diff --git a/compensation/views.py b/compensation/views.py
index 2e790206..ec6ddd7e 100644
--- a/compensation/views.py
+++ b/compensation/views.py
@@ -42,12 +42,14 @@ def index_view(request: HttpRequest):
@login_required
+@default_group_required
def new_view(request: HttpRequest):
# ToDo
pass
@login_required
+@default_group_required
def edit_view(request: HttpRequest, id: str):
# ToDo
pass
@@ -106,12 +108,14 @@ def account_index_view(request: HttpRequest):
@login_required
+@default_group_required
def account_new_view(request: HttpRequest):
# ToDo
pass
@login_required
+@default_group_required
def account_edit_view(request: HttpRequest, id: str):
# ToDo
pass
@@ -130,6 +134,7 @@ def account_remove_view(request: HttpRequest, id: str):
@login_required
+@default_group_required
def new_payment_view(request: HttpRequest, intervention_id: str):
""" Renders a modal view for adding new payments
@@ -168,6 +173,7 @@ def new_payment_view(request: HttpRequest, intervention_id: str):
@login_required
+@default_group_required
def payment_remove_view(request: HttpRequest, id: str):
""" Renders a modal view for removing payments
@@ -187,6 +193,7 @@ def payment_remove_view(request: HttpRequest, id: str):
@login_required
+@default_group_required
def withdraw_remove_view(request: HttpRequest, id: str, withdraw_id: str):
""" Renders a modal view for removing withdraws
diff --git a/intervention/forms.py b/intervention/forms.py
index 147c06be..107ea906 100644
--- a/intervention/forms.py
+++ b/intervention/forms.py
@@ -18,7 +18,8 @@ from intervention.models import Intervention
from konova.enums import UserActionLogEntryEnum
from konova.forms import BaseForm, BaseModalForm
from konova.models import Document
-from konova.settings import DEFAULT_LAT, DEFAULT_LON, DEFAULT_ZOOM
+from konova.settings import DEFAULT_LAT, DEFAULT_LON, DEFAULT_ZOOM, ZB_GROUP, ETS_GROUP
+from konova.utils.user_checks import in_group
from organisation.models import Organisation
from user.models import UserActionLogEntry
@@ -293,18 +294,22 @@ class ShareInterventionForm(BaseModalForm):
)
# Initialize users field
- users = self.instance.users.all()
- choices = []
- for n in users:
- choices.append(
- (n.id, n.username)
+ # Remove field if user is not in registration or conservation group
+ if not in_group(self.request.user, ZB_GROUP) and not in_group(self.request.user, ETS_GROUP):
+ del self.fields["users"]
+ else:
+ users = self.instance.users.all()
+ choices = []
+ for n in users:
+ choices.append(
+ (n.id, n.username)
+ )
+ self.fields["users"].choices = choices
+ u_ids = list(users.values_list("id", flat=True))
+ self.initialize_form_field(
+ "users",
+ u_ids
)
- self.fields["users"].choices = choices
- u_ids = list(users.values_list("id", flat=True))
- self.initialize_form_field(
- "users",
- u_ids
- )
def save(self):
accessing_users = User.objects.filter(
diff --git a/intervention/models.py b/intervention/models.py
index de61f960..a9406390 100644
--- a/intervention/models.py
+++ b/intervention/models.py
@@ -207,7 +207,7 @@ class Intervention(BaseObject):
self.identifier = new_id
super().save(*args, **kwargs)
- def has_access(self, user: User):
+ def is_shared_with(self, user: User):
""" Access check
Checks whether a given user has access to this intervention
diff --git a/intervention/templates/intervention/detail/includes/compensations.html b/intervention/templates/intervention/detail/includes/compensations.html
index 21726b25..792fcc3b 100644
--- a/intervention/templates/intervention/detail/includes/compensations.html
+++ b/intervention/templates/intervention/detail/includes/compensations.html
@@ -10,12 +10,14 @@
@@ -45,9 +47,11 @@
{{ comp.title }} |
+ {% if is_default_member and has_access %}
+ {% endif %}
|
{% endfor %}
diff --git a/intervention/templates/intervention/detail/includes/documents.html b/intervention/templates/intervention/detail/includes/documents.html
index 18c66ea9..40159b5d 100644
--- a/intervention/templates/intervention/detail/includes/documents.html
+++ b/intervention/templates/intervention/detail/includes/documents.html
@@ -10,10 +10,12 @@
+ {% if is_default_member and has_access %}
+ {% endif %}
@@ -43,9 +45,11 @@
{{ doc.comment }} |
+ {% if is_default_member and has_access %}
+ {% endif %}
|
{% endfor %}
diff --git a/intervention/templates/intervention/detail/includes/eco-account-withdraws.html b/intervention/templates/intervention/detail/includes/eco-account-withdraws.html
