rezometz/re2o
8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-23 11:53:12 +00:00
Code Issues Releases Wiki Activity

Corrige les vues (docstring et autres)

Browse source
This commit is contained in:
Gabriel Detraz 2017-10-14 22:10:07 +02:00
parent e9855c7867
commit bee8976ebe
1 changed files with 255 additions and 122 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

323
users/views.py
View file

@ -23,20 +23,25 @@
# App de gestion des users pour re2o # App de gestion des users pour re2o
# Goulven Kermarec, Gabriel Détraz, Lemesle Augustin # Goulven Kermarec, Gabriel Détraz, Lemesle Augustin
# Gplv2 # Gplv2
"""
Module des views.
On définit les vues pour l'ajout, l'edition des users : infos personnelles,
mot de passe, etc
Permet aussi l'ajout, edition et suppression des droits, des bannissements,
des whitelist, des services users et des écoles
"""
from __future__ import unicode_literals from __future__ import unicode_literals
from django.shortcuts import get_object_or_404, render, redirect from django.shortcuts import get_object_or_404, render, redirect
from django.template.context_processors import csrf
from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger
from django.template import Context, RequestContext, loader
from django.contrib import messages from django.contrib import messages
from django.contrib.auth.decorators import login_required, permission_required from django.contrib.auth.decorators import login_required, permission_required
from django.db.models import Max, ProtectedError from django.db.models import ProtectedError
from django.db import IntegrityError from django.db import IntegrityError
from django.core.mail import send_mail
from django.utils import timezone from django.utils import timezone
from django.core.urlresolvers import reverse
from django.db import transaction from django.db import transaction
from django.http import HttpResponse from django.http import HttpResponse
from django.views.decorators.csrf import csrf_exempt from django.views.decorators.csrf import csrf_exempt
@ -47,22 +52,21 @@ from rest_framework.renderers import JSONRenderer
from reversion.models import Version from reversion.models import Version
from reversion import revisions as reversion from reversion import revisions as reversion
from users.serializers import MailSerializer from users.serializers import MailSerializer
from users.models import User, Right, Ban, Whitelist, School, ListRight, Request, ServiceUser, all_has_access from users.models import User, Right, Ban, Whitelist, School, ListRight
from users.forms import DelRightForm, BanForm, WhitelistForm, DelSchoolForm, DelListRightForm, NewListRightForm from users.models import Request, ServiceUser, all_has_access
from users.forms import EditInfoForm, InfoForm, BaseInfoForm, StateForm, RightForm, SchoolForm, EditServiceUserForm, ServiceUserForm, ListRightForm from users.forms import DelRightForm, BanForm, WhitelistForm, DelSchoolForm
from cotisations.models import Facture from users.forms import DelListRightForm, NewListRightForm
from machines.models import Machine, Interface from users.forms import InfoForm, BaseInfoForm, StateForm
from users.forms import RightForm, SchoolForm, EditServiceUserForm
from users.forms import ServiceUserForm, ListRightForm
from users.forms import MassArchiveForm, PassForm, ResetPasswordForm from users.forms import MassArchiveForm, PassForm, ResetPasswordForm
from preferences.models import OptionalUser, AssoOption, GeneralOption from cotisations.models import Facture
from machines.models import Machine
from preferences.models import OptionalUser, GeneralOption
from re2o.login import hashNT from re2o.views import form
def form(ctx, template, request):
c = ctx
c.update(csrf(request))
return render(request, template, c)
def password_change_action(u_form, user, request, req=False): def password_change_action(u_form, user, request, req=False):
""" Fonction qui effectue le changeemnt de mdp bdd""" """ Fonction qui effectue le changeemnt de mdp bdd"""
user.set_user_password(u_form.cleaned_data['passwd1']) user.set_user_password(u_form.cleaned_data['passwd1'])
@ -75,10 +79,12 @@ def password_change_action(u_form, user, request, req=False):
return redirect("/") return redirect("/")
return redirect("/users/profil/" + str(user.id)) return redirect("/users/profil/" + str(user.id))
@login_required @login_required
@permission_required('cableur') @permission_required('cableur')
def new_user(request): def new_user(request):
""" Vue de création d'un nouvel utilisateur, envoie un mail pour le mot de passe""" """ Vue de création d'un nouvel utilisateur,
envoie un mail pour le mot de passe"""
user = InfoForm(request.POST or None) user = InfoForm(request.POST or None)
if user.is_valid(): if user.is_valid():
user = user.save(commit=False) user = user.save(commit=False)
@ -87,21 +93,25 @@ def new_user(request):
reversion.set_user(request.user) reversion.set_user(request.user)
reversion.set_comment("Création") reversion.set_comment("Création")
user.reset_passwd_mail(request) user.reset_passwd_mail(request)
messages.success(request, "L'utilisateur %s a été crée, un mail pour l'initialisation du mot de passe a été envoyé" % user.pseudo) messages.success(request, "L'utilisateur %s a été crée, un mail\
pour l'initialisation du mot de passe a été envoyé" % user.pseudo)
return redirect("/users/profil/" + str(user.id)) return redirect("/users/profil/" + str(user.id))
return form({'userform': user}, 'users/user.html', request) return form({'userform': user}, 'users/user.html', request)
@login_required @login_required
def edit_info(request, userid): def edit_info(request, userid):
""" Edite un utilisateur à partir de son id, """ Edite un utilisateur à partir de son id,
si l'id est différent de request.user, vérifie la possession du droit cableur """ si l'id est différent de request.user, vérifie la
possession du droit cableur """
try: try:
user = User.objects.get(pk=userid) user = User.objects.get(pk=userid)
