ynerant/nk20
1
0
Fork 0
mirror of https://gitlab.crans.org/bde/nk20 synced 2025-05-04 12:31:38 +00:00
Code Issues Releases Wiki Activity

Compare commits

base: ynerant:9e7f7df7218722079b0afd5bf38b5c5b3901138b
Branches Tags
ynerant:main
ynerant:food_traceability
ynerant:update_invoice_template
ynerant:time-display
ynerant:guests_schools
ynerant:export_members_ml
ynerant:notekfet_wrapped
ynerant:Add_some_permissions
ynerant:permissions_fo_parent_clubs
ynerant:respo_comm_permissionsV2
ynerant:fix_activity_view
ynerant:Automation_mailing_lists
ynerant:potvieux
ynerant:New_permission
ynerant:finito_sda
ynerant:beta
ynerant:non-BDE-members-permission-fix
ynerant:survey_wei_2024
ynerant:migration-django-4-2
ynerant:summary_notes
ynerant:traduction_inclusive_fr
ynerant:migration-django-5-0
ynerant:qrcode
ynerant:VSS
ynerant:update_permission
ynerant:fix_pipeline
ynerant:permission_var
ynerant:inclusive
ynerant:nix-shell
ynerant:sheets
ynerant:svg_icons
ynerant:faster_ci
ynerant:v1.0.3
ynerant:v1.0.2
ynerant:v1.0.1
ynerant:v1.0.0
..
compare: ynerant:238ba78f4fa8ef61bce4eb22b3656343b314b018
Branches Tags
ynerant:main
ynerant:food_traceability
ynerant:update_invoice_template
ynerant:time-display
ynerant:guests_schools
ynerant:export_members_ml
ynerant:notekfet_wrapped
ynerant:Add_some_permissions
ynerant:permissions_fo_parent_clubs
ynerant:respo_comm_permissionsV2
ynerant:fix_activity_view
ynerant:Automation_mailing_lists
ynerant:potvieux
ynerant:New_permission
ynerant:finito_sda
ynerant:beta
ynerant:non-BDE-members-permission-fix
ynerant:survey_wei_2024
ynerant:migration-django-4-2
ynerant:summary_notes
ynerant:traduction_inclusive_fr
ynerant:migration-django-5-0
ynerant:qrcode
ynerant:VSS
ynerant:update_permission
ynerant:fix_pipeline
ynerant:permission_var
ynerant:inclusive
ynerant:nix-shell
ynerant:sheets
ynerant:svg_icons
ynerant:faster_ci
ynerant:v1.0.3
ynerant:v1.0.2
ynerant:v1.0.1
ynerant:v1.0.0

No commits in common. "9e7f7df7218722079b0afd5bf38b5c5b3901138b" and "238ba78f4fa8ef61bce4eb22b3656343b314b018" have entirely different histories.
9e7f7df721 ... 238ba78f4f

2 changed files with 10 additions and 5 deletions
Show Stats Expand all files Collapse all files

9
apps/member/forms.py
View File

@ -15,6 +15,7 @@ from django.utils.translation import gettext_lazy as _
from note.models import NoteSpecial, Alias
from note_kfet.inputs import Autocomplete, AmountInput
from permission.models import PermissionMask, Role
from permission.backends import PermissionBackend
from PIL import Image, ImageSequence
from .models import Profile, Club, Membership
@ -67,6 +68,14 @@ class ProfileForm(forms.ModelForm):
self.fields['address'].widget.attrs.update({"placeholder": "4 avenue des Sciences, 91190 GIF-SUR-YVETTE"})
self.fields['promotion'].widget.attrs.update({"max": timezone.now().year})
def clean(self):
"""Force the values of fields that the user does not have permission to modify.."""
cleaned_data = super().clean()
for field_name in self.fields.keys():
if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", self.instance):
cleaned_data[field_name] = getattr(self.instance, field_name) # Force the old value
return cleaned_data
@transaction.atomic
def save(self, commit=True):
if not self.instance.section or (("department" in self.changed_data

6
apps/member/views.py
View File

@ -79,17 +79,13 @@ class UserUpdateView(ProtectQuerysetMixin, LoginRequiredMixin, UpdateView):
del profile_form.fields["last_report"]
fields_to_check = list(profile_form.fields.keys())
fields_modifiable = False
# Delete the fields for which the user does not have the permission to modify
for field_name in fields_to_check:
if not PermissionBackend.check_perm(self.request, f"member.change_profile_{field_name}", context['user_object'].profile):
profile_form.fields[field_name].widget = forms.HiddenInput()
else :
fields_modifiable = True
if fields_modifiable :
context['profile_form'] = profile_form
context['profile_form'] = profile_form
return context