From 79110b8b71ee0da16f5ebc3e5b7899d6b712e9e4 Mon Sep 17 00:00:00 2001 From: Mads Nylund <73914541+MadsNyl@users.noreply.github.com> Date: Sun, 18 Aug 2024 14:43:49 +0200 Subject: [PATCH] Committee Leaders Group Form Fix (#817) * Feat(kontres)/add image to bookable item (#785) * added optional image to bookable item model * added update method in serializer to handle new images * linting * remove update method for images * Feat(kontres)/add approved by (#786) * added approved by field * endpoint will now set approved by * serializer will return full user object in approved_by_detail * created test for approved by * migration * remove unnecessary code * removed write-only field in approved-by context * Create minutes for Codex (#787) * init * format * Feat(minute)/viewset (#788) * added richer reponse on post and put * added to admin panel * added filter for minute * Feat(kontres)/add notification (#790) * created methods for sending notification to admin and user * endpoint will now send notification if needed * add migrations for new notification types * Memberships with fines activated (#791) init * Feat(user)/user bio (#758) * Created model, serializer and view for user-bio * Created user bio model and made migrations * Created user bio serializer + viewsets + added new endpoint * Tested create method + added bio serializer to user serializer * Format * Created update method and started testing * Debugging test failures in user retrieve * fixed model error * Created user_bio_factory + started testing put method * Created fixture for UserBio * Created custom excpetion for duplicate user bio * Added permissions and inherited from BaseModel * Modularized serializer for bio * Use correct serializers in viewset + added destroy method * Finished testing bio viewset integration + format * Changed environent file to .env to avoid pushing up keys * Fix: Flipped assertion statement in test, since user bio should not be deleted * skiped buggy test from kontres * added mark to pytest.skip * Moved keys to .env file and reverted docker variables * Skip buggy kontres test * format * Added str method to user_bio * Removed unused imports * format * Changed user relation to a OneToOne-field (same affect as ForeignKey(unique=True) + removed check for duplicate bio in serializer * Migrations + changed assertion status code in duplicate bio test (could try catch in serializer to produce 400 status code) * format * format * Changed limit for description 50 -> 500 + migrations * Migrate * added id to serializer * merged leaf nodes in migrations * format --------- Co-authored-by: Ester2109 <126612066+Ester2109@users.noreply.github.com> Co-authored-by: Mads Nylund Co-authored-by: Mads Nylund <73914541+MadsNyl@users.noreply.github.com> Co-authored-by: Tam Le * Update CHANGELOG.md * added filter for allowed photos for user (#794) added filter for allowed photos * Upped payment time when coming from waiting list (#796) * fixed paymenttime saved to db (#798) * fixed bug (#800) * Disallow users to unregister when payment is done (#802) added 400 status code for deleting paid registration * update changelog * Added serializer for category in event (#804) added serializer for category in event * Permission middelware (#806) * added a check for existing user and id on request * format * Permission refactor of QR Codes (#807) * added permissions to qr code and refactored viewset * format * removed unused imports * Permissions for payment orders (#808) * added read permissions * added permissions for payment order and tests * format * chore(iac): updated docs and force https (#810) chore: updated docs and force https * feat(iac): add terraform guardrails so index don't nuke our infra (#811) feat: add guardrails so index don't fup * Automatic registration for new users with Feide (#809) * started on feide registration endpoint * made endpoint for creating user with Feide * added test for parse group * finished * format * removes three years if in digtrans * changelog update * Feide env variables Terraform (#814) added feid env variables * added delete endpoint for file (#815) * added delete endpoint for file * Trigger Build * changed workflow to checkout v4 * changed from docker-compose to docker compose * Update CHANGELOG.md * format * format * fixed permission for committee leaders for group forms --------- Co-authored-by: Erik Skjellevik <98759397+eriskjel@users.noreply.github.com> Co-authored-by: haruixu <114171733+haruixu@users.noreply.github.com> Co-authored-by: Ester2109 <126612066+Ester2109@users.noreply.github.com> Co-authored-by: Tam Le Co-authored-by: martcl --- app/content/models/user.py | 6 ++++++ app/content/serializers/user.py | 3 +-- app/forms/models/forms.py | 6 ++++-- app/tests/kontres/test_reservation_integration.py | 1 - 4 files changed, 11 insertions(+), 5 deletions(-) diff --git a/app/content/models/user.py b/app/content/models/user.py index 26e3a4b9a..66974c563 100644 --- a/app/content/models/user.py +++ b/app/content/models/user.py @@ -154,6 +154,12 @@ def is_leader_of(self, group): group=group, membership_type=MembershipType.LEADER ).exists() + @property + def is_leader_of_committee(self): + return self.memberships.filter( + group__type=GroupType.COMMITTEE, membership_type=MembershipType.LEADER + ).exists() + def has_unanswered_evaluations(self): return self.get_unanswered_evaluations().exists() diff --git a/app/content/serializers/user.py b/app/content/serializers/user.py index 44a207122..fc2d91625 100644 --- a/app/content/serializers/user.py +++ b/app/content/serializers/user.py @@ -1,8 +1,7 @@ +from django.contrib.auth.hashers import make_password from rest_framework import serializers from rest_framework.exceptions import ValidationError -from django.contrib.auth.hashers import make_password - from dry_rest_permissions.generics import DRYGlobalPermissionsField from app.common.enums import Groups, GroupType diff --git a/app/forms/models/forms.py b/app/forms/models/forms.py index 870d55b54..dc1411826 100644 --- a/app/forms/models/forms.py +++ b/app/forms/models/forms.py @@ -179,8 +179,10 @@ def has_write_permission(cls, request): form = GroupForm.objects.filter(id=form_id).first() group = form.group if form else None return ( - group and group.has_object_group_form_permission(request) - ) or check_has_access(cls.write_access, request) + (group and group.has_object_group_form_permission(request)) + or check_has_access(cls.write_access, request) + or request.user.is_leader_of_committee + ) @classmethod def has_list_permission(cls, request): diff --git a/app/tests/kontres/test_reservation_integration.py b/app/tests/kontres/test_reservation_integration.py index d78dc9770..81ffaae6b 100644 --- a/app/tests/kontres/test_reservation_integration.py +++ b/app/tests/kontres/test_reservation_integration.py @@ -82,7 +82,6 @@ def test_reservation_creation_fails_without_sober_watch(member, bookable_item): ) assert response.status_code == 400 - print(response.data) expected_error_message = "Du må velge en edruvakt for reservasjonen." actual_error_messages = response.data.get("non_field_errors", []) assert any(