Add some initial permissions for activities

691a03ec · ynerant · c8b72cf1 · 691a03ec · 691a03ec · 691a03ec
Commit 691a03ec authored 4 years ago by ynerant
--- a/apps/activity/forms.py
+++ b/apps/activity/forms.py
@@ -13,7 +13,7 @@ from .models import Activity, Guest
 class ActivityForm(forms.ModelForm):
    class Meta:
        model = Activity
-        exclude = ('valid', 'open', )
+        exclude = ('creater', 'valid', 'open', )
        widgets = {
            "organizer": AutocompleteModelSelect(
                model=Club,

--- a/apps/activity/models.py
+++ b/apps/activity/models.py
 # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
 # SPDX-License-Identifier: GPL-3.0-or-later

+from django.contrib.auth.models import User
 from django.db import models
 from django.db.models import Q
 from django.utils.translation import gettext_lazy as _
@@ -58,6 +59,12 @@ class Activity(models.Model):
        verbose_name=_('type'),
    )

+    creater = models.ForeignKey(
+        User,
+        on_delete=models.PROTECT,
+        verbose_name=_("user"),
+    )
+
    organizer = models.ForeignKey(
        'member.Club',
        on_delete=models.PROTECT,
@@ -68,6 +75,8 @@ class Activity(models.Model):
    note = models.ForeignKey(
        'note.Note',
        on_delete=models.PROTECT,
+        blank=True,
+        null=True,
        related_name='+',
        verbose_name=_('note'),
    )

--- a/apps/activity/views.py
+++ b/apps/activity/views.py
@@ -21,21 +21,31 @@ class ActivityCreateView(LoginRequiredMixin, CreateView):
    model = Activity
    form_class = ActivityForm

+    def form_valid(self, form):
+        form.instance.creater = self.request.user
+        return super().form_valid(form)
+
    def get_success_url(self, **kwargs):
-        return reverse_lazy('activity:activity_detail', kwargs={"pk": self.kwargs["pk"]})
+        self.object.refresh_from_db()
+        return reverse_lazy('activity:activity_detail', kwargs={"pk": self.object.pk})


 class ActivityListView(LoginRequiredMixin, SingleTableView):
    model = Activity
    table_class = ActivityTable

+    def get_queryset(self):
+        return super().get_queryset()\
+            .filter(PermissionBackend.filter_queryset(self.request.user, Activity, "view")).reverse()
+
    def get_context_data(self, **kwargs):
        ctx = super().get_context_data(**kwargs)

        ctx['title'] = _("Activities")

        upcoming_activities = Activity.objects.filter(date_end__gt=datetime.now())
-        ctx['upcoming'] = ActivityTable(data=upcoming_activities)
+        ctx['upcoming'] = ActivityTable(data=upcoming_activities
+                                        .filter(PermissionBackend.filter_queryset(self.request.user, Activity, "view")))

        return ctx

@@ -100,7 +110,8 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView):
            .annotate(balance=F("inviter__balance"), note_name=F("inviter__user__username"))\
            .filter(Q(first_name__regex=pattern) | Q(last_name__regex=pattern)
                    | Q(inviter__alias__name__regex=pattern)
-                    | Q(inviter__alias__normalized_name__regex=Alias.normalize(pattern)))\
+                    | Q(inviter__alias__normalized_name__regex=Alias.normalize(pattern))) \
+            .filter(PermissionBackend.filter_queryset(self.request.user, Guest, "view"))\
            .distinct()[:20]
        for guest in guest_qs:
            guest.type = "Invité"
@@ -115,7 +126,8 @@ class ActivityEntryView(LoginRequiredMixin, TemplateView):
                    & (Q(note__noteuser__user__first_name__regex=pattern)
                    | Q(note__noteuser__user__last_name__regex=pattern)
                    | Q(name__regex=pattern)
-                    | Q(normalized_name__regex=Alias.normalize(pattern))))\
+                    | Q(normalized_name__regex=Alias.normalize(pattern)))) \
+            .filter(PermissionBackend.filter_queryset(self.request.user, Alias, "view"))\
            .distinct("username")[:20]
        for note in note_qs:
            note.type = "Adhérent"

