Use @can_create and @can_edit on machines.models

2024-11-23 11:53:12 +00:00 · 2017-11-30 20:38:16 +00:00 · 2017-11-30 20:38:16 +00:00 · 7cbd4298db
commit 7cbd4298db
parent efa34c7f58
5 changed files with 95 additions and 313 deletions
--- a/machines/models.py
+++ b/machines/models.py
@ -58,9 +58,9 @@ class Machine(models.Model):
    def get_instance(machineid):
        return Machine.objects.get(pk=machineid)
-    def can_create(user_request, userid_dest):
+    def can_create(user_request, userid):
        try:
-            user = users.models.User.objects.get(pk=userid_dest)
+            user = users.models.User.objects.get(pk=userid)
        except users.models.User.DoesNotExist:
            return False, u"Utilisateur inexistant"
        options, created = preferences.models.OptionalMachine.objects.get_or_create()
@ -75,7 +75,7 @@ class Machine(models.Model):
                        % max_lambdauser_interfaces
        return True, None
-    def can_edit(user_request, machine):
+    def can_edit(self, user_request):
        return True, None
    def __str__(self):
@ -106,7 +106,7 @@ class MachineType(models.Model):
        return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
                de créer un type de machine"
-    def can_edit(user_request, machinetype):
+    def can_edit(self, user_request):
        if not user_request.has_perms(('infra',)):
            return False, u"Vous n'avez pas le droit d'éditer des types de machine"
        return True, None
@ -221,14 +221,14 @@ class IpType(models.Model):
        self.clean()
        super(IpType, self).save(*args, **kwargs)
-    def get_instance(iptyeid):
+    def get_instance(iptypeid):
        return IpType.objects.get(pk=iptypeid)
    def can_create(user_request):
        return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
                de créer un type d'ip"
-    def can_edit(user_request, iptype):
+    def can_edit(self, user_request):
        if not user_request.has_perms(('infra',)):
            return False, u"Vous n'avez pas le droit d'éditer des types d'ip"
        return True, None
@ -253,7 +253,7 @@ class Vlan(models.Model):
        return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
                de créer un vlan"
-    def can_edit(user_request, vlan):
+    def can_edit(self, user_request):
        if not user_request.has_perms(('infra',)):
            return False, u"Vous n'avez pas le droit d'éditer des vlans"
        return True, None
@ -299,7 +299,7 @@ class Nas(models.Model):
        return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
                de créer un nas"
-    def can_edit(user_request, nas):
+    def can_edit(self, user_request):
        if not user_request.has_perms(('infra',)):
            return False, u"Vous n'avez pas le droit d'éditer des nas"
        return True, None
@ -347,7 +347,7 @@ class SOA(models.Model):
        return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
                de créer un enregistrement SOA"
-    def can_edit(user_request, soa):
+    def can_edit(self, user_request):
        if not user_request.has_perms(('infra',)):
            return False, u"Vous n'avez pas le droit d'éditer des enregistrements SOA"
        return True, None
@ -441,7 +441,7 @@ class Extension(models.Model):
        return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
                de créer une extension"
-    def can_edit(user_request, extension):
+    def can_edit(self, user_request):
        if not user_request.has_perms(('infra',)):
            return False, u"Vous n'avez pas le droit d'éditer des extensions"
        return True, None
@ -478,7 +478,7 @@ class Mx(models.Model):
        return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
                de créer un enregistrement MX"
-    def can_edit(user_request, mx):
+    def can_edit(self, user_request):
        if not user_request.has_perms(('infra',)):
            return False, u"Vous n'avez pas le droit d'éditer des enregstrements MX"
        return True, None
@ -506,7 +506,7 @@ class Ns(models.Model):
        return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
                de créer un enregistrement NS"
-    def can_edit(user_request, ns):
+    def can_edit(self, user_request):
        if not user_request.has_perms(('infra',)):
