Merge remote-tracking branch 'origin/main' into nl/2300-Senior-Official-Table

2025-07-22 02:36:02 +02:00 · 2024-06-20 15:15:41 -06:00 · 2024-06-20 15:15:41 -06:00 · 1120e3f758
commit 1120e3f758
parent 625d0e6f1f f8af4c9ab8
3 changed files with 78 additions and 11 deletions
--- a/src/registrar/admin.py
+++ b/src/registrar/admin.py
@ -1257,7 +1257,7 @@ class DomainInformationAdmin(ListHeaderAdmin, ImportExportModelAdmin):
    search_help_text = "Search by domain."

    fieldsets = [
-        (None, {"fields": ["creator", "submitter", "domain_request", "notes"]}),
+        (None, {"fields": ["portfolio", "creator", "submitter", "domain_request", "notes"]}),
        (".gov domain", {"fields": ["domain"]}),
        ("Contacts", {"fields": ["authorizing_official", "other_contacts", "no_other_contacts_rationale"]}),
        ("Background info", {"fields": ["anything_else"]}),
@ -1343,6 +1343,32 @@ class DomainInformationAdmin(ListHeaderAdmin, ImportExportModelAdmin):

    change_form_template = "django/admin/domain_information_change_form.html"

+    superuser_only_fields = [
+        "portfolio",
+    ]
+
+    # DEVELOPER's NOTE:
+    # Normally, to exclude a field from an Admin form, we could simply utilize
+    # Django's "exclude" feature.  However, it causes a "missing key" error if we
+    # go that route for this particular form.  The error gets thrown by our
+    # custom fieldset.html code and is due to the fact that "exclude" removes
+    # fields from base_fields but not fieldsets.  Rather than reworking our
+    # custom frontend, it seems more straightforward (and easier to read) to simply
+    # modify the fieldsets list so that it excludes any fields we want to remove
+    # based on permissions (eg. superuser_only_fields) or other conditions.
+    def get_fieldsets(self, request, obj=None):
+        fieldsets = self.fieldsets
+
+        # Create a modified version of fieldsets to exclude certain fields
+        if not request.user.has_perm("registrar.full_access_permission"):
+            modified_fieldsets = []
+            for name, data in fieldsets:
+                fields = data.get("fields", [])
+                fields = tuple(field for field in fields if field not in DomainInformationAdmin.superuser_only_fields)
+                modified_fieldsets.append((name, {"fields": fields}))
+            return modified_fieldsets
+        return fieldsets
+
    def get_readonly_fields(self, request, obj=None):
        """Set the read-only state on form elements.
        We have 1 conditions that determine which fields are read-only:
@ -1506,6 +1532,7 @@ class DomainRequestAdmin(ListHeaderAdmin, ImportExportModelAdmin):
            None,
            {
                "fields": [
+                    "portfolio",
                    "status",
                    "rejection_reason",
                    "action_needed_reason",
@ -1616,6 +1643,32 @@ class DomainRequestAdmin(ListHeaderAdmin, ImportExportModelAdmin):
    ]
    filter_horizontal = ("current_websites", "alternative_domains", "other_contacts")

+    superuser_only_fields = [
+        "portfolio",
+    ]
+
+    # DEVELOPER's NOTE:
+    # Normally, to exclude a field from an Admin form, we could simply utilize
+    # Django's "exclude" feature.  However, it causes a "missing key" error if we
+    # go that route for this particular form.  The error gets thrown by our
+    # custom fieldset.html code and is due to the fact that "exclude" removes
+    # fields from base_fields but not fieldsets.  Rather than reworking our
+    # custom frontend, it seems more straightforward (and easier to read) to simply
+    # modify the fieldsets list so that it excludes any fields we want to remove
+    # based on permissions (eg. superuser_only_fields) or other conditions.
+    def get_fieldsets(self, request, obj=None):
+        fieldsets = super().get_fieldsets(request, obj)
+
+        # Create a modified version of fieldsets to exclude certain fields
+        if not request.user.has_perm("registrar.full_access_permission"):
+            modified_fieldsets = []
+            for name, data in fieldsets:
+                fields = data.get("fields", [])
+                fields = tuple(field for field in fields if field not in self.superuser_only_fields)
+                modified_fieldsets.append((name, {"fields": fields}))
+            return modified_fieldsets
+        return fieldsets
+
    # Table ordering
    # NOTE: This impacts the select2 dropdowns (combobox)
    # Currentl, there's only one for requests on DomainInfo
@ -1961,13 +2014,7 @@ class DomainInformationInline(admin.StackedInline):
    template = "django/admin/includes/domain_info_inline_stacked.html"
    model = models.DomainInformation