--- a/apps/permission/fixtures/initial.json
+++ b/apps/permission/fixtures/initial.json
@@ -55,6 +55,20 @@
      "name": "Tr\u00e9sorier\u00b7\u00e8re de club"
    }
  },
+  {
+    "model": "member.role",
+    "pk": 8,
+    "fields": {
+      "name": "Tr\u00e9sorier\u00b7\u00e8re de club"
+    }
+  },
+  {
+    "model": "member.role",
+    "pk": 9,
+    "fields": {
+      "name": "Res[pot]"
+    }
+  },
  {
    "model": "permission.permissionmask",
    "pk": 1,
@@ -574,6 +588,201 @@
      "description": "Create any transaction"
    }
  },
+  {
+    "model": "permission.permission",
+    "pk": 34,
+    "fields": {
+      "model": [
+        "activity",
+        "activity"
+      ],
+      "query": "[\"OR\", {\"valid\": true}, {\"creater\": [\"user\"]}]",
+      "type": "view",
+      "mask": 1,
+      "field": "",
+      "description": "View valid activites"
+    }
+  },
+  {
+    "model": "permission.permission",
+    "pk": 35,
+    "fields": {
+      "model": [
+        "activity",
+        "activity"
+      ],
+      "query": "[\"AND\", {\"valid\": false}, {\"creater\": [\"user\"]}]",
+      "type": "change",
+      "mask": 1,
+      "field": "",
+      "description": "Change our activities"
+    }
+  },
+  {
+    "model": "permission.permission",
+    "pk": 36,
+    "fields": {
+      "model": [
+        "activity",
+        "activity"
+      ],
+      "query": "{\"creater\": [\"user\"], \"valid\": false}",
+      "type": "add",
+      "mask": 1,
+      "field": "",
+      "description": "Add activities"
+    }
+  },
+  {
+    "model": "permission.permission",
+    "pk": 37,
+    "fields": {
+      "model": [
+        "activity",
+        "activity"
+      ],
+      "query": "{}",
+      "type": "change",
+      "mask": 2,
+      "field": "valid",
+      "description": "Validate activities"
+    }
+  },
+  {
+    "model": "permission.permission",
+    "pk": 38,
+    "fields": {
+      "model": [
+        "activity",
+        "activity"
+      ],
+      "query": "{}",
+      "type": "change",
+      "mask": 2,
+      "field": "open",
+      "description": "Open activities"
+    }
+  },
+  {
+    "model": "permission.permission",
+    "pk": 39,
+    "fields": {
+      "model": [
+        "activity",
+        "guest"
+      ],
+      "query": "{\"inviter\": [\"user\", \"note\"], \"activity__activity_type__can_invite\": true}",
+      "type": "add",
+      "mask": 1,
+      "field": "",
+      "description": "Invite people to activities"
+    }
+  },
+  {
+    "model": "permission.permission",
+    "pk": 40,
+    "fields": {
+      "model": [
+        "activity",
+        "guest"
+      ],
+      "query": "{\"inviter\": [\"user\", \"note\"]}",
+      "type": "view",
+      "mask": 1,
+      "field": "",
+      "description": "View invited people"
+    }
+  },
+  {
+    "model": "permission.permission",
+    "pk": 41,
+    "fields": {
+      "model": [
+        "activity",
+        "activity"
+      ],
+      "query": "{}",
+      "type": "view",
+      "mask": 2,
+      "field": "",
+      "description": "View all activities"
+    }
+  },
+  {
+    "model": "permission.permission",
+    "pk": 42,
+    "fields": {
+      "model": [
+        "activity",
+        "guest"
+      ],
+      "query": "{}",
+      "type": "view",
+      "mask": 2,
+      "field": "",
+      "description": "View all invited people"
+    }
+  },
+  {
+    "model": "permission.permission",
+    "pk": 43,
+    "fields": {
+      "model": [
+        "activity",
+        "entry"
+      ],
+      "query": "{}",
+      "type": "add",
+      "mask": 2,
+      "field": "",
+      "description": "Manage entries"
+    }
+  },
+  {
+    "model": "permission.permission",
+    "pk": 44,
+    "fields": {
+      "model": [
+        "activity",
+        "guesttransaction"
+      ],
+      "query": "{}",
+      "type": "add",
+      "mask": 2,
+      "field": "",
+      "description": "Add invitation transactions"
+    }
+  },
+  {
+    "model": "permission.permission",
+    "pk": 45,
+    "fields": {
+      "model": [
+        "activity",
+        "guesttransaction"
+      ],
+      "query": "{}",
+      "type": "view",
+      "mask": 1,
+      "field": "",
+      "description": "View invitation transactions"
+    }
+  },
+  {
+    "model": "permission.permission",
+    "pk": 46,
+    "fields": {
+      "model": [
+        "activity",
+        "guesttransaction"
+      ],
+      "query": "{}",
+      "type": "change",
+      "mask": 2,
+      "field": "valid",
+      "description": "Validate invitation transactions"
+    }
+  },
  {
    "model": "permission.rolepermissions",
    "pk": 1,
@@ -613,7 +822,12 @@
        15,
        16,
        17,
-        18
+        18,
+        34,
+        35,
+        36,
+        39,
+        40
      ]
    }
  },
@@ -649,5 +863,22 @@
        33
      ]
    }
+  },
+  {
+    "model": "permission.rolepermissions",
+    "pk": 5,
+    "fields": {
+      "role": 9,
+      "permissions": [
+        37,
+        38,
+        41,
+        42,
+        43,
+        44,
+        45,
+        46
+      ]
+    }
  }
 ]
--- a/templates/activity/activity_detail.html
+++ b/templates/activity/activity_detail.html
@@ -25,6 +25,11 @@
                <dt class="col-xl-6">{% trans 'end date'|capfirst %}</dt>
                <dd class="col-xl-6">{{ activity.date_end }}</dd>

+                {% if "view_"|has_perm:activity.creater %}
+                    <dt class="col-xl-6">{% trans 'creater'|capfirst %}</dt>
+                    <dd class="col-xl-6"><a href="{% url "member:user_detail" pk=activity.creater.pk %}">{{ activity.creater }}</a></dd>
+                {% endif %}
+
                <dt class="col-xl-6">{% trans 'organizer'|capfirst %}</dt>
                <dd class="col-xl-6"><a href="{% url "member:club_detail" pk=activity.organizer.pk %}">{{ activity.organizer }}</a></dd>