            return False, u"Vous n'avez pas le droit d'éditer des enregistrements NS"
        return True, None
@ -530,7 +530,7 @@ class Txt(models.Model):
        return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
                de créer un enregistrement TXT"
-    def can_edit(user_request, txt):
+    def can_edit(self, user_request):
        if not user_request.has_perms(('infra',)):
            return False, u"Vous n'avez pas le droit d'éditer des enregistrement TXT"
        return True, None
@ -595,7 +595,7 @@ class Srv(models.Model):
        return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
                de créer un enregistrement SRV"
-    def can_edit(user_request, srv):
+    def can_edit(self, user_request):
        if not user_request.has_perms(('infra',)):
            return False, u"Vous n'avez pas le droit d'éditer des enregistrements SRV"
        return True, None
@ -720,9 +720,9 @@ class Interface(models.Model):
    def get_instance(interfaceid):
        return Interface.objects.get(pk=interfaceid)
-    def can_create(user_request, machineid_dest):
+    def can_create(user_request, machineid):
        try:
-            machine = Machine.objects.get(pk=machineid_dest)
+            machine = Machine.objects.get(pk=machineid)
        except Machine.DoesNotExist:
            return False, u"Machine inexistante"
        if not user_request.has_perms(('cableur',)):
@ -737,10 +737,10 @@ class Interface(models.Model):
                        % max_lambdauser_interfaces
        return True, None
-    def can_edit(user_request, interface):
+    def can_edit(self, user_request):
        if not user_request.has_perms(('infra',)) and \
            not user_request.has_perms(('cableur',)) and \
-            interface.machine.user != user_request:
+            self.machine.user != user_request:
                return False, u"Vous ne pouvez pas éditer une machine\
                        d'un autre user que vous sans droit"
        return True, None
@ -847,9 +847,9 @@ class Domain(models.Model):
    def get_instance(domainid):
        return Domain.objects.get(pk=domainid)
-    def can_create(user_request, interfaceid_dest):
+    def can_create(user_request, interfaceid):
        try:
-            interface = Interface.objects.get(pk=interfaceid_dest)
+            interface = Interface.objects.get(pk=interfaceid)
        except Interface.DoesNotExist:
            return False, u"Interface inexistante"
        if not user_request.has_perms(('cableur',)):
@ -868,10 +868,10 @@ class Domain(models.Model):
                        % max_lambdauser_aliases
        return True, None
-    def can_edit(user_request, domain):
+    def can_edit(self, user_request):
        if not user_request.has_perms(('cableur',)) and (
-            domain.cname is None or \
+            self.cname is None or \
-            domain.cname.interface_parent.machine.user != user_request
+            self.cname.interface_parent.machine.user != user_request
            ):
            return False, u"Vous ne pouvez pas ajouter un alias à une machine\
                    d'un autre user que vous sans droit"
@ -910,7 +910,7 @@ class IpList(models.Model):
    def can_create(user_request):
        return True, None
-    def can_edit(user_request, iplist):
+    def can_edit(self, user_request):
        return True, None
    def __str__(self):
@ -960,7 +960,7 @@ class Service(models.Model):
        return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
                de créer un service"
-    def can_edit(user_request, service):
+    def can_edit(self, user_request):
        if not user_request.has_perms(('infra',)):
            return False, u"Vous n'avez pas le droit d'éditer des services"
        return True, None
@ -1011,7 +1011,7 @@ class Service_link(models.Model):
    def can_create(user_request):
        return True, None
-    def can_edit(user_request, servicelink):
+    def can_edit(self, user_request):
        return True, None
    def __str__(self):
@ -1034,7 +1034,7 @@ class OuverturePortList(models.Model):
        return user_request.has_perms(('bureau',)) , u"Vous n'avez pas le droit\
                d'ouvrir un port"
-    def can_edit(user_request, ouvertureportlist):
+    def can_edit(self, user_request):
        if not user_request.has_perms(('bureau',)):
