8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-23 20:03:11 +00:00

Ajoute des acls sur les vues critiques

This commit is contained in:
chirac 2016-07-09 04:12:09 +02:00
parent 37cdd1d54e
commit 8b04495166
4 changed files with 25 additions and 7 deletions

View file

@ -5,7 +5,7 @@ from django.shortcuts import render, redirect
from django.shortcuts import render_to_response, get_object_or_404 from django.shortcuts import render_to_response, get_object_or_404
from django.core.context_processors import csrf from django.core.context_processors import csrf
from django.template import Context, RequestContext, loader from django.template import Context, RequestContext, loader
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required, permission_required
from django.contrib import messages from django.contrib import messages
from django.db.models import Max, ProtectedError from django.db.models import Max, ProtectedError
@ -91,6 +91,7 @@ def edit_facture(request, factureid):
return form({'factureform': facture_form}, 'cotisations/facture.html', request) return form({'factureform': facture_form}, 'cotisations/facture.html', request)
@login_required @login_required
@permission_required('trésorier')
def add_article(request): def add_article(request):
article = ArticleForm(request.POST or None) article = ArticleForm(request.POST or None)
if article.is_valid(): if article.is_valid():
@ -100,6 +101,7 @@ def add_article(request):
return form({'factureform': article}, 'cotisations/facture.html', request) return form({'factureform': article}, 'cotisations/facture.html', request)
@login_required @login_required
@permission_required('trésorier')
def edit_article(request, articleid): def edit_article(request, articleid):
try: try:
article_instance = Article.objects.get(pk=articleid) article_instance = Article.objects.get(pk=articleid)
@ -114,6 +116,7 @@ def edit_article(request, articleid):
return form({'factureform': article}, 'cotisations/facture.html', request) return form({'factureform': article}, 'cotisations/facture.html', request)
@login_required @login_required
@permission_required('trésorier')
def del_article(request): def del_article(request):
article = DelArticleForm(request.POST or None) article = DelArticleForm(request.POST or None)
if article.is_valid(): if article.is_valid():
@ -124,6 +127,7 @@ def del_article(request):
return form({'factureform': article}, 'cotisations/facture.html', request) return form({'factureform': article}, 'cotisations/facture.html', request)
@login_required @login_required
@permission_required('trésorier')
def add_paiement(request): def add_paiement(request):
paiement = PaiementForm(request.POST or None) paiement = PaiementForm(request.POST or None)
if paiement.is_valid(): if paiement.is_valid():
@ -133,6 +137,7 @@ def add_paiement(request):
return form({'factureform': paiement}, 'cotisations/facture.html', request) return form({'factureform': paiement}, 'cotisations/facture.html', request)
@login_required @login_required
@permission_required('trésorier')
def edit_paiement(request, paiementid): def edit_paiement(request, paiementid):
try: try:
paiement_instance = Paiement.objects.get(pk=paiementid) paiement_instance = Paiement.objects.get(pk=paiementid)
@ -147,6 +152,7 @@ def edit_paiement(request, paiementid):
return form({'factureform': paiement}, 'cotisations/facture.html', request) return form({'factureform': paiement}, 'cotisations/facture.html', request)
@login_required @login_required
@permission_required('trésorier')
def del_paiement(request): def del_paiement(request):
paiement = DelPaiementForm(request.POST or None) paiement = DelPaiementForm(request.POST or None)
if paiement.is_valid(): if paiement.is_valid():
@ -161,6 +167,7 @@ def del_paiement(request):
return form({'factureform': paiement}, 'cotisations/facture.html', request) return form({'factureform': paiement}, 'cotisations/facture.html', request)
@login_required @login_required
@permission_required('trésorier')
def add_banque(request): def add_banque(request):
banque = BanqueForm(request.POST or None) banque = BanqueForm(request.POST or None)
if banque.is_valid(): if banque.is_valid():
@ -170,6 +177,7 @@ def add_banque(request):
return form({'factureform': banque}, 'cotisations/facture.html', request) return form({'factureform': banque}, 'cotisations/facture.html', request)
@login_required @login_required
@permission_required('trésorier')
def edit_banque(request, banqueid): def edit_banque(request, banqueid):
try: try:
banque_instance = Article.objects.get(pk=banqueid) banque_instance = Article.objects.get(pk=banqueid)
@ -184,6 +192,7 @@ def edit_banque(request, banqueid):
return form({'factureform': banque}, 'cotisations/facture.html', request) return form({'factureform': banque}, 'cotisations/facture.html', request)
@login_required @login_required
@permission_required('trésorier')
def del_banque(request): def del_banque(request):
banque = DelBanqueForm(request.POST or None) banque = DelBanqueForm(request.POST or None)
if banque.is_valid(): if banque.is_valid():

