mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-26 14:42:25 +00:00
Define can_create, can_edit, can_delete and can_view and use can_create and can_edit decorator for users.models
This commit is contained in:
parent
196d369dda
commit
1262b39c82
2 changed files with 206 additions and 84 deletions
220
users/models.py
220
users/models.py
|
@ -762,44 +762,47 @@ class User(AbstractBaseUser):
|
||||||
num += 1
|
num += 1
|
||||||
return composed_pseudo(num)
|
return composed_pseudo(num)
|
||||||
|
|
||||||
def can_create(user, *args, **kwargs):
|
def get_instance(userid, *args, **kwargs):
|
||||||
|
return User.objects.get(pk=userid)
|
||||||
|
|
||||||
|
def can_create(user_request, *args, **kwargs):
|
||||||
options, _created = OptionalUser.objects.get_or_create()
|
options, _created = OptionalUser.objects.get_or_create()
|
||||||
if options.all_can_create:
|
if options.all_can_create:
|
||||||
return True, None
|
return True, None
|
||||||
else:
|
else:
|
||||||
return user.has_perms(('cableur',)), u"Vous n'avez pas le\
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
droit de créer un utilisateur"
|
droit de créer un utilisateur"
|
||||||
|
|
||||||
def can_edit(self, user, *args, **kwargs):
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
if self.is_class_club and user.is_class_adherent:
|
if self.is_class_club and user_request.is_class_adherent:
|
||||||
if self == user or user.has_perms(('cableur',)) or\
|
if self == user_request or user_request.has_perms(('cableur',)) or\
|
||||||
user.adherent in self.club.administrators.all():
|
user_request.adherent in self.club.administrators.all():
|
||||||
return True, None
|
return True, None
|
||||||
else:
|
else:
|
||||||
return False, u"Vous n'avez pas le droit d'éditer ce club"
|
return False, u"Vous n'avez pas le droit d'éditer ce club"
|
||||||
else:
|
else:
|
||||||
if self == user or user.has_perms(('cableur',)):
|
if self == user_request or user_request.has_perms(('cableur',)):
|
||||||
return True, None
|
return True, None
|
||||||
else:
|
else:
|
||||||
return False, u"Vous ne pouvez éditer un autre utilisateur que vous même"
|
return False, u"Vous ne pouvez éditer un autre utilisateur que vous même"
|
||||||
|
|
||||||
def can_view(self, user, *args, **kwargs):
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
if self.is_class_club and user.is_class_adherent:
|
return True, None
|
||||||
if self == user or user.has_perms(('cableur',)) or\
|
|
||||||
user.adherent in self.club.administrators.all() or\
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
user.adherent in self.club.members.all():
|
if self.is_class_club and user_request.is_class_adherent:
|
||||||
|
if self == user_request or user_request.has_perms(('cableur',)) or\
|
||||||
|
user_request.adherent in self.club.administrators.all() or\
|
||||||
|
user_request.adherent in self.club.members.all():
|
||||||
return True, None
|
return True, None
|
||||||
else:
|
else:
|
||||||
return False, u"Vous n'avez pas le droit de voir ce club"
|
return False, u"Vous n'avez pas le droit de voir ce club"
|
||||||
else:
|
else:
|
||||||
if self == user or user.has_perms(('cableur',)):
|
if self == user_request or user_request.has_perms(('cableur',)):
|
||||||
return True, None
|
return True, None
|
||||||
else:
|
else:
|
||||||
return False, u"Vous ne pouvez voir un autre utilisateur que vous même"
|
return False, u"Vous ne pouvez voir un autre utilisateur que vous même"
|
||||||
|
|
||||||
def get_instance(userid, *args, **kwargs):
|
|
||||||
return User.objects.get(pk=userid)
|
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return self.pseudo
|
return self.pseudo
|
||||||
|
|
||||||
|
@ -815,6 +818,31 @@ class Adherent(User):
|
||||||
)
|
)
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
