8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-12-23 23:43:47 +00:00

Acl sur preferences

This commit is contained in:
LEVY-FALK Hugo 2017-12-27 23:40:27 +01:00 committed by root
parent a022a23f12
commit 1d4b2801b7
6 changed files with 245 additions and 104 deletions

View file

@ -51,27 +51,51 @@ class OptionalUser(models.Model):
return OptionalUser.objects.get_or_create()
def can_create(user_request, *args, **kwargs):
return True, None
"""Check if an user can create a OptionalUser object.
def can_edit_all(user_request, *args, **kwargs):
:param user_request: The user who wants to create a user object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant les users"
de créer les préférences concernant les users"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a OptionalUser object.
:param self: The OptionalUser which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant les users"
def can_delete_all(user_request, *args, **kwargs):
return True, None
def can_delete(self, user_request, *args, **kwargs):
return True, None
"""Check if an user can delete a OptionalUser object.
:param self: The OptionalUser which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
de supprimer les préférences concernant les users"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every OptionalUser objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant les utilisateurs"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a OptionalUser object.
:param self: The targeted OptionalUser.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant les utilisateurs"
@ -95,27 +119,52 @@ class OptionalMachine(models.Model):
return OptionalMachine.objects.get_or_create()
def can_create(user_request, *args, **kwargs):
return True, None
"""Check if an user can create a OptionalMachine object.
def can_edit_all(user_request, *args, **kwargs):
:param user_request: The user who wants to create an object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant les machines"
de créer les préférences concernant les machines"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a OptionalMachine object.
:param self: The OptionalMachine which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant les machines"
def can_delete_all(user_request, *args, **kwargs):
return True, None
def can_delete(self, user_request, *args, **kwargs):
return True, None
"""Check if an user can delete a OptionalMachine object.
:param self: The OptionalMachine which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
de supprimer les préférences concernant les machines"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every OptionalMachine objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant les machines"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a OptionalMachine object.
:param self: The targeted OptionalMachine.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant les machines"
@ -156,27 +205,51 @@ class OptionalTopologie(models.Model):
return OptionalTopologie.objects.get_or_create()
def can_create(user_request, *args, **kwargs):
return True, None
"""Check if an user can create a OptionalTopologie object.
def can_edit_all(user_request, *args, **kwargs):
:param user_request: The user who wants to create an object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant la topologie"
de créer les préférences concernant la topologie"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a OptionalTopologie object.
:param self: The OptionalTopologie which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant la topologie"
def can_delete_all(user_request, *args, **kwargs):
return True, None
def can_delete(self, user_request, *args, **kwargs):
return True, None
"""Check if an user can delete a OptionalTopologie object.
:param self: The OptionalTopologie which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant la topologie"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every OptionalTopologie objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant la topologie"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a OptionalTopologie object.
:param self: The targeted OptionalTopologie.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant la topologie"
@ -202,27 +275,52 @@ class GeneralOption(models.Model):
return GeneralOption.objects.get_or_create()
def can_create(user_request, *args, **kwargs):
return True, None
"""Check if an user can create a GeneralOption object.
def can_edit_all(user_request, *args, **kwargs):
:param user_request: The user who wants to create an object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences générales"
de créer les préférences générales"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a GeneralOption object.
:param self: The GeneralOption which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences générales"
def can_delete_all(user_request, *args, **kwargs):
return True, None
def can_delete(self, user_request, *args, **kwargs):
return True, None
"""Check if an user can delete a GeneralOption object.
:param self: The GeneralOption which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences générales"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every GeneralOption objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences générales"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a GeneralOption object.
:param self: The targeted GeneralOption.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences générales"
@ -239,30 +337,53 @@ class Service(models.Model):
return Service.objects.get(pk=serviceid)
def can_create(user_request, *args, **kwargs):
"""Check if an user can create a Service object.
:param user_request: The user who wants to create an object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
de créer un service pour la page d'accueil"
def can_edit_all(user_request, *args, **kwargs):
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les services pour la page d'accueil"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a Service object.
:param self: The Service which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les services pour la page d'accueil"
def can_delete_all(user_request, *args, **kwargs):
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
de supprimer les services pour la page d'accueil"
def can_delete(self, user_request, *args, **kwargs):
"""Check if an user can delete a Service object.
:param self: The Right which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
de supprimer les services pour la page d'accueil"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every Service objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les services pour la page d'accueil"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a Service object.
:param self: The targeted Service.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les services pour la page d'accueil"
@ -295,27 +416,51 @@ class AssoOption(models.Model):
return AssoOption.objects.get_or_create()
def can_create(user_request, *args, **kwargs):
return True, None
"""Check if an user can create a AssoOption object.
def can_edit_all(user_request, *args, **kwargs):
:param user_request: The user who wants to create an object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant l'association"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a AssoOption object.
:param self: The AssoOption which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant l'association"
def can_delete_all(user_request, *args, **kwargs):
return True, None
def can_delete(self, user_request, *args, **kwargs):
return True, None
"""Check if an user can delete a AssoOption object.
:param self: The AssoOption which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant l'association"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every AssoOption objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant l'association"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a AssoOption object.
:param self: The targeted AssoOption.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant l'association"
@ -331,26 +476,51 @@ class MailMessageOption(models.Model):
return MailMessageOption.objects.get_or_create()
def can_create(user_request, *args, **kwargs):
return True, None
"""Check if an user can create a MailMessageOption object.
def can_edit_all(user_request, *args, **kwargs):
:param user_request: The user who wants to create an object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant les mails"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a MailMessageOption object.
:param self: The MailMessageOption which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant les mails"
def can_delete_all(user_request, *args, **kwargs):
return True, None
def can_delete(self, user_request, *args, **kwargs):
return True, None
"""Check if an user can delete a AssoOption object.
:param self: The AssoOption which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant les mails"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every AssoOption objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant les mails"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a AssoOption object.
:param self: The targeted AssoOption.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant les mails"

