Merge remote-tracking branch 'origin/main' into nl/2300-Senior-Official-Table

src/registrar/admin.py

@@ -1257,7 +1257,7 @@ class DomainInformationAdmin(ListHeaderAdmin, ImportExportModelAdmin):
     search_help_text = "Search by domain."
 
     fieldsets = [
-        (None, {"fields": ["creator", "submitter", "domain_request", "notes"]}),
+        (None, {"fields": ["portfolio", "creator", "submitter", "domain_request", "notes"]}),
         (".gov domain", {"fields": ["domain"]}),
         ("Contacts", {"fields": ["authorizing_official", "other_contacts", "no_other_contacts_rationale"]}),
         ("Background info", {"fields": ["anything_else"]}),
@@ -1343,6 +1343,32 @@ class DomainInformationAdmin(ListHeaderAdmin, ImportExportModelAdmin):
 
     change_form_template = "django/admin/domain_information_change_form.html"
 
+    superuser_only_fields = [
+        "portfolio",
+    ]
+
+    # DEVELOPER's NOTE:
+    # Normally, to exclude a field from an Admin form, we could simply utilize
+    # Django's "exclude" feature.  However, it causes a "missing key" error if we
+    # go that route for this particular form.  The error gets thrown by our
+    # custom fieldset.html code and is due to the fact that "exclude" removes
+    # fields from base_fields but not fieldsets.  Rather than reworking our
+    # custom frontend, it seems more straightforward (and easier to read) to simply
+    # modify the fieldsets list so that it excludes any fields we want to remove
+    # based on permissions (eg. superuser_only_fields) or other conditions.
+    def get_fieldsets(self, request, obj=None):
+        fieldsets = self.fieldsets
+
+        # Create a modified version of fieldsets to exclude certain fields
+        if not request.user.has_perm("registrar.full_access_permission"):
+            modified_fieldsets = []
+            for name, data in fieldsets:
+                fields = data.get("fields", [])
+                fields = tuple(field for field in fields if field not in DomainInformationAdmin.superuser_only_fields)
+                modified_fieldsets.append((name, {"fields": fields}))
+            return modified_fieldsets
+        return fieldsets
+
     def get_readonly_fields(self, request, obj=None):
         """Set the read-only state on form elements.
         We have 1 conditions that determine which fields are read-only:
@@ -1506,6 +1532,7 @@ class DomainRequestAdmin(ListHeaderAdmin, ImportExportModelAdmin):
             None,
             {
                 "fields": [
+                    "portfolio",
                     "status",
                     "rejection_reason",
                     "action_needed_reason",
@@ -1616,6 +1643,32 @@ class DomainRequestAdmin(ListHeaderAdmin, ImportExportModelAdmin):
     ]
     filter_horizontal = ("current_websites", "alternative_domains", "other_contacts")
 
+    superuser_only_fields = [
+        "portfolio",
+    ]
+
+    # DEVELOPER's NOTE:
+    # Normally, to exclude a field from an Admin form, we could simply utilize
+    # Django's "exclude" feature.  However, it causes a "missing key" error if we
+    # go that route for this particular form.  The error gets thrown by our
+    # custom fieldset.html code and is due to the fact that "exclude" removes
+    # fields from base_fields but not fieldsets.  Rather than reworking our
+    # custom frontend, it seems more straightforward (and easier to read) to simply
+    # modify the fieldsets list so that it excludes any fields we want to remove
+    # based on permissions (eg. superuser_only_fields) or other conditions.
+    def get_fieldsets(self, request, obj=None):
+        fieldsets = super().get_fieldsets(request, obj)
+
+        # Create a modified version of fieldsets to exclude certain fields
+        if not request.user.has_perm("registrar.full_access_permission"):
+            modified_fieldsets = []
+            for name, data in fieldsets:
+                fields = data.get("fields", [])
+                fields = tuple(field for field in fields if field not in self.superuser_only_fields)
+                modified_fieldsets.append((name, {"fields": fields}))
+            return modified_fieldsets
+        return fieldsets
+
     # Table ordering
     # NOTE: This impacts the select2 dropdowns (combobox)
     # Currentl, there's only one for requests on DomainInfo
@@ -1961,13 +2014,7 @@ class DomainInformationInline(admin.StackedInline):
     template = "django/admin/includes/domain_info_inline_stacked.html"
     model = models.DomainInformation
 
-    fieldsets = copy.deepcopy(DomainInformationAdmin.fieldsets)
+    fieldsets = DomainInformationAdmin.fieldsets
-    # remove .gov domain from fieldset
-    for index, (title, f) in enumerate(fieldsets):
-        if title == ".gov domain":
-            del fieldsets[index]
-            break
-
     readonly_fields = DomainInformationAdmin.readonly_fields
     analyst_readonly_fields = DomainInformationAdmin.analyst_readonly_fields
 
@@ -2014,6 +2061,23 @@ class DomainInformationInline(admin.StackedInline):
     def get_readonly_fields(self, request, obj=None):
         return DomainInformationAdmin.get_readonly_fields(self, request, obj=None)
 
+    # Re-route the get_fieldsets method to utilize DomainInformationAdmin.get_fieldsets
+    # since that has all the logic for excluding certain fields according to user permissions.
+    # Then modify the remaining fields to further trim out any we don't want for this inline
+    # form
+    def get_fieldsets(self, request, obj=None):
+        # Grab fieldsets from DomainInformationAdmin so that it handles all logic
+        # for permission-based field visibility.
+        modified_fieldsets = DomainInformationAdmin.get_fieldsets(self, request, obj=None)
+
+        # remove .gov domain from fieldset
+        for index, (title, f) in enumerate(modified_fieldsets):
+            if title == ".gov domain":
+                del modified_fieldsets[index]
+                break
+
+        return modified_fieldsets
+
 
 class DomainResource(FsmModelResource):
     """defines how each field in the referenced model should be mapped to the corresponding fields in the

src/registrar/models/portfolio.py

@@ -105,3 +105,6 @@ class Portfolio(TimeStampedModel):
         verbose_name="security contact e-mail",
         max_length=320,
     )
+
+    def __str__(self) -> str:
+        return f"{self.organization_name}"

src/registrar/templates/domain_request_additional_details.html

@@ -16,7 +16,7 @@
       </legend>
 
       <!-- Toggle -->
-      <em>Select one (<abbr class="usa-hint usa-hint--required" title="required">*</abbr>).</em>
+      <em>Select one. <abbr class="usa-hint usa-hint--required" title="required">*</abbr></em>
       {% with add_class="usa-radio__input--tile" add_legend_class="usa-sr-only" %}
         {% input_with_errors forms.0.has_cisa_representative %}
       {% endwith %}
@@ -36,7 +36,7 @@
         </legend>
   
         <!-- Toggle -->
-        <em>Select one (<abbr class="usa-hint usa-hint--required" title="required">*</abbr>).</em>
+        <em>Select one. <abbr class="usa-hint usa-hint--required" title="required">*</abbr></em>
         {% with add_class="usa-radio__input--tile" add_legend_class="usa-sr-only" %}
           {% input_with_errors forms.2.has_anything_else_text %}
         {% endwith %}
@@ -44,7 +44,7 @@
     </fieldset>
   
     <div class="margin-top-3" id="anything-else">
-        <p>Provide details below (<abbr class="usa-hint usa-hint--required" title="required">*</abbr>).</p>
+        <p>Provide details below. <abbr class="usa-hint usa-hint--required" title="required">*</abbr></p>
         {% with attr_maxlength=2000 add_label_class="usa-sr-only" %}
             {% input_with_errors forms.3.anything_else %}
         {% endwith %}