jbdod/notes-ker-lann
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Refactor permission (need to re adjust), 2 test not passed(registration, permissions)

Browse source
This commit is contained in:
Jean-Baptiste Doderlein 2022-08-20 18:10:12 +00:00
parent 838bd2bb23
commit a17e47acb9
17 changed files with 107 additions and 346 deletions
Download patch file Download diff file Expand all files Collapse all files

24
apps/activity/migrations/0003_auto_20220818_1105.py Normal file
View file

@ -0,0 +1,24 @@
# Generated by Django 2.2.28 on 2022-08-18 09:05
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
('activity', '0002_auto_20220817_2253'),
]
operations = [
migrations.AlterField(
model_name='activity',
name='attendees_club',
field=models.ForeignKey(help_text='Club that is authorized to join the activity.', on_delete=django.db.models.deletion.PROTECT, related_name='+', to='member.Club', verbose_name='attendees club'),
),
migrations.AlterField(
model_name='activity',
name='location',
field=models.CharField(blank=True, default='', help_text='Place where the activity is organized, eg. BDE.', max_length=255, verbose_name='location'),
),
]

2
apps/activity/tests/test_activities.py
View file

@ -36,7 +36,7 @@ class TestActivities(TestCase):
name="Activity",
description="This is a test activity\non two very very long lines\nbecause this is very important.",
location="Earth",
activity_type=ActivityType.objects.get(name="Activit\u00e9 gratuite ouverte"),
activity_type=ActivityType.objects.get(name="Soir\u00e9e"),
creater=self.user,
organizer=Club.objects.get(name="BDE"),
attendees_club=Club.objects.get(name="BDE"),

15
apps/member/models.py
View file

@ -378,17 +378,10 @@ class Membership(models.Model):
parent_membership.save()
parent_membership.refresh_from_db()
if self.club.parent_club.name == "BDE":
parent_membership.roles.set(
Role.objects.filter(Q(name="Adhérent BDE") | Q(name="Membre de club")).all())
elif self.club.parent_club.name == "BDA":
parent_membership.roles.set(
Role.objects.filter(Q(name="Adhérent BDA") | Q(name="Membre de club")).all())
elif self.club.parent_club.name == "BDS":
parent_membership.roles.set(
Role.objects.filter(Q(name="Adhérent BDS") | Q(name="Membre de club")).all())
else:
parent_membership.roles.set(Role.objects.filter(name="Membre de club").all())
parent_membership.roles.set(
Role.objects.filter(Q(name="Adhérent")).all())
parent_membership.save()
@transaction.atomic

4
apps/member/templates/member/includes/club_info.html
View file

@ -1,4 +1,4 @@
{% load i18n pretty_money perms %}
{% load i18n pretty_money perms memberinfo %}
<dl class="row">
<dt class="col-xl-6">{% trans 'name'|capfirst %}</dt>
@ -39,7 +39,7 @@
{% endif %}
{% endif %}
{% if "note.view_note"|has_perm:club.note %}
{% if "note.view_note"|has_perm:club.note and user|is_member:club %}
<dt class="col-xl-6">{% trans 'balance'|capfirst %}</dt>
<dd class="col-xl-6">{{ club.note.balance | pretty_money }}</dd>
{% endif %}

8
apps/member/tests/test_memberships.py
View file

@ -49,7 +49,7 @@ class TestMemberships(TestCase):
self.club = Club.objects.create(name="totoclub", parent_club=Club.objects.get(name="BDE"))
self.bde_membership = Membership.objects.create(user=self.user, club=Club.objects.get(name="BDE"))
self.membership = Membership.objects.create(user=self.user, club=self.club)
self.membership.roles.add(Role.objects.get(name="Bureau de club"))
self.membership.roles.add(Role.objects.get(name="Pr\u00e9sident\u00b7e"))
self.membership.save()
def test_admin_pages(self):
@ -251,11 +251,11 @@ class TestMemberships(TestCase):
response = self.client.post(reverse("member:club_manage_roles", args=(self.membership.pk,)), data=dict(
roles=[role.id for role in Role.objects.filter(
Q(name="Membre de club") | Q(name="Trésorier·ère de club") | Q(name="Bureau de club")).all()],
Q(name="Trésorier·ère")).all()],
))
self.assertRedirects(response, self.user.profile.get_absolute_url(), 302, 200)
self.membership.refresh_from_db()
self.assertEqual(self.membership.roles.count(), 3)
self.assertEqual(self.membership.roles.count(), 1)
def test_render_user_list(self):
"""
@ -389,7 +389,7 @@ class TestMemberAPI(TestAPI):
)
self.bde_membership = Membership.objects.create(user=self.user, club=Club.objects.get(name="BDE"))
self.membership = Membership.objects.create(user=self.user, club=self.club)
self.membership.roles.add(Role.objects.get(name="Bureau de club"))
self.membership.roles.add(Role.objects.get(name="Pr\u00e9sident\u00b7e"))
self.membership.save()
def test_club_api(self):