            return False, u"Vous n'avez pas le droit d'éditer des ouvertures de port"
        return True, None
@ -1115,7 +1115,7 @@ class OuverturePort(models.Model):
    def can_create(user_request):
        return True, None
-    def can_edit(user_request, ouvertureport):
+    def can_edit(self, user_request):
        return True, None
    def __str__(self):
--- a/machines/urls.py
+++ b/machines/urls.py
@ -61,7 +61,7 @@ urlpatterns = [
    url(r'^del_srv/$', views.del_srv, name='del-srv'),
    url(r'^index_extension/$', views.index_extension, name='index-extension'),
    url(r'^add_alias/(?P<interfaceid>[0-9]+)$', views.add_alias, name='add-alias'),
-    url(r'^edit_alias/(?P<aliasid>[0-9]+)$', views.edit_alias, name='edit-alias'),
+    url(r'^edit_alias/(?P<domainid>[0-9]+)$', views.edit_alias, name='edit-alias'),
    url(r'^del_alias/(?P<interfaceid>[0-9]+)$', views.del_alias, name='del-alias'),
    url(r'^index_alias/(?P<interfaceid>[0-9]+)$', views.index_alias, name='index-alias'),
    url(r'^add_service/$', views.add_service, name='add-service'),
@ -104,8 +104,8 @@ urlpatterns = [
    url(r'^rest/service_servers/$', views.service_servers, name='service-servers'),
    url(r'^rest/ouverture_ports/$', views.ouverture_ports, name='ouverture-ports'),
    url(r'index_portlist/$', views.index_portlist, name='index-portlist'),
-    url(r'^edit_portlist/(?P<pk>[0-9]+)$', views.edit_portlist, name='edit-portlist'),
+    url(r'^edit_portlist/(?P<ouvertureportlistid>[0-9]+)$', views.edit_portlist, name='edit-portlist'),
-    url(r'^del_portlist/(?P<pk>[0-9]+)$', views.del_portlist, name='del-portlist'),
+    url(r'^del_portlist/(?P<ouvertureportlistid>[0-9]+)$', views.del_portlist, name='del-portlist'),
    url(r'^add_portlist/$', views.add_portlist, name='add-portlist'),
    url(r'^port_config/(?P<pk>[0-9]+)$', views.configure_ports, name='port-config'),
--- a/machines/views.py
+++ b/machines/views.py
@ -123,7 +123,9 @@ from re2o.utils import (
    all_active_assigned_interfaces,
    all_has_access,
    filter_active_interfaces,
-    SortTable
+    SortTable,
    can_create,
    can_edit
 )
 from re2o.views import form
@ -210,20 +212,12 @@ def generate_ipv4_mbf_param( form, is_type_tt ):
    return i_mbf_param
@login_required
@can_create(Machine)
 def new_machine(request, userid):
    """ Fonction de creation d'une machine. Cree l'objet machine, 
    le sous objet interface et l'objet domain à partir de model forms.
    Trop complexe, devrait être simplifié"""
    can, reason = Machine.can_create(request.user, userid)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    # No need to check if userid exist, already done in can_create
    user = User.objects.get(pk=userid)
    machine = NewMachineForm(request.POST or None)
    interface = AddInterfaceForm(
@ -270,26 +264,18 @@ def new_machine(request, userid):
    )
@login_required
-def edit_interface(request, interfaceid):
+@can_edit(Interface)
 def edit_interface(request, interface_instance, interfaceid):
    """ Edition d'une interface. Distingue suivant les droits les valeurs de interfaces et machines que l'user peut modifier
    infra permet de modifier le propriétaire"""
    can, reason = Interface.can_edit(request.user, interfaceid)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    interface = Interface.objects.get(pk=interfaceid)
    if not request.user.has_perms(('infra',)):
-        machine_form = BaseEditMachineForm(request.POST or None, instance=interface.machine)
+        machine_form = BaseEditMachineForm(request.POST or None, instance=interface_instance.machine)
-        interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface, infra=False)
+        interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface_instance, infra=False)
    else:
-        machine_form = EditMachineForm(request.POST or None, instance=interface.machine)
+        machine_form = EditMachineForm(request.POST or None, instance=interface_instance.machine)
-        interface_form = EditInterfaceForm(request.POST or None, instance=interface)
+        interface_form = EditInterfaceForm(request.POST or None, instance=interface_instance)
-    domain_form = DomainForm(request.POST or None, instance=interface.domain)
+    domain_form = DomainForm(request.POST or None, instance=interface_instance.domain)