except User.DoesNotExist: except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant") messages.error(request, "Utilisateur inexistant")
return redirect("/users/") return redirect("/users/")
if not request.user.has_perms(('cableur',)) and user != request.user: if not request.user.has_perms(('cableur',)) and user != request.user:
messages.error(request, "Vous ne pouvez pas modifier un autre user que vous sans droit cableur") messages.error(request, "Vous ne pouvez pas modifier un autre\
user que vous sans droit cableur")
return redirect("/users/profil/" + str(request.user.id)) return redirect("/users/profil/" + str(request.user.id))
if not request.user.has_perms(('cableur',)): if not request.user.has_perms(('cableur',)):
user = BaseInfoForm(request.POST or None, instance=user) user = BaseInfoForm(request.POST or None, instance=user)
@ -111,15 +121,19 @@ def edit_info(request, userid):
with transaction.atomic(), reversion.create_revision(): with transaction.atomic(), reversion.create_revision():
user.save() user.save()
reversion.set_user(request.user) reversion.set_user(request.user)
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in user.changed_data)) reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in user.changed_data
))
messages.success(request, "L'user a bien été modifié") messages.success(request, "L'user a bien été modifié")
return redirect("/users/profil/" + userid) return redirect("/users/profil/" + userid)
return form({'userform': user}, 'users/user.html', request) return form({'userform': user}, 'users/user.html', request)
@login_required @login_required
@permission_required('bureau') @permission_required('bureau')
def state(request, userid): def state(request, userid):
""" Changer l'etat actif/desactivé/archivé d'un user, need droit bureau """ """ Changer l'etat actif/desactivé/archivé d'un user,
need droit bureau """
try: try:
user = User.objects.get(pk=userid) user = User.objects.get(pk=userid)
except User.DoesNotExist: except User.DoesNotExist:
@ -135,12 +149,15 @@ def state(request, userid):
elif state.cleaned_data['state'] == User.STATE_DISABLED: elif state.cleaned_data['state'] == User.STATE_DISABLED:
user.state = User.STATE_DISABLED user.state = User.STATE_DISABLED
reversion.set_user(request.user) reversion.set_user(request.user)
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in state.changed_data)) reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in state.changed_data
))
user.save() user.save()
messages.success(request, "Etat changé avec succès") messages.success(request, "Etat changé avec succès")
return redirect("/users/profil/" + userid) return redirect("/users/profil/" + userid)
return form({'userform': state}, 'users/user.html', request) return form({'userform': state}, 'users/user.html', request)
@login_required @login_required
def password(request, userid): def password(request, userid):
""" Reinitialisation d'un mot de passe à partir de l'userid, """ Reinitialisation d'un mot de passe à partir de l'userid,
@ -152,16 +169,20 @@ def password(request, userid):
messages.error(request, "Utilisateur inexistant") messages.error(request, "Utilisateur inexistant")
return redirect("/users/") return redirect("/users/")
if not request.user.has_perms(('cableur',)) and user != request.user: if not request.user.has_perms(('cableur',)) and user != request.user:
messages.error(request, "Vous ne pouvez pas modifier un autre user que vous sans droit cableur") messages.error(request, "Vous ne pouvez pas modifier un\
autre user que vous sans droit cableur")
return redirect("/users/profil/" + str(request.user.id)) return redirect("/users/profil/" + str(request.user.id))
if not request.user.has_perms(('bureau',)) and user != request.user and Right.objects.filter(user=user): if not request.user.has_perms(('bureau',)) and user != request.user\
messages.error(request, "Il faut les droits bureau pour modifier le mot de passe d'un membre actif") and Right.objects.filter(user=user):
messages.error(request, "Il faut les droits bureau pour modifier le\
mot de passe d'un membre actif")
return redirect("/users/profil/" + str(request.user.id)) return redirect("/users/profil/" + str(request.user.id))
u_form = PassForm(request.POST or None) u_form = PassForm(request.POST or None)
if u_form.is_valid(): if u_form.is_valid():
return password_change_action(u_form, user, request) return password_change_action(u_form, user, request)
return form({'userform': u_form}, 'users/user.html', request) return form({'userform': u_form}, 'users/user.html', request)
@login_required @login_required
@permission_required('infra') @permission_required('infra')
def new_serviceuser(request): def new_serviceuser(request):
@ -174,15 +195,20 @@ def new_serviceuser(request):
user_object.save() user_object.save()
reversion.set_user(request.user) reversion.set_user(request.user)
reversion.set_comment("Création") reversion.set_comment("Création")
messages.success(request, "L'utilisateur %s a été crée" % user_object.pseudo) messages.success(
request,
"L'utilisateur %s a été crée" % user_object.pseudo
)
return redirect("/users/index_serviceusers/") return redirect("/users/index_serviceusers/")
return form({'userform': user}, 'users/user.html', request) return form({'userform': user}, 'users/user.html', request)
@login_required @login_required
@permission_required('infra') @permission_required('infra')
def edit_serviceuser(request, userid): def edit_serviceuser(request, userid):
""" Edite un utilisateur à partir de son id, """ Edite un utilisateur à partir de son id,
si l'id est différent de request.user, vérifie la possession du droit cableur """ si l'id est différent de request.user,
vérifie la possession du droit cableur """
try: try:
user = ServiceUser.objects.get(pk=userid) user = ServiceUser.objects.get(pk=userid)
except ServiceUser.DoesNotExist: except ServiceUser.DoesNotExist:
@ -196,14 +222,18 @@ def edit_serviceuser(request, userid):
user_object.set_password(user.cleaned_data['password']) user_object.set_password(user.cleaned_data['password'])
