8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-27 15:12:25 +00:00

@can_create et @can_edit sur l'ajout de ban, l'ajout de droit, l'édition/création de service, l'édition de password, les états et l'édition d'utilisateurs.

This commit is contained in:
LEVY-FALK Hugo 2017-11-30 14:41:31 +01:00 committed by root
parent cf642bad08
commit 0d78dcadf5
2 changed files with 24 additions and 43 deletions

View file

@ -921,6 +921,11 @@ class ServiceUser(AbstractBaseUser):
else: else:
return user.has_perms(('infra',)) return user.has_perms(('infra',))
def can_edit(instance, user):
return user.has_perms(('infra',))
def get_instance(userid):
return ServiceUser.objects.get(pk=userid)
@receiver(post_save, sender=ServiceUser) @receiver(post_save, sender=ServiceUser)
def service_user_post_save(sender, **kwargs): def service_user_post_save(sender, **kwargs):
@ -951,6 +956,9 @@ class Right(models.Model):
def __str__(self): def __str__(self):
return str(self.user) return str(self.user)
def can_create(user):
return user.has_perms('bureau')
@receiver(post_save, sender=Right) @receiver(post_save, sender=Right)
def right_post_save(sender, **kwargs): def right_post_save(sender, **kwargs):
@ -1095,6 +1103,9 @@ class Ban(models.Model):
def __str__(self): def __str__(self):
return str(self.user) + ' ' + str(self.raison) return str(self.user) + ' ' + str(self.raison)
def can_create(user):
return user.has_perms(('bofh',))
@receiver(post_save, sender=Ban) @receiver(post_save, sender=Ban)
def ban_post_save(sender, **kwargs): def ban_post_save(sender, **kwargs):

View file

@ -226,14 +226,10 @@ def edit_info(request, user, userid):
@login_required @login_required
@permission_required('bureau') @permission_required('bureau')
def state(request, userid): @can_edit(User)
def state(request, user, userid):
""" Changer l'etat actif/desactivé/archivé d'un user, """ Changer l'etat actif/desactivé/archivé d'un user,
need droit bureau """ need droit bureau """
try:
user = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect(reverse('users:index'))
state = StateForm(request.POST or None, instance=user) state = StateForm(request.POST or None, instance=user)
if state.is_valid(): if state.is_valid():
with transaction.atomic(), reversion.create_revision(): with transaction.atomic(), reversion.create_revision():
@ -257,21 +253,11 @@ def state(request, userid):
@login_required @login_required
def password(request, userid): @can_edit(User)
def password(request, user, userid):
""" Reinitialisation d'un mot de passe à partir de l'userid, """ Reinitialisation d'un mot de passe à partir de l'userid,
pour self par défaut, pour tous sans droit si droit cableur, pour self par défaut, pour tous sans droit si droit cableur,
pour tous si droit bureau """ pour tous si droit bureau """
try:
user = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect(reverse('users'))
if not user.can_edit(request.user):
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
if not request.user.has_perms(('bureau',)) and user != request.user\ if not request.user.has_perms(('bureau',)) and user != request.user\
and Right.objects.filter(user=user): and Right.objects.filter(user=user):
messages.error(request, "Il faut les droits bureau pour modifier le\ messages.error(request, "Il faut les droits bureau pour modifier le\
@ -307,16 +293,9 @@ def new_serviceuser(request):
@login_required @login_required
@permission_required('infra') @can_edit(ServiceUser)
def edit_serviceuser(request, userid): def edit_serviceuser(request, user, userid):
""" Edite un utilisateur à partir de son id, """ Edit a ServiceUser """
si l'id est différent de request.user,
vérifie la possession du droit cableur """
try:
user = ServiceUser.objects.get(pk=userid)
except ServiceUser.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect(reverse('users:index'))
user = EditServiceUserForm(request.POST or None, instance=user) user = EditServiceUserForm(request.POST or None, instance=user)
if user.is_valid(): if user.is_valid():
user_object = user.save(commit=False) user_object = user.save(commit=False)
@ -356,14 +335,10 @@ def del_serviceuser(request, userid):
@login_required @login_required
@permission_required('bureau') @can_create(Right)
def add_right(request, userid): @can_edit(User)
def add_right(request, user, userid):
""" Ajout d'un droit à un user, need droit bureau """ """ Ajout d'un droit à un user, need droit bureau """
try:
user = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect(reverse('users:index'))
right = RightForm(request.POST or None) right = RightForm(request.POST or None)
if right.is_valid(): if right.is_valid():
right = right.save(commit=False) right = right.save(commit=False)
@ -405,16 +380,12 @@ def del_right(request):
@login_required @login_required
@permission_required('bofh') @can_create(Ban)
def add_ban(request, userid): @can_edit(User)
def add_ban(request, user, userid):
""" Ajouter un banissement, nécessite au moins le droit bofh """ Ajouter un banissement, nécessite au moins le droit bofh
(a fortiori bureau) (a fortiori bureau)
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement""" Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement"""
try:
user = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect(reverse('users:index'))
ban_instance = Ban(user=user) ban_instance = Ban(user=user)
ban = BanForm(request.POST or None, instance=ban_instance) ban = BanForm(request.POST or None, instance=ban_instance)
if ban.is_valid(): if ban.is_valid():
@ -434,7 +405,6 @@ def add_ban(request, userid):
) )
return form({'userform': ban}, 'users/user.html', request) return form({'userform': ban}, 'users/user.html', request)
@login_required @login_required
@permission_required('bofh') @permission_required('bofh')
def edit_ban(request, banid): def edit_ban(request, banid):