    if machine_form.is_valid() and interface_form.is_valid() and domain_form.is_valid():
        new_machine = machine_form.save(commit=False)
        new_interface = interface_form.save(commit=False)
@ -309,7 +295,7 @@ def edit_interface(request, interfaceid):
        messages.success(request, "La machine a été modifiée")
        return redirect(reverse(
            'users:profil',
-            kwargs={'userid':str(interface.machine.user.id)}
+            kwargs={'userid':str(interface_instance.machine.user.id)}
            ))
    i_mbf_param = generate_ipv4_mbf_param( interface_form, False )
    return form({'machineform': machine_form, 'interfaceform': interface_form, 'domainform': domain_form, 'i_mbf_param': i_mbf_param}, 'machines/machine.html', request)
@ -341,18 +327,10 @@ def del_machine(request, machineid):
    return form({'objet': machine, 'objet_name': 'machine'}, 'machines/delete.html', request)
@login_required
@can_create(Interface)
 def new_interface(request, machineid):
    """ Ajoute une interface et son domain associé à une machine existante"""
    can, reason = Interface.can_create(request.user, machineid)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    # No need to check if machineid exist, already done in can_create
    machine = Machine.objects.get(pk=machineid)
    interface_form = AddInterfaceForm(request.POST or None, infra=request.user.has_perms(('infra',)))
    domain_form = DomainForm(request.POST or None)
@ -409,17 +387,10 @@ def del_interface(request, interfaceid):
    return form({'objet': interface, 'objet_name': 'interface'}, 'machines/delete.html', request)
@login_required
@can_create(IpType)
 def add_iptype(request):
    """ Ajoute un range d'ip. Intelligence dans le models, fonction views minimaliste"""
    can, reason = IpType.can_create(request.user)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    iptype = IpTypeForm(request.POST or None)
    if iptype.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -431,18 +402,10 @@ def add_iptype(request):
    return form({'iptypeform': iptype}, 'machines/machine.html', request)
@login_required
-def edit_iptype(request, iptypeid):
+@can_edit(IpType)
 def edit_iptype(request, iptype_instance, iptypeid):
    """ Edition d'un range. Ne permet pas de le redimensionner pour éviter l'incohérence"""
    can, reason = IpType.can_edit(request.user, iptypeid)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    iptype_instance = IpType.objects.get(pk=iptypeid)
    iptype = EditIpTypeForm(request.POST or None, instance=iptype_instance)
    if iptype.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -472,16 +435,9 @@ def del_iptype(request):
    return form({'iptypeform': iptype}, 'machines/machine.html', request)
@login_required
@can_create(MachineType)
 def add_machinetype(request):
    can, reason = MachineType.can_create(request.user)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    machinetype = MachineTypeForm(request.POST or None)
    if machinetype.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -493,17 +449,9 @@ def add_machinetype(request):
    return form({'machinetypeform': machinetype}, 'machines/machine.html', request)
@login_required
-def edit_machinetype(request, machinetypeid):
+@can_edit(MachineType)
 def edit_machinetype(request, machinetype_instance, machinetypeid):
    can, reason = MachineType.can_edit(request.user, machinetypeid)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    machinetype_instance = MachineType.objects.get(pk=machinetypeid)
    machinetype = MachineTypeForm(request.POST or None, instance=machinetype_instance)
    if machinetype.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -532,16 +480,9 @@ def del_machinetype(request):
    return form({'machinetypeform': machinetype}, 'machines/machine.html', request)
@login_required
@can_create(Extension)
 def add_extension(request):
    can, reason = Extension.can_create(request.user)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    extension = ExtensionForm(request.POST or None)
    if extension.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -553,17 +494,9 @@ def add_extension(request):
    return form({'extensionform': extension}, 'machines/machine.html', request)
@login_required
-def edit_extension(request, extensionid):
+@can_edit(Extension)
 def edit_extension(request, extension_instance, extensionid):