user_object.save() user_object.save()
reversion.set_user(request.user) reversion.set_user(request.user)
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in user.changed_data)) reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in user.changed_data
))
messages.success(request, "L'user a bien été modifié") messages.success(request, "L'user a bien été modifié")
return redirect("/users/index_serviceusers") return redirect("/users/index_serviceusers")
return form({'userform': user}, 'users/user.html', request) return form({'userform': user}, 'users/user.html', request)
@login_required @login_required
@permission_required('infra') @permission_required('infra')
def del_serviceuser(request, userid): def del_serviceuser(request, userid):
"""Suppression d'un ou plusieurs serviceusers"""
try: try:
user = ServiceUser.objects.get(pk=userid) user = ServiceUser.objects.get(pk=userid)
except ServiceUser.DoesNotExist: except ServiceUser.DoesNotExist:
@ -215,7 +245,12 @@ def del_serviceuser(request, userid):
reversion.set_user(request.user) reversion.set_user(request.user)
messages.success(request, "L'user a été détruite") messages.success(request, "L'user a été détruite")
return redirect("/users/index_serviceusers/") return redirect("/users/index_serviceusers/")
return form({'objet': user, 'objet_name': 'serviceuser'}, 'users/delete.html', request) return form(
{'objet': user, 'objet_name': 'serviceuser'},
'users/delete.html',
request
)
@login_required @login_required
@permission_required('bureau') @permission_required('bureau')
@ -241,6 +276,7 @@ def add_right(request, userid):
return redirect("/users/profil/" + userid) return redirect("/users/profil/" + userid)
return form({'userform': right}, 'users/user.html', request) return form({'userform': right}, 'users/user.html', request)
@login_required @login_required
@permission_required('bureau') @permission_required('bureau')
def del_right(request): def del_right(request):
@ -248,21 +284,25 @@ def del_right(request):
user_right_list = dict() user_right_list = dict()
for right in ListRight.objects.all(): for right in ListRight.objects.all():
user_right_list[right] = DelRightForm(right, request.POST or None) user_right_list[right] = DelRightForm(right, request.POST or None)
for keys, right_item in user_right_list.items(): for _keys, right_item in user_right_list.items():
if right_item.is_valid(): if right_item.is_valid():
right_del = right_item.cleaned_data['rights'] right_del = right_item.cleaned_data['rights']
with transaction.atomic(), reversion.create_revision(): with transaction.atomic(), reversion.create_revision():
reversion.set_user(request.user) reversion.set_user(request.user)
reversion.set_comment("Retrait des droit %s" % ','.join(str(deleted_right) for deleted_right in right_del)) reversion.set_comment("Retrait des droit %s" % ','.join(
str(deleted_right) for deleted_right in right_del
))
right_del.delete() right_del.delete()
messages.success(request, "Droit retiré avec succès") messages.success(request, "Droit retiré avec succès")
return redirect("/users/") return redirect("/users/")
return form({'userform': user_right_list}, 'users/del_right.html', request) return form({'userform': user_right_list}, 'users/del_right.html', request)
@login_required @login_required
@permission_required('bofh') @permission_required('bofh')
def add_ban(request, userid): def add_ban(request, userid):
""" Ajouter un banissement, nécessite au moins le droit bofh (a fortiori bureau) """ Ajouter un banissement, nécessite au moins le droit bofh
(a fortiori bureau)
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement""" Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement"""
try: try:
user = User.objects.get(pk=userid) user = User.objects.get(pk=userid)
@ -273,7 +313,7 @@ def add_ban(request, userid):
ban = BanForm(request.POST or None, instance=ban_instance) ban = BanForm(request.POST or None, instance=ban_instance)
if ban.is_valid(): if ban.is_valid():
with transaction.atomic(), reversion.create_revision(): with transaction.atomic(), reversion.create_revision():
ban_object = ban.save() _ban_object = ban.save()
reversion.set_user(request.user) reversion.set_user(request.user)
reversion.set_comment("Création") reversion.set_comment("Création")
messages.success(request, "Bannissement ajouté") messages.success(request, "Bannissement ajouté")
@ -285,10 +325,12 @@ def add_ban(request, userid):
) )
return form({'userform': ban}, 'users/user.html', request) return form({'userform': ban}, 'users/user.html', request)
@login_required @login_required
@permission_required('bofh') @permission_required('bofh')
def edit_ban(request, banid): def edit_ban(request, banid):
""" Editer un bannissement, nécessite au moins le droit bofh (a fortiori bureau) """ Editer un bannissement, nécessite au moins le droit bofh
(a fortiori bureau)
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement""" Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement"""
try: try:
ban_instance = Ban.objects.get(pk=banid) ban_instance = Ban.objects.get(pk=banid)
@ -300,23 +342,31 @@ def edit_ban(request, banid):
with transaction.atomic(), reversion.create_revision(): with transaction.atomic(), reversion.create_revision():
ban.save() ban.save()
reversion.set_user(request.user) reversion.set_user(request.user)
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in ban.changed_data)) reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in ban.changed_data
))
messages.success(request, "Bannissement modifié") messages.success(request, "Bannissement modifié")
return redirect("/users/") return redirect("/users/")
return form({'userform': ban}, 'users/user.html', request) return form({'userform': ban}, 'users/user.html', request)
@login_required @login_required
@permission_required('cableur') @permission_required('cableur')
def add_whitelist(request, userid): def add_whitelist(request, userid):
""" Accorder un accès gracieux, temporaire ou permanent. Need droit cableur """ Accorder un accès gracieux, temporaire ou permanent.