9
apps/member/views.py
View file

@ -445,7 +445,7 @@ class ClubDetailView(ProtectQuerysetMixin, LoginRequiredMixin, DetailView):
club.update_membership_dates()
# managers list
managers = Membership.objects.filter(club=self.object, roles__name="Bureau de club",
managers = Membership.objects.filter(club=self.object, roles__name="Pr\u00e9sident\u00b7e",
date_start__lte=date.today(), date_end__gte=date.today())\
.order_by('user__last_name').all()
context["managers"] = ClubManagerTable(data=managers, prefix="managers-")
@ -744,7 +744,7 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
# Now, all is fine, the membership can be created.
if club.name == "BDE":
if club.name == "BDE" or club.name == "BDA" or club.name == "BDS":
# When we renew the BDE membership, we update the profile section
# that should happens at least once a year.
user.profile.section = user.profile.section_generated
@ -772,10 +772,7 @@ class ClubAddMemberView(ProtectQuerysetMixin, ProtectedCreateView):
ret = super().form_valid(form)
member_role = Role.objects.filter(Q(name="Adhérent BDE") | Q(name="Membre de club")).all() \
if club.name == "BDE" else Role.objects.filter(Q(name="Adhérent BDA") | Q(name="Membre de club")).all() \
if club.name == "BDA" else Role.objects.filter(Q(name="Adhérent BDS") | Q(name="Membre de club")).all() \
if club.name == "BDS" else Role.objects.filter(name="Membre de club").all()
member_role = Role.objects.filter(Q(name="Adhérent")).all()
# Set the same roles as before
if old_membership:

252
apps/permission/fixtures/initial.json
View file

@ -1695,12 +1695,12 @@
"auth",
"user"
],
"query": "{\"memberships__club__name\": \"BDE\", \"memberships__roles__name\": \"Adhérent BDE\", \"memberships__date_start__lte\": [\"today\"], \"memberships__date_end__gte\": [\"today\"]}",
"query": "{\"memberships__club__name\": \"BDE\", \"memberships__roles__name\": \"Adhérent\", \"memberships__date_start__lte\": [\"today\"], \"memberships__date_end__gte\": [\"today\"]}",
"type": "view",
"mask": 2,
"field": "",
"permanent": false,
"description": "Voir n'importe quel utilisateur qui est adhérent BDE"
"description": "Voir n'importe quel utilisateur qui est adhérent"
}
},
{
@ -1931,8 +1931,8 @@
"model": "permission.role",
"pk": 1,
"fields": {
"for_club": 1,
"name": "Adh\u00e9rent BDE",
"for_club": null,
"name": "Adh\u00e9rent",
"permissions": [
1,
2,
@ -1971,61 +1971,9 @@
{
"model": "permission.role",
"pk": 2,
"fields": {
"for_club": 2,
"name": "Adh\u00e9rent Kfet",
"permissions": [
22,
34,
36,
39,
40,
152,
153,
154,
155,
156,
157,
158,
159,
160,
179,
189,
190
]
}
},
{
"model": "permission.role",
"pk": 3,
"fields": {
"for_club": null,
"name": "Membre de club",
"permissions": [
22
]
}
},
{
"model": "permission.role",
"pk": 4,
"fields": {
"for_club": null,
"name": "Bureau de club",
"permissions": [
47,
49,
50,
169
]
}
},
{
"model": "permission.role",
"pk": 5,
"fields": {
"for_club": null,
"name": "Pr\u00e9sident\u00b7e de club",
"name": "Pr\u00e9sident\u00b7e",
"permissions": [
50,
62
@ -2034,10 +1982,10 @@
},
{
"model": "permission.role",
"pk": 6,
"pk": 3,
"fields": {
"for_club": null,
"name": "Tr\u00e9sorier\u00b7\u00e8re de club",
"name": "Tr\u00e9sorier\u00b7\u00e8re",
"permissions": [
59,
19,
@ -2047,7 +1995,6 @@
60,
61,
62,
150,
166,
167,
168,
@ -2059,80 +2006,29 @@
},
{
"model": "permission.role",
"pk": 7,
"pk": 4,
"fields": {
"for_club": 1,
"name": "Pr\u00e9sident\u00b7e BDE",
"for_club": null,
"name": "Secr\u00e9taire",
"permissions": [
24,
25,
26,
27,
30,
33
]
}
},
{
"model": "permission.role",
"pk": 8,
"fields": {
"for_club": 1,
"name": "Tr\u00e9sorier\u00b7\u00e8re BDE",
"permissions": [
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
43,
51,
53,
54,
55,
56,
57,
58,
63,
64,
65,
66,
67,
68,
69,
145,
146,
147,
150,
151,
163,
164,
170,
171,
172,
173,
174,
175,
176,
177,
178,
188,
183,
186,
187
177
]
}
},
{
"model": "permission.role",
"pk": 9,
"pk": 5,
"fields": {
"for_club": 1,
"for_club": null,
"name": "Respo info",
"permissions": [
1,
@ -2256,125 +2152,5 @@
196
]
}
},
{
"model": "permission.role",
"pk": 10,
"fields": {
"for_club": 2,
"name": "GC Kfet",
"permissions": [
32,
56,
58,
55,
57,
52,
23,
24,
25,
26,
27,
28,
29,
30,
31,
166,
167,
168,
170,
171,
176,
177,
178,
179,
180,
181,
182
]
}
},
{
"model": "permission.role",
"pk": 11,
"fields": {
"for_club": 2,
"name": "Res[pot]",
"permissions": [
37,
38,
41,
42,
43,
44,
45,
46,
148,
149,
182
]
}
},
{
"model": "permission.role",
"pk": 17,
"fields": {
"for_club": null,
"name": "1A",
"permissions": []
}
},
{
"model": "permission.role",
"pk": 19,
"fields": {
"for_club": 1,
"name": "Secrétaire BDE",
"permissions": [
54,
55,
56,
57,
58,
145,
146,
147,
150,
176,
177
]
}
},
{
"model": "permission.role",
"pk": 20,
"fields": {
"for_club": 1,
"name": "PC Kfet",
"permissions": [
6,
22,
24,
25,
26,
27,
30,
49,
50,
55,
56,
57,
58,
147,
150,
166,
167,
168,
176,
177,
180,
181
]
}
}
]

5
apps/permission/tables.py
View file

@ -36,10 +36,7 @@ class RightsTable(tables.Table):
def render_roles(self, record):
# If the user has the right to manage the roles, display the link to manage them
roles = record.roles.filter((~(Q(name="Adhérent BDE")
| Q(name="Adhérent Kfet")
| Q(name="Membre de club")
| Q(name="Bureau de club"))
roles = record.roles.filter((~(Q(name="Adhérent"))
)).all()
s = ", ".join(str(role) for role in roles)
if PermissionBackend.check_perm(get_current_request(), "member.change_membership_roles", record):

53
apps/permission/templates/permission/all_rights.html
View file

@ -6,39 +6,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
{% load render_table from django_tables2 %}
{% block content %}
{% if user.is_authenticated %}
<div class="card bg-light mb-3">
<h3 class="card-header text-center">
{% trans "Users that have surnormal rights" %}
</h3>
<div class="card-body">
<div class="alert alert-info">
<i class="fa fa-info-circle"></i> {% trans "Superusers have all rights on everything, to manage the website." %}
</div>
<div class="card">
<div class="card-head">
<h4 class="card-header text-center">
<a href="#" data-toggle="collapse" data-target="#card-superusers">{% trans "Superusers" %}</a>
</h4>
</div>
<div class="card-body collapse show" id="card-superusers">
{% render_table superusers %}
</div>
</div>
<hr>
<div class="card">
<div class="card-head">
<h4 class="card-header text-center">
<a href="#" data-toggle="collapse" data-target="#card-clubs">{% trans "Club managers" %}</a>
</h4>
</div>
<div class="card-body collapse show" id="card-clubs">
{% render_table special_memberships_table %}
</div>
</div>
</div>
</div>
{% endif %}
<div class="card bg-light">
<h3 class="card-header text-center">
@ -97,6 +65,25 @@ SPDX-License-Identifier: GPL-3.0-or-later
{% endfor %}
</div>
</div>
{% if user.is_authenticated %}
<div class="card bg-light mb-3">
<h3 class="card-header text-center">
{% trans "Users that have surnormal rights" %}
</h3>
<div class="card-body">
<div class="card">
<div class="card-head">
<h4 class="card-header text-center">
<a href="#" data-toggle="collapse" data-target="#card-clubs">{% trans "Club managers" %}</a>
</h4>
</div>
<div class="card-body collapse show" id="card-clubs">
{% render_table special_memberships_table %}
</div>
</div>
</div>
</div>
{% endif %}
{% endblock %}
{% block extrajavascript %}

