Les can_change deviennent des class method

2024-11-05 01:16:27 +00:00 · 2017-12-29 18:32:57 +01:00 · 2017-12-29 18:32:57 +01:00 · 20be7fdb63
commit 20be7fdb63
parent 9f7d994c4a
5 changed files with 56 additions and 51 deletions
--- a/cotisations/models.py
+++ b/cotisations/models.py
@ -149,11 +149,13 @@ class Facture(FieldPermissionModelMixin, models.Model):
        else:
            return True, None
-    def can_change_control(user, *args, **kwargs):
+    @classmethod
-        return user.has_perms(('tresorier',)), "Vous ne pouvez pas éditer le controle sans droit trésorier"
+    def can_change_control(cls, user_request, *args, **kwargs):
        return user_request.has_perms(('tresorier',)), "Vous ne pouvez pas éditer le controle sans droit trésorier"
-    def can_change_pdf(user, *args, **kwargs):
+    @classmethod
-        return user.has_perms(('tresorier',)), "Vous ne pouvez pas éditer une facture sans droit trésorier"
+    def can_change_pdf(cls, user_request, *args, **kwargs):
        return user_request.has_perms(('tresorier',)), "Vous ne pouvez pas éditer une facture sans droit trésorier"
    field_permissions = {
        'control': can_change_control,
--- a/re2o/field_permissions.py
+++ b/re2o/field_permissions.py
@ -42,7 +42,7 @@ class FieldPermissionModelMixin:
        # Try to find a user setting that qualifies them for permission.
        for perm in checks:
            if callable(perm):
-                result, reason = perm(user=user)
+                result, reason = perm(user_request=user)
                if result is not None:
                    return result
            else:
--- a/users/models.py
+++ b/users/models.py
@ -820,13 +820,16 @@ class User(FieldPermissionModelMixin, AbstractBaseUser):
            else:
                return False, u"Vous ne pouvez éditer un autre utilisateur que vous même"
-    def can_change_state(user_request, *args, **kwargs):
+    @classmethod
    def can_change_state(cls, user_request, *args, **kwargs):
        return user_request.has_perms(('bureau',)), "Droit bureau requis pour changer l'état"
-    def can_change_shell(user_request, *args, **kwargs):
+    @classmethod
    def can_change_shell(cls, user_request, *args, **kwargs):
        return user_request.has_perms(('cableur',)), "Droit requis pour changer le shell"
-    def can_change_force(user_request, *args, **kwargs):
+    @classmethod
    def can_change_force(cls, user_request, *args, **kwargs):
        return user_request.has_perms(('cableur',)), "Droit requis pour forcer le déménagement"
    def can_delete(self, user_request, *args, **kwargs):
--- a/users/templates/users/profil.html
+++ b/users/templates/users/profil.html
@ -28,25 +28,25 @@ with this program; if not, write to the Free Software Foundation, Inc.,
 {% block title %}Profil{% endblock %}
 {% block content %}
-<h2>{{ user.class_name }}</h2>
+<h2>{{ users.class_name }}</h2>
    <div>
-        <a class="btn btn-primary btn-sm" role="button" href="{% url 'users:edit-info' user.id %}">
+        <a class="btn btn-primary btn-sm" role="button" href="{% url 'users:edit-info' users.id %}">
            <i class="glyphicon glyphicon-edit"></i>
            Editer
        </a>
-        <a class="btn btn-primary btn-sm" role="button" href="{% url 'users:password' user.id %}">
+        <a class="btn btn-primary btn-sm" role="button" href="{% url 'users:password' users.id %}">
            <i class="glyphicon glyphicon-lock"></i>
            Changer le mot de passe
        </a>
-        <a class="btn btn-primary btn-sm" role="button" href="{% url 'users:state' user.id %}">
+        <a class="btn btn-primary btn-sm" role="button" href="{% url 'users:state' users.id %}">
            <i class="glyphicon glyphicon-flash"></i>
            Changer le statut
        </a>
-        <a class="btn btn-primary btn-sm" role="button" href="{% url 'users:add-right' user.id %}">
+        <a class="btn btn-primary btn-sm" role="button" href="{% url 'users:add-right' users.id %}">
            <i class="glyphicon glyphicon-ok"></i>
            Ajouter un droit
        </a>
-        <a class="btn btn-info btn-sm" role="button" href="{% url 'users:history' 'user' user.id %}">
+        <a class="btn btn-info btn-sm" role="button" href="{% url 'users:history' 'user' users.id %}">
            <i class="glyphicon glyphicon-time"></i>
            Historique
        </a>
@ -57,58 +57,58 @@ with this program; if not, write to the Free Software Foundation, Inc.,