View file

@ -1,6 +1,6 @@
from django.shortcuts import render, redirect from django.shortcuts import render, redirect
from django.contrib import messages from django.contrib import messages
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required, permission_required
from django.db import IntegrityError from django.db import IntegrityError
from topologie.models import Switch, Port from topologie.models import Switch, Port
@ -23,6 +23,7 @@ def index_port(request, switch_id):
return render(request, 'topologie/index_p.html', {'port_list':port_list, 'id_switch':switch_id, 'nom_switch':switch}) return render(request, 'topologie/index_p.html', {'port_list':port_list, 'id_switch':switch_id, 'nom_switch':switch})
@login_required @login_required
@permission_required('admin')
def new_port(request, switch_id): def new_port(request, switch_id):
try: try:
switch = Switch.objects.get(pk=switch_id) switch = Switch.objects.get(pk=switch_id)
@ -42,6 +43,7 @@ def new_port(request, switch_id):
return form({'topoform':port}, 'topologie/port.html', request) return form({'topoform':port}, 'topologie/port.html', request)
@login_required @login_required
@permission_required('admin')
def edit_port(request, port_id): def edit_port(request, port_id):
try: try:
port = Port.objects.get(pk=port_id) port = Port.objects.get(pk=port_id)
@ -56,6 +58,7 @@ def edit_port(request, port_id):
return form({'topoform':port}, 'topologie/port.html', request) return form({'topoform':port}, 'topologie/port.html', request)
@login_required @login_required
@permission_required('admin')
def new_switch(request): def new_switch(request):
switch = EditSwitchForm(request.POST or None) switch = EditSwitchForm(request.POST or None)
if switch.is_valid(): if switch.is_valid():
@ -65,6 +68,7 @@ def new_switch(request):
return form({'topoform':switch}, 'topologie/port.html', request) return form({'topoform':switch}, 'topologie/port.html', request)
@login_required @login_required
@permission_required('admin')
def edit_switch(request, switch_id): def edit_switch(request, switch_id):
try: try:
switch = Switch.objects.get(pk=switch_id) switch = Switch.objects.get(pk=switch_id)

View file

@ -8,7 +8,6 @@ from django.contrib.auth.models import AbstractBaseUser, BaseUserManager
from topologie.models import Room from topologie.models import Room
def remove_user_room(room): def remove_user_room(room):
""" Déménage de force l'ancien locataire de la chambre """ """ Déménage de force l'ancien locataire de la chambre """
try: try:
@ -133,8 +132,12 @@ class User(AbstractBaseUser):
def get_short_name(self): def get_short_name(self):
return self.name return self.name
def has_perm(self, perm, obj=None): def has_perms(self, perms, obj=None):
# Simplest version for perm in perms:
try:
Right.objects.get(user=self, right__listright=perm)
except Right.DoesNotExist:
return False
return True return True
def has_module_perms(self, app_label): def has_module_perms(self, app_label):

View file

@ -5,12 +5,12 @@ from django.shortcuts import render_to_response, render, redirect
from django.core.context_processors import csrf from django.core.context_processors import csrf
from django.template import RequestContext from django.template import RequestContext
from django.contrib import messages from django.contrib import messages
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required, permission_required
from django.db.models import Max, ProtectedError from django.db.models import Max, ProtectedError
from django.db import IntegrityError from django.db import IntegrityError
from django.utils import timezone from django.utils import timezone
from users.models import User, Right, Ban, Whitelist from users.models import User, Right, Ban, Whitelist, School
from users.models import DelRightForm, BanForm, WhitelistForm, DelSchoolForm from users.models import DelRightForm, BanForm, WhitelistForm, DelSchoolForm
from users.models import InfoForm, StateForm, RightForm, SchoolForm from users.models import InfoForm, StateForm, RightForm, SchoolForm
from cotisations.models import Facture from cotisations.models import Facture
@ -154,6 +154,7 @@ def password(request, userid):
return form({'userform': u_form}, 'users/user.html', request) return form({'userform': u_form}, 'users/user.html', request)
@login_required @login_required
@permission_required('bureau')
def add_right(request, userid): def add_right(request, userid):
try: try:
user = User.objects.get(pk=userid) user = User.objects.get(pk=userid)
@ -173,6 +174,7 @@ def add_right(request, userid):
return form({'userform': right}, 'users/user.html', request) return form({'userform': right}, 'users/user.html', request)
@login_required @login_required
@permission_required('bureau')
def del_right(request): def del_right(request):
right = DelRightForm(request.POST or None) right = DelRightForm(request.POST or None)
if right.is_valid(): if right.is_valid():