8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-27 07:02:26 +00:00

can_xxx là où c'est possible et gestion de l'historique générique appliquée à users

This commit is contained in:
LEVY-FALK Hugo 2017-12-27 21:21:04 +01:00 committed by root
parent 58ff2a2c8d
commit e9e26144d6
3 changed files with 72 additions and 49 deletions

View file

@ -26,10 +26,16 @@ les views
from __future__ import unicode_literals from __future__ import unicode_literals
from django.shortcuts import render from django.http import Http404
from django.shortcuts import render, redirect
from django.template.context_processors import csrf from django.template.context_processors import csrf
from django.contrib.auth.decorators import login_required, permission_required
from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger
from reversion.models import Version
from django.contrib import messages
from preferences.models import Service from preferences.models import Service
from preferences.models import OptionalUser, GeneralOption
import users
def form(ctx, template, request): def form(ctx, template, request):
"""Form générique, raccourci importé par les fonctions views du site""" """Form générique, raccourci importé par les fonctions views du site"""
@ -44,3 +50,54 @@ def index(request):
for indice, serv in enumerate(Service.objects.all()): for indice, serv in enumerate(Service.objects.all()):
services[indice % 3].append(serv) services[indice % 3].append(serv)
return form({'services_urls': services}, 're2o/index.html', request) return form({'services_urls': services}, 're2o/index.html', request)
HISTORY_BIND = {
'user' : users.models.User,
'ban' : users.models.Ban,
'whitelist' : users.models.Whitelist,
'school' : users.models.School,
'listright' : users.models.ListRight,
'serviceuser' : users.models.ServiceUser,
}
@login_required
def history(request, object_name, object_id):
""" Affichage de l'historique"""
try:
model = HISTORY_BIND[object_name]
except KeyError as e:
raise Http404(u"Il n'existe pas d'historique pour ce modèle.")
try:
instance = model.get_instance(object_id)
except model.DoesNotExist:
messages.error(request, u"Entrée inexistante")
return redirect(reverse('users:profil',
kwargs={'userid':str(request.user.id)}
))
can, msg = instance.can_view(request.user)
if not can:
messages.error(request, msg or "Vous ne pouvez pas accéder à ce menu")
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
options, _created = GeneralOption.objects.get_or_create()
pagination_number = options.pagination_number
reversions = Version.objects.get_for_object(instance)
paginator = Paginator(reversions, pagination_number)
page = request.GET.get('page')
try:
reversions = paginator.page(page)
except PageNotAnInteger:
# If page is not an integer, deliver first page.
reversions = paginator.page(1)
except EmptyPage:
# If page is out of range (e.g. 9999), deliver last page of result
reversions = paginator.page(paginator.num_pages)
return render(
request,
're2o/history.html',
{'reversions': reversions, 'object': instance}
)

View file

@ -27,6 +27,7 @@ from __future__ import unicode_literals
from django.conf.urls import url from django.conf.urls import url
import re2o
from . import views from . import views
urlpatterns = [ urlpatterns = [
@ -94,33 +95,8 @@ urlpatterns = [
url(r'^reset_password/$', views.reset_password, name='reset-password'), url(r'^reset_password/$', views.reset_password, name='reset-password'),
url(r'^mass_archive/$', views.mass_archive, name='mass-archive'), url(r'^mass_archive/$', views.mass_archive, name='mass-archive'),
url( url(
r'^history/(?P<object_name>user)/(?P<object_id>[0-9]+)$', r'^history/(?P<object_name>\w+)/(?P<object_id>[0-9]+)$',
views.history, re2o.views.history,
name='history'
),
url(
r'^history/(?P<object_name>ban)/(?P<object_id>[0-9]+)$',
views.history,
name='history'
),
url(
r'^history/(?P<object_name>whitelist)/(?P<object_id>[0-9]+)$',
views.history,
name='history'
),
url(
r'^history/(?P<object_name>school)/(?P<object_id>[0-9]+)$',
views.history,
name='history'
),
url(
r'^history/(?P<object_name>listright)/(?P<object_id>[0-9]+)$',
views.history,
name='history'
),
url(
r'^history/(?P<object_name>serviceuser)/(?P<object_id>[0-9]+)$',
views.history,
name='history' name='history'
), ),
url(r'^$', views.index, name='index'), url(r'^$', views.index, name='index'),