def get_instance(adherentid, *args, **kwargs):
|
||||||
|
return Adherent.objects.get(pk=adherentid)
|
||||||
|
|
||||||
|
def can_create(user_request, *args, **kwargs):
|
||||||
|
options, _created = OptionalUser.objects.get_or_create()
|
||||||
|
if options.all_can_create:
|
||||||
|
return True, None
|
||||||
|
else:
|
||||||
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
|
droit de créer un adherent"
|
||||||
|
|
||||||
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
|
if self == user_request or user_request.has_perms(('cableur',)):
|
||||||
|
return True, None
|
||||||
|
else:
|
||||||
|
return False, u"Vous ne pouvez éditer un autre utilisateur que vous même"
|
||||||
|
|
||||||
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
|
return True, None
|
||||||
|
|
||||||
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
|
if self == user_request or user_request.has_perms(('cableur',)):
|
||||||
|
return True, None
|
||||||
|
else:
|
||||||
|
return False, u"Vous ne pouvez voir un autre utilisateur que vous même"
|
||||||
|
|
||||||
|
|
||||||
class Club(User):
|
class Club(User):
|
||||||
|
@ -838,6 +866,35 @@ class Club(User):
|
||||||
|
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
def get_instance(clubid, *args, **kwargs):
|
||||||
|
return Club.objects.get(pk=clubid)
|
||||||
|
|
||||||
|
def can_create(user_request, *args, **kwargs):
|
||||||
|
options, _created = OptionalUser.objects.get_or_create()
|
||||||
|
if options.all_can_create:
|
||||||
|
return True, None
|
||||||
|
else:
|
||||||
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
|
droit de créer un club"
|
||||||
|
|
||||||
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
|
if self == user_request or user_request.has_perms(('cableur',)) or\
|
||||||
|
user_request.adherent in self.administrators.all():
|
||||||
|
return True, None
|
||||||
|
else:
|
||||||
|
return False, u"Vous n'avez pas le droit d'éditer ce club"
|
||||||
|
|
||||||
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
|
return True, None
|
||||||
|
|
||||||
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
|
if self == user_request or user_request.has_perms(('cableur',)) or\
|
||||||
|
user_request.adherent in self.administrators.all() or\
|
||||||
|
user_request.adherent in self.members.all():
|
||||||
|
return True, None
|
||||||
|
else:
|
||||||
|
return False, u"Vous n'avez pas le droit de voir ce club"
|
||||||
|
|
||||||
|
|
||||||
@receiver(post_save, sender=Adherent)
|
@receiver(post_save, sender=Adherent)
|
||||||
@receiver(post_save, sender=Club)
|
@receiver(post_save, sender=Club)
|
||||||
|
@ -924,23 +981,31 @@ class ServiceUser(AbstractBaseUser):
|
||||||
)]).values_list('dn', flat=True))
|
)]).values_list('dn', flat=True))
|
||||||
group.save()
|
group.save()
|
||||||
|
|
||||||
def __str__(self):
|
def get_instance(userid, *args, **kwargs):
|
||||||
return self.pseudo
|
return ServiceUser.objects.get(pk=userid)
|
||||||
|
|
||||||
def can_create(user, *args, **kwargs):
|
def can_create(user_request, *args, **kwargs):
|
||||||
options, _created = OptionalUser.objects.get_or_create()
|
options, _created = OptionalUser.objects.get_or_create()
|
||||||
if options.all_can_create:
|
if options.all_can_create:
|
||||||
return True, None
|
return True, None
|
||||||
else:
|
else:
|
||||||
return user.has_perms(('infra',)), u"Vous n'avez pas le droit de\
|
return user_request.has_perms(('infra',)), u"Vous n'avez pas le droit de\
|
||||||
créer un service user"
|
créer un service user"
|
||||||
|
|
||||||
def can_edit(self, user, *args, **kwargs):
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
return user.has_perms(('infra',)), u"Vous n'avez pas le droit d'éditer\
|
