def test(self): from permissions.utils import get_default_permission_name has_perm = lambda u, p, i : (u.has_perm(p,i) or u.has_perm(p)) gp = Group.objects.get(pk=1) view_perm = get_default_permission_name(Group, 'view') change_perm = get_default_permission_name(Group, 'change') aa = User.objects.get(username='******') a = User.objects.get(username='******') m = User.objects.get(username='******') u = User.objects.get(username='******') assert has_perm(aa, view_perm, gp) assert has_perm(a, view_perm, gp) assert has_perm(m, view_perm, gp) assert not has_perm(u, view_perm, gp) assert has_perm(aa, change_perm, gp) assert has_perm(a, change_perm, gp) assert not has_perm(m, change_perm, gp) assert not has_perm(u, change_perm, gp) gp.public = True gp.save() aa = User.objects.get(username='******') a = User.objects.get(username='******') m = User.objects.get(username='******') u = User.objects.get(username='******') assert has_perm(aa, view_perm, gp) assert has_perm(a, view_perm, gp) assert has_perm(m, view_perm, gp) assert has_perm(u, view_perm, gp) assert has_perm(aa, change_perm, gp) assert has_perm(a, change_perm, gp) assert not has_perm(m, change_perm, gp) assert not has_perm(u, change_perm, gp) gp.public = False gp.save() aa = User.objects.get(username='******') a = User.objects.get(username='******') m = User.objects.get(username='******') u = User.objects.get(username='******') assert has_perm(aa, view_perm, gp) assert has_perm(a, view_perm, gp) assert has_perm(m, view_perm, gp) assert not has_perm(u, view_perm, gp) assert has_perm(aa, change_perm, gp) assert has_perm(a, change_perm, gp) assert not has_perm(m, change_perm, gp) assert not has_perm(u, change_perm, gp)
def event(request, ide): event = get_object_or_404(Event, pk=ide) group = event.attendees user = request.user if request.method == 'POST': form = TransactionForm(request.POST, current_group=group, between_members=False) if form.is_valid(): transaction = form.save() success = messages.success(request, 'Transaction successfully created') return redirect('event', ide=event.id) else: form = TransactionForm(current_group=group, between_members=True) invited = event.invited.all() attendees = event.attendees.members.all() invited_attendees = [(u, (u in attendees)) for u in invited] admin_l = event.admins.all() last_transactions = event.attendees.transactions.all().order_by('-date') try: sitting_arrangement = event.sitting #.table__set.all() except Sitting.DoesNotExist: sitting_arrangement = None balance = resolution.balance_in_floats(group) balance1 = [b for b in balance] res = resolution.resolution_tuple(group, balance1) list_context = [] members = [m for m in group.members.all()] for i in range(len(balance)): list_context.append((members[i], balance[i])) perm_name = get_default_permission_name(Event, 'change') can_edit = request.user.has_perm(perm_name) or request.user.has_perm( perm_name, event) context = { 'event': event, 'invited': invited_attendees, 'admin': admin_l, 'can_edit': can_edit, 'can_accept_invite': event.can_accept_invite(user), 'can_cancel_acceptance': event.can_cancel_acceptance(user), 'last_transactions': last_transactions, 'form': form, 'sitting_arrangement': sitting_arrangement, 'list_context': list_context, 'resolution': res, } if event.is_over(): messages.warning(request, 'This event is over') elif event.has_begun(): messages.warning(request, 'This event has already begun') return render(request, 'event.html', context)
def group_number(request, ide): group = get_object_or_404(Group, pk=ide) # For the moment calculate the balance each time we click on the group balance = resolution.balance_in_floats(group) balance1 = [b for b in balance] res = resolution.resolution_tuple(group, balance1) if request.method == 'POST': form = TransactionForm(request.POST, current_group=group, between_members=True) if form.is_valid(): transaction = form.save() success = messages.success(request, 'Transaction successfully created') return redirect('accounting:transaction-details', ide=transaction.id) else: form = TransactionForm(current_group=group, between_members=True) list_context = [] members = [m for m in group.members.all()] for i in range(len(balance)): list_context.append((members[i], balance[i])) perm_name = get_default_permission_name(Group, 'change') can_edit = request.user.has_perm(perm_name) or request.user.has_perm( perm_name, group) user = request.user context = { 'group': group, 'can_edit': can_edit, 'list_context': list_context, 'resolution': res, 'transactions': group.transactions.all(), 'form': form, #for group invitations : 'can_accept_invite': user in GroupInvite.users_invited(group), 'can_quit_group': user in group.members.all(), } return render(request, 'group_number.html', context)
# if a GET (or any other method) we'll create a blank form else: form = EventForm(creator_user=request.user, new=True) admins_form = PermGroupForm(label='admins', initial=[request.user]) invited_form = PermGroupForm(label='invited') context.update({ 'form': form, 'admins_form': admins_form, 'invited_form': invited_form }) return render(request, 'edit_event.html', context) change_perm = get_default_permission_name(Event, 'change') @login_required @permission_required_or_403(change_perm, (Event, 'pk', 'ide'), accept_global_perms=True) def edit_event(request, ide): context = {'new': False} event = get_object_or_404(Event, pk=ide) user = request.user if request.method == "POST": form = EventForm(request.POST, creator_user=event.creator, new=False, instance=event)
success = messages.success(request, 'Group has been successfully created') return redirect('groups:group-number', ide=group.id) else: group_form = GroupForm(creator_user=request.user) admins_form = PermGroupForm(label='admins', prefix='admins', initial=[request.user]) context.update({ 'group_form': group_form, 'admins_form': admins_form, }) return render(request, 'edit_group.html', context) change_perm = get_default_permission_name(Group, 'change') @login_required @permission_required_or_403(change_perm, (Group, 'pk', 'ide'), accept_global_perms=True) def edit_group(request, ide): context = {'new': False} group = get_object_or_404(Group, pk=ide) if request.method == 'POST': group_form = GroupForm(request.POST, creator_user=request.user, instance=group) admins_form = PermGroupForm(request.POST, prefix='admins',