-    fieldsets = copy.deepcopy(DomainInformationAdmin.fieldsets)
-    # remove .gov domain from fieldset
-    for index, (title, f) in enumerate(fieldsets):
-        if title == ".gov domain":
-            del fieldsets[index]
-            break
-
+    fieldsets = DomainInformationAdmin.fieldsets
    readonly_fields = DomainInformationAdmin.readonly_fields
    analyst_readonly_fields = DomainInformationAdmin.analyst_readonly_fields

@ -2014,6 +2061,23 @@ class DomainInformationInline(admin.StackedInline):
    def get_readonly_fields(self, request, obj=None):
        return DomainInformationAdmin.get_readonly_fields(self, request, obj=None)

+    # Re-route the get_fieldsets method to utilize DomainInformationAdmin.get_fieldsets
+    # since that has all the logic for excluding certain fields according to user permissions.
+    # Then modify the remaining fields to further trim out any we don't want for this inline
+    # form
+    def get_fieldsets(self, request, obj=None):
+        # Grab fieldsets from DomainInformationAdmin so that it handles all logic
+        # for permission-based field visibility.
+        modified_fieldsets = DomainInformationAdmin.get_fieldsets(self, request, obj=None)
+
+        # remove .gov domain from fieldset
+        for index, (title, f) in enumerate(modified_fieldsets):
+            if title == ".gov domain":
+                del modified_fieldsets[index]
+                break
+
+        return modified_fieldsets
+

 class DomainResource(FsmModelResource):
    """defines how each field in the referenced model should be mapped to the corresponding fields in the
--- a/src/registrar/models/portfolio.py
+++ b/src/registrar/models/portfolio.py
@ -105,3 +105,6 @@ class Portfolio(TimeStampedModel):
        verbose_name="security contact e-mail",
        max_length=320,
    )
+
+    def __str__(self) -> str:
+        return f"{self.organization_name}"
--- a/src/registrar/templates/domain_request_additional_details.html
+++ b/src/registrar/templates/domain_request_additional_details.html
@ -16,7 +16,7 @@
      </legend>

      <!-- Toggle -->
-      <em>Select one (<abbr class="usa-hint usa-hint--required" title="required">*</abbr>).</em>
+      <em>Select one. <abbr class="usa-hint usa-hint--required" title="required">*</abbr></em>
      {% with add_class="usa-radio__input--tile" add_legend_class="usa-sr-only" %}
        {% input_with_errors forms.0.has_cisa_representative %}
      {% endwith %}
@ -36,7 +36,7 @@
        </legend>
  
        <!-- Toggle -->
-        <em>Select one (<abbr class="usa-hint usa-hint--required" title="required">*</abbr>).</em>
+        <em>Select one. <abbr class="usa-hint usa-hint--required" title="required">*</abbr></em>
        {% with add_class="usa-radio__input--tile" add_legend_class="usa-sr-only" %}
          {% input_with_errors forms.2.has_anything_else_text %}
        {% endwith %}
@ -44,7 +44,7 @@
    </fieldset>
  
    <div class="margin-top-3" id="anything-else">
-        <p>Provide details below (<abbr class="usa-hint usa-hint--required" title="required">*</abbr>).</p>
+        <p>Provide details below. <abbr class="usa-hint usa-hint--required" title="required">*</abbr></p>
        {% with attr_maxlength=2000 add_label_class="usa-sr-only" %}
            {% input_with_errors forms.3.anything_else %}
        {% endwith %}