return user_request.has_perms(('infra',)), u"Vous n'avez pas le droit d'éditer\
|
||||||
les services users"
|
les services users"
|
||||||
|
|
||||||
def get_instance(userid, *args, **kwargs):
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
return ServiceUser.objects.get(pk=userid)
|
return user_request.has_perms(('infra',)), u"Vous n'avez pas le droit de\
|
||||||
|
supprimer un service user"
|
||||||
|
|
||||||
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit de\
|
||||||
|
voir un service user"
|
||||||
|
|
||||||
|
def __str__(self):
|
||||||
|
return self.pseudo
|
||||||
|
|
||||||
@receiver(post_save, sender=ServiceUser)
|
@receiver(post_save, sender=ServiceUser)
|
||||||
def service_user_post_save(sender, **kwargs):
|
def service_user_post_save(sender, **kwargs):
|
||||||
|
@ -968,13 +1033,26 @@ class Right(models.Model):
|
||||||
class Meta:
|
class Meta:
|
||||||
unique_together = ("user", "right")
|
unique_together = ("user", "right")
|
||||||
|
|
||||||
|
def get_instance(rightid, *args, **kwargs):
|
||||||
|
return Right.objects.get(pk=rightid)
|
||||||
|
|
||||||
|
def can_create(user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit de\
|
||||||
|
créer des droits"
|
||||||
|
|
||||||
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
|
return True, None
|
||||||
|
|
||||||
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit de\
|
||||||
|
supprimer des droits"
|
||||||
|
|
||||||
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
|
return True, None
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return str(self.user)
|
return str(self.user)
|
||||||
|
|
||||||
def can_create(user, *args, **kwargs):
|
|
||||||
return user.has_perms(('bureau',)), u"Vous n'avez pas le droit de\
|
|
||||||
créer des droits"
|
|
||||||
|
|
||||||
|
|
||||||
@receiver(post_save, sender=Right)
|
@receiver(post_save, sender=Right)
|
||||||
def right_post_save(sender, **kwargs):
|
def right_post_save(sender, **kwargs):
|
||||||
|
@ -996,6 +1074,25 @@ class School(models.Model):
|
||||||
|
|
||||||
name = models.CharField(max_length=255)
|
name = models.CharField(max_length=255)
|
||||||
|
|
||||||
|
def get_instance(schoolid, *args, **kwargs):
|
||||||
|
return School.objects.get(pk=schoolid)
|
||||||
|
|
||||||
|
def can_create(user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
|
droit de créer des écoles"
|
||||||
|
|
||||||
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
|
droit d'éditer des écoles"
|
||||||
|
|
||||||
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
|
droit de supprimer des écoles"
|
||||||
|
|
||||||
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
|
droit de voir les écoles"
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return self.name
|
return self.name
|
||||||
|
|
||||||
|
@ -1024,6 +1121,25 @@ class ListRight(models.Model):
|
||||||
blank=True
|
blank=True
|
||||||
)
|
)
|
||||||
|
|
||||||
|
def get_instance(listrightid, *args, **kwargs):
|
||||||
|
return ListRight.objects.get(pk=listrightid)
|
||||||
|
|
||||||
|
def can_create(user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit\
|
||||||
|
de créer des groupes de droits"
|
||||||
|
|
||||||
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit\
|
||||||
|
d'éditer des groupes de droits"
|
||||||
|
|
||||||
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('bureau',)), u"Vous n'avez pas le droit\
|
||||||
|
de supprimer des groupes de droits"
|
||||||
|
|
||||||
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
|
||||||
|
de voir les groupes de droits"
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return self.listright
|
return self.listright
|
||||||
|
|
||||||
|
@ -1116,13 +1232,31 @@ class Ban(models.Model):
|
||||||
"""Ce ban est-il actif?"""
|
"""Ce ban est-il actif?"""