    can, reason = Extension.can_edit(request.user, extensionid)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    extension_instance = Extension.objects.get(pk=extensionid)
    extension = ExtensionForm(request.POST or None, instance=extension_instance)
    if extension.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -592,16 +525,9 @@ def del_extension(request):
    return form({'extensionform': extension}, 'machines/machine.html', request)
@login_required
@can_create(SOA)
 def add_soa(request):
    can, reason = SOA.can_create(request.user)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    soa = SOAForm(request.POST or None)
    if soa.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -613,17 +539,9 @@ def add_soa(request):
    return form({'soaform': soa}, 'machines/machine.html', request)
@login_required
-def edit_soa(request, soaid):
+@can_edit(SOA)
 def edit_soa(request, soa_instance, soaid):
    can, reason = SOA.can_edit(request.user, soaid)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    soa_instance = SOA.objects.get(pk=soaid)
    soa = SOAForm(request.POST or None, instance=soa_instance)
    if soa.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -652,16 +570,9 @@ def del_soa(request):
    return form({'soaform': soa}, 'machines/machine.html', request)
@login_required
@can_create(Mx)
 def add_mx(request):
    can, reason = Mx.can_create(request.user)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    mx = MxForm(request.POST or None)
    if mx.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -673,17 +584,9 @@ def add_mx(request):
    return form({'mxform': mx}, 'machines/machine.html', request)
@login_required
-def edit_mx(request, mxid):
+@can_edit(Mx)
 def edit_mx(request, mx_instance, mxid):
    can, reason = Mx.can_edit(request.user, mxid)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    mx_instance = Mx.objects.get(pk=mxid)
    mx = MxForm(request.POST or None, instance=mx_instance)
    if mx.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -712,16 +615,9 @@ def del_mx(request):
    return form({'mxform': mx}, 'machines/machine.html', request)
@login_required
@can_create(Ns)
 def add_ns(request):
    can, reason = Ns.can_create(request.user)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    ns = NsForm(request.POST or None)
    if ns.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -733,17 +629,9 @@ def add_ns(request):
    return form({'nsform': ns}, 'machines/machine.html', request)
@login_required
-def edit_ns(request, nsid):
+@can_edit(Ns)
 def edit_ns(request, ns_instance, nsid):
    can, reason = Ns.can_edit(request.user, nsid)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    ns_instance = Ns.objects.get(pk=nsid)
    ns = NsForm(request.POST or None, instance=ns_instance)
    if ns.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -772,16 +660,9 @@ def del_ns(request):
    return form({'nsform': ns}, 'machines/machine.html', request)
@login_required
@can_create(Txt)
 def add_txt(request):
    can, reason = Txt.can_create(request.user)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    txt = TxtForm(request.POST or None)
    if txt.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -793,17 +674,9 @@ def add_txt(request):
    return form({'txtform': txt}, 'machines/machine.html', request)
@login_required
-def edit_txt(request, txtid):
+@can_edit(Txt)
 def edit_txt(request, txt_instance, txtid):
    can, reason = Txt.can_edit(request.user, txtid)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    txt_instance = Txt.objects.get(pk=txtid)
    txt = TxtForm(request.POST or None, instance=txt_instance)
    if txt.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -832,16 +705,9 @@ def del_txt(request):
    return form({'txtform': txt}, 'machines/machine.html', request)
@login_required
@can_create(Srv)
 def add_srv(request):
    can, reason = Srv.can_create(request.user)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    srv = SrvForm(request.POST or None)
    if srv.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -853,17 +719,9 @@ def add_srv(request):
    return form({'srvform': srv}, 'machines/machine.html', request)
@login_required
-def edit_srv(request, srvid):
+@can_edit(Srv)
 def edit_srv(request, srv_instance, srvid):
