mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-12-25 16:33:47 +00:00
Ajoute des acls sur les vues critiques
This commit is contained in:
parent
8fd35e9da4
commit
aa4bbc8fce
4 changed files with 25 additions and 7 deletions
|
@ -5,7 +5,7 @@ from django.shortcuts import render, redirect
|
|||
from django.shortcuts import render_to_response, get_object_or_404
|
||||
from django.core.context_processors import csrf
|
||||
from django.template import Context, RequestContext, loader
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.contrib.auth.decorators import login_required, permission_required
|
||||
from django.contrib import messages
|
||||
from django.db.models import Max, ProtectedError
|
||||
|
||||
|
@ -91,6 +91,7 @@ def edit_facture(request, factureid):
|
|||
return form({'factureform': facture_form}, 'cotisations/facture.html', request)
|
||||
|
||||
@login_required
|
||||
@permission_required('trésorier')
|
||||
def add_article(request):
|
||||
article = ArticleForm(request.POST or None)
|
||||
if article.is_valid():
|
||||
|
@ -100,6 +101,7 @@ def add_article(request):
|
|||
return form({'factureform': article}, 'cotisations/facture.html', request)
|
||||
|
||||
@login_required
|
||||
@permission_required('trésorier')
|
||||
def edit_article(request, articleid):
|
||||
try:
|
||||
article_instance = Article.objects.get(pk=articleid)
|
||||
|
@ -114,6 +116,7 @@ def edit_article(request, articleid):
|
|||
return form({'factureform': article}, 'cotisations/facture.html', request)
|
||||
|
||||
@login_required
|
||||
@permission_required('trésorier')
|
||||
def del_article(request):
|
||||
article = DelArticleForm(request.POST or None)
|
||||
if article.is_valid():
|
||||
|
@ -124,6 +127,7 @@ def del_article(request):
|
|||
return form({'factureform': article}, 'cotisations/facture.html', request)
|
||||
|
||||
@login_required
|
||||
@permission_required('trésorier')
|
||||
def add_paiement(request):
|
||||
paiement = PaiementForm(request.POST or None)
|
||||
if paiement.is_valid():
|
||||
|
@ -133,6 +137,7 @@ def add_paiement(request):
|
|||
return form({'factureform': paiement}, 'cotisations/facture.html', request)
|
||||
|
||||
@login_required
|
||||
@permission_required('trésorier')
|
||||
def edit_paiement(request, paiementid):
|
||||
try:
|
||||
paiement_instance = Paiement.objects.get(pk=paiementid)
|
||||
|
@ -147,6 +152,7 @@ def edit_paiement(request, paiementid):
|
|||
return form({'factureform': paiement}, 'cotisations/facture.html', request)
|
||||
|
||||
@login_required
|
||||
@permission_required('trésorier')
|
||||
def del_paiement(request):
|
||||
paiement = DelPaiementForm(request.POST or None)
|
||||
if paiement.is_valid():
|
||||
|
@ -161,6 +167,7 @@ def del_paiement(request):
|
|||
return form({'factureform': paiement}, 'cotisations/facture.html', request)
|
||||
|
||||
@login_required
|
||||
@permission_required('trésorier')
|
||||
def add_banque(request):
|
||||
banque = BanqueForm(request.POST or None)
|
||||
if banque.is_valid():
|
||||
|
@ -170,6 +177,7 @@ def add_banque(request):
|
|||
return form({'factureform': banque}, 'cotisations/facture.html', request)
|
||||
|
||||
@login_required
|
||||
@permission_required('trésorier')
|
||||
def edit_banque(request, banqueid):
|
||||
try:
|
||||
banque_instance = Article.objects.get(pk=banqueid)
|
||||
|
@ -184,6 +192,7 @@ def edit_banque(request, banqueid):
|
|||
return form({'factureform': banque}, 'cotisations/facture.html', request)
|
||||
|
||||
@login_required
|
||||
@permission_required('trésorier')
|
||||
def del_banque(request):
|
||||
banque = DelBanqueForm(request.POST or None)
|
||||
if banque.is_valid():
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
from django.shortcuts import render, redirect
