diff --git a/aleksis/apps/paweljong/menus.py b/aleksis/apps/paweljong/menus.py
index 149cd54a637869ca14489f308f5caaf87ec7c370..bc3e904e3dea19ae8f627260258f3eedfc58728b 100644
--- a/aleksis/apps/paweljong/menus.py
+++ b/aleksis/apps/paweljong/menus.py
@@ -18,7 +18,7 @@ MENUS = {
"validators": [
(
"aleksis.core.util.predicates.permission_validator",
- "paweljong.change_events_rule",
+ "paweljong.view_menu",
)
],
"submenu": [
diff --git a/aleksis/apps/paweljong/predicates.py b/aleksis/apps/paweljong/predicates.py
index 7288954a4858f7508debda30ea30e331a44fa86a..fcb2f88da6d9bd21b0e08a839d33a5d6107bd89b 100644
--- a/aleksis/apps/paweljong/predicates.py
+++ b/aleksis/apps/paweljong/predicates.py
@@ -36,3 +36,9 @@ def is_own_voucher(user: User, voucher: Voucher) -> bool:
def is_own_registration(user: User, registration: EventRegistration) -> bool:
"""Predicate which checks if the registration belongs to the user."""
return registration.person == user.person
+
+
+@predicate
+def is_organiser(user: User, obj: EventRegistration) -> bool:
+ """Predicate which checks if the user is an organiser."""
+ return user.person in obj.event.linked_group.owners.all()
diff --git a/aleksis/apps/paweljong/rules.py b/aleksis/apps/paweljong/rules.py
index 056af3de4f17ea5c2fed2fce93b168a7c5fd8f74..cc3d72cd64822a310e73b9a8f8bbc5bb429b4af7 100644
--- a/aleksis/apps/paweljong/rules.py
+++ b/aleksis/apps/paweljong/rules.py
@@ -9,10 +9,11 @@ from aleksis.core.util.predicates import (
is_group_member,
)
-from .models import Event, EventRegistration, Terms, Voucher
+from .models import Event, EventRegistration, Terms, Voucher, RegistrationState, InfoMailing
from .predicates import (
is_own_registration,
is_own_voucher,
+ is_organiser,
see_group_by_grouptype,
see_owned_groups_members,
)
@@ -75,22 +76,21 @@ may_see_person_predicate = has_person & (
)
rules.add_perm("paweljong.see_person_rule", may_see_person_predicate)
-# View registrations
-view_registrations_predicate = has_person & (
- has_global_perm("paweljong.view_eventregistration")
- | has_any_object("paweljong.view_eventregistration", EventRegistration)
-)
-rules.add_perm("paweljong.view_registrations_rule", view_registrations_predicate)
-
-
# Manage registrations
manage_registrations_predicate = has_person & (
has_global_perm("paweljong.manage_registration")
+ | is_organiser
| is_own_registration
- | has_any_object("paweljong.manage_registration", EventRegistration)
)
rules.add_perm("paweljong.manage_registrations_rule", manage_registrations_predicate)
+# View registrations
+view_registrations_predicate = has_person & (
+ has_global_perm("paweljong.view_eventregistration")
+ | has_any_object("paweljong.manage_registrations_rule", EventRegistration)
+)
+rules.add_perm("paweljong.view_registrations_rule", view_registrations_predicate)
+
# Delete registrations
delete_registrations_predicate = has_person & (
has_global_perm("paweljong.delete_eventregistration")
@@ -117,3 +117,13 @@ view_info_mailings_predicate = has_person & (
| has_any_object("paweljong.view_info_mailing", Terms)
)
rules.add_perm("paweljong.view_info_mailings_rule", view_info_mailings_predicate)
+
+can_view_menu_predicate = has_person & (
+ has_any_object("paweljong.manage_registrations_rule", EventRegistration)
+ | has_any_object("paweljong.view_info_mailing", InfoMailing)
+ | has_any_object("paweljong.view_terms", Terms)
+ | has_any_object("paweljong.view_voucher", Voucher)
+ | has_any_object("paweljong.view_event", Event)
+ | has_any_object("paweljong.view_registrationstate", RegistrationState)
+)
+rules.add_perm("paweljong.view_menu", can_view_menu_predicate)
diff --git a/aleksis/apps/paweljong/templates/paweljong/event_registration/full.html b/aleksis/apps/paweljong/templates/paweljong/event_registration/full.html
index 351c67ddc63e2a643adbbe289580083badfc2707..14ee4617b13c3d1a1b08d0305ef80b4660dc678d 100644
--- a/aleksis/apps/paweljong/templates/paweljong/event_registration/full.html
+++ b/aleksis/apps/paweljong/templates/paweljong/event_registration/full.html
@@ -43,8 +43,7 @@
<h5>{% blocktrans %}Contact details{% endblocktrans %}</h5>
<div class="row">
<div class="col s12 m4">
- {% has_perm 'core.view_photo' user registration.person as can_view_photo %}
- {% if registration.person.photo and can_view_photo %}
+ {% if registration.person.photo %}
<img class="person-img" src="{{ registration.person.photo.url }}"
alt="{{ registration.person.first_name }} {{ registration.person.last_name }}"/>
{% else %}
