diff --git a/tickets/models.py b/tickets/models.py index ff609437..9cdb334b 100644 --- a/tickets/models.py +++ b/tickets/models.py @@ -5,11 +5,13 @@ from django.template import Context, loader from django.db.models.signals import post_save from django.dispatch import receiver +from re2o.mixins import AclMixin + from preferences.models import GeneralOption import users.models -class Ticket(models.Model): +class Ticket(AclMixin, models.Model): """Class définissant un ticket""" user = models.ForeignKey( @@ -59,6 +61,26 @@ class Ticket(models.Model): GeneralOption.get_cached_value('email_from'), [to_addr], fail_silently = False) + + def can_view(self, user_request, *_args, **_kwargs): + """Verifie que la personne à le droit pour voir le ticket + ou qu'elle est l'auteur du ticket""" + if (not user_request.has_perm('tickets.view_ticket') and self.user != user_request): + return False, _("You don't have the right to view other Tickets than yours.") + else: + return True, None + + @staticmethod + def can_view_all(user_request, *_args, **_kwargs): + """Vérifie si l'user a acccés à la liste de tous les tickets""" + return( + user_request.has_perm('tickets.view_tickets'), + _("You don't have the right to view the list of tickets.") + ) + + def can_create(user_request,*_args, **_kwargs): + """Autorise tout les utilisateurs à créer des tickets""" + return True,None class Preferences(models.Model): """ Class cannonique définissants les préférences des tickets """ diff --git a/tickets/views.py b/tickets/views.py index be7cc270..a556efe3 100644 --- a/tickets/views.py +++ b/tickets/views.py @@ -1,4 +1,5 @@ from django.contrib import messages +from django.contrib.auth.decorators import login_required from django.shortcuts import render, redirect from django.template.loader import render_to_string from django.views.decorators.cache import cache_page @@ -10,6 +11,13 @@ from re2o.base import ( re2o_paginator, ) +from re2o.acl import( + can_view, + can_view_all, + can_edit, + can_create, +) + from preferences.models import GeneralOption from .models import( Ticket, @@ -51,6 +59,8 @@ def new_ticket(request): ticketform = NewTicketForm return form({'ticketform':ticketform,},'tickets/form_ticket.html',request) +@login_required +@can_view(Ticket) def aff_ticket(request,ticketid): """Vue d'affichage d'un ticket""" ticket = Ticket.objects.filter(id=ticketid).get() @@ -59,13 +69,18 @@ def aff_ticket(request,ticketid): ticket.solved = not ticket.solved ticket.save() return render(request,'tickets/aff_ticket.html',{'ticket':ticket,'changestatusform':changestatusform}) - + +@login_required +@can_view_all(Ticket) def aff_tickets(request): """ Vue d'affichage de tout les tickets """ tickets_list = Ticket.objects.all().order_by('-date') - last_ticket_date = tickets_list.first().date nbr_tickets = tickets_list.count() nbr_tickets_unsolved = tickets_list.filter(solved=False).count() + if nbr_tickets: + last_ticket_date = tickets_list.first().date + else: + last_ticket_date = "Jamais" pagination_number = (GeneralOption .get_cached_value('pagination_number')) @@ -105,10 +120,13 @@ def edit_preferences(request): def profil(request,user): """ Vue cannonique d'affichage des tickets dans l'accordeon du profil""" tickets_list = Ticket.objects.filter(user=user).all().order_by('-date') - last_ticket_date = tickets_list.first().date nbr_tickets = tickets_list.count() nbr_tickets_unsolved = tickets_list.filter(solved=False).count() - + if nbr_tickets: + last_ticket_date = tickets_list.first().date + else: + last_ticket_date = "Jamais" + pagination_number = (GeneralOption .get_cached_value('pagination_large_number'))