    <table class="table table-striped">
        <tr>
            <th>Prénom</th>
-            <td>{{ user.name }}</td>
+            <td>{{ users.name }}</td>
            <th>Nom</th>
-            <td>{{ user.surname }}</td>
+            <td>{{ users.surname }}</td>
        </tr>
        <tr>
            <th>Pseudo</th>
-            <td>{{ user.pseudo }}</td>
+            <td>{{ users.pseudo }}</td>
            <th>E-mail</th>
-            <td>{{ user.email }}</td>
+            <td>{{ users.email }}</td>
        </tr>
        <tr>
            <th>Chambre</th>
-            <td>{{ user.room }}</td>
+            <td>{{ users.room }}</td>
            <th>Téléphone</th>
-        <td>{{ user.telephone }}</td>
+	    <td>{{ users.telephone }}</td>
        </tr>
        <tr>
            <th>École</th>
-            <td>{{ user.school }}</td>
+            <td>{{ users.school }}</td>
            <th>Commentaire</th>
-            <td>{{ user.comment }}</td>
+            <td>{{ users.comment }}</td>
        </tr>
        <tr>
            <th>Date d'inscription</th>
-            <td>{{ user.registered }}</td>
+            <td>{{ users.registered }}</td>
            <th>Dernière connexion</th>
-            <td>{{ user.last_login }}</td>
+            <td>{{ users.last_login }}</td>
        </tr>
        <tr>
            <th>Fin d'adhésion</th>
-            {% if user.end_adhesion != None %}
+            {% if users.end_adhesion != None %}
-            <td><i class="text-success">{{ user.end_adhesion }}</i></td>
+            <td><i class="text-success">{{ users.end_adhesion }}</i></td>
            {% else %}
            <td><i class="text-danger">Non adhérent</i></td>
            {% endif %}
            <th>Accès gracieux</th>
-            {% if user.end_whitelist != None %}
+            {% if users.end_whitelist != None %}
-            <td><i class="text-success">{{ user.end_whitelist }}</i></td>
+            <td><i class="text-success">{{ users.end_whitelist }}</i></td>
            {% else %}
            <td><i class="text-warning">Aucun</i></td>
            {% endif %}
        <tr>
            <th>Bannissement</th>
-            {% if user.end_ban != None %}
+            {% if users.end_ban != None %}
-            <td><i class="text-danger">{{ user.end_ban }}</i></td>
+            <td><i class="text-danger">{{ users.end_ban }}</i></td>
            {% else %}
            <td><i class="text-success">Non banni</i></td>
            {% endif %}
            <th>Statut</th>
-            {% if user.state == 0 %}
+            {% if users.state == 0 %}
            <td><i class="text-success">Actif</i></td>
-            {% elif user.state == 1 %}
+            {% elif users.state == 1 %}
            <td><i class="text-danger">Désactivé</i></td>
            {% else %}
            <td><i class="text-warning">Archivé</i></td>
@ -116,8 +116,8 @@ with this program; if not, write to the Free Software Foundation, Inc.,
        </tr>
        <tr>
            <th>Accès internet</th>
-            {% if user.has_access == True %}
+            {% if users.has_access == True %}
-        <td><i class="text-success">Actif (jusqu'au {{ user.end_access }})</i></td>
+	    <td><i class="text-success">Actif (jusqu'au {{ users.end_access }})</i></td>
            {% else %}
            <td><i class="text-danger">Désactivé</i></td>
            {% endif %}
@ -131,16 +131,16 @@ with this program; if not, write to the Free Software Foundation, Inc.,
    {% if user_solde %}
        <tr>
            <th>Solde</th>
-            <td>{{ user.solde }} €</td>
+            <td>{{ users.solde }} €</td>
        </tr>
-    {% endif %}
+	{% endif %}
-    {% if user.shell %}
+	{% if users.shell %}
-        <th>Shell</th>
+	    <th>Shell</th>
-        <td>{{ user.shell }}</td>
+	    <td>{{ users.shell }}</td>
-    {% endif %}
+	{% endif %}
    </table>
-    {% if user.is_class_club %}
+    {% if users.is_class_club %}
-    <a class="btn btn-primary btn-sm" role="button" href="{% url 'users:edit-club-admin-members' user.club.id %}">
+    <a class="btn btn-primary btn-sm" role="button" href="{% url 'users:edit-club-admin-members' users.club.id %}">
        <i class="glyphicon glyphicon-lock"></i>
        Gérer admin et membres
    </a>
@ -153,7 +153,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
                <th>Pseudo</th>
            </tr>
        </thead>
-        {% for admin in user.club.administrators.all %}
+        {% for admin in users.club.administrators.all %}