    can, reason = Srv.can_edit(request.user, srvid)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    srv_instance = Srv.objects.get(pk=srvid)
    srv = SrvForm(request.POST or None, instance=srv_instance)
    if srv.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -892,17 +750,9 @@ def del_srv(request):
    return form({'srvform': srv}, 'machines/machine.html', request)
@login_required
@can_create(Domain)
 def add_alias(request, interfaceid):
    can, reason = Domain.can_create(request.user, interfaceid)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    # No need to check if interfaceid exist, already done in can_create
    interface = Interface.objects.get(pk=interfaceid)
    alias = AliasForm(request.POST or None, infra=request.user.has_perms(('infra',)))
    if alias.is_valid():
@ -920,27 +770,19 @@ def add_alias(request, interfaceid):
    return form({'aliasform': alias}, 'machines/machine.html', request)
@login_required
-def edit_alias(request, aliasid):
+@can_edit(Domain)
 def edit_alias(request, domain_instance, domainid):
-    can, reason = Domain.can_edit(request.user, aliasid)
+    alias = AliasForm(request.POST or None, instance=domain_instance, infra=request.user.has_perms(('infra',)))
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    alias_instance = Domain.objects.get(pk=aliasid)
    alias = AliasForm(request.POST or None, instance=alias_instance, infra=request.user.has_perms(('infra',)))
    if alias.is_valid():
        with transaction.atomic(), reversion.create_revision():
-            alias_instance = alias.save()
+            domain_instance = alias.save()
            reversion.set_user(request.user)
            reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in alias.changed_data))
        messages.success(request, "Alias modifié")
        return redirect(reverse(
            'machines:index-alias', 
-            kwargs={'interfaceid':str(alias_instance.cname.interface_parent.id)}
+            kwargs={'interfaceid':str(domain_instance.cname.interface_parent.id)}
            ))
    return form({'aliasform': alias}, 'machines/machine.html', request)
@ -976,16 +818,9 @@ def del_alias(request, interfaceid):
@login_required
@can_create(Service)
 def add_service(request):
    can, reason = Service.can_create(request.user)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    service = ServiceForm(request.POST or None)
    if service.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -997,17 +832,9 @@ def add_service(request):
    return form({'serviceform': service}, 'machines/machine.html', request)
@login_required
-def edit_service(request, serviceid):
+@can_edit(Service)
 def edit_service(request, service_instance, serviceid):
    can, reason = Service.can_edit(request.user, serviceid)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    service_instance = Service.objects.get(pk=serviceid)
    service = ServiceForm(request.POST or None, instance=service_instance)
    if service.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -1036,16 +863,9 @@ def del_service(request):
    return form({'serviceform': service}, 'machines/machine.html', request)
@login_required
@can_create(Vlan)
 def add_vlan(request):
    can, reason = Vlan.can_create(request.user)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    vlan = VlanForm(request.POST or None)
    if vlan.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -1057,17 +877,9 @@ def add_vlan(request):
    return form({'vlanform': vlan}, 'machines/machine.html', request)
@login_required
-def edit_vlan(request, vlanid):
+@can_edit(Vlan)
 def edit_vlan(request, vlan_instance, vlanid):
    can, reason = Vlan.can_edit(request.user, vlanid)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    vlan_instance = Vlan.objects.get(pk=vlanid)
    vlan = VlanForm(request.POST or None, instance=vlan_instance)
    if vlan.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -1096,16 +908,9 @@ def del_vlan(request):
    return form({'vlanform': vlan}, 'machines/machine.html', request)
@login_required
@can_create(Nas)
 def add_nas(request):
    can, reason = Nas.can_create(request.user)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    nas = NasForm(request.POST or None)
    if nas.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -1117,17 +922,9 @@ def add_nas(request):
