mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-05 01:16:27 +00:00
Acl gérées cotée models, can_edit et can_view (vers les acl django...)
This commit is contained in:
parent
394ada93e5
commit
772fdcaa1b
3 changed files with 39 additions and 23 deletions
|
@ -758,6 +758,21 @@ class User(AbstractBaseUser):
|
|||
num += 1
|
||||
return composed_pseudo(num)
|
||||
|
||||
def can_edit(self, user):
|
||||
if self.is_class_club and user.is_class_adherent:
|
||||
return self == user or user.has_perms(('cableur',))or\
|
||||
user.adherent in self.club.administrators.all()
|
||||
else:
|
||||
return self == user or user.has_perms(('cableur',))
|
||||
|
||||
def can_view(self, user):
|
||||
if self.is_class_club and user.is_class_adherent:
|
||||
return self == user or user.has_perms(('cableur',))or\
|
||||
user.adherent in self.club.administrators.all() or\
|
||||
user.adherent in self.club.members.all()
|
||||
else:
|
||||
return self == user or user.has_perms(('cableur',))
|
||||
|
||||
def __str__(self):
|
||||
return self.pseudo
|
||||
|
||||
|
|
|
@ -25,7 +25,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
|
||||
|
||||
{% block sidebar %}
|
||||
{% if is_cableur %}
|
||||
{% if is_cableur %}
|
||||
<a class="list-group-item list-group-item-success" href="{% url "users:new-user" %}">
|
||||
<i class="glyphicon glyphicon-plus"></i>
|
||||
Créer un adhérent
|
||||
|
@ -34,14 +34,17 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
<i class="glyphicon glyphicon-plus"></i>
|
||||
Créer un club/association
|
||||
</a>
|
||||
{% endif %}
|
||||
{% if is_cableur %}
|
||||
<a class="list-group-item list-group-item-info" href="{% url "users:index-clubs" %}">
|
||||
<i class="glyphicon glyphicon-list"></i>
|
||||
Clubs et assos
|
||||
</a>
|
||||
|
||||
<a class="list-group-item list-group-item-info" href="{% url "users:index" %}">
|
||||
<i class="glyphicon glyphicon-list"></i>
|
||||
Adherents
|
||||
</a>
|
||||
<a class="list-group-item list-group-item-info" href="{% url "users:index-clubs" %}">
|
||||
<i class="glyphicon glyphicon-list"></i>
|
||||
Clubs
|
||||
</a>
|
||||
<a class="list-group-item list-group-item-info" href="{% url "users:index-ban" %}">
|
||||
<i class="glyphicon glyphicon-list"></i>
|
||||
Bannissements
|
||||
|
|
|
@ -40,7 +40,7 @@ from django.shortcuts import get_object_or_404, render, redirect
|
|||
from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger
|
||||
from django.contrib import messages
|
||||
from django.contrib.auth.decorators import login_required, permission_required
|
||||
from django.db.models import ProtectedError
|
||||
from django.db.models import ProtectedError, Q
|
||||
from django.db import IntegrityError
|
||||
from django.utils import timezone
|
||||
from django.db import transaction
|
||||
|
@ -163,8 +163,7 @@ def edit_club_admin_members(request, clubid):
|
|||
except Club.DoesNotExist:
|
||||
messages.error(request, "Club inexistant")
|
||||
return redirect(reverse('users:index'))
|
||||
if not request.user.has_perms(('cableur',))\
|
||||
and not request.user in club_instance.administrators.all():
|
||||
if not club_instance.can_edit(request.user):
|
||||
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
|
@ -214,9 +213,8 @@ def edit_info(request, userid):
|
|||
except User.DoesNotExist:
|
||||
messages.error(request, "Utilisateur inexistant")
|
||||
return redirect(reverse('users:index'))
|
||||
if not request.user.has_perms(('cableur',)) and user != request.user:
|
||||
messages.error(request, "Vous ne pouvez pas modifier un autre\
|
||||
user que vous sans droit cableur")
|
||||
if not user.can_edit(request.user):
|
||||
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
|
@ -279,9 +277,8 @@ def password(request, userid):
|
|||
except User.DoesNotExist:
|
||||
messages.error(request, "Utilisateur inexistant")
|
||||
return redirect(reverse('users'))
|
||||
if not request.user.has_perms(('cableur',)) and user != request.user:
|
||||
messages.error(request, "Vous ne pouvez pas modifier un\
|
||||
autre user que vous sans droit cableur")
|
||||
if not user.can_edit(request.user):
|
||||
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
|
@ -722,12 +719,16 @@ def index(request):
|
|||
|
||||
|
||||
@login_required
|
||||
@permission_required('cableur')
|
||||
def index_clubs(request):
|
||||
""" Affiche l'ensemble des clubs, need droit cableur """
|
||||
options, _created = GeneralOption.objects.get_or_create()
|
||||
pagination_number = options.pagination_number
|
||||
clubs_list = Club.objects.select_related('room')
|
||||
if not request.user.has_perms(('cableur',)):
|
||||
clubs_list = Club.objects.filter(
|
||||
Q(administrators=request.user.adherent) | Q(members=request.user.adherent)
|
||||
).distinct().select_related('room')
|
||||
else:
|
||||
clubs_list = Club.objects.select_related('room')
|
||||
clubs_list = SortTable.sort(
|
||||
clubs_list,
|
||||
request.GET.get('col'),
|
||||
|
@ -853,10 +854,8 @@ def history(request, object_name, object_id):
|
|||
except User.DoesNotExist:
|
||||
messages.error(request, "Utilisateur inexistant")
|
||||
return redirect(reverse('users:index'))
|
||||
if not request.user.has_perms(('cableur',)) and\
|
||||
object_instance != request.user:
|
||||
messages.error(request, "Vous ne pouvez pas afficher\
|
||||
l'historique d'un autre user que vous sans droit cableur")
|
||||
if not object_instance.can_view(request.user):
|
||||
messages.error(request, "Vous ne pouvez pas afficher ce menu")
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
|
@ -947,9 +946,8 @@ def profil(request, userid):
|
|||
except User.DoesNotExist:
|
||||
messages.error(request, "Utilisateur inexistant")
|
||||
return redirect(reverse('users:index'))
|
||||
if not request.user.has_perms(('cableur',)) and users != request.user:
|
||||
messages.error(request, "Vous ne pouvez pas afficher un autre user\
|
||||
que vous sans droit cableur")
|
||||
if not users.can_view(request.user):
|
||||
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
|
|
Loading…
Reference in a new issue