mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-26 06:32:26 +00:00
@can_create et @can_edit sur l'ajout de ban, l'ajout de droit, l'édition/création de service, l'édition de password, les états et l'édition d'utilisateurs.
This commit is contained in:
parent
cf642bad08
commit
0d78dcadf5
2 changed files with 24 additions and 43 deletions
|
@ -921,6 +921,11 @@ class ServiceUser(AbstractBaseUser):
|
||||||
else:
|
else:
|
||||||
return user.has_perms(('infra',))
|
return user.has_perms(('infra',))
|
||||||
|
|
||||||
|
def can_edit(instance, user):
|
||||||
|
return user.has_perms(('infra',))
|
||||||
|
|
||||||
|
def get_instance(userid):
|
||||||
|
return ServiceUser.objects.get(pk=userid)
|
||||||
|
|
||||||
@receiver(post_save, sender=ServiceUser)
|
@receiver(post_save, sender=ServiceUser)
|
||||||
def service_user_post_save(sender, **kwargs):
|
def service_user_post_save(sender, **kwargs):
|
||||||
|
@ -951,6 +956,9 @@ class Right(models.Model):
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return str(self.user)
|
return str(self.user)
|
||||||
|
|
||||||
|
def can_create(user):
|
||||||
|
return user.has_perms('bureau')
|
||||||
|
|
||||||
|
|
||||||
@receiver(post_save, sender=Right)
|
@receiver(post_save, sender=Right)
|
||||||
def right_post_save(sender, **kwargs):
|
def right_post_save(sender, **kwargs):
|
||||||
|
@ -1095,6 +1103,9 @@ class Ban(models.Model):
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return str(self.user) + ' ' + str(self.raison)
|
return str(self.user) + ' ' + str(self.raison)
|
||||||
|
|
||||||
|
def can_create(user):
|
||||||
|
return user.has_perms(('bofh',))
|
||||||
|
|
||||||
|
|
||||||
@receiver(post_save, sender=Ban)
|
@receiver(post_save, sender=Ban)
|
||||||
def ban_post_save(sender, **kwargs):
|
def ban_post_save(sender, **kwargs):
|
||||||
|
|
|
@ -226,14 +226,10 @@ def edit_info(request, user, userid):
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('bureau')
|
@permission_required('bureau')
|
||||||
def state(request, userid):
|
@can_edit(User)
|
||||||
|
def state(request, user, userid):
|
||||||
""" Changer l'etat actif/desactivé/archivé d'un user,
|
""" Changer l'etat actif/desactivé/archivé d'un user,
|
||||||
need droit bureau """
|
need droit bureau """
|
||||||
try:
|
|
||||||
user = User.objects.get(pk=userid)
|
|
||||||
except User.DoesNotExist:
|
|
||||||
messages.error(request, "Utilisateur inexistant")
|
|
||||||
return redirect(reverse('users:index'))
|
|
||||||
state = StateForm(request.POST or None, instance=user)
|
state = StateForm(request.POST or None, instance=user)
|
||||||
if state.is_valid():
|
if state.is_valid():
|
||||||
with transaction.atomic(), reversion.create_revision():
|
with transaction.atomic(), reversion.create_revision():
|
||||||
|
@ -257,21 +253,11 @@ def state(request, userid):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
def password(request, userid):
|
@can_edit(User)
|
||||||
|
def password(request, user, userid):
|
||||||
""" Reinitialisation d'un mot de passe à partir de l'userid,
|
""" Reinitialisation d'un mot de passe à partir de l'userid,
|
||||||
pour self par défaut, pour tous sans droit si droit cableur,
|
pour self par défaut, pour tous sans droit si droit cableur,
|
||||||
pour tous si droit bureau """
|
pour tous si droit bureau """
|
||||||
try:
|
|
||||||
user = User.objects.get(pk=userid)
|
|
||||||
except User.DoesNotExist:
|
|
||||||
messages.error(request, "Utilisateur inexistant")
|
|
||||||
return redirect(reverse('users'))
|
|
||||||
if not user.can_edit(request.user):
|
|
||||||
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
|
|
||||||
