can_xxx là où c'est possible et gestion de l'historique générique appliquée à users

re2o/views.py

@@ -26,10 +26,16 @@ les views
 
 from __future__ import unicode_literals
 
-from django.shortcuts import render
+from django.http import Http404
+from django.shortcuts import render, redirect
 from django.template.context_processors import csrf
+from django.contrib.auth.decorators import login_required, permission_required
+from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger
+from reversion.models import Version
+from django.contrib import messages
 from preferences.models import Service
-
+from preferences.models import OptionalUser, GeneralOption
+import users
 
 def form(ctx, template, request):
     """Form générique, raccourci importé par les fonctions views du site"""
@@ -44,3 +50,54 @@ def index(request):
     for indice, serv in enumerate(Service.objects.all()):
         services[indice % 3].append(serv)
     return form({'services_urls': services}, 're2o/index.html', request)
+
+
+HISTORY_BIND = {
+    'user' : users.models.User,
+    'ban' : users.models.Ban,
+    'whitelist' : users.models.Whitelist,
+    'school' : users.models.School,
+    'listright' : users.models.ListRight,
+    'serviceuser' : users.models.ServiceUser,
+}
+
+@login_required
+def history(request, object_name, object_id):
+    """ Affichage de l'historique"""
+    try:
+        model = HISTORY_BIND[object_name]
+    except KeyError as e:
+        raise Http404(u"Il n'existe pas d'historique pour ce modèle.")
+    try:
+        instance = model.get_instance(object_id)
+    except model.DoesNotExist:
+        messages.error(request, u"Entrée inexistante")
+        return redirect(reverse('users:profil',
+            kwargs={'userid':str(request.user.id)}
+        ))
+    can, msg = instance.can_view(request.user)
+    if not can:
+        messages.error(request, msg or "Vous ne pouvez pas accéder à ce menu")
+        return redirect(reverse(
+            'users:profil',
+            kwargs={'userid':str(request.user.id)}
+        ))
+    options, _created = GeneralOption.objects.get_or_create()
+    pagination_number = options.pagination_number
+    reversions = Version.objects.get_for_object(instance)
+    paginator = Paginator(reversions, pagination_number)
+    page = request.GET.get('page')
+    try:
+        reversions = paginator.page(page)
+    except PageNotAnInteger:
+        # If page is not an integer, deliver first page.
+        reversions = paginator.page(1)
+    except EmptyPage:
+        # If page is out of range (e.g. 9999), deliver last page of result
+        reversions = paginator.page(paginator.num_pages)
+    return render(
+        request,
+        're2o/history.html',
+        {'reversions': reversions, 'object': instance}
+    )
+

users/urls.py

@@ -27,6 +27,7 @@ from __future__ import unicode_literals
 
 from django.conf.urls import url
 
+import re2o
 from . import views
 
 urlpatterns = [
@@ -94,33 +95,8 @@ urlpatterns = [
     url(r'^reset_password/$', views.reset_password, name='reset-password'),
     url(r'^mass_archive/$', views.mass_archive, name='mass-archive'),
     url(
-        r'^history/(?P<object_name>user)/(?P<object_id>[0-9]+)$',
+        r'^history/(?P<object_name>\w+)/(?P<object_id>[0-9]+)$',
-        views.history,
+        re2o.views.history,
-        name='history'
-    ),
-    url(
-        r'^history/(?P<object_name>ban)/(?P<object_id>[0-9]+)$',
-        views.history,
-        name='history'
-    ),
-    url(
-        r'^history/(?P<object_name>whitelist)/(?P<object_id>[0-9]+)$',
-        views.history,
-        name='history'
-    ),
-    url(
-        r'^history/(?P<object_name>school)/(?P<object_id>[0-9]+)$',
-        views.history,
-        name='history'
-    ),
-    url(
-        r'^history/(?P<object_name>listright)/(?P<object_id>[0-9]+)$',
-        views.history,
-        name='history'
-    ),
-    url(
-        r'^history/(?P<object_name>serviceuser)/(?P<object_id>[0-9]+)$',
-        views.history,
         name='history'
     ),
     url(r'^$', views.index, name='index'),

users/views.py

@@ -93,7 +93,7 @@ from preferences.models import OptionalUser, GeneralOption
 
 from re2o.views import form
 from re2o.utils import (
-    all_has_access, SortTable, can_create, can_edit, can_delete_set, can_delete, can_view
+    all_has_access, SortTable, can_create, can_edit, can_delete_set, can_delete, can_view, can_view_all
 )
 
 def password_change_action(u_form, user, request, req=False):
@@ -563,7 +563,7 @@ def edit_listright(request, listright_instance, listrightid):
 
 @login_required
 @can_delete_set(ListRight)
-def del_listright(request):
+def del_listright(request, instances):
     """ Supprimer un ou plusieurs groupe, possible si il est vide, need droit
     bureau """
     listright = DelListRightForm(request.POST or None, instances=instances)
@@ -615,7 +615,7 @@ def mass_archive(request):
 
 
 @login_required
-@permission_required('cableur')
+@can_view_all(Adherent)
 def index(request):
     """ Affiche l'ensemble des adherents, need droit cableur """
     options, _created = GeneralOption.objects.get_or_create()
@@ -671,7 +671,7 @@ def index_clubs(request):
 
 
 @login_required
-@permission_required('cableur')
+@can_view_all(Ban)
 def index_ban(request):
     """ Affiche l'ensemble des ban, need droit cableur """
     options, _created = GeneralOption.objects.get_or_create()
@@ -697,7 +697,7 @@ def index_ban(request):
 
 
 @login_required
-@permission_required('cableur')
+@can_view_all(Whitelist)
 def index_white(request):
     """ Affiche l'ensemble des whitelist, need droit cableur """
     options, _created = GeneralOption.objects.get_or_create()
@@ -727,7 +727,7 @@ def index_white(request):
 
 
 @login_required
-@permission_required('cableur')
+@can_view_all(School)
 def index_school(request):
     """ Affiche l'ensemble des établissement, need droit cableur """
     school_list = School.objects.order_by('name')
@@ -739,7 +739,7 @@ def index_school(request):
 
 
 @login_required
-@permission_required('cableur')
+@can_view_all(ListRight)
 def index_listright(request):
     """ Affiche l'ensemble des droits , need droit cableur """
     listright_list = ListRight.objects.order_by('listright')
@@ -751,7 +751,7 @@ def index_listright(request):
 
 
 @login_required
-@permission_required('cableur')
+@can_view_all(ServiceUser)
 def index_serviceusers(request):
     """ Affiche les users de services (pour les accès ldap)"""
     serviceusers_list = ServiceUser.objects.order_by('pseudo')
@@ -861,19 +861,9 @@ def mon_profil(request):
 
 
 @login_required
-def profil(request, userid):
+@can_view(User)
+def profil(request, users, userid):
     """ Affiche un profil, self or cableur, prend un userid en argument """
-    try:
-        users = User.objects.get(pk=userid)
-    except User.DoesNotExist:
-        messages.error(request, "Utilisateur inexistant")
-        return redirect(reverse('users:index'))
-    if not users.can_view(request.user)[0]:
-        messages.error(request, "Vous ne pouvez pas accéder à ce menu")
-        return redirect(reverse(
-            'users:profil',
-            kwargs={'userid':str(request.user.id)}
-            ))
     machines = Machine.objects.filter(user=users).select_related('user')\
         .prefetch_related('interface_set__domain__extension')\
         .prefetch_related('interface_set__ipv4__ip_type__extension')\