]> git.parisson.com Git - teleforma.git/commitdiff
projects / teleforma.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cec58ba)
restrict profile view to own user feauture/profile-uuid
authorGuillaume Pellerin <guillaume.pellerin@parisson.com>
Fri, 15 May 2026 14:38:46 +0000 (16:38 +0200)
committerGuillaume Pellerin <guillaume.pellerin@parisson.com>
Fri, 15 May 2026 14:38:46 +0000 (16:38 +0200)
lib/pdfannotator patch | blob | history
teleforma/views/crfpa.py patch | blob | history

diff --git a/lib/pdfannotator b/lib/pdfannotator
index 70e1f1833f63cb9105659b431357be580cdfc659..1f161760779798d79a9c0c073f15044c2bcc6e46 160000 (submodule)
--- a/lib/pdfannotator
+++ b/lib/pdfannotator
@@ -1 +1 @@
-Subproject commit 70e1f1833f63cb9105659b431357be580cdfc659
+Subproject commit 1f161760779798d79a9c0c073f15044c2bcc6e46
diff --git a/teleforma/views/crfpa.py b/teleforma/views/crfpa.py
index 1fca611c4e5ee2a9f27a6efeaac579d6335b9c51..738110e44f444a677ab705b268228664a13e0f7d 100644 (file)
--- a/teleforma/views/crfpa.py
+++ b/teleforma/views/crfpa.py
@@ -1188,17 +1188,19 @@ class CRFPAProfileView(ProfileView):
     @method_decorator(login_required)
     def profile_detail(self, request, username, template='teleforma/profile_detail.html'):
         user = User.objects.get(username=username)
-        try:
-            profile = user.get_profile()
-        except:
-            profile = None
         student = user.student.all()
         payment = None
-        if student and (user.username == request.user.username or request.user.is_superuser):
-            student = user.student.get()
-            payment = student.payments.order_by('-id').all()
-            if payment:
-                payment = payment[0]
+        profile = None
+        if student:
+            if user.username == request.user.username or request.user.is_superuser:
+                try:
+                    profile = user.get_profile()
+                except:
+                    profile = None
+                student = user.student.get()
+                payment = student.payments.order_by('-id').all()
+                if payment:
+                    payment = payment[0]
 
         return render(request, template, {'profile' : profile, 'usr': user, 'payment':payment})
 
Unnamed repository; edit this file 'description' to name the repository.