|
||||||
return self.date_end > DT_NOW
|
return self.date_end > DT_NOW
|
||||||
|
|
||||||
|
def get_instance(banid, *args, **kwargs):
|
||||||
|
return Ban.objects.get(pk=banid)
|
||||||
|
|
||||||
|
def can_create(user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('bofh',)), u"Vous n'avez pas le droit de\
|
||||||
|
créer des bannissements"
|
||||||
|
|
||||||
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('bofh',)), u"Vous n'avez pas le droit\
|
||||||
|
d'éditer des bannissements"
|
||||||
|
|
||||||
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
|
return True, None
|
||||||
|
|
||||||
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
|
if not user_request.has_perms(('cableur',)) and\
|
||||||
|
self.user != user_request:
|
||||||
|
return False, u"Vous n'avez pas le droit de voir les bannissements\
|
||||||
|
autre que les vôtres"
|
||||||
|
else:
|
||||||
|
return True, None
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return str(self.user) + ' ' + str(self.raison)
|
return str(self.user) + ' ' + str(self.raison)
|
||||||
|
|
||||||
def can_create(user, *args, **kwargs):
|
|
||||||
return user.has_perms(('bofh',)), u"Vous n'avez pas le droit de\
|
|
||||||
créer des bannissement"
|
|
||||||
|
|
||||||
|
|
||||||
@receiver(post_save, sender=Ban)
|
@receiver(post_save, sender=Ban)
|
||||||
def ban_post_save(sender, **kwargs):
|
def ban_post_save(sender, **kwargs):
|
||||||
|
@ -1165,6 +1299,28 @@ class Whitelist(models.Model):
|
||||||
def is_active(self):
|
def is_active(self):
|
||||||
return self.date_end > DT_NOW
|
return self.date_end > DT_NOW
|
||||||
|
|
||||||
|
def get_instance(whitelistid, *args, **kwargs):
|
||||||
|
return Whitelist.objects.get(pk=whitelistid)
|
||||||
|
|
||||||
|
def can_create(user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
|
droit de créer des accès gracieux"
|
||||||
|
|
||||||
|
def can_edit(self, user_request, *args, **kwargs):
|
||||||
|
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
|
||||||
|
droit d'éditer des accès gracieux"
|
||||||
|
|
||||||
|
def can_delete(self, user_request, *args, **kwargs):
|
||||||
|
return True, None
|
||||||
|
|
||||||
|
def can_view(self, user_request, *args, **kwargs):
|
||||||
|
if not user_request.has_perms(('cableur',)) and\
|
||||||
|
self.user != user_request:
|
||||||
|
return False, u"Vous n'avez pas le droit de voir les accès\
|
||||||
|
gracieux autre que les vôtres"
|
||||||
|
else:
|
||||||
|
return True, None
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return str(self.user) + ' ' + str(self.raison)
|
return str(self.user) + ' ' + str(self.raison)
|
||||||
|
|
||||||
|
|
|
@ -154,20 +154,10 @@ def new_club(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
def edit_club_admin_members(request, clubid):
|
@can_edit(Club)
|
||||||
|
def edit_club_admin_members(request, club_instance, clubid):
|
||||||
"""Vue d'edition de la liste des users administrateurs et
|
"""Vue d'edition de la liste des users administrateurs et
|
||||||
membres d'un club"""
|
membres d'un club"""
|
||||||
try:
|
|
||||||
club_instance = Club.objects.get(pk=clubid)
|
|
||||||
except Club.DoesNotExist:
|
|
||||||
messages.error(request, "Club inexistant")
|
|
||||||
return redirect(reverse('users:index'))
|
|
||||||
if not club_instance.can_edit(request.user):
|
|
||||||
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
|
|
||||||
return redirect(reverse(
|
|
||||||
'users:profil',
|
|
||||||
kwargs={'userid':str(request.user.id)}
|
|
||||||
))
|
|
||||||
club = ClubAdminandMembersForm(request.POST or None, instance=club_instance)
|
club = ClubAdminandMembersForm(request.POST or None, instance=club_instance)
|
||||||
if club.is_valid():
|
if club.is_valid():
|
||||||
with transaction.atomic(), reversion.create_revision():
|
with transaction.atomic(), reversion.create_revision():
|
||||||
|
@ -406,16 +396,11 @@ def add_ban(request, user, userid):
|
||||||
return form({'userform': ban}, 'users/user.html', request)
|
return form({'userform': ban}, 'users/user.html', request)
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('bofh')
|
@can_edit(Ban)
|
||||||
def edit_ban(request, banid):
|
def edit_ban(request, ban_instance, banid):
|
||||||
""" Editer un bannissement, nécessite au moins le droit bofh
|
""" Editer un bannissement, nécessite au moins le droit bofh
|
||||||
(a fortiori bureau)
|
(a fortiori bureau)
|
||||||
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement"""
|
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement"""
|
||||||
try:
|
|
||||||
ban_instance = Ban.objects.get(pk=banid)
|
|
||||||
except Ban.DoesNotExist:
|
|
||||||
messages.error(request, "Entrée inexistante")
|
|
||||||
return redirect(reverse('users:index'))
|
|
||||||
ban = BanForm(request.POST or None, instance=ban_instance)
|
ban = BanForm(request.POST or None, instance=ban_instance)
|
||||||
if ban.is_valid():
|
if ban.is_valid():
|
||||||
with transaction.atomic(), reversion.create_revision():
|
with transaction.atomic(), reversion.create_revision():
|
||||||
|
@ -430,17 +415,13 @@ def edit_ban(request, banid):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('cableur')
|
@can_create(Whitelist)
|
||||||
def add_whitelist(request, userid):
|
@can_edit(User)
|
||||||
|
def add_whitelist(request, user, userid):
|
||||||
""" Accorder un accès gracieux, temporaire ou permanent.
