Merge branch 'main' into dependabot/pip/requirements/partial/pyupgrad…

…e-3.18.0

openslides_backend/action/actions/user/participant_json_upload.py

@@ -103,7 +103,12 @@ def validate_entry(self, entry: dict[str, Any]) -> dict[str, Any]:
         )
 
         payload_index = entry.pop("payload_index", None)
+        # only needed for get_failing_fields not to fail
+        if gender := entry.pop("gender", None):
+            entry["gender_id"] = {}
         failing_fields = self.permission_check.get_failing_fields(entry)
+        if gender:
+            entry.pop("gender_id")
         entry.pop("group_ids")
         entry.pop("structure_level_ids")
         entry.pop("meeting_id")
@@ -152,6 +157,8 @@ def validate_entry(self, entry: dict[str, Any]) -> dict[str, Any]:
 
         if payload_index:
             entry["payload_index"] = payload_index
+        if gender:
+            entry["gender"] = gender
 
         return results
 

requirements/partial/requirements_production.txt

@@ -4,7 +4,7 @@ bleach[css]==6.1.0
 dependency_injector==4.42.0
 fastjsonschema==2.20.0
 gunicorn==23.0.0
-pypdf[crypto]==5.0.0
+pypdf[crypto]==5.0.1
 requests==2.32.3
 roman==4.2
 simplejson==3.19.3

tests/system/action/user/test_participant_json_upload.py

@@ -13,6 +13,10 @@ def setUp(self) -> None:
         self.set_models(
             {
                 "organization/1": {"gender_ids": [1, 2, 3, 4]},
+                "gender/1": {"name": "male"},
+                "gender/2": {"name": "female"},
+                "gender/3": {"name": "diverse"},
+                "gender/4": {"name": "non-binary"},
                 "meeting/1": {
                     "name": "test",
                     "group_ids": [1, 7],
@@ -361,6 +365,60 @@ def test_json_upload_permission_2(self) -> None:
             True,
         )
 
+    def test_json_upload_permission_meeting_admin(self) -> None:
+        self.create_meeting()
+        user_id = self.create_user_for_meeting(1)
+        self.set_user_groups(user_id, [2])
+        self.login(user_id)
+        response = self.request(
+            "participant.json_upload",
+            {
+                "meeting_id": 1,
+                "data": [
+                    {"username": "test", "gender": "male", "default_password": "secret"}
+                ],
+            },
+        )
+        self.assert_status_code(response, 200)
+        self.assert_model_exists(
+            "import_preview/1",
+            {
+                "name": "participant",
+                "state": ImportState.DONE,
+                "result": {
+                    "meeting_id": 1,
+                    "rows": [
+                        {
+                            "state": ImportState.NEW,
+                            "messages": [],
+                            "data": {
+                                "username": {
+                                    "value": "test",
+                                    "info": ImportState.DONE,
+                                },
+                                "groups": [
+                                    {
+                                        "id": 1,
+                                        "info": ImportState.GENERATED,
+                                        "value": "group1",
+                                    }
+                                ],
+                                "gender": {
+                                    "id": 1,
+                                    "info": ImportState.DONE,
+                                    "value": "male",
+                                },
+                                "default_password": {
+                                    "value": "secret",
+                                    "info": ImportState.DONE,
+                                },
+                            },
+                        }
+                    ],
+                },
+            },
+        )
+
     def test_json_upload_locked_meeting(self) -> None:
         self.base_locked_out_superadmin_permission_test(
             {},