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement, raison obligatoire""" Need droit cableur
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement,
raison obligatoire"""
try: try:
user = User.objects.get(pk=userid) user = User.objects.get(pk=userid)
except User.DoesNotExist: except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant") messages.error(request, "Utilisateur inexistant")
return redirect("/users/") return redirect("/users/")
whitelist_instance = Whitelist(user=user) whitelist_instance = Whitelist(user=user)
whitelist = WhitelistForm(request.POST or None, instance=whitelist_instance) whitelist = WhitelistForm(
request.POST or None,
instance=whitelist_instance
)
if whitelist.is_valid(): if whitelist.is_valid():
with transaction.atomic(), reversion.create_revision(): with transaction.atomic(), reversion.create_revision():
whitelist.save() whitelist.save()
@ -331,30 +381,40 @@ def add_whitelist(request, userid):
) )
return form({'userform': whitelist}, 'users/user.html', request) return form({'userform': whitelist}, 'users/user.html', request)
@login_required @login_required
@permission_required('cableur') @permission_required('cableur')
def edit_whitelist(request, whitelistid): def edit_whitelist(request, whitelistid):
""" Editer un accès gracieux, temporaire ou permanent. Need droit cableur """ Editer un accès gracieux, temporaire ou permanent.
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement, raison obligatoire""" Need droit cableur
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement,
raison obligatoire"""
try: try:
whitelist_instance = Whitelist.objects.get(pk=whitelistid) whitelist_instance = Whitelist.objects.get(pk=whitelistid)
except Whitelist.DoesNotExist: except Whitelist.DoesNotExist:
messages.error(request, "Entrée inexistante") messages.error(request, "Entrée inexistante")
return redirect("/users/") return redirect("/users/")
whitelist = WhitelistForm(request.POST or None, instance=whitelist_instance) whitelist = WhitelistForm(
request.POST or None,
instance=whitelist_instance
)
if whitelist.is_valid(): if whitelist.is_valid():
with transaction.atomic(), reversion.create_revision(): with transaction.atomic(), reversion.create_revision():
whitelist.save() whitelist.save()
reversion.set_user(request.user) reversion.set_user(request.user)
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in whitelist.changed_data)) reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in whitelist.changed_data
))
messages.success(request, "Whitelist modifiée") messages.success(request, "Whitelist modifiée")
return redirect("/users/") return redirect("/users/")
return form({'userform': whitelist}, 'users/user.html', request) return form({'userform': whitelist}, 'users/user.html', request)
@login_required @login_required
@permission_required('cableur') @permission_required('cableur')
def add_school(request): def add_school(request):
""" Ajouter un établissement d'enseignement à la base de donnée, need cableur""" """ Ajouter un établissement d'enseignement à la base de donnée,
need cableur"""
school = SchoolForm(request.POST or None) school = SchoolForm(request.POST or None)
if school.is_valid(): if school.is_valid():
with transaction.atomic(), reversion.create_revision(): with transaction.atomic(), reversion.create_revision():
@ -365,10 +425,12 @@ def add_school(request):
return redirect("/users/index_school/") return redirect("/users/index_school/")
return form({'userform': school}, 'users/user.html', request) return form({'userform': school}, 'users/user.html', request)
@login_required @login_required
@permission_required('cableur') @permission_required('cableur')
def edit_school(request, schoolid): def edit_school(request, schoolid):
""" Editer un établissement d'enseignement à partir du schoolid dans la base de donnée, need cableur""" """ Editer un établissement d'enseignement à partir du schoolid dans
la base de donnée, need cableur"""
try: try:
school_instance = School.objects.get(pk=schoolid) school_instance = School.objects.get(pk=schoolid)
except School.DoesNotExist: except School.DoesNotExist:
@ -379,16 +441,21 @@ def edit_school(request, schoolid):
with transaction.atomic(), reversion.create_revision(): with transaction.atomic(), reversion.create_revision():
school.save() school.save()
reversion.set_user(request.user) reversion.set_user(request.user)
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in school.changed_data)) reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in school.changed_data
))
messages.success(request, "Établissement modifié") messages.success(request, "Établissement modifié")
return redirect("/users/index_school/") return redirect("/users/index_school/")
return form({'userform': school}, 'users/user.html', request) return form({'userform': school}, 'users/user.html', request)
@login_required @login_required
@permission_required('cableur') @permission_required('cableur')
def del_school(request): def del_school(request):