|
""" Accorder un accès gracieux, temporaire ou permanent.
|
||||||
Need droit cableur
|
Need droit cableur
|
||||||
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement,
|
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement,
|
||||||
raison obligatoire"""
|
raison obligatoire"""
|
||||||
try:
|
|
||||||
user = User.objects.get(pk=userid)
|
|
||||||
except User.DoesNotExist:
|
|
||||||
messages.error(request, "Utilisateur inexistant")
|
|
||||||
return redirect(reverse('users:index'))
|
|
||||||
whitelist_instance = Whitelist(user=user)
|
whitelist_instance = Whitelist(user=user)
|
||||||
whitelist = WhitelistForm(
|
whitelist = WhitelistForm(
|
||||||
request.POST or None,
|
request.POST or None,
|
||||||
|
@ -465,17 +446,12 @@ def add_whitelist(request, userid):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('cableur')
|
@can_edit(Whitelist)
|
||||||
def edit_whitelist(request, whitelistid):
|
def edit_whitelist(request, whitelist_instance, whitelistid):
|
||||||
""" Editer un accès gracieux, temporaire ou permanent.
|
""" Editer un accès gracieux, temporaire ou permanent.
|
||||||
Need droit cableur
|
Need droit cableur
|
||||||
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement,
|
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement,
|
||||||
raison obligatoire"""
|
raison obligatoire"""
|
||||||
try:
|
|
||||||
whitelist_instance = Whitelist.objects.get(pk=whitelistid)
|
|
||||||
except Whitelist.DoesNotExist:
|
|
||||||
messages.error(request, "Entrée inexistante")
|
|
||||||
return redirect(reverse('users:index'))
|
|
||||||
whitelist = WhitelistForm(
|
whitelist = WhitelistForm(
|
||||||
request.POST or None,
|
request.POST or None,
|
||||||
instance=whitelist_instance
|
instance=whitelist_instance
|
||||||
|
@ -493,7 +469,7 @@ def edit_whitelist(request, whitelistid):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('cableur')
|
@can_create(School)
|
||||||
def add_school(request):
|
def add_school(request):
|
||||||
""" Ajouter un établissement d'enseignement à la base de donnée,
|
""" Ajouter un établissement d'enseignement à la base de donnée,
|
||||||
need cableur"""
|
need cableur"""
|
||||||
|
@ -509,15 +485,10 @@ def add_school(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('cableur')
|
@can_edit(School)
|
||||||
def edit_school(request, schoolid):
|
def edit_school(request, school_instance, schoolid):
|
||||||
""" Editer un établissement d'enseignement à partir du schoolid dans
|
""" Editer un établissement d'enseignement à partir du schoolid dans
|
||||||
la base de donnée, need cableur"""
|
la base de donnée, need cableur"""
|
||||||
try:
|
|
||||||
school_instance = School.objects.get(pk=schoolid)
|
|
||||||
except School.DoesNotExist:
|
|
||||||
messages.error(request, u"Entrée inexistante")
|
|
||||||
return redirect(reverse('users:index'))
|
|
||||||
school = SchoolForm(request.POST or None, instance=school_instance)
|
school = SchoolForm(request.POST or None, instance=school_instance)
|
||||||
if school.is_valid():
|
if school.is_valid():
|
||||||
with transaction.atomic(), reversion.create_revision():
|
with transaction.atomic(), reversion.create_revision():
|
||||||
|
@ -557,7 +528,7 @@ def del_school(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('bureau')
|
@can_create(ListRight)
|
||||||
def add_listright(request):
|
def add_listright(request):
|
||||||
""" Ajouter un droit/groupe, nécessite droit bureau.
