Improve add permissions

2025-10-31 07:49:57 +01:00 · 2020-03-18 15:49:52 +01:00
parent 057f42fdb6
commit e461d70b14
3 changed files with 24 additions and 7 deletions
--- a/apps/note/models/transactions.py
+++ b/apps/note/models/transactions.py
@@ -129,14 +129,13 @@ class Transaction(PolymorphicModel):
            models.Index(fields=['destination']),
        ]

-    def save(self, *args, **kwargs):
+    def post_save(self, *args, **kwargs):
        """
        When saving, also transfer money between two notes
        """

        if self.source.pk == self.destination.pk:
            # When source == destination, no money is transfered
-            super().save(*args, **kwargs)
            return

        created = self.pk is None
@@ -152,10 +151,12 @@ class Transaction(PolymorphicModel):
            self.source.balance -= to_transfer
            self.destination.balance += to_transfer

+        # We save first the transaction, in case of the user has no right to transfer money
+        super().save(*args, **kwargs)
+
        # Save notes
        self.source.save()
        self.destination.save()
-        super().save(*args, **kwargs)

    @property
    def total(self):
--- a/apps/permission/models.py
+++ b/apps/permission/models.py
@@ -25,13 +25,14 @@ class InstancedPermission:
        Returns True if the permission applies to
        the field `field_name` object `obj`
        """
+        if ContentType.objects.get_for_model(obj) != self.model:
+            # The permission does not apply to the model
+            return False
+
        if self.type == 'add':
            if permission_type == self.type:
                return self.query(obj)

-        if ContentType.objects.get_for_model(obj) != self.model:
-            # The permission does not apply to the model
-            return False
        if permission_type == self.type:
            if self.field and field_name != self.field:
                return False
@@ -202,7 +203,18 @@ class Permission(models.Model):
            def func(obj):
                nonlocal q_kwargs
                for arg in q_kwargs:
-                    if getattr(obj, arg) != q_kwargs[arg]:
+                    spl = arg.split('__')
+                    value = obj
+                    last = None
+                    for s in spl:
+                        if not hasattr(obj, s):
+                            last = s
+                            break
+                        value = getattr(obj, s)
+                    if last == "lte":  # TODO Add more filters
+                        if value > q_kwargs[arg]:
+                            return False
+                    elif value != q_kwargs[arg]:
                        return False
                return True
            return func
--- a/apps/permission/signals.py
+++ b/apps/permission/signals.py
@@ -14,6 +14,10 @@ EXCLUDED = [
    'contenttypes.contenttype',
    'logs.changelog',
    'migrations.migration',
+    'note.note',
+    'note.noteuser',
+    'note.noteclub',
+    'note.notespecial',
    'sessions.session',
 ]