Use group permissions

2025-07-10 11:59:23 +00:00 · 2025-04-09 23:24:15 +02:00
parent 744223b76f
commit 3e61560875
5 changed files with 10 additions and 9 deletions
--- a/core/api.py
+++ b/core/api.py
@ -11,7 +11,7 @@ from ninja_extra.pagination import PageNumberPaginationExtra
 from ninja_extra.schemas import PaginatedResponseSchema
 from club.models import Mailing
-from core.auth.api_permissions import CanAccessLookup, CanView, IsOldSubscriber
+from core.auth.api_permissions import CanAccessLookup, CanView, HasPerm
 from core.models import Group, QuickUploadImage, SithFile, User
 from core.schemas import (
    FamilyGodfatherSchema,
@ -44,7 +44,7 @@ class UploadController(ControllerBase):
            422: dict[Literal["detail"], list[dict[str, Any]]],
            403: dict[Literal["detail"], str],
        },
-        permissions=[IsOldSubscriber],
+        permissions=[HasPerm("core.add_quickuploadimage")],
        url_name="quick_upload_image",
    )
    def upload_image(self, file: File[UploadedImage]):
--- a/core/management/commands/populate.py
+++ b/core/management/commands/populate.py
@ -828,6 +828,7 @@ Welcome to the wiki page!
                        "view_peoplepicturerelation",
                        "add_peoplepicturerelation",
                        "add_page",
                        "add_quickuploadimage",
                    ]
                )
            )
--- a/core/models.py
+++ b/core/models.py
@ -1148,15 +1148,15 @@ class QuickUploadImage(models.Model):
        identifier = str(uuid4())
        name = Path(image.name).stem[: cls.IMAGE_NAME_SIZE - 1]
        file = File(convert_image(image), name=f"{identifier}.webp")
-        image = Image.open(file)
+        width, height = Image.open(file).size
        return cls.objects.create(
            uuid=identifier,
            name=name,
            image=file,
            uploader=uploader,
-            width=image.width,
+            width=width,
-            height=image.height,
+            height=height,
            size=file.size,
        )
--- a/core/static/bundled/core/components/easymde-index.ts
+++ b/core/static/bundled/core/components/easymde-index.ts
@ -33,7 +33,7 @@ const loadEasyMde = (textarea: HTMLTextAreaElement) => {
              .join(" ; "),
          );
        } else if (response.response.status === 403) {
-          onError(gettext("Not authorized, you need to have subscribed at least once"));
+          onError(gettext("You are not authorized to use this feature"));
        } else {
          onError(gettext("Could not upload image"));
        }
--- a/locale/fr/LC_MESSAGES/djangojs.po
+++ b/locale/fr/LC_MESSAGES/djangojs.po
@ -7,7 +7,7 @@
 msgid ""
 msgstr ""
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2025-04-09 22:12+0200\n"
+"POT-Creation-Date: 2025-04-09 23:23+0200\n"
 "PO-Revision-Date: 2024-09-17 11:54+0200\n"
 "Last-Translator: Sli <antoine@bartuccio.fr>\n"
 "Language-Team: AE info <ae.info@utbm.fr>\n"
@ -64,8 +64,8 @@ msgid "No results found"
 msgstr "Aucun résultat trouvé"
 #: core/static/bundled/core/components/easymde-index.ts
-msgid "Not authorized, you need to have subscribed at least once"
+msgid "You are not authorized to use this feature"
-msgstr ""
+msgstr "Vous n'êtes pas autorisé à utilisé cette fonctionalité"
 #: core/static/bundled/core/components/easymde-index.ts
 msgid "Could not upload image"