Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
A
AlekSIS-App-Alsijil
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Container Registry
Model registry
Operate
Environments
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
AlekSIS®
Official
AlekSIS-App-Alsijil
Commits
5b288ced
Verified
Commit
5b288ced
authored
4 years ago
by
Jonathan Weth
Browse files
Options
Downloads
Patches
Plain Diff
Add some extra commenting in forms.py
parent
d1f104f9
No related branches found
Branches containing commit
No related tags found
Tags containing commit
1 merge request
!49
Resolve "Add rules and permissions"
Pipeline
#4069
failed
4 years ago
Stage: test
Stage: build
Changes
1
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
aleksis/apps/alsijil/forms.py
+16
-0
16 additions, 0 deletions
aleksis/apps/alsijil/forms.py
with
16 additions
and
0 deletions
aleksis/apps/alsijil/forms.py
+
16
−
0
View file @
5b288ced
...
@@ -83,7 +83,10 @@ class SelectForm(forms.Form):
...
@@ -83,7 +83,10 @@ class SelectForm(forms.Form):
group_qs
=
Group
.
get_groups_with_lessons
()
group_qs
=
Group
.
get_groups_with_lessons
()
# Filter selectable groups by permissions
if
not
check_global_permission
(
self
.
request
.
user
,
"
alsijil.view_week
"
):
if
not
check_global_permission
(
self
.
request
.
user
,
"
alsijil.view_week
"
):
# 1) All groups the user is allowed to see the week view by object permissions
# 2) All groups the user is a member of an owner of
group_qs
=
(
group_qs
=
(
group_qs
.
filter
(
group_qs
.
filter
(
pk__in
=
get_objects_for_user
(
pk__in
=
get_objects_for_user
(
...
@@ -91,6 +94,8 @@ class SelectForm(forms.Form):
...
@@ -91,6 +94,8 @@ class SelectForm(forms.Form):
).
values_list
(
"
pk
"
,
flat
=
True
)
).
values_list
(
"
pk
"
,
flat
=
True
)
)
)
).
union
(
group_qs
.
filter
(
Q
(
members
=
person
)
|
Q
(
owners
=
person
)))
).
union
(
group_qs
.
filter
(
Q
(
members
=
person
)
|
Q
(
owners
=
person
)))
# Flatten query by filtering groups by pk
self
.
fields
[
"
group
"
].
queryset
=
Group
.
objects
.
filter
(
self
.
fields
[
"
group
"
].
queryset
=
Group
.
objects
.
filter
(
pk__in
=
list
(
group_qs
.
values_list
(
"
pk
"
,
flat
=
True
))
pk__in
=
list
(
group_qs
.
values_list
(
"
pk
"
,
flat
=
True
))
)
)
...
@@ -98,7 +103,10 @@ class SelectForm(forms.Form):
...
@@ -98,7 +103,10 @@ class SelectForm(forms.Form):
teacher_qs
=
Person
.
objects
.
annotate
(
teacher_qs
=
Person
.
objects
.
annotate
(
lessons_count
=
Count
(
"
lessons_as_teacher
"
)
lessons_count
=
Count
(
"
lessons_as_teacher
"
)
).
filter
(
lessons_count__gt
=
0
)
).
filter
(
lessons_count__gt
=
0
)
# Filter selectable teachers by permissions
if
not
check_global_permission
(
self
.
request
.
user
,
"
alsijil.view_week
"
):
if
not
check_global_permission
(
self
.
request
.
user
,
"
alsijil.view_week
"
):
# If the user hasn't the global permission, the user is only allowed to see his own person
teacher_qs
=
teacher_qs
.
filter
(
pk
=
person
.
pk
)
teacher_qs
=
teacher_qs
.
filter
(
pk
=
person
.
pk
)
self
.
fields
[
"
teacher
"
].
queryset
=
teacher_qs
self
.
fields
[
"
teacher
"
].
queryset
=
teacher_qs
...
@@ -136,9 +144,15 @@ class RegisterAbsenceForm(forms.Form):
...
@@ -136,9 +144,15 @@ class RegisterAbsenceForm(forms.Form):
self
.
request
=
get_request
()
self
.
request
=
get_request
()
super
().
__init__
(
*
args
,
**
kwargs
)
super
().
__init__
(
*
args
,
**
kwargs
)
period_choices
=
TimePeriod
.
period_choices
period_choices
=
TimePeriod
.
period_choices
# Filter selectable persons by permissions
if
check_global_permission
(
self
.
request
.
user
,
"
alsijil.register_absence
"
):
if
check_global_permission
(
self
.
request
.
user
,
"
alsijil.register_absence
"
):
# Global permission, user can register absences for all persons
self
.
fields
[
"
person
"
].
queryset
=
Person
.
objects
.
all
()
self
.
fields
[
"
person
"
].
queryset
=
Person
.
objects
.
all
()
else
:
else
:
# 1) All persons the user is allowed to register an absence for by object permissions
# 2) All persons the user is the primary group owner
# 3) All persons the user is allowed to register an absence for by object permissions of the person's group
persons_qs
=
(
persons_qs
=
(
get_objects_for_user
(
get_objects_for_user
(
self
.
request
.
user
,
"
core.register_absence_person
"
,
Person
self
.
request
.
user
,
"
core.register_absence_person
"
,
Person
...
@@ -156,6 +170,8 @@ class RegisterAbsenceForm(forms.Form):
...
@@ -156,6 +170,8 @@ class RegisterAbsenceForm(forms.Form):
)
)
)
)
)
)
# Flatten query by getting all pks and filter persons
self
.
fields
[
"
person
"
].
queryset
=
Person
.
objects
.
filter
(
self
.
fields
[
"
person
"
].
queryset
=
Person
.
objects
.
filter
(
pk__in
=
list
(
persons_qs
.
values_list
(
"
pk
"
,
flat
=
True
))
pk__in
=
list
(
persons_qs
.
values_list
(
"
pk
"
,
flat
=
True
))
)
)
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
