mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-23 20:03:11 +00:00
Acl gérées cotée models, can_edit et can_view (vers les acl django...)
This commit is contained in:
parent
394ada93e5
commit
772fdcaa1b
3 changed files with 39 additions and 23 deletions
|
@ -758,6 +758,21 @@ class User(AbstractBaseUser):
|
||||||
num += 1
|
num += 1
|
||||||
return composed_pseudo(num)
|
return composed_pseudo(num)
|
||||||
|
|
||||||
|
def can_edit(self, user):
|
||||||
|
if self.is_class_club and user.is_class_adherent:
|
||||||
|
return self == user or user.has_perms(('cableur',))or\
|
||||||
|
user.adherent in self.club.administrators.all()
|
||||||
|
else:
|
||||||
|
return self == user or user.has_perms(('cableur',))
|
||||||
|
|
||||||
|
def can_view(self, user):
|
||||||
|
if self.is_class_club and user.is_class_adherent:
|
||||||
|
return self == user or user.has_perms(('cableur',))or\
|
||||||
|
user.adherent in self.club.administrators.all() or\
|
||||||
|
user.adherent in self.club.members.all()
|
||||||
|
else:
|
||||||
|
return self == user or user.has_perms(('cableur',))
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return self.pseudo
|
return self.pseudo
|
||||||
|
|
||||||
|
|
|
@ -34,14 +34,17 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
||||||
<i class="glyphicon glyphicon-plus"></i>
|
<i class="glyphicon glyphicon-plus"></i>
|
||||||
Créer un club/association
|
Créer un club/association
|
||||||
</a>
|
</a>
|
||||||
|
{% endif %}
|
||||||
|
{% if is_cableur %}
|
||||||
|
<a class="list-group-item list-group-item-info" href="{% url "users:index-clubs" %}">
|
||||||
|
<i class="glyphicon glyphicon-list"></i>
|
||||||
|
Clubs et assos
|
||||||
|
</a>
|
||||||
|
|
||||||
<a class="list-group-item list-group-item-info" href="{% url "users:index" %}">
|
<a class="list-group-item list-group-item-info" href="{% url "users:index" %}">
|
||||||
<i class="glyphicon glyphicon-list"></i>
|
<i class="glyphicon glyphicon-list"></i>
|
||||||
Adherents
|
Adherents
|
||||||
</a>
|
</a>
|
||||||
<a class="list-group-item list-group-item-info" href="{% url "users:index-clubs" %}">
|
|
||||||
<i class="glyphicon glyphicon-list"></i>
|
|
||||||
Clubs
|
|
||||||
</a>
|
|
||||||
<a class="list-group-item list-group-item-info" href="{% url "users:index-ban" %}">
|
<a class="list-group-item list-group-item-info" href="{% url "users:index-ban" %}">
|
||||||
<i class="glyphicon glyphicon-list"></i>
|
<i class="glyphicon glyphicon-list"></i>
|
||||||
Bannissements
|
Bannissements
|
||||||
|
|
|
@ -40,7 +40,7 @@ from django.shortcuts import get_object_or_404, render, redirect
|
||||||
from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger
|
from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger
|
||||||
from django.contrib import messages
|
from django.contrib import messages
|
||||||
from django.contrib.auth.decorators import login_required, permission_required
|
from django.contrib.auth.decorators import login_required, permission_required
|
||||||
from django.db.models import ProtectedError
|
from django.db.models import ProtectedError, Q
|
||||||
from django.db import IntegrityError
|
from django.db import IntegrityError
|
||||||
from django.utils import timezone
|
from django.utils import timezone
|
||||||
from django.db import transaction
|
from django.db import transaction
|
||||||
|
@ -163,8 +163,7 @@ def edit_club_admin_members(request, clubid):
|
||||||
except Club.DoesNotExist:
|
except Club.DoesNotExist:
|
||||||
messages.error(request, "Club inexistant")
|
messages.error(request, "Club inexistant")
|
||||||
return redirect(reverse('users:index'))
|
return redirect(reverse('users:index'))
|
||||||
if not request.user.has_perms(('cableur',))\
|
if not club_instance.can_edit(request.user):
|
||||||
and not request.user in club_instance.administrators.all():
|
|
||||||
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
|
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
|
||||||
return redirect(reverse(
|
return redirect(reverse(
|
||||||
'users:profil',
|
'users:profil',
|
||||||
|
@ -214,9 +213,8 @@ def edit_info(request, userid):
|
||||||
except User.DoesNotExist:
|
except User.DoesNotExist:
|
||||||