4
apps/permission/tests/test_oauth2.py
View file

@ -58,7 +58,7 @@ class OAuth2TestCase(TestCase):
# Create membership to validate permissions
NoteUser.objects.create(user=self.user)
membership = Membership.objects.create(user=self.user, club_id=bde.pk)
membership.roles.add(Role.objects.get(name="Adhérent BDE"))
membership.roles.add(Role.objects.get(name="Adhérent"))
membership.save()
# User is now a member and can now see its own user detail
@ -85,7 +85,7 @@ class OAuth2TestCase(TestCase):
bde = Club.objects.get(name="BDE")
NoteUser.objects.create(user=self.user)
membership = Membership.objects.create(user=self.user, club_id=bde.pk)
membership.roles.add(Role.objects.get(name="Adhérent BDE"))
membership.roles.add(Role.objects.get(name="Adhérent"))
membership.save()
resp = self.client.get(reverse('permission:scopes'))

4
apps/permission/tests/test_permission_denied.py
View file

@ -40,7 +40,7 @@ class TestPermissionDenied(TestCase):
name="",
description="",
creater=self.user,
activity_type_id=1,
activity_type_id=4,
organizer_id=1,
attendees_club_id=1,
date_start=timezone.now(),
@ -54,7 +54,7 @@ class TestPermissionDenied(TestCase):
name="",
description="",
creater=self.user,
activity_type_id=1,
activity_type_id=4,
organizer_id=1,
attendees_club_id=1,
date_start=timezone.now(),

8
apps/permission/tests/test_permission_queries.py
View file

@ -9,7 +9,7 @@ from django.core.exceptions import FieldError
from django.db.models import F, Q
from django.test import TestCase
from django.utils import timezone
from member.models import Club, Membership
from member.models import Club, Membership, Role
from note.models import NoteUser, Note, NoteClub, NoteSpecial
@ -23,6 +23,12 @@ class PermissionQueryTestCase(TestCase):
def setUpTestData(cls):
user = User.objects.create(username="user")
NoteUser.objects.create(user=user)
membership =Membership.objects.create(
user=user,
club=Club.objects.get(name="BDE")
)
membership.roles.add(Role.objects.get(name="Adhérent"))
membership.save()
def test_permission_queries(self):
"""

5
apps/permission/views.py
View file

@ -131,10 +131,7 @@ class RightsView(TemplateView):
special_memberships = Membership.objects.filter(
date_start__lte=date.today(),
date_end__gte=date.today(),
).filter(roles__in=Role.objects.filter((~(Q(name="Adhérent BDE")
| Q(name="Adhérent Kfet")
| Q(name="Membre de club")
| Q(name="Bureau de club"))
).filter(roles__in=Role.objects.filter((~(Q(name="Adhérent"))
)))\
.order_by("club__name", "user__last_name")\
.distinct().all()