    return form({'nasform': nas}, 'machines/machine.html', request)
@login_required
-def edit_nas(request, nasid):
+@can_edit(Nas)
 def edit_nas(request, nas_instance, nasid):
    can, reason = Nas.can_edit(request.user, nasid)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    nas_instance = Nas.objects.get(pk=nasid)
    nas = NasForm(request.POST or None, instance=nas_instance)
    if nas.is_valid():
        with transaction.atomic(), reversion.create_revision():
@ -1369,18 +1166,10 @@ def index_portlist(request):
    return render(request, "machines/index_portlist.html", {'port_list':port_list})
@login_required
-def edit_portlist(request, pk):
+@can_edit(OuverturePortList)
 def edit_portlist(request, ouvertureportlist_instance, ouvertureportlistid):
-    can, reason = OuverturePortList.can_edit(request.user, pk)
+    port_list = EditOuverturePortListForm(request.POST or None, instance=ouvertureportlist_instance)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    port_list_instance = OuverturePortList.objects.get(pk=pk)
    port_list = EditOuverturePortListForm(request.POST or None, instance=port_list_instance)
    port_formset = modelformset_factory(
            OuverturePort,
            fields=('begin','end','protocole','io'),
@ -1388,7 +1177,7 @@ def edit_portlist(request, pk):
            can_delete=True,
 	    min_num=1,
 	    validate_min=True,
-    )(request.POST or None, queryset=port_list_instance.ouvertureport_set.all())
+    )(request.POST or None, queryset=ouvertureportlist_instance.ouvertureport_set.all())
    if port_list.is_valid() and port_formset.is_valid():
        pl = port_list.save()
        instances = port_formset.save(commit=False)
@ -1403,9 +1192,9 @@ def edit_portlist(request, pk):
@login_required
@permission_required('bureau')
-def del_portlist(request, pk):
+def del_portlist(request, ouvertureportlistid):
    try:
-        port_list_instance = OuverturePortList.objects.get(pk=pk)
+        port_list_instance = OuverturePortList.objects.get(pk=ouvertureportlistid)
    except OuverturePortList.DoesNotExist:
        messages.error(request, "Liste de ports inexistante")
        return redirect(reverse('machines:index-portlist'))
@ -1417,16 +1206,9 @@ def del_portlist(request, pk):
    return redirect(reverse('machines:index-portlist'))
@login_required
@can_create(OuverturePortList)
 def add_portlist(request):
    can, reason = OuverturePortList.can_create(request.user)
    if not can:
        messages.error(request, reason)
        return redirect(reverse(
            'users:profil',
            kwargs={'userid':str(request.user.id)}
        ))
    port_list = EditOuverturePortListForm(request.POST or None)
    port_formset = modelformset_factory(
            OuverturePort,
--- a/re2o/utils.py
+++ b/re2o/utils.py
@ -58,7 +58,7 @@ def can_create(model):
    """
    def decorator(view):
        def wrapper(request, *args, **kwargs):
-            can, msg = model.can_create(request.user)
+            can, msg = model.can_create(request.user, *args, **kwargs)
            if not can:
                messages.error(request, msg or "Vous ne pouvez pas accéder à ce menu")
                return redirect(reverse('users:profil',
@ -85,7 +85,7 @@ def can_edit(model):
                return redirect(reverse('users:profil',
                    kwargs={'userid':str(request.user.id)}
                ))
-            can, msg = model.can_edit(instance, request.user)
+            can, msg = instance.can_edit(request.user)
            if not can:
                messages.error(request, msg or "Vous ne pouvez pas accéder à ce menu")
                return redirect(reverse('users:profil',
--- a/users/models.py
+++ b/users/models.py
@ -935,7 +935,7 @@ class ServiceUser(AbstractBaseUser):
            return user.has_perms(('infra',)), u"Vous n'avez pas le droit de\
                créer un service user"
-    def can_edit(instance, user):
+    def can_edit(self, user):
        return user.has_perms(('infra',)), u"Vous n'avez pas le droit d'éditer\
            les services users"
@ -1119,7 +1119,7 @@ class Ban(models.Model):
    def __str__(self):
        return str(self.user) + ' ' + str(self.raison)
-    def can_create(user):
+    def can_create(user, userid):
        return user.has_perms(('bofh',)), u"Vous n'avez pas le droit de\
            créer des bannissement"