Merge branch 'master' into 1033-featureafdelingskortet-mangler-info-o…

…m-at-en-afdeling-er-under-opstart
CodingPirates · May 6, 2024 · c3c76f3 · c3c76f3
2 parents 11e7d08 + e3a9f4a
commit c3c76f3
Show file tree

Hide file tree

Showing 10 changed files with 59 additions and 57 deletions.
diff --git a/members/admin/activity_admin.py b/members/admin/activity_admin.py
@@ -193,7 +193,11 @@ def get_queryset(self, request):
 
     # Only show own departments when creating new activity
     def formfield_for_foreignkey(self, db_field, request, **kwargs):
-        if db_field.name == "department" and not request.user.is_superuser:
+        if (
+            db_field.name == "department"
+            and not request.user.is_superuser
+            and not request.user.has_perm("members.view_all_departments")
+        ):
             kwargs["queryset"] = Department.objects.filter(
                 adminuserinformation__user=request.user
             )

diff --git a/members/admin/activityinvite_admin.py b/members/admin/activityinvite_admin.py
@@ -187,7 +187,11 @@ def get_queryset(self, request):
 
     # Limit the activity possible to invite to: Not finished and belonging to user
     def formfield_for_foreignkey(self, db_field, request, **kwargs):
-        if db_field.name == "activity" and not request.user.is_superuser:
+        if (
+            db_field.name == "activity"
+            and not request.user.is_superuser
+            and not request.user.has_perm("members.view_all_departments")
+        ):
             departments = Department.objects.filter(
                 adminuserinformation__user=request.user
             )

diff --git a/members/admin/admin_actions.py b/members/admin/admin_actions.py
@@ -34,7 +34,7 @@ def invite_many_to_activity_action(modelAdmin, request, queryset):
 
         # Get list of available departments
         if request.user.is_superuser or request.user.has_perm(
-            "members.view_all_persons"
+            "members.view_all_departments"
         ):
             department_list_query = Department.objects.all().order_by("name")
         else:
@@ -50,7 +50,9 @@ def invite_many_to_activity_action(modelAdmin, request, queryset):
         activity_list_query = Activity.objects.filter(
             end_date__gt=timezone.now()
         ).order_by("department__name", "name")
-        if not request.user.is_superuser:
+        if not request.user.is_superuser and not request.user.has_perm(
+            "members.view_all_departments"
+        ):
             activity_list_query = activity_list_query.filter(
                 department__in=department_ids
             ).order_by("department__name", "name")

diff --git a/members/admin/family_admin.py b/members/admin/family_admin.py
@@ -57,7 +57,9 @@ def resend_link_email(self, request, queryset):
     # Only view familys related to users department (via participant, waitinglist & invites)
     def get_queryset(self, request):
         qs = super(FamilyAdmin, self).get_queryset(request)
-        if request.user.is_superuser:
+        if request.user.is_superuser or request.user.has_perm(
+            "members.view_all_departments"
+        ):
             return qs
         departments = Department.objects.filter(
             adminuserinformation__user=request.user

diff --git a/members/admin/inlines.py b/members/admin/inlines.py
@@ -44,7 +44,11 @@ class ActivityInviteInline(admin.TabularInline):
 
     # Limit the activity possible to invite to: Not finished and belonging to user
     def formfield_for_foreignkey(self, db_field, request, **kwargs):
-        if db_field.name == "activity" and not request.user.is_superuser:
+        if (
+            db_field.name == "activity"
+            and not request.user.is_superuser
+            and not request.user.has_perm("members.view_all_departments")
+        ):
             departments = Department.objects.filter(
                 adminuserinformation__user=request.user
             )
@@ -56,8 +60,6 @@ def formfield_for_foreignkey(self, db_field, request, **kwargs):
     # Only view invites it would be possible for user to give out
     def get_queryset(self, request):
         qs = super(ActivityInviteInline, self).get_queryset(request)
-        if request.user.is_superuser:
-            return qs
         return qs.filter(
             activity__department__in=AdminUserInformation.get_departments_admin(
                 request.user

diff --git a/members/admin/person_admin.py b/members/admin/person_admin.py
@@ -217,8 +217,10 @@ def export_csv(self, request, queryset):
     # Only view persons related to users department (all family, via participant, waitinglist & invites)
     def get_queryset(self, request):
         qs = super(PersonAdmin, self).get_queryset(request)
-        if request.user.is_superuser or request.user.has_perm(
-            "members.view_all_persons"
+        if (
+            request.user.is_superuser
+            or request.user.has_perm("members.view_all_persons")
+            or request.user.has_perm("members.view_all_departments")
         ):
             return qs
         else:

diff --git a/members/models/address.py b/members/models/address.py
@@ -113,12 +113,8 @@ def get_by_dawa_id(dawa_id):
 
     @staticmethod
     def get_user_addresses(user):
-        if user.is_superuser:
+        if user.is_superuser or user.has_perm("members.view_all_departments"):
             return Address.objects.all()
-        if user.has_perm("members.view_all_departments"):
-            department_address_id = [
-                department.address.id for department in Department.objects.all()
-            ]
         else:
             department_address_id = [
                 department.address.id

diff --git a/members/models/admin_user_information.py b/members/models/admin_user_information.py
@@ -17,14 +17,14 @@ def __str__(self):
 
     @staticmethod
     def get_departments_admin(user):
-        if user.is_superuser:
+        if user.is_superuser or user.has_perm("members.view_all_departments"):
             return Department.objects.all()
         else:
             return Department.objects.filter(adminuserinformation__user=user)
 
     @staticmethod
     def get_unions_admin(user):
-        if user.is_superuser:
+        if user.is_superuser or user.has_perm("members.view_all_unions"):
             return Union.objects.all()
         else:
             return Union.objects.filter(adminuserinformation__user=user)
diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -27,11 +27,11 @@ factory-boy = "3.0.1"
 flake8 = "3.8.4"
 freezegun = "1.2.2"
 graphene_django = "3.0.0"
-gunicorn = "20.1.0"
+gunicorn = "22.0.0"
 psycopg2 = "2.9.5"
 quickpay-api-client = "2.0.1"
 sentry-sdk = "1.14"
-tqdm = "4.53.0"
+tqdm = "4.66.3"
 whitenoise = "5.2.0"
 pydotplus = "2.0.2"
 selenium = "4.9.0"