8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-22 11:23:10 +00:00

Regle des acl sur can_view_all

This commit is contained in:
Gabriel Detraz 2017-12-28 16:10:34 +01:00 committed by root
parent 63948821d3
commit 375f3038da
2 changed files with 23 additions and 18 deletions

View file

@ -909,6 +909,19 @@ class Club(User):
related_name='club_members' related_name='club_members'
) )
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every user objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
if user_request.has_perms(('cableur',)):
return True, None
if user_request.is_class_adherent:
if user_request.adherent.club_administrator.all() or user_request.adherent.club_members.all():
return True, None
return False, u"Vous n'avez pas accès à la liste des utilisateurs."
def get_instance(clubid, *args, **kwargs): def get_instance(clubid, *args, **kwargs):
"""Try to find an instance of `Club` with the given id. """Try to find an instance of `Club` with the given id.
@ -1427,7 +1440,8 @@ class Ban(models.Model):
:param user_request: The user who wants to view the list. :param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message. :return: True if the user can view the list and an explanation message.
""" """
return True, None return user_request.has_perms(('bofh',)), u"Vous n'avez pas le droit\
de voir tous les bannissements"
def can_view(self, user_request, *args, **kwargs): def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a Ban object. """Check if an user can view a Ban object.
@ -1527,7 +1541,8 @@ class Whitelist(models.Model):
:param user_request: The user who wants to view the list. :param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message. :return: True if the user can view the list and an explanation message.
""" """
return True, None return user_request.has_perms(('cableur',)), u"Vous n'avez pas le\
droit de voir les accès gracieux"
def can_view(self, user_request, *args, **kwargs): def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a Whitelist object. """Check if an user can view a Whitelist object.

View file

@ -189,16 +189,10 @@ def select_user_edit_form(request, user):
- droit - droit
- type d'object - type d'object
""" """
if not request.user.has_perms(('cableur',)): if user.is_class_adherent:
if user.is_class_adherent: user = AdherentForm(request.POST or None, instance=user.adherent)
user = AdherentForm(request.POST or None, instance=user.adherent) elif user.is_class_club:
elif user.is_class_club: user = ClubForm(request.POST or None, instance=user.club)
user = ClubForm(request.POST or None, instance=user.club)
else:
if user.is_class_adherent:
user = FullAdherentForm(request.POST or None, instance=user.adherent)
elif user.is_class_club:
user = FullClubForm(request.POST or None, instance=user.club)
return user return user
@ -641,16 +635,12 @@ def index(request):
@login_required @login_required
@can_view_all(Club)
def index_clubs(request): def index_clubs(request):
""" Affiche l'ensemble des clubs, need droit cableur """ """ Affiche l'ensemble des clubs, need droit cableur """
options, _created = GeneralOption.objects.get_or_create() options, _created = GeneralOption.objects.get_or_create()
pagination_number = options.pagination_number pagination_number = options.pagination_number
if not request.user.has_perms(('cableur',)): clubs_list = Club.objects.select_related('room')
clubs_list = Club.objects.filter(
Q(administrators=request.user.adherent) | Q(members=request.user.adherent)
).distinct().select_related('room')
else:
clubs_list = Club.objects.select_related('room')
clubs_list = SortTable.sort( clubs_list = SortTable.sort(
clubs_list, clubs_list,
request.GET.get('col'), request.GET.get('col'),