""" Supprimer un établissement d'enseignement à la base de donnée, need cableur """ Supprimer un établissement d'enseignement à la base de donnée,
Objet protégé, possible seulement si aucun user n'est affecté à l'établissement """ need cableur
Objet protégé, possible seulement si aucun user n'est affecté à
l'établissement """
school = DelSchoolForm(request.POST or None) school = DelSchoolForm(request.POST or None)
if school.is_valid(): if school.is_valid():
school_dels = school.cleaned_data['schools'] school_dels = school.cleaned_data['schools']
@ -406,6 +473,7 @@ def del_school(request):
return redirect("/users/index_school/") return redirect("/users/index_school/")
return form({'userform': school}, 'users/user.html', request) return form({'userform': school}, 'users/user.html', request)
@login_required @login_required
@permission_required('bureau') @permission_required('bureau')
def add_listright(request): def add_listright(request):
@ -421,29 +489,38 @@ def add_listright(request):
return redirect("/users/index_listright/") return redirect("/users/index_listright/")
return form({'userform': listright}, 'users/user.html', request) return form({'userform': listright}, 'users/user.html', request)
@login_required @login_required
@permission_required('bureau') @permission_required('bureau')
def edit_listright(request, listrightid): def edit_listright(request, listrightid):
""" Editer un groupe/droit, necessite droit bureau, à partir du listright id """ """ Editer un groupe/droit, necessite droit bureau,
à partir du listright id """
try: try:
listright_instance = ListRight.objects.get(pk=listrightid) listright_instance = ListRight.objects.get(pk=listrightid)
except ListRight.DoesNotExist: except ListRight.DoesNotExist:
messages.error(request, u"Entrée inexistante") messages.error(request, u"Entrée inexistante")
return redirect("/users/") return redirect("/users/")
listright = ListRightForm(request.POST or None, instance=listright_instance) listright = ListRightForm(
request.POST or None,
instance=listright_instance
)
if listright.is_valid(): if listright.is_valid():
with transaction.atomic(), reversion.create_revision(): with transaction.atomic(), reversion.create_revision():
listright.save() listright.save()
reversion.set_user(request.user) reversion.set_user(request.user)
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in listright.changed_data)) reversion.set_comment("Champs modifié(s) : %s" % ', '.join(
field for field in listright.changed_data
))
messages.success(request, "Droit modifié") messages.success(request, "Droit modifié")
return redirect("/users/index_listright/") return redirect("/users/index_listright/")
return form({'userform': listright}, 'users/user.html', request) return form({'userform': listright}, 'users/user.html', request)
@login_required @login_required
@permission_required('bureau') @permission_required('bureau')
def del_listright(request): def del_listright(request):
""" Supprimer un ou plusieurs groupe, possible si il est vide, need droit bureau """ """ Supprimer un ou plusieurs groupe, possible si il est vide, need droit
bureau """
listright = DelListRightForm(request.POST or None) listright = DelListRightForm(request.POST or None)
if listright.is_valid(): if listright.is_valid():
listright_dels = listright.cleaned_data['listrights'] listright_dels = listright.cleaned_data['listrights']
@ -461,6 +538,7 @@ def del_listright(request):
return redirect("/users/index_listright/") return redirect("/users/index_listright/")
return form({'userform': listright}, 'users/user.html', request) return form({'userform': listright}, 'users/user.html', request)
@login_required @login_required
@permission_required('bureau') @permission_required('bureau')
def mass_archive(request): def mass_archive(request):
@ -469,7 +547,10 @@ def mass_archive(request):
to_archive_list = [] to_archive_list = []
if to_archive_date.is_valid(): if to_archive_date.is_valid():
date = to_archive_date.cleaned_data['date'] date = to_archive_date.cleaned_data['date']
to_archive_list = [user for user in User.objects.exclude(state=User.STATE_ARCHIVE) if not user.end_access() or user.end_access() < date] to_archive_list = [user for user in
User.objects.exclude(state=User.STATE_ARCHIVE)
if not user.end_access()
or user.end_access() < date]
if "valider" in request.POST: if "valider" in request.POST:
for user in to_archive_list: for user in to_archive_list:
with transaction.atomic(), reversion.create_revision(): with transaction.atomic(), reversion.create_revision():
@ -477,15 +558,22 @@ def mass_archive(request):
user.save() user.save()
reversion.set_user(request.user) reversion.set_user(request.user)
reversion.set_comment("Archivage") reversion.set_comment("Archivage")
messages.success(request, "%s users ont été archivés" % len(to_archive_list)) messages.success(request, "%s users ont été archivés" % len(
to_archive_list
))
return redirect("/users/") return redirect("/users/")
return form({'userform': to_archive_date, 'to_archive_list': to_archive_list}, 'users/mass_archive.html', request) return form(
