From 0d78dcadf5501c1788adf71271cbe1b3b0f0e818 Mon Sep 17 00:00:00 2001 From: LEVY-FALK Hugo Date: Thu, 30 Nov 2017 14:41:31 +0100 Subject: [PATCH] =?UTF-8?q?@can=5Fcreate=20et=20@can=5Fedit=20sur=20l'ajou?= =?UTF-8?q?t=20de=20ban,=20l'ajout=20de=20droit,=20l'=C3=A9dition/cr=C3=A9?= =?UTF-8?q?ation=20de=20service,=20l'=C3=A9dition=20de=20password,=20les?= =?UTF-8?q?=20=C3=A9tats=20et=20l'=C3=A9dition=20d'utilisateurs.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- users/models.py | 11 ++++++++++ users/views.py | 56 ++++++++++++------------------------------------- 2 files changed, 24 insertions(+), 43 deletions(-) diff --git a/users/models.py b/users/models.py index 4cdbe715..9df23486 100644 --- a/users/models.py +++ b/users/models.py @@ -921,6 +921,11 @@ class ServiceUser(AbstractBaseUser): else: return user.has_perms(('infra',)) + def can_edit(instance, user): + return user.has_perms(('infra',)) + + def get_instance(userid): + return ServiceUser.objects.get(pk=userid) @receiver(post_save, sender=ServiceUser) def service_user_post_save(sender, **kwargs): @@ -951,6 +956,9 @@ class Right(models.Model): def __str__(self): return str(self.user) + def can_create(user): + return user.has_perms('bureau') + @receiver(post_save, sender=Right) def right_post_save(sender, **kwargs): @@ -1095,6 +1103,9 @@ class Ban(models.Model): def __str__(self): return str(self.user) + ' ' + str(self.raison) + def can_create(user): + return user.has_perms(('bofh',)) + @receiver(post_save, sender=Ban) def ban_post_save(sender, **kwargs): diff --git a/users/views.py b/users/views.py index 9036ab0a..94b4c2fb 100644 --- a/users/views.py +++ b/users/views.py @@ -226,14 +226,10 @@ def edit_info(request, user, userid): @login_required @permission_required('bureau') -def state(request, userid): +@can_edit(User) +def state(request, user, userid): """ Changer l'etat actif/desactivé/archivé d'un user, need droit bureau """ - try: - user = User.objects.get(pk=userid) - except User.DoesNotExist: - messages.error(request, "Utilisateur inexistant") - return redirect(reverse('users:index')) state = StateForm(request.POST or None, instance=user) if state.is_valid(): with transaction.atomic(), reversion.create_revision(): @@ -257,21 +253,11 @@ def state(request, userid): @login_required -def password(request, userid): +@can_edit(User) +def password(request, user, userid): """ Reinitialisation d'un mot de passe à partir de l'userid, pour self par défaut, pour tous sans droit si droit cableur, pour tous si droit bureau """ - try: - user = User.objects.get(pk=userid) - except User.DoesNotExist: - messages.error(request, "Utilisateur inexistant") - return redirect(reverse('users')) - if not user.can_edit(request.user): - messages.error(request, "Vous ne pouvez pas accéder à ce menu") - return redirect(reverse( - 'users:profil', - kwargs={'userid':str(request.user.id)} - )) if not request.user.has_perms(('bureau',)) and user != request.user\ and Right.objects.filter(user=user): messages.error(request, "Il faut les droits bureau pour modifier le\ @@ -307,16 +293,9 @@ def new_serviceuser(request): @login_required -@permission_required('infra') -def edit_serviceuser(request, userid): - """ Edite un utilisateur à partir de son id, - si l'id est différent de request.user, - vérifie la possession du droit cableur """ - try: - user = ServiceUser.objects.get(pk=userid) - except ServiceUser.DoesNotExist: - messages.error(request, "Utilisateur inexistant") - return redirect(reverse('users:index')) +@can_edit(ServiceUser) +def edit_serviceuser(request, user, userid): + """ Edit a ServiceUser """ user = EditServiceUserForm(request.POST or None, instance=user) if user.is_valid(): user_object = user.save(commit=False) @@ -356,14 +335,10 @@ def del_serviceuser(request, userid): @login_required -@permission_required('bureau') -def add_right(request, userid): +@can_create(Right) +@can_edit(User) +def add_right(request, user, userid): """ Ajout d'un droit à un user, need droit bureau """ - try: - user = User.objects.get(pk=userid) - except User.DoesNotExist: - messages.error(request, "Utilisateur inexistant") - return redirect(reverse('users:index')) right = RightForm(request.POST or None) if right.is_valid(): right = right.save(commit=False) @@ -405,16 +380,12 @@ def del_right(request): @login_required -@permission_required('bofh') -def add_ban(request, userid): +@can_create(Ban) +@can_edit(User) +def add_ban(request, user, userid): """ Ajouter un banissement, nécessite au moins le droit bofh (a fortiori bureau) Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement""" - try: - user = User.objects.get(pk=userid) - except User.DoesNotExist: - messages.error(request, "Utilisateur inexistant") - return redirect(reverse('users:index')) ban_instance = Ban(user=user) ban = BanForm(request.POST or None, instance=ban_instance) if ban.is_valid(): @@ -434,7 +405,6 @@ def add_ban(request, userid): ) return form({'userform': ban}, 'users/user.html', request) - @login_required @permission_required('bofh') def edit_ban(request, banid):