View file

@ -21,7 +21,7 @@ You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
{% endcomment %}
{% load acl %}
<table class="table table-striped">
<thead>
<tr>
@ -40,9 +40,9 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<td>{{ service.description }}</td>
<td>{{ service.image }}</td>
<td class="text-right">
{% if is_admin %}
{% can_edit service%}
{% include 'buttons/edit.html' with href='preferences:edit-service' id=service.id %}
{% endif %}
{% acl_end %}
{% include 'buttons/history.html' with href='preferences:history' name='service' id=service.id %}
</td>
</tr>

View file

@ -24,17 +24,16 @@ with this program; if not, write to the Free Software Foundation, Inc.,
{% endcomment %}
{% load bootstrap3 %}
{% load acl %}
{% block title %}Création et modification des préférences{% endblock %}
{% block content %}
<h4>Préférences utilisateur</h4>
{% if is_bureau %}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:edit-options' 'OptionalUser' %}">
<i class="glyphicon glyphicon-edit"></i>
Editer
</a>
{% endif %}
<p>
</p>
<table class="table table-striped">
@ -58,12 +57,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
</tr>
</table>
<h4>Préférences machines</h4>
{% if is_bureau %}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:edit-options' 'OptionalMachine' %}">
<i class="glyphicon glyphicon-edit"></i>
Editer
</a>
{% endif %}
<p>
</p>
<table class="table table-striped">
@ -81,12 +78,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
</tr>
</table>
<h4>Préférences topologie</h4>
{% if is_bureau %}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:edit-options' 'OptionalTopologie' %}">
<i class="glyphicon glyphicon-edit"></i>
Editer
</a>
{% endif %}
<p>
</p>
<table class="table table-striped">
@ -104,14 +99,12 @@ with this program; if not, write to the Free Software Foundation, Inc.,
</tr>
</table>
<h4>Préférences generales</h4>
{% if is_bureau %}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:edit-options' 'GeneralOption' %}">
<i class="glyphicon glyphicon-edit"></i>
Editer
</a>
{% endif %}
<p>
</p>
</p>
<table class="table table-striped">
<tr>
<th>Nom du site web</th>
@ -137,12 +130,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<tr>
</table>
<h4>Données de l'association</h4>
{% if is_bureau %}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:edit-options' 'AssoOption' %}">
<i class="glyphicon glyphicon-edit"></i>
Editer
</a>
{% endif %}
<p>
</p>
<table class="table table-striped">
@ -164,19 +155,17 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<td>{{ assooptions.telephone }}</td>
<th>Pseudo d'usage</th>
<td>{{ assooptions.pseudo }}</td>
</tr>
</tr>
<tr>
<th>Objet utilisateur de l'association</th>
<td>{{ assooptions.utilisateur_asso }}</td>
</tr>
</table>
</tr>
</table>
<h4>Messages personalisé dans les mails</h4>
{% if is_bureau %}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:edit-options' 'MailMessageOption' %}">
<i class="glyphicon glyphicon-edit"></i>
Editer
</a>
{% endif %}
<p>
</p>
<table class="table table-striped">
@ -190,10 +179,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
</tr>
</table>
<h2>Liste des services page d'accueil</h2>
{% if is_infra %}
{% can_create Service%}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:add-service' %}"><i class="glyphicon glyphicon-plus"></i> Ajouter un service</a>
{% acl_end %}
<a class="btn btn-danger btn-sm" role="button" href="{% url 'preferences:del-services' %}"><i class="glyphicon glyphicon-trash"></i> Supprimer un ou plusieurs service</a>
{% endif %}
{% include "preferences/aff_service.html" with service_list=service_list %}
<br />
<br />