|
||||
from django.contrib import messages
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.contrib.auth.decorators import login_required, permission_required
|
||||
from django.db import IntegrityError
|
||||
|
||||
from topologie.models import Switch, Port
|
||||
|
@ -23,6 +23,7 @@ def index_port(request, switch_id):
|
|||
return render(request, 'topologie/index_p.html', {'port_list':port_list, 'id_switch':switch_id, 'nom_switch':switch})
|
||||
|
||||
@login_required
|
||||
@permission_required('admin')
|
||||
def new_port(request, switch_id):
|
||||
try:
|
||||
switch = Switch.objects.get(pk=switch_id)
|
||||
|
@ -42,6 +43,7 @@ def new_port(request, switch_id):
|
|||
return form({'topoform':port}, 'topologie/port.html', request)
|
||||
|
||||
@login_required
|
||||
@permission_required('admin')
|
||||
def edit_port(request, port_id):
|
||||
try:
|
||||
port = Port.objects.get(pk=port_id)
|
||||
|
@ -56,6 +58,7 @@ def edit_port(request, port_id):
|
|||
return form({'topoform':port}, 'topologie/port.html', request)
|
||||
|
||||
@login_required
|
||||
@permission_required('admin')
|
||||
def new_switch(request):
|
||||
switch = EditSwitchForm(request.POST or None)
|
||||
if switch.is_valid():
|
||||
|
@ -65,6 +68,7 @@ def new_switch(request):
|
|||
return form({'topoform':switch}, 'topologie/port.html', request)
|
||||
|
||||
@login_required
|
||||
@permission_required('admin')
|
||||
def edit_switch(request, switch_id):
|
||||
try:
|
||||
switch = Switch.objects.get(pk=switch_id)
|
||||
|
|
|
@ -8,7 +8,6 @@ from django.contrib.auth.models import AbstractBaseUser, BaseUserManager
|
|||
|
||||
from topologie.models import Room
|
||||
|
||||
|
||||
def remove_user_room(room):
|
||||
""" Déménage de force l'ancien locataire de la chambre """
|
||||
try:
|
||||
|
@ -133,8 +132,12 @@ class User(AbstractBaseUser):
|
|||
def get_short_name(self):
|
||||
return self.name
|
||||
|
||||
def has_perm(self, perm, obj=None):
|
||||
# Simplest version
|
||||
def has_perms(self, perms, obj=None):
|
||||
for perm in perms:
|
||||
try:
|
||||
Right.objects.get(user=self, right__listright=perm)
|
||||
except Right.DoesNotExist:
|
||||
return False
|
||||
return True
|
||||
|
||||
def has_module_perms(self, app_label):
|
||||
|
|
|
@ -5,12 +5,12 @@ from django.shortcuts import render_to_response, render, redirect
|
|||
from django.core.context_processors import csrf
|
||||
from django.template import RequestContext
|
||||
from django.contrib import messages
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.contrib.auth.decorators import login_required, permission_required
|
||||
from django.db.models import Max, ProtectedError
|
||||
from django.db import IntegrityError
|
||||
from django.utils import timezone
|
||||
|
||||
from users.models import User, Right, Ban, Whitelist
|
||||
from users.models import User, Right, Ban, Whitelist, School
|
||||
from users.models import DelRightForm, BanForm, WhitelistForm, DelSchoolForm
|
||||
from users.models import InfoForm, StateForm, RightForm, SchoolForm
|
||||
from cotisations.models import Facture
|
||||
|
@ -154,6 +154,7 @@ def password(request, userid):
|
|||
return form({'userform': u_form}, 'users/user.html', request)
|
||||
|
||||
@login_required
|
||||
@permission_required('bureau')
|
||||
def add_right(request, userid):
|
||||
try:
|
||||
user = User.objects.get(pk=userid)
|
||||
|
@ -173,6 +174,7 @@ def add_right(request, userid):
|
|||
return form({'userform': right}, 'users/user.html', request)
|
||||
|
||||
@login_required
|
||||
@permission_required('bureau')
|
||||
def del_right(request):
|
||||
right = DelRightForm(request.POST or None)
|
||||
if right.is_valid():
|
||||
|
|
Loading…
Reference in a new issue