Form validations in organization management view

Solvosoft · Dec 5, 2023 · b3bb4f1 · b3bb4f1
1 parent ad431b8
commit b3bb4f1
Show file tree

Hide file tree

Showing 3 changed files with 56 additions and 17 deletions.
diff --git a/src/auth_and_perms/api/serializers.py b/src/auth_and_perms/api/serializers.py
@@ -225,8 +225,16 @@ class ValidateProfileSerializer(serializers.Serializer):
 class ValidateOrganizationSerializer(serializers.Serializer):
     organization = serializers.PrimaryKeyRelatedField(queryset=OrganizationStructure.objects.using(settings.READONLY_DATABASE))
 
+    def validate_organization(self, value):
+        organization = super().validate(value)
+        if not organization.active:
+            logger.debug(
+                f'ValidateOrganizationSerializer --> not organization.active = False')
+            raise serializers.ValidationError(
+                _("Organization cannot be inactive"))
+        return organization
 
-class ValidateGroupsByProfileSerializer(serializers.Serializer):
+class ValidateGroupsByProfileSerializer(ValidateOrganizationSerializer):
     profile = serializers.PrimaryKeyRelatedField(queryset=User.objects.using(settings.READONLY_DATABASE))
     groups = serializers.PrimaryKeyRelatedField(queryset=Group.objects.using(settings.READONLY_DATABASE), many=True, required=False)
 

diff --git a/src/auth_and_perms/forms.py b/src/auth_and_perms/forms.py
@@ -157,22 +157,18 @@ class OrganizationActions(GTForm):
     action_organization = forms.ModelChoiceField(
         queryset=OrganizationStructure.objects.all(),
         widget=genwidgets.HiddenInput)
-    name = forms.CharField(widget=genwidgets.TextInput, required=False, label=_("Name"))
+    name = forms.CharField(widget=genwidgets.TextInput, required=True, label=_("Name"))
 
     def clean(self):
         cleaned_data = super().clean()
-        name = cleaned_data.get('name')
         actions = cleaned_data.get('actions')
         organization = cleaned_data.get('action_organization')
 
         if organization and not organization.active:
 
             if actions in [1, 3]:
-
-                if actions == 3 and not name:
-                    self.add_error('name', 'Name not found')
-
-                self.add_error("action_organization", _("Organization cannot be inactive"))
+                self.add_error("action_organization",
+                               _("Organization cannot be inactive"))
 
 
 class OrganizationActionsWithoutInactive(OrganizationActions):
@@ -210,6 +206,15 @@ class ProfileGroupForm(GTForm):
     organization = forms.IntegerField(widget=genwidgets.HiddenInput)
 
 
+    def clean(self):
+        cleaned_data = super().clean()
+        organization = cleaned_data.get('organization')
+
+        if not organization.active:
+            self.add_error("organization",
+                           _("Organization cannot be inactive"))
+
+
 class OrgTreeForm(GTForm):
     organization = forms.ModelChoiceField(queryset=OrganizationStructure.objects.all(),
                                           widget=AutocompleteSelect('orgtree')

diff --git a/src/auth_and_perms/gtselects.py b/src/auth_and_perms/gtselects.py
@@ -21,7 +21,7 @@
 from laboratory.models import Laboratory, OrganizationStructure, \
     OrganizationStructureRelations, Object
 from laboratory.utils import get_profile_by_organization, get_users_from_organization, get_rols_from_organization
-
+from django.utils.translation import gettext_lazy as _
 
 def str2bool(v):
     v = v or ''
@@ -79,32 +79,47 @@ def filter_queryset(self, queryset):
 class LabUserS2OrgManagement(generics.RetrieveAPIView, BaseSelect2View):
     model = User
     fields = ['username']
-    organization = None
     pagination_class = GPaginatorMoreElements
     authentication_classes = [SessionAuthentication]
     permission_classes = [IsAuthenticated]
-    organization=None
-    contenttypeobj=None
+    organization = None
+    contenttypeobj = None
 
     def retrieve(self, request, pk, **kwargs):
         self.organization = get_object_or_404(OrganizationStructure.objects.using(settings.READONLY_DATABASE), pk=pk)
+
+        if not self.organization.active:
+            return Response({
+                'status': 'Bad request',
+                'errors': {"organization": [_("Organization cannot be inactive")]},
+            }, status=status.HTTP_400_BAD_REQUEST)
+
         return self.list(request, pk, **kwargs)
 
     def list(self, request, *args, **kwargs):
         if self.organization is None:
             form = RelOrganizationPKIntForm(self.request.GET)
+
             if form.is_valid():
                 self.organization = get_object_or_404(OrganizationStructure.objects.using(settings.READONLY_DATABASE), pk=form.cleaned_data['organization'])
+
                 if form.cleaned_data['typeofcontenttype'] == 'laboratory':
                     if form.cleaned_data['laboratory']:
                         self.contenttypeobj = get_object_or_404(Laboratory.objects.using(settings.READONLY_DATABASE), pk=form.cleaned_data['laboratory'])
                         organization_can_change_laboratory(self.contenttypeobj, self.organization)
                 elif form.cleaned_data['typeofcontenttype'] == 'organization':
                     self.contenttypeobj = self.organization
                     user_is_allowed_on_organization(self.request.user, self.contenttypeobj)
-        if self.organization:
-            user_is_allowed_on_organization(self.request.user, self.organization)
-        return super().list(request, *args, **kwargs)
+            else:
+                return Response({
+                    'status': 'Bad request',
+                    'errors': form.errors,
+                }, status=status.HTTP_400_BAD_REQUEST)
+
+            if self.organization:
+                user_is_allowed_on_organization(self.request.user, self.organization)
+            return super().list(request, *args, **kwargs)
+
 
     def get_queryset(self):
         if self.organization:
@@ -256,20 +271,31 @@ def get_queryset(self):
 
     def retrieve(self, request, pk, **kwargs):
         self.organization = get_object_or_404(OrganizationStructure.objects.using(settings.READONLY_DATABASE), pk=pk)
+
+        if not self.organization.active:
+            return Response({
+                'status': 'Bad request',
+                'errors': {"organization": [_("Organization cannot be inactive")]},
+            }, status=status.HTTP_400_BAD_REQUEST)
+
         return self.list(request, pk, **kwargs)
 
     def list(self, request, *args, **kwargs):
         if self.organization is None:
             form = RelOrganizationPKIntForm(self.request.GET)
             if form.is_valid():
                 self.organization = get_object_or_404(OrganizationStructure.objects.using(settings.READONLY_DATABASE), pk=form.cleaned_data['organization'])
+            else:
+                return Response({
+                    'status': 'Bad request',
+                    'errors': form.errors,
+                }, status=status.HTTP_400_BAD_REQUEST)
 
         if self.organization is None:
-            raise Http404("Organization not found")
+            raise Http404(_("Organization not found"))
         return super().list(request, *args, **kwargs)
 
 
-
 @register_lookups(prefix="roluserorgbase", basename="roluserorgbase")
 class RolUserOrgS2(generics.RetrieveAPIView, BaseSelect2View):
     model = Rol