TIHLDE · MindChirp · Aug 30, 2024 · Mar 23, 2024 · Apr 6, 2024 · Apr 8, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -14,6 +14,10 @@
 
 ## Neste versjon
 
+## Versjon 2024.08.21
+- ⚡**Nyheter**. Ledere av komiteer kan nå opprette nyheter.
+- ⚡**Forms**. Alle ledere av grupper kan nå opprette gruppe spørreskjemaer.
+
 ## Versjon 2024.07.30
 - ✨ **Feide**. Man kan nå registrere bruker automatisk med Feide.
 - ✨ **Fillagring**. Man kan nå slette en fil fra Azure basert på container navn og fil navn.

diff --git a/app/content/models/news.py b/app/content/models/news.py
@@ -3,7 +3,7 @@
 from django.db import models
 
 from app.common.enums import AdminGroup, Groups
-from app.common.permissions import BasePermissionModel
+from app.common.permissions import BasePermissionModel, check_has_access
 from app.emoji.models.reaction import Reaction
 from app.util.models import BaseModel, OptionalImage
 
@@ -33,3 +33,11 @@ def __str__(self):
     @property
     def website_url(self):
         return f"/nyheter/{self.id}/"
+
+    @classmethod
+    def has_write_permission(cls, request):
+        if not request.user:
+            return False
+        return request.user.is_leader_of_committee or check_has_access(
+            cls.write_access, request
+        )
diff --git a/app/content/models/user.py b/app/content/models/user.py
@@ -160,6 +160,10 @@ def is_leader_of_committee(self):
             group__type=GroupType.COMMITTEE, membership_type=MembershipType.LEADER
         ).exists()
 
+    @property
+    def is_leader(self):
+        return self.memberships.filter(membership_type=MembershipType.LEADER).exists()
+
     def has_unanswered_evaluations(self):
         return self.get_unanswered_evaluations().exists()
 

diff --git a/app/forms/models/forms.py b/app/forms/models/forms.py
@@ -181,7 +181,7 @@ def has_write_permission(cls, request):
         return (
             (group and group.has_object_group_form_permission(request))
             or check_has_access(cls.write_access, request)
-            or request.user.is_leader_of_committee
+            or request.user.is_leader
         )
 
     @classmethod

diff --git a/app/kontres/serializer/reservation_seralizer.py b/app/kontres/serializer/reservation_seralizer.py
@@ -110,10 +110,10 @@ def validate_state_change(self, data, user):
                     )
 
     def validate_time_and_overlapping(self, data):
-
         # Check if this is an update operation and if start_time is being modified.
         is_update_operation = self.instance is not None
         start_time_being_modified = "start_time" in data
+        state_being_modified = "state_change" in data
 
         # Retrieve the start and end times from the data if provided, else from the instance.
         start_time = data.get(
@@ -137,7 +137,7 @@ def validate_time_and_overlapping(self, data):
             "bookable_item", self.instance.bookable_item if self.instance else None
         )
         # Check for overlapping reservations only if necessary fields are present
-        if bookable_item and start_time and end_time:
+        if bookable_item and start_time and end_time and not state_being_modified:
             # Build the query for overlapping reservations
             overlapping_reservations_query = Q(
                 bookable_item=bookable_item,

diff --git a/app/tests/content/test_news_integration.py b/app/tests/content/test_news_integration.py
@@ -2,10 +2,10 @@
 
 import pytest
 
-from app.common.enums import AdminGroup, Groups
+from app.common.enums import AdminGroup, Groups, GroupType, MembershipType
 from app.content.factories.news_factory import NewsFactory
 from app.content.factories.user_factory import UserFactory
-from app.util.test_utils import get_api_client
+from app.util.test_utils import add_user_to_group_with_name, get_api_client
 
 API_NEWS_BASE_URL = "/news/"
 
@@ -310,3 +310,20 @@ def test_destroy_returns_detail_in_response(news):
     response = client.delete(url)
 
     assert response.json().get("detail")
+
+
+@pytest.mark.django_db
+def test_create_news_as_leader_of_committee(member):
+    """A leader of a committee should be able to create news."""
+    add_user_to_group_with_name(
+        member,
+        "Committee",
+        group_type=GroupType.COMMITTEE,
+        membership_type=MembershipType.LEADER,
+    )
+    client = get_api_client(user=member)
+    response = client.post(
+        _get_news_url(), {"title": "title", "header": "header", "body": "body"}
+    )
+
+    assert response.status_code == status.HTTP_201_CREATED
diff --git a/app/tests/forms/test_group_form_integration.py b/app/tests/forms/test_group_form_integration.py
@@ -5,7 +5,8 @@
 from app.common.enums import AdminGroup, GroupType, MembershipType
 from app.forms.tests.form_factories import GroupFormFactory
 from app.group.factories import GroupFactory, MembershipFactory
-from app.util.test_utils import add_user_to_group_with_name
+from app.group.models import Group
+from app.util.test_utils import add_user_to_group_with_name, get_api_client
 
 pytestmark = pytest.mark.django_db
 
@@ -234,3 +235,27 @@ def test_retrieve_specific_group_form(
     response = client.get(url)
 
     assert response.status_code == status_code
+
+
+@pytest.mark.django_db
+@pytest.mark.parametrize(
+    ("group_name", "group_type"),
+    (
+        ("Committee", GroupType.COMMITTEE),
+        ("Subgroup", GroupType.SUBGROUP),
+        ("Board", GroupType.BOARD),
+        ("Interestgroup", GroupType.INTERESTGROUP),
+    ),
+)
+def test_create_group_form_as_leader(member, group_name, group_type):
+    """Test that leaders of a group can create a group form"""
+    add_user_to_group_with_name(
+        member, group_name, group_type=group_type, membership_type=MembershipType.LEADER
+    )
+    group = Group.objects.get(name=group_name)
+    client = get_api_client(user=member)
+    data = _get_form_post_data(group=group)
+
+    response = client.post(FORMS_URL, data)
+
+    assert response.status_code == status.HTTP_201_CREATED