|
""" Ajouter un droit/groupe, nécessite droit bureau.
|
||||||
Obligation de fournir un gid pour la synchro ldap, unique """
|
Obligation de fournir un gid pour la synchro ldap, unique """
|
||||||
|
@ -573,15 +544,10 @@ def add_listright(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('bureau')
|
@can_edit(ListRight)
|
||||||
def edit_listright(request, listrightid):
|
def edit_listright(request, listright_instance, listrightid):
|
||||||
""" Editer un groupe/droit, necessite droit bureau,
|
""" Editer un groupe/droit, necessite droit bureau,
|
||||||
à partir du listright id """
|
à partir du listright id """
|
||||||
try:
|
|
||||||
listright_instance = ListRight.objects.get(pk=listrightid)
|
|
||||||
except ListRight.DoesNotExist:
|
|
||||||
messages.error(request, u"Entrée inexistante")
|
|
||||||
return redirect(reverse('users:index'))
|
|
||||||
listright = ListRightForm(
|
listright = ListRightForm(
|
||||||
request.POST or None,
|
request.POST or None,
|
||||||
instance=listright_instance
|
instance=listright_instance
|
||||||
|
@ -615,7 +581,7 @@ def del_listright(request):
|
||||||
except ProtectedError:
|
except ProtectedError:
|
||||||
messages.error(
|
messages.error(
|
||||||
request,
|
request,
|
||||||
"L'établissement %s est affecté à au moins un user, \
|
"Le groupe %s est affecté à au moins un user, \
|
||||||
vous ne pouvez pas le supprimer" % listright_del)
|
vous ne pouvez pas le supprimer" % listright_del)
|
||||||
return redirect(reverse('users:index-listright'))
|
return redirect(reverse('users:index-listright'))
|
||||||
return form({'userform': listright}, 'users/user.html', request)
|
return form({'userform': listright}, 'users/user.html', request)
|
||||||
|
@ -813,7 +779,7 @@ def history(request, object_name, object_id):
|
||||||
except User.DoesNotExist:
|
except User.DoesNotExist:
|
||||||
messages.error(request, "Utilisateur inexistant")
|
messages.error(request, "Utilisateur inexistant")
|
||||||
return redirect(reverse('users:index'))
|
return redirect(reverse('users:index'))
|
||||||
if not object_instance.can_view(request.user):
|
if not object_instance.can_view(request.user)[0]:
|
||||||
messages.error(request, "Vous ne pouvez pas afficher ce menu")
|
messages.error(request, "Vous ne pouvez pas afficher ce menu")
|
||||||
return redirect(reverse(
|
return redirect(reverse(
|
||||||
'users:profil',
|
'users:profil',
|
||||||
|
@ -905,7 +871,7 @@ def profil(request, userid):
|
||||||
except User.DoesNotExist:
|
except User.DoesNotExist:
|
||||||
messages.error(request, "Utilisateur inexistant")
|
messages.error(request, "Utilisateur inexistant")
|
||||||
return redirect(reverse('users:index'))
|
return redirect(reverse('users:index'))
|
||||||
if not users.can_view(request.user):
|
if not users.can_view(request.user)[0]:
|
||||||
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
|
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
|
||||||
return redirect(reverse(
|
return redirect(reverse(
|
||||||
'users:profil',
|
'users:profil',
|
||||||
|
|
Loading…
Reference in a new issue