48
apps/registration/tests/test_registration.py
View file

@ -44,10 +44,11 @@ class TestSignup(TestCase):
promotion=Club.objects.get(name="BDE").membership_start.year,
address="Earth",
paid=False,
ml_events_registration="en",
ml_events_registration="fr",
ml_sport_registration=True,
ml_art_registration=True,
))
# Fail I don't know why ?
self.assertRedirects(response, reverse("registration:email_validation_sent"), 302, 200)
self.assertTrue(User.objects.filter(username="toto").exists())
user = User.objects.get(username="toto")
@ -187,30 +188,6 @@ class TestValidateRegistration(TestCase):
Send wrong data and check that errors are detected
"""
# BDE Membership is mandatory
response = self.client.post(reverse("registration:future_user_detail", args=(self.user.pk,)), data=dict(
credit_type=NoteSpecial.objects.get(special_type="Chèque").id,
credit_amount=4200,
last_name="TOTO",
first_name="Toto",
join_bde=False,
join_kfet=False,
))
self.assertEqual(response.status_code, 200)
self.assertTrue(response.context["form"].errors)
# Same
response = self.client.post(reverse("registration:future_user_detail", args=(self.user.pk,)), data=dict(
credit_type="",
credit_amount=0,
last_name="TOTO",
first_name="Toto",
join_bde=False,
join_kfet=True,
))
self.assertEqual(response.status_code, 200)
self.assertTrue(response.context["form"].errors)
# The BDE membership is not free
response = self.client.post(reverse("registration:future_user_detail", args=(self.user.pk,)), data=dict(
credit_type=NoteSpecial.objects.get(special_type="Espèces").id,
@ -218,7 +195,8 @@ class TestValidateRegistration(TestCase):
last_name="TOTO",
first_name="Toto",
join_bde=True,
join_kfet=True,
join_bda=False,
join_bds=False
))
self.assertEqual(response.status_code, 200)
self.assertTrue(response.context["form"].errors)
@ -230,7 +208,8 @@ class TestValidateRegistration(TestCase):
last_name="",
first_name="",
join_bde=True,
join_kfet=True,
join_bda=False,
join_bds=False
))
self.assertEqual(response.status_code, 200)
self.assertTrue(response.context["form"].errors)
@ -245,7 +224,8 @@ class TestValidateRegistration(TestCase):
last_name="TOTO",
first_name="Toto",
join_bde=True,
join_kfet=False,
join_bda=False,
join_bds=False
))
self.assertEqual(response.status_code, 200)
self.assertTrue(response.context["form"].errors)
@ -269,23 +249,25 @@ class TestValidateRegistration(TestCase):
last_name="TOTO",
first_name="Toto",
join_bde=True,
join_kfet=False,
join_bda=False,
join_bds=True
))
self.assertRedirects(response, self.user.profile.get_absolute_url(), 302, 200)
self.user.profile.refresh_from_db()
self.assertTrue(self.user.profile.registration_valid)
self.assertTrue(NoteUser.objects.filter(user=self.user).exists())
self.assertTrue(Membership.objects.filter(club__name="BDE", user=self.user).exists())
self.assertFalse(Membership.objects.filter(club__name="Kfet", user=self.user).exists())
self.assertFalse(Membership.objects.filter(club__name="BDA", user=self.user).exists())
self.assertTrue(Membership.objects.filter(club__name="BDS", user=self.user).exists())
self.assertEqual(Transaction.objects.filter(
Q(source=self.user.note) | Q(destination=self.user.note)).count(), 2)
Q(source=self.user.note) | Q(destination=self.user.note)).count(), 3)
response = self.client.get(self.user.profile.get_absolute_url())
self.assertEqual(response.status_code, 200)
def test_validate_kfet_registration(self):
"""
The user joins the BDE and the Kfet.
The user joins the BDE,BDA and BDS.
"""
response = self.client.get(reverse("registration:future_user_detail", args=(self.user.pk,)))
self.assertEqual(response.status_code, 200)
@ -313,7 +295,7 @@ class TestValidateRegistration(TestCase):
self.assertTrue(Membership.objects.filter(club__name="BDA", user=self.user).exists())
self.assertTrue(Membership.objects.filter(club__name="BDS", user=self.user).exists())
self.assertEqual(Transaction.objects.filter(
Q(source=self.user.note) | Q(destination=self.user.note)).count(), 3)
Q(source=self.user.note) | Q(destination=self.user.note)).count(), 4)
response = self.client.get(self.user.profile.get_absolute_url())
self.assertEqual(response.status_code, 200)

4
apps/registration/views.py
View file

@ -307,7 +307,7 @@ class FutureUserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin,
first_name=first_name,
valid=True,
)
for auto_club, auto_join, name in zip([bde, bda, bds], [join_bde, join_bda, join_bds], ["Adhérent BDE", "Adhérent BDA", "Adhérent BDS"]):
for auto_club, auto_join in zip([bde, bda, bds], [join_bde, join_bda, join_bds]):
bd_fee = auto_club.membership_fee_paid if user.profile.paid else auto_club.membership_fee_unpaid
if auto_join:
@ -319,7 +319,7 @@ class FutureUserDetailView(ProtectQuerysetMixin, LoginRequiredMixin, FormMixin,
)
membership.save()
membership.refresh_from_db()
membership.roles.add(Role.objects.get(name=name))
membership.roles.add(Role.objects.get(name="Adhérent"))
membership.save()
return ret