        <tr>
            <td>{{ admin.surname }}</td>
            <td>{{ admin.name }}</td>
@ -170,7 +170,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
                <th>Pseudo</th>
            </tr>
        </thead>
-        {% for admin in user.club.members.all %}
+        {% for admin in users.club.members.all %}
        <tr>
            <td>{{ admin.surname }}</td>
            <td>{{ admin.name }}</td>
@ -180,28 +180,28 @@ with this program; if not, write to the Free Software Foundation, Inc.,
    </table>
    {% endif %}
    <h2>Machines</h2>
-    <h4><a class="btn btn-primary btn-sm" role="button" href="{% url 'machines:new-machine' user.id %}"><i class="glyphicon glyphicon-phone"></i> Ajouter une machine</a></h4>
+    <h4><a class="btn btn-primary btn-sm" role="button" href="{% url 'machines:new-machine' users.id %}"><i class="glyphicon glyphicon-phone"></i> Ajouter une machine</a></h4>
    {% if machines_list %}
    {% include "machines/aff_machines.html" with machines_list=machines_list %}
    {% else %}
    <p>Aucune machine</p>
    {% endif %}
    <h2>Cotisations</h2>
-    <h4>{% can_create Facture %}<a class="btn btn-primary btn-sm" role="button" href="{% url 'cotisations:new-facture' user.id %}"><i class="glyphicon glyphicon-piggy-bank"></i> Ajouter une cotisation</a>{% acl_end %}  {% if user_solde %}<a class="btn btn-primary btn-sm" role="button" href="{% url 'cotisations:credit-solde' user.id %}"><i class="glyphicon glyphicon-piggy-bank"></i> Modifier le solde</a>{% endif%}</h4>
+    <h4>{% can_create Facture %}<a class="btn btn-primary btn-sm" role="button" href="{% url 'cotisations:new-facture' users.id %}"><i class="glyphicon glyphicon-piggy-bank"></i> Ajouter une cotisation</a>{% acl_end %}  {% if user_solde %}<a class="btn btn-primary btn-sm" role="button" href="{% url 'cotisations:credit-solde' users.id %}"><i class="glyphicon glyphicon-piggy-bank"></i> Modifier le solde</a>{% endif%}</h4>
    {% if facture_list %}
    {% include "cotisations/aff_cotisations.html" with facture_list=facture_list %}
    {% else %}
    <p>Aucune facture</p>
    {% endif %}
    <h2>Bannissements</h2>
-    {% can_create Ban %}<h4><a class="btn btn-primary btn-sm" role="button" href="{% url 'users:add-ban' user.id %}"><i class="glyphicon glyphicon-pushpin"></i> Ajouter un bannissement</a></h4>{% acl_end %}
+    {% can_create Ban %}<h4><a class="btn btn-primary btn-sm" role="button" href="{% url 'users:add-ban' users.id %}"><i class="glyphicon glyphicon-pushpin"></i> Ajouter un bannissement</a></h4>{% acl_end %}
    {% if ban_list %}
    {% include "users/aff_bans.html" with ban_list=ban_list %}
    {% else %}
    <p>Aucun bannissement</p>
    {% endif %}
    <h2>Accès à titre gracieux :</h2>
-    {% can_create Whitelist %}<h4><a class="btn btn-primary btn-sm" role="button" href="{% url 'users:add-whitelist' user.id %}"><i class="glyphicon glyphicon-flag"></i> Accorder un accès à titre gracieux</a></h4>{% acl_end %}
+    {% can_create Whitelist %}<h4><a class="btn btn-primary btn-sm" role="button" href="{% url 'users:add-whitelist' users.id %}"><i class="glyphicon glyphicon-flag"></i> Accorder un accès à titre gracieux</a></h4>{% acl_end %}
    {% if white_list %}
    {% include "users/aff_whitelists.html" with white_list=white_list %}
    {% else %}
--- a/users/views.py
+++ b/users/views.py
@ -124,7 +124,7 @@ def password_change_action(u_form, user, request, req=False):
 def new_user(request):
    """ Vue de création d'un nouvel utilisateur,
    envoie un mail pour le mot de passe"""
-    user = AdherentForm(request.POST or None)
+    user = AdherentForm(request.POST or None, user=request.user)
    if user.is_valid():
        user = user.save(commit=False)
        with transaction.atomic(), reversion.create_revision():
@ -146,7 +146,7 @@ def new_user(request):
 def new_club(request):
    """ Vue de création d'un nouveau club,
    envoie un mail pour le mot de passe"""
-    club = ClubForm(request.POST or None)
+    club = ClubForm(request.POST or None, user=request.user)
    if club.is_valid():
        club = club.save(commit=False)
        with transaction.atomic(), reversion.create_revision():
@ -803,7 +803,7 @@ def profil(request, users, userid):
        request,
        'users/profil.html',
        {
-            'user': users,
+            'users': users,
            'machines_list': machines,
            'facture_list': factures,
            'ban_list': bans,