{'userform': to_archive_date, 'to_archive_list': to_archive_list},
'users/mass_archive.html',
request
)
@login_required @login_required
@permission_required('cableur') @permission_required('cableur')
def index(request): def index(request):
""" Affiche l'ensemble des users, need droit cableur """ """ Affiche l'ensemble des users, need droit cableur """
options, created = GeneralOption.objects.get_or_create() options, _created = GeneralOption.objects.get_or_create()
pagination_number = options.pagination_number pagination_number = options.pagination_number
users_list = User.objects.select_related('room').order_by('state', 'name') users_list = User.objects.select_related('room').order_by('state', 'name')
paginator = Paginator(users_list, pagination_number) paginator = Paginator(users_list, pagination_number)
@ -500,13 +588,15 @@ def index(request):
users_list = paginator.page(paginator.num_pages) users_list = paginator.page(paginator.num_pages)
return render(request, 'users/index.html', {'users_list': users_list}) return render(request, 'users/index.html', {'users_list': users_list})
@login_required @login_required
@permission_required('cableur') @permission_required('cableur')
def index_ban(request): def index_ban(request):
""" Affiche l'ensemble des ban, need droit cableur """ """ Affiche l'ensemble des ban, need droit cableur """
options, created = GeneralOption.objects.get_or_create() options, _created = GeneralOption.objects.get_or_create()
pagination_number = options.pagination_number pagination_number = options.pagination_number
ban_list = Ban.objects.order_by('date_start').select_related('user').reverse() ban_list = Ban.objects.order_by('date_start')\
.select_related('user').reverse()
paginator = Paginator(ban_list, pagination_number) paginator = Paginator(ban_list, pagination_number)
page = request.GET.get('page') page = request.GET.get('page')
try: try:
@ -519,13 +609,15 @@ def index_ban(request):
ban_list = paginator.page(paginator.num_pages) ban_list = paginator.page(paginator.num_pages)
return render(request, 'users/index_ban.html', {'ban_list': ban_list}) return render(request, 'users/index_ban.html', {'ban_list': ban_list})
@login_required @login_required
@permission_required('cableur') @permission_required('cableur')
def index_white(request): def index_white(request):
""" Affiche l'ensemble des whitelist, need droit cableur """ """ Affiche l'ensemble des whitelist, need droit cableur """
options, created = GeneralOption.objects.get_or_create() options, _created = GeneralOption.objects.get_or_create()
pagination_number = options.pagination_number pagination_number = options.pagination_number
white_list = Whitelist.objects.select_related('user').order_by('date_start') white_list = Whitelist.objects.select_related('user')\
.order_by('date_start')
paginator = Paginator(white_list, pagination_number) paginator = Paginator(white_list, pagination_number)
page = request.GET.get('page') page = request.GET.get('page')
try: try:
@ -542,84 +634,106 @@ def index_white(request):
{'white_list': white_list} {'white_list': white_list}
) )
@login_required @login_required
@permission_required('cableur') @permission_required('cableur')
def index_school(request): def index_school(request):
""" Affiche l'ensemble des établissement, need droit cableur """ """ Affiche l'ensemble des établissement, need droit cableur """
school_list = School.objects.order_by('name') school_list = School.objects.order_by('name')
return render(request, 'users/index_schools.html', {'school_list':school_list}) return render(
request,
'users/index_schools.html',
{'school_list': school_list}
)
@login_required @login_required
@permission_required('cableur') @permission_required('cableur')
def index_listright(request): def index_listright(request):
""" Affiche l'ensemble des droits , need droit cableur """ """ Affiche l'ensemble des droits , need droit cableur """
listright_list = ListRight.objects.order_by('listright') listright_list = ListRight.objects.order_by('listright')
return render(request, 'users/index_listright.html', {'listright_list':listright_list}) return render(
request,
'users/index_listright.html',
{'listright_list': listright_list}
)
@login_required @login_required
@permission_required('cableur') @permission_required('cableur')
def index_serviceusers(request): def index_serviceusers(request):
""" Affiche les users de services (pour les accès ldap)""" """ Affiche les users de services (pour les accès ldap)"""
serviceusers_list = ServiceUser.objects.order_by('pseudo') serviceusers_list = ServiceUser.objects.order_by('pseudo')
return render(request, 'users/index_serviceusers.html', {'serviceusers_list':serviceusers_list}) return render(
request,
'users/index_serviceusers.html',
{'serviceusers_list': serviceusers_list}
)
@login_required @login_required
def history(request, object, id): def history(request, object_name, object_id):
""" Affichage de l'historique : (acl, argument) """ Affichage de l'historique : (acl, argument)
user : self or cableur, userid, user : self or cableur, userid,
