can_edit_history

2024-11-09 03:16:25 +00:00 · 2017-12-28 19:31:12 +01:00 · 2017-12-28 19:31:12 +01:00 · d65645431d
commit d65645431d
parent 460bfad503
1 changed files with 17 additions and 4 deletions
--- a/re2o/utils.py
+++ b/re2o/utils.py
@ -105,10 +105,8 @@ def can_edit(model, *field_list):


 def can_change(model, *field_list):
-    """Decorator to check if an user can edit a field of a model.
-    It assumes that a valid user exists in the request and that the model has a
-    method can_create(user) which returns true if the user can create this kind
-    of models.
+    """Decorator to check if an user can edit a field of a model class.
+    Difference with can_edit : take a class and not an instance
    """
    def decorator(view):
        def wrapper(request, *args, **kwargs):
@ -246,6 +244,21 @@ def can_view_app(app_name):
    return decorator


+def can_edit_history(view):
+    """Decorator to check if an user can edit history."""
+    def wrapper(request, *args, **kwargs):
+        if request.user.has_perms(('admin',)):
+            return view(request, *args, **kwargs)
+        messages.error(
+           request,
+           "Vous ne pouvez pas éditer l'historique."
+        )
+        return redirect(reverse('users:profil',
+            kwargs={'userid':str(request.user.id)}
+        ))
+    return wrapper
+
+
 def all_adherent(search_time=DT_NOW):
    """ Fonction renvoyant tous les users adherents. Optimisee pour n'est
    qu'une seule requete sql