return redirect(reverse(
|
|
||||||
'users:profil',
|
|
||||||
kwargs={'userid':str(request.user.id)}
|
|
||||||
))
|
|
||||||
if not request.user.has_perms(('bureau',)) and user != request.user\
|
if not request.user.has_perms(('bureau',)) and user != request.user\
|
||||||
and Right.objects.filter(user=user):
|
and Right.objects.filter(user=user):
|
||||||
messages.error(request, "Il faut les droits bureau pour modifier le\
|
messages.error(request, "Il faut les droits bureau pour modifier le\
|
||||||
|
@ -307,16 +293,9 @@ def new_serviceuser(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('infra')
|
@can_edit(ServiceUser)
|
||||||
def edit_serviceuser(request, userid):
|
def edit_serviceuser(request, user, userid):
|
||||||
""" Edite un utilisateur à partir de son id,
|
""" Edit a ServiceUser """
|
||||||
si l'id est différent de request.user,
|
|
||||||
vérifie la possession du droit cableur """
|
|
||||||
try:
|
|
||||||
user = ServiceUser.objects.get(pk=userid)
|
|
||||||
except ServiceUser.DoesNotExist:
|
|
||||||
messages.error(request, "Utilisateur inexistant")
|
|
||||||
return redirect(reverse('users:index'))
|
|
||||||
user = EditServiceUserForm(request.POST or None, instance=user)
|
user = EditServiceUserForm(request.POST or None, instance=user)
|
||||||
if user.is_valid():
|
if user.is_valid():
|
||||||
user_object = user.save(commit=False)
|
user_object = user.save(commit=False)
|
||||||
|
@ -356,14 +335,10 @@ def del_serviceuser(request, userid):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('bureau')
|
@can_create(Right)
|
||||||
def add_right(request, userid):
|
@can_edit(User)
|
||||||
|
def add_right(request, user, userid):
|
||||||
""" Ajout d'un droit à un user, need droit bureau """
|
""" Ajout d'un droit à un user, need droit bureau """
|
||||||
try:
|
|
||||||
user = User.objects.get(pk=userid)
|
|
||||||
except User.DoesNotExist:
|
|
||||||
messages.error(request, "Utilisateur inexistant")
|
|
||||||
return redirect(reverse('users:index'))
|
|
||||||
right = RightForm(request.POST or None)
|
right = RightForm(request.POST or None)
|
||||||
if right.is_valid():
|
if right.is_valid():
|
||||||
right = right.save(commit=False)
|
right = right.save(commit=False)
|
||||||
|
@ -405,16 +380,12 @@ def del_right(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('bofh')
|
@can_create(Ban)
|
||||||
def add_ban(request, userid):
|
@can_edit(User)
|
||||||
|
def add_ban(request, user, userid):
|
||||||
""" Ajouter un banissement, nécessite au moins le droit bofh
|
""" Ajouter un banissement, nécessite au moins le droit bofh
|
||||||
(a fortiori bureau)
|
(a fortiori bureau)
|
||||||
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement"""
|
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement"""
|
||||||
try:
|
|
||||||
user = User.objects.get(pk=userid)
|
|
||||||
except User.DoesNotExist:
|
|
||||||
messages.error(request, "Utilisateur inexistant")
|
|
||||||
return redirect(reverse('users:index'))
|
|
||||||
ban_instance = Ban(user=user)
|
ban_instance = Ban(user=user)
|
||||||
ban = BanForm(request.POST or None, instance=ban_instance)
|
ban = BanForm(request.POST or None, instance=ban_instance)
|
||||||
if ban.is_valid():
|
if ban.is_valid():
|
||||||
|
@ -434,7 +405,6 @@ def add_ban(request, userid):
|
||||||
)
|
)
|
||||||
return form({'userform': ban}, 'users/user.html', request)
|
return form({'userform': ban}, 'users/user.html', request)
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('bofh')
|
@permission_required('bofh')
|
||||||
def edit_ban(request, banid):
|
def edit_ban(request, banid):
|
||||||
|
|
Loading…
Reference in a new issue