index 149422b8..043e644c 100644
--- a/intervention/templates/intervention/detail/includes/eco-account-withdraws.html
+++ b/intervention/templates/intervention/detail/includes/eco-account-withdraws.html
@@ -10,12 +10,14 @@
@@ -45,9 +47,11 @@
{{ withdraw.amount|floatformat:2 }} % |
+ {% if is_default_member and has_access %}
+ {% endif %}
|
{% endfor %}
diff --git a/intervention/templates/intervention/detail/includes/payments.html b/intervention/templates/intervention/detail/includes/payments.html
index 146f7cb7..15272b63 100644
--- a/intervention/templates/intervention/detail/includes/payments.html
+++ b/intervention/templates/intervention/detail/includes/payments.html
@@ -10,10 +10,12 @@
+ {% if is_default_member and has_access %}
+ {% endif %}
@@ -47,9 +49,11 @@
{{ pay.due_on }} |
{{ pay.comment }} |
+ {% if is_default_member and has_access %}
+ {% endif %}
|
{% endfor %}
diff --git a/intervention/templates/intervention/detail/view.html b/intervention/templates/intervention/detail/view.html
index e2668e35..aaacb9ef 100644
--- a/intervention/templates/intervention/detail/view.html
+++ b/intervention/templates/intervention/detail/view.html
@@ -27,16 +27,21 @@
+ {% if is_zb_member %}
+ {% endif %}
+ {% if is_ets_member %}
+ {% endif %}
+ {% if is_default_member %}
{% endif %}
+ {% endif %}
diff --git a/intervention/views.py b/intervention/views.py
index 9f5d41dc..f325f847 100644
--- a/intervention/views.py
+++ b/intervention/views.py
@@ -11,6 +11,7 @@ from konova.contexts import BaseContext
from konova.decorators import *
from konova.forms import SimpleGeomForm, NewDocumentForm, RemoveModalForm
from konova.utils.message_templates import FORM_INVALID
+from konova.utils.user_checks import in_group
@login_required
@@ -45,6 +46,7 @@ def index_view(request: HttpRequest):
@login_required
+@default_group_required
def new_view(request: HttpRequest):
"""
Renders a view for a new intervention creation
@@ -130,7 +132,8 @@ def open_view(request: HttpRequest, id: str):
compensations = intervention.compensations.filter(
deleted=None,
)
- has_access = intervention.has_access(user=request.user)
+ _user = request.user
+ is_data_shared = intervention.is_shared_with(user=_user)
geom_form = SimpleGeomForm(
instance=intervention
@@ -139,11 +142,14 @@ def open_view(request: HttpRequest, id: str):
context = {
"intervention": intervention,
"compensations": compensations,
- "has_access": has_access,
+ "has_access": is_data_shared,
"geom_form": geom_form,
+ "is_default_member": in_group(_user, _(DEFAULT_GROUP)),
+ "is_zb_member": in_group(_user, _(ZB_GROUP)),
+ "is_ets_member": in_group(_user, _(ETS_GROUP)),
}
- if not has_access:
+ if not is_data_shared:
messages.info(request, _("Remember: This data has not been shared with you, yet. This means you can only read but can not edit or perform any actions like running a check or recording."))
context = BaseContext(request, context).context
@@ -180,6 +186,7 @@ def edit_view(request: HttpRequest, id: str):
@login_required
+@default_group_required
def remove_view(request: HttpRequest, id: str):
""" Renders a remove view for this intervention
@@ -219,7 +226,7 @@ def share_view(request: HttpRequest, id: str, token: str):
# Check tokens
if intervention.access_token == token:
# Send different messages in case user has already been added to list of sharing users
- if intervention.has_access(user):
+ if intervention.is_shared_with(user):
messages.info(
request,
_("{} has already been shared with you").format(intervention.identifier)
@@ -251,7 +258,6 @@ def create_share_view(request: HttpRequest, id: str):
Returns:
"""
- user = request.user
intervention = get_object_or_404(Intervention, id=id)
form = ShareInterventionForm(request.POST or None, instance=intervention, request=request)
if request.method == "POST":
diff --git a/konova/utils/user_checks.py b/konova/utils/user_checks.py
index 84834a37..dfa38747 100644
--- a/konova/utils/user_checks.py
+++ b/konova/utils/user_checks.py
@@ -5,6 +5,7 @@ Contact: michel.peltriaux@sgdnord.rlp.de
Created on: 02.07.21
"""
+from django.utils.translation import gettext_lazy as _
from django.contrib.auth.models import User
@@ -18,4 +19,6 @@ def in_group(user: User, group: str) -> bool:
Returns:
bool
"""
- return group in user.groups.values("name")
+ return user.groups.filter(
+ name=_(group)
+ )