View file

@ -93,7 +93,7 @@ from preferences.models import OptionalUser, GeneralOption
from re2o.views import form from re2o.views import form
from re2o.utils import ( from re2o.utils import (
all_has_access, SortTable, can_create, can_edit, can_delete_set, can_delete, can_view all_has_access, SortTable, can_create, can_edit, can_delete_set, can_delete, can_view, can_view_all
) )
def password_change_action(u_form, user, request, req=False): def password_change_action(u_form, user, request, req=False):
@ -563,7 +563,7 @@ def edit_listright(request, listright_instance, listrightid):
@login_required @login_required
@can_delete_set(ListRight) @can_delete_set(ListRight)
def del_listright(request): def del_listright(request, instances):
""" Supprimer un ou plusieurs groupe, possible si il est vide, need droit """ Supprimer un ou plusieurs groupe, possible si il est vide, need droit
bureau """ bureau """
listright = DelListRightForm(request.POST or None, instances=instances) listright = DelListRightForm(request.POST or None, instances=instances)
@ -615,7 +615,7 @@ def mass_archive(request):
@login_required @login_required
@permission_required('cableur') @can_view_all(Adherent)
def index(request): def index(request):
""" Affiche l'ensemble des adherents, need droit cableur """ """ Affiche l'ensemble des adherents, need droit cableur """
options, _created = GeneralOption.objects.get_or_create() options, _created = GeneralOption.objects.get_or_create()
@ -671,7 +671,7 @@ def index_clubs(request):
@login_required @login_required
@permission_required('cableur') @can_view_all(Ban)
def index_ban(request): def index_ban(request):
""" Affiche l'ensemble des ban, need droit cableur """ """ Affiche l'ensemble des ban, need droit cableur """
options, _created = GeneralOption.objects.get_or_create() options, _created = GeneralOption.objects.get_or_create()
@ -697,7 +697,7 @@ def index_ban(request):
@login_required @login_required
@permission_required('cableur') @can_view_all(Whitelist)
def index_white(request): def index_white(request):
""" Affiche l'ensemble des whitelist, need droit cableur """ """ Affiche l'ensemble des whitelist, need droit cableur """
options, _created = GeneralOption.objects.get_or_create() options, _created = GeneralOption.objects.get_or_create()
@ -727,7 +727,7 @@ def index_white(request):
@login_required @login_required
@permission_required('cableur') @can_view_all(School)
def index_school(request): def index_school(request):
""" Affiche l'ensemble des établissement, need droit cableur """ """ Affiche l'ensemble des établissement, need droit cableur """
school_list = School.objects.order_by('name') school_list = School.objects.order_by('name')
@ -739,7 +739,7 @@ def index_school(request):
@login_required @login_required
@permission_required('cableur') @can_view_all(ListRight)
def index_listright(request): def index_listright(request):
""" Affiche l'ensemble des droits , need droit cableur """ """ Affiche l'ensemble des droits , need droit cableur """
listright_list = ListRight.objects.order_by('listright') listright_list = ListRight.objects.order_by('listright')
@ -751,7 +751,7 @@ def index_listright(request):
@login_required @login_required
@permission_required('cableur') @can_view_all(ServiceUser)
def index_serviceusers(request): def index_serviceusers(request):
""" Affiche les users de services (pour les accès ldap)""" """ Affiche les users de services (pour les accès ldap)"""
serviceusers_list = ServiceUser.objects.order_by('pseudo') serviceusers_list = ServiceUser.objects.order_by('pseudo')
@ -861,19 +861,9 @@ def mon_profil(request):
@login_required @login_required
def profil(request, userid): @can_view(User)
def profil(request, users, userid):
""" Affiche un profil, self or cableur, prend un userid en argument """ """ Affiche un profil, self or cableur, prend un userid en argument """
try:
users = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect(reverse('users:index'))
if not users.can_view(request.user)[0]:
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
machines = Machine.objects.filter(user=users).select_related('user')\ machines = Machine.objects.filter(user=users).select_related('user')\
.prefetch_related('interface_set__domain__extension')\ .prefetch_related('interface_set__domain__extension')\
.prefetch_related('interface_set__ipv4__ip_type__extension')\ .prefetch_related('interface_set__ipv4__ip_type__extension')\