messages.error(request, "Utilisateur inexistant")
|
messages.error(request, "Utilisateur inexistant")
|
||||||
return redirect(reverse('users:index'))
|
return redirect(reverse('users:index'))
|
||||||
if not request.user.has_perms(('cableur',)) and user != request.user:
|
if not user.can_edit(request.user):
|
||||||
messages.error(request, "Vous ne pouvez pas modifier un autre\
|
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
|
||||||
user que vous sans droit cableur")
|
|
||||||
return redirect(reverse(
|
return redirect(reverse(
|
||||||
'users:profil',
|
'users:profil',
|
||||||
kwargs={'userid':str(request.user.id)}
|
kwargs={'userid':str(request.user.id)}
|
||||||
|
@ -279,9 +277,8 @@ def password(request, userid):
|
||||||
except User.DoesNotExist:
|
except User.DoesNotExist:
|
||||||
messages.error(request, "Utilisateur inexistant")
|
messages.error(request, "Utilisateur inexistant")
|
||||||
return redirect(reverse('users'))
|
return redirect(reverse('users'))
|
||||||
if not request.user.has_perms(('cableur',)) and user != request.user:
|
if not user.can_edit(request.user):
|
||||||
messages.error(request, "Vous ne pouvez pas modifier un\
|
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
|
||||||
autre user que vous sans droit cableur")
|
|
||||||
return redirect(reverse(
|
return redirect(reverse(
|
||||||
'users:profil',
|
'users:profil',
|
||||||
kwargs={'userid':str(request.user.id)}
|
kwargs={'userid':str(request.user.id)}
|
||||||
|
@ -722,11 +719,15 @@ def index(request):
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@permission_required('cableur')
|
|
||||||
def index_clubs(request):
|
def index_clubs(request):
|
||||||
""" Affiche l'ensemble des clubs, need droit cableur """
|
""" Affiche l'ensemble des clubs, need droit cableur """
|
||||||
options, _created = GeneralOption.objects.get_or_create()
|
options, _created = GeneralOption.objects.get_or_create()
|
||||||
pagination_number = options.pagination_number
|
pagination_number = options.pagination_number
|
||||||
|
if not request.user.has_perms(('cableur',)):
|
||||||
|
clubs_list = Club.objects.filter(
|
||||||
|
Q(administrators=request.user.adherent) | Q(members=request.user.adherent)
|
||||||
|
).distinct().select_related('room')
|
||||||
|
else:
|
||||||
clubs_list = Club.objects.select_related('room')
|
clubs_list = Club.objects.select_related('room')
|
||||||
clubs_list = SortTable.sort(
|
clubs_list = SortTable.sort(
|
||||||
clubs_list,
|
clubs_list,
|
||||||
|
@ -853,10 +854,8 @@ def history(request, object_name, object_id):
|
||||||
except User.DoesNotExist:
|
except User.DoesNotExist:
|
||||||
messages.error(request, "Utilisateur inexistant")
|
messages.error(request, "Utilisateur inexistant")
|
||||||
return redirect(reverse('users:index'))
|
return redirect(reverse('users:index'))
|
||||||
if not request.user.has_perms(('cableur',)) and\
|
if not object_instance.can_view(request.user):
|
||||||
object_instance != request.user:
|
messages.error(request, "Vous ne pouvez pas afficher ce menu")
|
||||||
messages.error(request, "Vous ne pouvez pas afficher\
|
|
||||||
l'historique d'un autre user que vous sans droit cableur")
|
|
||||||
return redirect(reverse(
|
return redirect(reverse(
|
||||||
'users:profil',
|
'users:profil',
|
||||||
kwargs={'userid':str(request.user.id)}
|
kwargs={'userid':str(request.user.id)}
|
||||||
|
@ -947,9 +946,8 @@ def profil(request, userid):
|
||||||
except User.DoesNotExist:
|
except User.DoesNotExist:
|
||||||
messages.error(request, "Utilisateur inexistant")
|
messages.error(request, "Utilisateur inexistant")
|
||||||
return redirect(reverse('users:index'))
|
return redirect(reverse('users:index'))
|
||||||
if not request.user.has_perms(('cableur',)) and users != request.user:
|
if not users.can_view(request.user):
|
||||||
messages.error(request, "Vous ne pouvez pas afficher un autre user\
|
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
|
||||||
que vous sans droit cableur")
|
|
||||||
return redirect(reverse(
|
return redirect(reverse(
|
||||||
'users:profil',
|
'users:profil',
|
||||||
kwargs={'userid':str(request.user.id)}
|
kwargs={'userid':str(request.user.id)}
|
||||||
|
|
Loading…
Reference in a new issue