From edb113562de56f6412325a4e78b2c576316b4397 Mon Sep 17 00:00:00 2001 From: Christian Merten Date: Mon, 2 Dec 2024 01:39:32 +0100 Subject: [PATCH] members: fix field permissions --- jdav_web/contrib/admin.py | 4 ++-- jdav_web/members/admin.py | 2 +- .../migrations/0030_alter_member_options.py | 17 +++++++++++++++++ jdav_web/members/models.py | 3 ++- 4 files changed, 22 insertions(+), 4 deletions(-) create mode 100644 jdav_web/members/migrations/0030_alter_member_options.py diff --git a/jdav_web/contrib/admin.py b/jdav_web/contrib/admin.py index 36119d0..4346029 100644 --- a/jdav_web/contrib/admin.py +++ b/jdav_web/contrib/admin.py @@ -22,7 +22,7 @@ class FieldPermissionsAdminMixin: for fd in field_desc: if fd not in self.field_view_permissions: continue - if not request.user.has_perm(self.field_view_permissions[fd], obj): + if not request.user.has_perm(self.field_view_permissions[fd]): return False return True @@ -43,7 +43,7 @@ class FieldPermissionsAdminMixin: def get_readonly_fields(self, request, obj=None): readonly_fields = super(FieldPermissionsAdminMixin, self).get_readonly_fields(request, obj) return list(readonly_fields) +\ - [fd for fd, perm in self.field_change_permissions.items() if not request.user.has_perm(perm, obj)] + [fd for fd, perm in self.field_change_permissions.items() if not request.user.has_perm(perm)] class ChangeViewAdminMixin: diff --git a/jdav_web/members/admin.py b/jdav_web/members/admin.py index 14eabd0..2466faf 100644 --- a/jdav_web/members/admin.py +++ b/jdav_web/members/admin.py @@ -233,7 +233,7 @@ class MemberAdmin(CommonAdminMixin, admin.ModelAdmin): field_change_permissions = { 'user': 'members.may_set_auth_user', - 'group': 'members.may_change_group', + 'group': 'members.may_change_member_group', 'good_conduct_certificate_presented_date': 'members.may_change_organizationals', 'has_key': 'members.may_change_organizationals', 'has_free_ticket_gym': 'members.may_change_organizationals', diff --git a/jdav_web/members/migrations/0030_alter_member_options.py b/jdav_web/members/migrations/0030_alter_member_options.py new file mode 100644 index 0000000..7a65370 --- /dev/null +++ b/jdav_web/members/migrations/0030_alter_member_options.py @@ -0,0 +1,17 @@ +# Generated by Django 4.0.1 on 2024-12-02 00:22 + +from django.db import migrations + + +class Migration(migrations.Migration): + + dependencies = [ + ('members', '0029_alter_member_gender_alter_memberwaitinglist_gender'), + ] + + operations = [ + migrations.AlterModelOptions( + name='member', + options={'default_permissions': ('add_global', 'change_global', 'view_global', 'delete_global', 'list_global', 'view'), 'permissions': (('may_see_qualities', 'Is allowed to see the quality overview'), ('may_set_auth_user', 'Is allowed to set auth user member connections.'), ('may_change_member_group', 'Can change the group field'), ('may_invite_as_user', 'Is allowed to invite a member to set login data.'), ('may_change_organizationals', 'Is allowed to set organizational settings on members.')), 'verbose_name': 'member', 'verbose_name_plural': 'members'}, + ), + ] diff --git a/jdav_web/members/models.py b/jdav_web/members/models.py index ae4ee74..ad33ae8 100644 --- a/jdav_web/members/models.py +++ b/jdav_web/members/models.py @@ -394,8 +394,9 @@ class Member(Person): permissions = ( ('may_see_qualities', 'Is allowed to see the quality overview'), ('may_set_auth_user', 'Is allowed to set auth user member connections.'), - ('change_member_group', 'Can change the group field'), + ('may_change_member_group', 'Can change the group field'), ('may_invite_as_user', 'Is allowed to invite a member to set login data.'), + ('may_change_organizationals', 'Is allowed to set organizational settings on members.'), ) rules_permissions = { 'members': rules.always_allow,