance=self.object.membership,
@@ -754,6 +771,9 @@ class WEIUpdateRegistrationView(ProtectQuerysetMixin, LoginRequiredMixin, Update
         # The auto-json-format may cause issues with the default field remove
         if not PermissionBackend.check_perm(self.request, 'wei.change_weiregistration_information_json', self.object):
             del form.fields["information_json"]
+        # Masquer le champ caution_check pour tout le monde dans le formulaire de modification
+        if "caution_check" in form.fields:
+            del form.fields["caution_check"]
         return form
 
     def get_membership_form(self, data=None, instance=None):
@@ -773,10 +793,30 @@ class WEIUpdateRegistrationView(ProtectQuerysetMixin, LoginRequiredMixin, Update
     def form_valid(self, form):
         # If the membership is already validated, then we update the bus and the team (and the roles)
         if form.instance.is_validated:
-            membership_form = self.get_membership_form(self.request.POST, form.instance.membership)
-            if not membership_form.is_valid():
+            try:
+                membership = form.instance.membership
+                if membership is None:
+                    raise ValueError(_("No membership found for this registration"))
+                
+                membership_form = self.get_membership_form(self.request.POST, instance=membership)
+                if not membership_form.is_valid():
+                    return self.form_invalid(form)
+                
+                # Vérifier que l'utilisateur a la permission de modifier le membership
+                # On vérifie d'abord si l'utilisateur a la permission générale de modification
+                if not self.request.user.has_perm("wei.change_weimembership"):
+                    raise PermissionDenied(_("You don't have the permission to update memberships"))
+                
+                # On vérifie ensuite les permissions spécifiques pour chaque champ modifié
+                for field_name in membership_form.changed_data:
+                    perm = f"wei.change_weimembership_{field_name}"
+                    if not self.request.user.has_perm(perm):
+                        raise PermissionDenied(_("You don't have the permission to update the field %(field)s") % {'field': field_name})
+                
+                membership_form.save()
+            except (WEIMembership.DoesNotExist, ValueError, PermissionDenied) as e:
+                form.add_error(None, str(e))
                 return self.form_invalid(form)
-            membership_form.save()
         # If it is not validated and if this is an old member, then we update the choices
         elif not form.instance.first_year and PermissionBackend.check_perm(
                 self.request, "wei.change_weiregistration_information_json", self.object):
@@ -801,14 +841,8 @@ class WEIUpdateRegistrationView(ProtectQuerysetMixin, LoginRequiredMixin, Update
             survey = CurrentSurvey(self.object)
             if not survey.is_complete():
                 return reverse_lazy("wei:wei_survey", kwargs={"pk": self.object.pk})
-        if PermissionBackend.check_perm(self.request, "wei.add_weimembership", WEIMembership(
-            club=self.object.wei,
-            user=self.object.user,
-            date_start=date.today(),
-            date_end=date.today(),
-            fee=0,
-            registration=self.object,
-        )):
+        # On redirige vers la validation uniquement si c'est explicitement demandé (et stocké dans la vue)
+        if self.should_validate and self.request.user.has_perm("wei.add_weimembership"):
             return reverse_lazy("wei:validate_registration", kwargs={"pk": self.object.pk})
         return reverse_lazy("wei:wei_detail", kwargs={"pk": self.object.wei.pk})
 
@@ -842,26 +876,21 @@ class WEIDeleteRegistrationView(ProtectQuerysetMixin, LoginRequiredMixin, Delete
         return reverse_lazy('wei:wei_detail', args=(self.object.wei.pk,))
 
 
-class WEIValidateRegistrationView(ProtectQuerysetMixin, ProtectedCreateView):
+class WEIValidateRegistrationView(LoginRequiredMixin, CreateView):
     """
     Validate WEI Registration
     """
     model = WEIMembership
     extra_context = {"title": _("Validate WEI registration")}
 
-    def get_sample_object(self):
-        registration = WEIRegistration.objects.get(pk=self.kwargs["pk"])
-        return WEIMembership(
-            club=registration.wei,
-            user=registration.user,
-            date_start=date.today(),
-            date_end=date.today() + timedelta(days=1),
-            fee=0,
-            registration=registration,
-        )
-
     def dispatch(self, request, *args, **kwargs):
-        wei = WEIRegistration.objects.get(pk=self.kwargs["pk"]).wei
+        # Vérifier d'abord si l'utilisateur a la permission générale
+        if not request.user.has_perm("wei.add_weimembership"):
+            raise PermissionDenied(_("You don't have the permission to validate registrations"))
+            
+        registration = WEIRegistration.objects.get(pk=self.kwargs["pk"])
+        
+        wei = registration.wei
         today = date.today()
         # We can't validate anyone once the WEI is started and before the membership start date
         if today >= wei.date_start or today < wei.membership_start:
@@ -914,8 +943,14 @@ class WEIValidateRegistrationView(ProtectQuerysetMixin, ProtectedCreateView):
         form.fields["last_name"].initial = registration.user.last_name
         form.fields["first_name"].initial = registration.user.first_name
 
-        if "caution_check" in form.fields:
-            form.fields["caution_check"].initial = registration.caution_check
+        # Ajouter le champ caution_check uniquement pour les non-première année et le rendre obligatoire
+        if not registration.first_year:
+            form.fields["caution_check"] = forms.BooleanField(
+                required=True,
+                initial=registration.caution_check,
+                label=_("Caution check given"),
+                help_text=_("Please make sure the check is given before validating the registration")
+            )
 
         if registration.soge_credit:
             form.fields["credit_type"].disabled = True
@@ -1303,8 +1338,22 @@ class WEIAttributeBus1ANextView(LoginRequiredMixin, RedirectView):
         if not wei.exists():
             raise Http404
         wei = wei.get()
-        qs = WEIRegistration.objects.filter(wei=wei, membership__isnull=False, membership__bus__isnull=True)
-        qs = qs.filter(information_json__contains='selected_bus_pk')  # not perfect, but works...
-        if qs.exists():
-            return reverse_lazy('wei:wei_bus_1A', args=(qs.first().pk, ))
-        return reverse_lazy('wei:wei_1A_list', args=(wei.pk, ))
+        
+        # On cherche d'abord les 1A qui ont une inscription validée (membership) mais pas de bus
+        qs = WEIRegistration.objects.filter(
+            wei=wei,
+            first_year=True,
+            membership__isnull=False,
+            membership__bus__isnull=True
+        )
+        
+        # Parmi eux, on prend ceux qui ont répondu au questionnaire (ont un bus préféré)
+        qs = qs.filter(information_json__contains='selected_bus_pk')
+        
+        if not qs.exists():
+            # Si on ne trouve personne, on affiche un message et on retourne à la liste
+            messages.info(self.request, _("No first year student without a bus found. Either all of them have a bus, or none has filled the survey yet."))
+            return reverse_lazy('wei:wei_1A_list', args=(wei.pk,))
+            
+        # On redirige vers la page d'attribution pour le premier étudiant trouvé
+        return reverse_lazy('wei:wei_bus_1A', args=(qs.first().pk,))