From 5ea8d8f870d5a4f4d0ac852ccd8a43093f800006 Mon Sep 17 00:00:00 2001
From: Yohann D'ANELLO <yohann.danello@gmail.com>
Date: Mon, 3 Aug 2020 16:11:05 +0200
Subject: [PATCH] :art: Update activity interface
---
apps/activity/views.py | 9 ++++--
apps/api/viewsets.py | 4 +--
apps/note/api/views.py | 6 ++++
apps/note/views.py | 12 ++++++--
apps/permission/fixtures/initial.json | 40 +++++++++++++++++++++++++--
5 files changed, 61 insertions(+), 10 deletions(-)
diff --git a/apps/activity/views.py b/apps/activity/views.py
index 923f32ec..370e6040 100644
--- a/apps/activity/views.py
+++ b/apps/activity/views.py
@@ -182,8 +182,11 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView):
context["noteuser_ctype"] = ContentType.objects.get_for_model(NoteUser).pk
context["notespecial_ctype"] = ContentType.objects.get_for_model(NoteSpecial).pk
- context["activities_open"] = Activity.objects.filter(open=True).filter(
- PermissionBackend.filter_queryset(self.request.user, Activity, "view")).filter(
- PermissionBackend.filter_queryset(self.request.user, Activity, "change")).all()
+ activities_open = Activity.objects.filter(open=True).filter(
+ PermissionBackend.filter_queryset(self.request.user, Activity, "view")).distinct().all()
+ context["activities_open"] = [a for a in activities_open
+ if PermissionBackend.check_perm(self.request.user,
+ "activity.add_entry",
+ Entry(activity=a, note=self.request.user.note,))]
return context
diff --git a/apps/api/viewsets.py b/apps/api/viewsets.py
index 6e0cb6b8..f4dd56f6 100644
--- a/apps/api/viewsets.py
+++ b/apps/api/viewsets.py
@@ -18,7 +18,7 @@ class ReadProtectedModelViewSet(viewsets.ModelViewSet):
def get_queryset(self):
user = get_current_authenticated_user()
- return self.model.objects.filter(PermissionBackend.filter_queryset(user, self.model, "view"))
+ return self.model.objects.filter(PermissionBackend.filter_queryset(user, self.model, "view")).distinct()
class ReadOnlyProtectedModelViewSet(viewsets.ReadOnlyModelViewSet):
@@ -32,4 +32,4 @@ class ReadOnlyProtectedModelViewSet(viewsets.ReadOnlyModelViewSet):
def get_queryset(self):
user = get_current_authenticated_user()
- return self.model.objects.filter(PermissionBackend.filter_queryset(user, self.model, "view"))
+ return self.model.objects.filter(PermissionBackend.filter_queryset(user, self.model, "view")).distinct()
diff --git a/apps/note/api/views.py b/apps/note/api/views.py
index a365c343..f806bbf2 100644
--- a/apps/note/api/views.py
+++ b/apps/note/api/views.py
@@ -9,6 +9,8 @@ from rest_framework import viewsets
from rest_framework.response import Response
from rest_framework import status
from api.viewsets import ReadProtectedModelViewSet, ReadOnlyProtectedModelViewSet
+from note_kfet.middlewares import get_current_authenticated_user
+from permission.backends import PermissionBackend
from .serializers import NotePolymorphicSerializer, AliasSerializer, ConsumerSerializer,\
TemplateCategorySerializer, TransactionTemplateSerializer, TransactionPolymorphicSerializer
@@ -150,3 +152,7 @@ class TransactionViewSet(ReadProtectedModelViewSet):
serializer_class = TransactionPolymorphicSerializer
filter_backends = [SearchFilter]
search_fields = ['$reason', ]
+
+ def get_queryset(self):
+ user = get_current_authenticated_user()
+ return self.model.objects.filter(PermissionBackend.filter_queryset(user, self.model, "view"))
diff --git a/apps/note/views.py b/apps/note/views.py
index ef9da668..ad2b2a99 100644
--- a/apps/note/views.py
+++ b/apps/note/views.py
@@ -10,6 +10,8 @@ from django.utils.translation import gettext_lazy as _
from django.views.generic import CreateView, UpdateView
from django_tables2 import SingleTableView
from django.urls import reverse_lazy
+
+from activity.models import Entry
from note_kfet.inputs import AmountInput
from permission.backends import PermissionBackend
from permission.views import ProtectQuerysetMixin
@@ -52,9 +54,13 @@ class TransactionCreateView(ProtectQuerysetMixin, LoginRequiredMixin, SingleTabl
# Add a shortcut for entry page for open activities
if "activity" in settings.INSTALLED_APPS:
from activity.models import Activity
- context["activities_open"] = Activity.objects.filter(open=True).filter(
- PermissionBackend.filter_queryset(self.request.user, Activity, "view")).filter(
- PermissionBackend.filter_queryset(self.request.user, Activity, "change")).all()
+ activities_open = Activity.objects.filter(open=True).filter(
+ PermissionBackend.filter_queryset(self.request.user, Activity, "view")).distinct().all()
+ context["activities_open"] = [a for a in activities_open
+ if PermissionBackend.check_perm(self.request.user,
+ "activity.add_entry",
+ Entry(activity=a,
+ note=self.request.user.note, ))]
return context
diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json
index bbe2e7e9..1ce50d80 100644
--- a/apps/permission/fixtures/initial.json
+++ b/apps/permission/fixtures/initial.json
@@ -2311,6 +2311,38 @@
"description": "Ajouter un membre à n'importe quel club"
}
},
+ {
+ "model": "permission.permission",
+ "pk": 148,
+ "fields": {
+ "model": [
+ "activity",
+ "activity"
+ ],
+ "query": "{\"valid\": false}",
+ "type": "change",
+ "mask": 2,
+ "field": "",
+ "permanent": false,
+ "description": "Modifier une activité non validée"
+ }
+ },
+ {
+ "model": "permission.permission",
+ "pk": 149,
+ "fields": {
+ "model": [
+ "activity",
+ "activity"
+ ],
+ "query": "{\"valid\": false}",
+ "type": "delete",
+ "mask": 2,
+ "field": "",
+ "permanent": false,
+ "description": "Supprimer une activité non validée"
+ }
+ },
{
"model": "permission.role",
"pk": 1,
@@ -2643,7 +2675,9 @@
144,
145,
146,
- 147
+ 147,
+ 148,
+ 149
]
}
},
@@ -2690,7 +2724,9 @@
43,
44,
45,
- 46
+ 46,
+ 148,
+ 149
]
}
},
--
GitLab