@@ -56,7 +55,6 @@
<table class="responsive-table highlight">
<tr>
<td rowspan="6">
-
</td>
<td>
<i class="material-icons small">person</i>
@@ -81,31 +79,25 @@
<td colspan="2">{{ registration.person.postal_code }} {{ registration.person.place }}</td>
</tr>
{% endif %}
- {% has_perm 'core.view_contact_details' user registration.person as can_view_contact_details %}
- {% if can_view_contact_details %}
- <tr>
- <td>
- <i class="material-icons small">phone</i>
- </td>
- <td>{{ registration.person.phone_number }}</td>
- <td>{{ registration.person.mobile_number }}</td>
- </tr>
- <tr>
- <td>
- <i class="material-icons small">email</i>
- </td>
- <td colspan="3">{{ registration.person.email }}</td>
- </tr>
- {% endif %}
- {% has_perm 'core.view_personal_details' user registration.person as can_view_personal_details %}
- {% if can_view_personal_details %}
- <tr>
- <td>
- <i class="material-icons small">cake</i>
- </td>
- <td colspan="3">{{ registration.person.date_of_birth|date }}</td>
- </tr>
- {% endif %}
+ <tr>
+ <td>
+ <i class="material-icons small">phone</i>
+ </td>
+ <td>{{ registration.person.phone_number }}</td>
+ <td>{{ registration.person.mobile_number }}</td>
+ </tr>
+ <tr>
+ <td>
+ <i class="material-icons small">email</i>
+ </td>
+ <td colspan="3">{{ registration.person.email }}</td>
+ </tr>
+ <tr>
+ <td>
+ <i class="material-icons small">cake</i>
+ </td>
+ <td colspan="3">{{ registration.person.date_of_birth|date }}</td>
+ </tr>
<tr>
<td></td>
<td>
@@ -165,7 +157,6 @@
</tr>
{% endfor %}
{% endif %}
-
<tr>
<tr>
<td>
@@ -190,7 +181,7 @@
</div>
</div>
- {% if registration.person.guardians.all and can_view_personal_details %}
+ {% if registration.person.guardians.all %}
<h5>{% trans "Guardians / Parents "%}</h5>
{% for person in registration.person.guardians.all %}
<div class="col s12 m8">
@@ -222,22 +213,19 @@
<td colspan="2">{{ person.postal_code }} {{ person.place }}</td>
</tr>
{% endif %}
- {% has_perm 'core.view_contact_details' user person as can_view_contact_details %}
- {% if can_view_contact_details %}
- <tr>
- <td>
- <i class="material-icons small">phone</i>
- </td>
- <td>{{ person.phone_number }}</td>
- <td>{{ person.mobile_number }}</td>
- </tr>
- <tr>
- <td>
- <i class="material-icons small">email</i>
- </td>
- <td colspan="3">{{ person.email }}</td>
- </tr>
- {% endif %}
+ <tr>
+ <td>
+ <i class="material-icons small">phone</i>
+ </td>
+ <td>{{ person.phone_number }}</td>
+ <td>{{ person.mobile_number }}</td>
+ </tr>
+ <tr>
+ <td>
+ <i class="material-icons small">email</i>
+ </td>
+ <td colspan="3">{{ person.email }}</td>
+ </tr>
{% has_perm 'core.view_personal_details' user person as can_view_personal_details %}
{% if can_view_personal_details %}
<tr>
diff --git a/aleksis/apps/paweljong/views.py b/aleksis/apps/paweljong/views.py
index a5251d9d11d11d929bcce83a385400f31c40513e..2a3dba289b839fab805abba85aee826bdf47d605 100644
--- a/aleksis/apps/paweljong/views.py
+++ b/aleksis/apps/paweljong/views.py
@@ -26,6 +26,7 @@ from aleksis.apps.postbuero.models import MailAddress
from aleksis.core.mixins import AdvancedCreateView, AdvancedDeleteView, AdvancedEditView
from aleksis.core.models import Activity, Person
from aleksis.core.util import messages
+from aleksis.core.util.predicates import queryset_rules_filter
from aleksis.core.util.core_helpers import get_site_preferences, objectgetter_optional
from .filters import EventFilter, EventRegistrationFilter, VoucherFilter
@@ -134,13 +135,13 @@ def generate_lists(request: HttpRequest) -> HttpResponse:
return render(request, "paweljong/print/manage.html", context)
-@permission_required("paweljong.view_registrations")
+@permission_required("paweljong.view_registrations_rule")
def registrations(request: HttpRequest) -> HttpResponse:
"""List view listing all registrations."""
context = {}
# Get all registrations
- registrations = EventRegistration.objects.all()
+ registrations = queryset_rules_filter(request.user, EventRegistration.objects.all(), "paweljong.manage_registrations_rule")
# Get filter
registrations_filter = EventRegistrationFilter(request.GET, queryset=registrations)
@@ -219,7 +220,7 @@ class EventRegistrationDetailView(PermissionRequiredMixin, DetailView):
"""Detail view for an application instance."""
context_object_name = "registration"
- permission_required = "paweljong.view_registration"
+ permission_required = "paweljong.manage_registrations_rule"
template_name = "paweljong/event_registration/full.html"
def get_queryset(self):