Les droits admin, bureau, bofh donnent les droits cableur

2024-09-12 01:03:09 +00:00 · 2016-07-10 16:39:21 +02:00 · 2016-07-10 16:39:21 +02:00 · 1f47756bfb
commit 1f47756bfb
parent aba2df78d0
3 changed files with 15 additions and 13 deletions
--- a/re2o/settings.py
+++ b/re2o/settings.py
@ -12,7 +12,7 @@ https://docs.djangoproject.com/en/1.8/ref/settings/

 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 import os
-from .settings_local import SECRET_KEY, DATABASES, DEBUG, ALLOWED_HOSTS
+from .settings_local import SECRET_KEY, DATABASES, DEBUG, ALLOWED_HOSTS, ASSO_NAME, ASSO_ADDRESS_LINE1, ASSO_ADDRESS_LINE2, ASSO_SIRET, ASSO_EMAIL, ASSO_PHONE

 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))

@ -20,15 +20,6 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/1.8/howto/deployment/checklist/

-# Association information
-
-ASSO_NAME = "ReZo Metz"
-ASSO_ADDRESS_LINE1 = "2, rue Edouard Belin"
-ASSO_ADDRESS_LINE2 = "57070 Metz"
-ASSO_SIRET = ""
-ASSO_EMAIL = "tresorier@ecole.fr"
-ASSO_PHONE = "01 02 03 04 05"
-
 # Auth definition

 PASSWORD_HASHERS = (
@ -134,3 +125,9 @@ STATICFILES_DIRS = (
 STATIC_URL = '/static/'

 STATIC_ROOT = os.path.join(BASE_DIR, 'static_files')
+
+RIGHTS_LINK = {
+    'cableur' : ['bureau','infra','bofh','trésorier','bofh'],
+    'bofh' : ['bureau','trésorier'],
+    }
+
--- a/users/models.py
+++ b/users/models.py
@ -3,6 +3,7 @@ from django.db.models import Q
 from django.forms import ModelForm, Form
 from django import forms

+from re2o.settings import RIGHTS_LINK
 import re

 from django.utils import timezone
@ -137,8 +138,12 @@ class User(AbstractBaseUser):

    def has_perms(self, perms, obj=None):
        for perm in perms:
-            if perm == 'cableur' and Right.objects.filter(Q(user=self) & (Q(right__listright='admin') | Q(right__listright='bureau') | Q(right__listright='infra'))):
-                return True
+            if perm in RIGHTS_LINK:
+                query = Q()
+                for right in RIGHTS_LINK[perm]:
+                    query = query | Q(right__listright=right)
+                if Right.objects.filter(Q(user=self) & query):
+                    return True 
            try:
                Right.objects.get(user=self, right__listright=perm)
            except Right.DoesNotExist:
--- a/users/views.py
+++ b/users/views.py
@ -161,7 +161,7 @@ def add_ban(request, userid):
        ban.save()
        messages.success(request, "Bannissement ajouté")
        return redirect("/users/profil/" + userid)
-    if is_ban(user):
+    if user.is_ban():
        messages.error(
            request,
            "Attention, cet utilisateur a deja un bannissement actif"