ban : self or cableur, banid, ban : self or cableur, banid,
whitelist : self or cableur, whitelistid, whitelist : self or cableur, whitelistid,
school : cableur, schoolid, school : cableur, schoolid,
listright : cableur, listrightid """ listright : cableur, listrightid """
if object == 'user': if object_name == 'user':
try: try:
object_instance = User.objects.get(pk=id) object_instance = User.objects.get(pk=object_id)
except User.DoesNotExist: except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant") messages.error(request, "Utilisateur inexistant")
return redirect("/users/") return redirect("/users/")
if not request.user.has_perms(('cableur',)) and object_instance != request.user: if not request.user.has_perms(('cableur',)) and\
messages.error(request, "Vous ne pouvez pas afficher l'historique d'un autre user que vous sans droit cableur") object_instance != request.user:
messages.error(request, "Vous ne pouvez pas afficher\
l'historique d'un autre user que vous sans droit cableur")
return redirect("/users/profil/" + str(request.user.id)) return redirect("/users/profil/" + str(request.user.id))
elif object == 'serviceuser' and request.user.has_perms(('cableur',)): elif object_name == 'serviceuser' and request.user.has_perms(('cableur',)):
try: try:
object_instance = ServiceUser.objects.get(pk=id) object_instance = ServiceUser.objects.get(pk=object_id)
except ServiceUser.DoesNotExist: except ServiceUser.DoesNotExist:
messages.error(request, "User service inexistant") messages.error(request, "User service inexistant")
return redirect("/users/") return redirect("/users/")
elif object == 'ban': elif object_name == 'ban':
try: try:
object_instance = Ban.objects.get(pk=id) object_instance = Ban.objects.get(pk=object_id)
except Ban.DoesNotExist: except Ban.DoesNotExist:
messages.error(request, "Bannissement inexistant") messages.error(request, "Bannissement inexistant")
return redirect("/users/") return redirect("/users/")
if not request.user.has_perms(('cableur',)) and object_instance.user != request.user: if not request.user.has_perms(('cableur',)) and\
messages.error(request, "Vous ne pouvez pas afficher les bans d'un autre user que vous sans droit cableur") object_instance.user != request.user:
messages.error(request, "Vous ne pouvez pas afficher les bans\
d'un autre user que vous sans droit cableur")
return redirect("/users/profil/" + str(request.user.id)) return redirect("/users/profil/" + str(request.user.id))
elif object == 'whitelist': elif object_name == 'whitelist':
try: try:
object_instance = Whitelist.objects.get(pk=id) object_instance = Whitelist.objects.get(pk=object_id)
except Whiltelist.DoesNotExist: except Whitelist.DoesNotExist:
messages.error(request, "Whitelist inexistant") messages.error(request, "Whitelist inexistant")
return redirect("/users/") return redirect("/users/")
if not request.user.has_perms(('cableur',)) and object_instance.user != request.user: if not request.user.has_perms(('cableur',)) and\
messages.error(request, "Vous ne pouvez pas afficher les whitelist d'un autre user que vous sans droit cableur") object_instance.user != request.user:
messages.error(request, "Vous ne pouvez pas afficher les\
whitelist d'un autre user que vous sans droit cableur")
return redirect("/users/profil/" + str(request.user.id)) return redirect("/users/profil/" + str(request.user.id))
elif object == 'school' and request.user.has_perms(('cableur',)): elif object_name == 'school' and request.user.has_perms(('cableur',)):
try: try:
object_instance = School.objects.get(pk=id) object_instance = School.objects.get(pk=object_id)
except School.DoesNotExist: except School.DoesNotExist:
messages.error(request, "Ecole inexistante") messages.error(request, "Ecole inexistante")
return redirect("/users/") return redirect("/users/")
elif object == 'listright' and request.user.has_perms(('cableur',)): elif object_name == 'listright' and request.user.has_perms(('cableur',)):
try: try:
object_instance = ListRight.objects.get(pk=id) object_instance = ListRight.objects.get(pk=object_id)
except ListRight.DoesNotExist: except ListRight.DoesNotExist:
messages.error(request, "Droit inexistant") messages.error(request, "Droit inexistant")
return redirect("/users/") return redirect("/users/")
else: else:
messages.error(request, "Objet inconnu") messages.error(request, "Objet inconnu")
return redirect("/users/") return redirect("/users/")
options, created = GeneralOption.objects.get_or_create() options, _created = GeneralOption.objects.get_or_create()
pagination_number = options.pagination_number pagination_number = options.pagination_number
reversions = Version.objects.get_for_object(object_instance) reversions = Version.objects.get_for_object(object_instance)
paginator = Paginator(reversions, pagination_number) paginator = Paginator(reversions, pagination_number)
@ -632,7 +746,11 @@ def history(request, object, id):
except EmptyPage: except EmptyPage:
# If page is out of range (e.g. 9999), deliver last page of results. # If page is out of range (e.g. 9999), deliver last page of results.
