Update file views.py

apps/member/views.py

@@ -72,12 +72,26 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
         form.fields['email'].required = True
         form.fields['email'].help_text = _("This address must be valid.")
 
-        if PermissionBackend.check_perm(self.request, "member.change_profile", context['user_object'].profile):
+        #if PermissionBackend.check_perm(self.request, "member.change_profile", context['user_object'].profile):
-            context['profile_form'] = self.profile_form(instance=context['user_object'].profile,
+        #    context['profile_form'] = self.profile_form(instance=context['user_object'].profile,
                                                         data=self.request.POST if self.request.POST else None)
+        #    if not self.object.profile.report_frequency:
+        #        del context['profile_form'].fields["last_report"]
+
+            # Vérification des permissions sur le profil
+        profile_form = self.profile_form(instance=context['user_object'].profile,
+                                            data=self.request.POST if self.request.POST else None)
+            # Désactivation des champs non autorisés
+        for field_name in profile_form.fields:
+            if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", context['user_object'].profile):
+                profile_form.fields[field_name].widget.attrs['disabled'] = True
+
+        context['profile_form'] = profile_form
+
         if not self.object.profile.report_frequency:
                 del context['profile_form'].fields["last_report"]
         
+
         return context
 
     @transaction.atomic