View file

@ -28,6 +28,7 @@ from __future__ import unicode_literals
from django.conf.urls import url
from . import views
import re2o
urlpatterns = [
@ -69,8 +70,8 @@ urlpatterns = [
),
url(r'^del_services/$', views.del_services, name='del-services'),
url(
r'^history/(?P<object_name>service)/(?P<object_id>[0-9]+)$',
views.history,
r'^history/(?P<object_name>\w+)/(?P<object_id>[0-9]+)$',
re2o.views.history,
name='history'
),
url(r'^$', views.display_options, name='display-options'),

View file

@ -42,7 +42,7 @@ from reversion.models import Version
from reversion import revisions as reversion
from re2o.views import form
from re2o.utils import can_create, can_edit, can_delete_set
from re2o.utils import can_create, can_edit, can_delete_set, can_view_all
from .forms import ServiceForm, DelServiceForm
from .models import Service, OptionalUser, OptionalMachine, AssoOption
from .models import MailMessageOption, GeneralOption, OptionalTopologie
@ -51,7 +51,12 @@ from . import forms
@login_required
@permission_required('cableur')
@can_view_all(OptionalUser)
@can_view_all(OptionalMachine)
@can_view_all(OptionalTopologie)
@can_view_all(GeneralOption)
@can_view_all(AssoOption)
@can_view_all(MailMessageOption)
def display_options(request):
"""Vue pour affichage des options (en vrac) classé selon les models
correspondants dans un tableau"""
@ -81,6 +86,11 @@ def edit_options(request, section):
form_instance = getattr(forms, 'Edit' + section + 'Form', None)
if model and form:
options_instance, _created = model.objects.get_or_create()
can, msg = options_instance.can_edit(request.user)
if not can:
messages.error(request, msg or "Vous ne pouvez pas éditer cette\
option.")
return redirect('/')
options = form_instance(
request.POST or None,
instance=options_instance
@ -170,33 +180,3 @@ def del_services(request, instances):
'preferences/preferences.html',
request
)
@login_required
@permission_required('cableur')
def history(request, object_name, object_id):
"""Historique de creation et de modification d'un service affiché sur
la page d'accueil"""
if object_name == 'service':
try:
object_instance = Service.objects.get(pk=object_id)
except Service.DoesNotExist:
messages.error(request, "Service inexistant")
return redirect(reverse('preferences:display-options'))
options, _created = GeneralOption.objects.get_or_create()
pagination_number = options.pagination_number
reversions = Version.objects.get_for_object(object_instance)
paginator = Paginator(reversions, pagination_number)
page = request.GET.get('page')
try:
reversions = paginator.page(page)
except PageNotAnInteger:
# If page is not an integer, deliver first page.
reversions = paginator.page(1)
except EmptyPage:
# If page is out of range (e.g. 9999), deliver last page of results.
reversions = paginator.page(paginator.num_pages)
return render(request, 're2o/history.html', {
'reversions': reversions,
'object': object_instance
})

View file

@ -35,7 +35,7 @@ from reversion.models import Version
from django.contrib import messages
from preferences.models import Service
from preferences.models import OptionalUser, GeneralOption
import users
import users, preferences
def form(ctx, template, request):
"""Form générique, raccourci importé par les fonctions views du site"""
@ -59,6 +59,7 @@ HISTORY_BIND = {
'school' : users.models.School,
'listright' : users.models.ListRight,
'serviceuser' : users.models.ServiceUser,
'service' : preferences.models.Service,
}
@login_required