Fix de views.py et tests de permissions

2025-06-16 15:06:00 +02:00 · 2025-05-28 16:04:19 +02:00 · 2025-05-28 16:04:19 +02:00 · 4479e8f97a
commit 4479e8f97a
parent a351415494
2 changed files with 18 additions and 6 deletions
--- a/apps/permission/tests/test_permission_denied.py
+++ b/apps/permission/tests/test_permission_denied.py
@ -10,7 +10,7 @@ from django.utils import timezone
 from django.utils.crypto import get_random_string
 from activity.models import Activity
 from member.models import Club, Membership
-from note.models import NoteUser
+from note.models import NoteUser, NoteClub
 from wei.models import WEIClub, Bus, WEIRegistration


@ -122,10 +122,13 @@ class TestPermissionDenied(TestCase):

    def test_validate_weiregistration(self):
        wei = WEIClub.objects.create(
+            name="WEI Test",
            membership_start=date.today(),
            date_start=date.today() + timedelta(days=1),
            date_end=date.today() + timedelta(days=1),
+            parent_club=Club.objects.get(name="Kfet"),
        )
+        NoteClub.objects.create(club=wei)
        registration = WEIRegistration.objects.create(wei=wei, user=self.user, birth_date="2000-01-01")
        response = self.client.get(reverse("wei:validate_registration", kwargs=dict(pk=registration.pk)))
        self.assertEqual(response.status_code, 403)
--- a/apps/wei/views.py
+++ b/apps/wei/views.py
@ -876,18 +876,27 @@ class WEIDeleteRegistrationView(ProtectQuerysetMixin, LoginRequiredMixin, Delete
        return reverse_lazy('wei:wei_detail', args=(self.object.wei.pk,))


-class WEIValidateRegistrationView(LoginRequiredMixin, CreateView):
+class WEIValidateRegistrationView(ProtectQuerysetMixin, ProtectedCreateView):
    """
    Validate WEI Registration
    """
    model = WEIMembership
    extra_context = {"title": _("Validate WEI registration")}

+    def get_sample_object(self):
+        """
+        Return a sample object for permission checking
+        """
+        registration = WEIRegistration.objects.get(pk=self.kwargs["pk"])
+        return WEIMembership(
+            user=registration.user,
+            club=registration.wei,
+            date_start=registration.wei.date_start,
+            # Add any fields needed for proper permission checking
+            registration=registration,
+        )
+
    def dispatch(self, request, *args, **kwargs):
-        # Vérifier d'abord si l'utilisateur a la permission générale
-        if not request.user.has_perm("wei.add_weimembership"):
-            raise PermissionDenied(_("You don't have the permission to validate registrations"))
-            
        registration = WEIRegistration.objects.get(pk=self.kwargs["pk"])
        
        wei = registration.wei