reversions = paginator.page(paginator.num_pages) reversions = paginator.page(paginator.num_pages)
return render(request, 're2o/history.html', {'reversions': reversions, 'object': object_instance}) return render(
request,
're2o/history.html',
{'reversions': reversions, 'object': object_instance}
)
@login_required @login_required
@ -640,6 +758,7 @@ def mon_profil(request):
""" Lien vers profil, renvoie request.id à la fonction """ """ Lien vers profil, renvoie request.id à la fonction """
return redirect("/users/profil/" + str(request.user.id)) return redirect("/users/profil/" + str(request.user.id))
@login_required @login_required
def profil(request, userid): def profil(request, userid):
""" Affiche un profil, self or cableur, prend un userid en argument """ """ Affiche un profil, self or cableur, prend un userid en argument """
@ -649,14 +768,19 @@ def profil(request, userid):
messages.error(request, "Utilisateur inexistant") messages.error(request, "Utilisateur inexistant")
return redirect("/users/") return redirect("/users/")
if not request.user.has_perms(('cableur',)) and users != request.user: if not request.user.has_perms(('cableur',)) and users != request.user:
messages.error(request, "Vous ne pouvez pas afficher un autre user que vous sans droit cableur") messages.error(request, "Vous ne pouvez pas afficher un autre user\
que vous sans droit cableur")
return redirect("/users/profil/" + str(request.user.id)) return redirect("/users/profil/" + str(request.user.id))
machines = Machine.objects.filter(user=users).select_related('user').prefetch_related('interface_set__domain__extension').prefetch_related('interface_set__ipv4__ip_type__extension').prefetch_related('interface_set__type').prefetch_related('interface_set__domain__related_domain__extension') machines = Machine.objects.filter(user=users).select_related('user')\
.prefetch_related('interface_set__domain__extension')\
.prefetch_related('interface_set__ipv4__ip_type__extension')\
.prefetch_related('interface_set__type')\
.prefetch_related('interface_set__domain__related_domain__extension')
factures = Facture.objects.filter(user=users) factures = Facture.objects.filter(user=users)
bans = Ban.objects.filter(user=users) bans = Ban.objects.filter(user=users)
whitelists = Whitelist.objects.filter(user=users) whitelists = Whitelist.objects.filter(user=users)
list_droits = Right.objects.filter(user=users) list_droits = Right.objects.filter(user=users)
options, created = OptionalUser.objects.get_or_create() options, _created = OptionalUser.objects.get_or_create()
user_solde = options.user_solde user_solde = options.user_solde
return render( return render(
request, request,
@ -672,46 +796,56 @@ def profil(request, userid):
} }
) )
def reset_password(request): def reset_password(request):
""" Reintialisation du mot de passe si mdp oublié """ """ Reintialisation du mot de passe si mdp oublié """
userform = ResetPasswordForm(request.POST or None) userform = ResetPasswordForm(request.POST or None)
if userform.is_valid(): if userform.is_valid():
try: try:
user = User.objects.get(pseudo=userform.cleaned_data['pseudo'],email=userform.cleaned_data['email']) user = User.objects.get(
pseudo=userform.cleaned_data['pseudo'],
email=userform.cleaned_data['email']
)
except User.DoesNotExist: except User.DoesNotExist:
messages.error(request, "Cet utilisateur n'existe pas") messages.error(request, "Cet utilisateur n'existe pas")
return form({'userform': userform}, 'users/user.html', request) return form({'userform': userform}, 'users/user.html', request)
user.reset_passwd_mail(request) user.reset_passwd_mail(request)
messages.success(request, "Un mail pour l'initialisation du mot de passe a été envoyé") messages.success(request, "Un mail pour l'initialisation du mot\
de passe a été envoyé")
redirect("/") redirect("/")
return form({'userform': userform}, 'users/user.html', request) return form({'userform': userform}, 'users/user.html', request)
def process(request, token): def process(request, token):
"""Process, lien pour la reinitialisation du mot de passe"""
valid_reqs = Request.objects.filter(expires_at__gt=timezone.now()) valid_reqs = Request.objects.filter(expires_at__gt=timezone.now())
req = get_object_or_404(valid_reqs, token=token) req = get_object_or_404(valid_reqs, token=token)
if req.type == Request.PASSWD: if req.type == Request.PASSWD:
return process_passwd(request, req) return process_passwd(request, req)
elif req.type == Request.EMAIL:
return process_email(request, req=req)
else: else:
messages.error(request, "Entrée incorrecte, contactez un admin") messages.error(request, "Entrée incorrecte, contactez un admin")
redirect("/") redirect("/")
def process_passwd(request, req): def process_passwd(request, req):
"""Process le changeemnt de mot de passe, renvoie le formulaire
demandant le nouveau password"""
u_form = PassForm(request.POST or None) u_form = PassForm(request.POST or None)
user = req.user user = req.user
if u_form.is_valid(): if u_form.is_valid():
return password_change_action(u_form, user, request, req=req) return password_change_action(u_form, user, request, req=req)
return form({'userform': u_form}, 'users/user.html', request) return form({'userform': u_form}, 'users/user.html', request)
""" Framework Rest """
class JSONResponse(HttpResponse): class JSONResponse(HttpResponse):
""" Framework Rest """
def __init__(self, data, **kwargs): def __init__(self, data, **kwargs):
content = JSONRenderer().render(data) content = JSONRenderer().render(data)
kwargs['content_type'] = 'application/json' kwargs['content_type'] = 'application/json'
super(JSONResponse, self).__init__(content, **kwargs) super(JSONResponse, self).__init__(content, **kwargs)
@csrf_exempt @csrf_exempt
@login_required @login_required
@permission_required('serveur') @permission_required('serveur')
@ -721,4 +855,3 @@ def mailing(request):
mails = all_has_access().values('email').distinct() mails = all_has_access().values('email').distinct()
seria = MailSerializer(mails, many=True) seria = MailSerializer(mails, many=True)
return JSONResponse(seria.data) return JSONResponse(seria.data)