members: fix field permissions

jdav_web/contrib/admin.py

@@ -22,7 +22,7 @@ class FieldPermissionsAdminMixin:
         for fd in field_desc:
             if fd not in self.field_view_permissions:
                 continue
-            if not request.user.has_perm(self.field_view_permissions[fd], obj):
+            if not request.user.has_perm(self.field_view_permissions[fd]):
                 return False
         return True
 
@@ -43,7 +43,7 @@ class FieldPermissionsAdminMixin:
     def get_readonly_fields(self, request, obj=None):
         readonly_fields = super(FieldPermissionsAdminMixin, self).get_readonly_fields(request, obj)
         return list(readonly_fields) +\
-            [fd for fd, perm in self.field_change_permissions.items() if not request.user.has_perm(perm, obj)]
+            [fd for fd, perm in self.field_change_permissions.items() if not request.user.has_perm(perm)]
 
 
 class ChangeViewAdminMixin:

jdav_web/members/admin.py

@@ -233,7 +233,7 @@ class MemberAdmin(CommonAdminMixin, admin.ModelAdmin):
 
     field_change_permissions = {
         'user': 'members.may_set_auth_user',
-        'group': 'members.may_change_group',
+        'group': 'members.may_change_member_group',
         'good_conduct_certificate_presented_date': 'members.may_change_organizationals',
         'has_key': 'members.may_change_organizationals',
         'has_free_ticket_gym': 'members.may_change_organizationals',

jdav_web/members/migrations/0030_alter_member_options.py

@@ -0,0 +1,17 @@
+# Generated by Django 4.0.1 on 2024-12-02 00:22
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('members', '0029_alter_member_gender_alter_memberwaitinglist_gender'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='member',
+            options={'default_permissions': ('add_global', 'change_global', 'view_global', 'delete_global', 'list_global', 'view'), 'permissions': (('may_see_qualities', 'Is allowed to see the quality overview'), ('may_set_auth_user', 'Is allowed to set auth user member connections.'), ('may_change_member_group', 'Can change the group field'), ('may_invite_as_user', 'Is allowed to invite a member to set login data.'), ('may_change_organizationals', 'Is allowed to set organizational settings on members.')), 'verbose_name': 'member', 'verbose_name_plural': 'members'},
+        ),
+    ]

jdav_web/members/models.py

@@ -394,8 +394,9 @@ class Member(Person):
         permissions = (
             ('may_see_qualities', 'Is allowed to see the quality overview'),
             ('may_set_auth_user', 'Is allowed to set auth user member connections.'),
-            ('change_member_group', 'Can change the group field'),
+            ('may_change_member_group', 'Can change the group field'),
             ('may_invite_as_user', 'Is allowed to invite a member to set login data.'),
+            ('may_change_organizationals', 'Is allowed to set organizational settings on members.'),
         )
         rules_permissions = {
             'members': rules.always_allow,