rezometz
/
re2o
mirror of https://gitlab.federez.net/re2o/re2o
8
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Acl sur preferences

test-front-curly
LEVY-FALK Hugo 8 years ago
committed by root
parent
a022a23f12
commit
1d4b2801b7
6 changed files with 245 additions and 104 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 266
      preferences/models.py
  2. 6
      preferences/templates/preferences/aff_service.html
  3. 25
      preferences/templates/preferences/display_preferences.html
  4. 5
      preferences/urls.py
  5. 44
      preferences/views.py
  6. 3
      re2o/views.py

266
preferences/models.py
View File

@ -51,27 +51,51 @@ class OptionalUser(models.Model):
return OptionalUser.objects.get_or_create()
def can_create(user_request, *args, **kwargs):
return True, None
"""Check if an user can create a OptionalUser object.
def can_edit_all(user_request, *args, **kwargs):
:param user_request: The user who wants to create a user object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant les users"
de créer les préférences concernant les users"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a OptionalUser object.
:param self: The OptionalUser which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant les users"
def can_delete_all(user_request, *args, **kwargs):
return True, None
def can_delete(self, user_request, *args, **kwargs):
return True, None
"""Check if an user can delete a OptionalUser object.
:param self: The OptionalUser which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
de supprimer les préférences concernant les users"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every OptionalUser objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant les utilisateurs"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a OptionalUser object.
:param self: The targeted OptionalUser.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant les utilisateurs"
@ -95,27 +119,52 @@ class OptionalMachine(models.Model):
return OptionalMachine.objects.get_or_create()
def can_create(user_request, *args, **kwargs):
return True, None
"""Check if an user can create a OptionalMachine object.
def can_edit_all(user_request, *args, **kwargs):
:param user_request: The user who wants to create an object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant les machines"
de créer les préférences concernant les machines"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a OptionalMachine object.
:param self: The OptionalMachine which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant les machines"
def can_delete_all(user_request, *args, **kwargs):
return True, None
def can_delete(self, user_request, *args, **kwargs):
return True, None
"""Check if an user can delete a OptionalMachine object.
:param self: The OptionalMachine which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
de supprimer les préférences concernant les machines"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every OptionalMachine objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant les machines"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a OptionalMachine object.
:param self: The targeted OptionalMachine.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant les machines"
@ -156,27 +205,51 @@ class OptionalTopologie(models.Model):
return OptionalTopologie.objects.get_or_create()
def can_create(user_request, *args, **kwargs):
return True, None
"""Check if an user can create a OptionalTopologie object.
def can_edit_all(user_request, *args, **kwargs):
:param user_request: The user who wants to create an object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant la topologie"
de créer les préférences concernant la topologie"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a OptionalTopologie object.
:param self: The OptionalTopologie which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant la topologie"
def can_delete_all(user_request, *args, **kwargs):
return True, None
def can_delete(self, user_request, *args, **kwargs):
return True, None
"""Check if an user can delete a OptionalTopologie object.
:param self: The OptionalTopologie which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant la topologie"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every OptionalTopologie objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant la topologie"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a OptionalTopologie object.
:param self: The targeted OptionalTopologie.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant la topologie"
@ -202,27 +275,52 @@ class GeneralOption(models.Model):
return GeneralOption.objects.get_or_create()
def can_create(user_request, *args, **kwargs):
return True, None
"""Check if an user can create a GeneralOption object.
def can_edit_all(user_request, *args, **kwargs):
:param user_request: The user who wants to create an object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences générales"
de créer les préférences générales"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a GeneralOption object.
:param self: The GeneralOption which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences générales"
def can_delete_all(user_request, *args, **kwargs):
return True, None
def can_delete(self, user_request, *args, **kwargs):
return True, None
"""Check if an user can delete a GeneralOption object.
:param self: The GeneralOption which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences générales"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every GeneralOption objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences générales"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a GeneralOption object.
:param self: The targeted GeneralOption.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences générales"
@ -239,30 +337,53 @@ class Service(models.Model):
return Service.objects.get(pk=serviceid)
def can_create(user_request, *args, **kwargs):
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
de créer un service pour la page d'accueil"
"""Check if an user can create a Service object.
:param user_request: The user who wants to create an object.
:return: a message and a boolean which is True if the user can create.
"""
def can_edit_all(user_request, *args, **kwargs):
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les services pour la page d'accueil"
de créer un service pour la page d'accueil"
def can_edit(self, user_request, *args, **kwargs):
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les services pour la page d'accueil"
"""Check if an user can edit a Service object.
def can_delete_all(user_request, *args, **kwargs):
:param self: The Service which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
de supprimer les services pour la page d'accueil"
d'éditer les services pour la page d'accueil"
def can_delete(self, user_request, *args, **kwargs):
"""Check if an user can delete a Service object.
:param self: The Right which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
de supprimer les services pour la page d'accueil"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every Service objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les services pour la page d'accueil"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a Service object.
:param self: The targeted Service.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les services pour la page d'accueil"
@ -295,27 +416,51 @@ class AssoOption(models.Model):
return AssoOption.objects.get_or_create()
def can_create(user_request, *args, **kwargs):
return True, None
"""Check if an user can create a AssoOption object.
def can_edit_all(user_request, *args, **kwargs):
:param user_request: The user who wants to create an object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant l'association"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a AssoOption object.
:param self: The AssoOption which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant l'association"
def can_delete_all(user_request, *args, **kwargs):
return True, None
def can_delete(self, user_request, *args, **kwargs):
return True, None
"""Check if an user can delete a AssoOption object.
:param self: The AssoOption which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant l'association"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every AssoOption objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant l'association"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a AssoOption object.
:param self: The targeted AssoOption.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant l'association"
@ -331,26 +476,51 @@ class MailMessageOption(models.Model):
return MailMessageOption.objects.get_or_create()
def can_create(user_request, *args, **kwargs):
return True, None
"""Check if an user can create a MailMessageOption object.
def can_edit_all(user_request, *args, **kwargs):
:param user_request: The user who wants to create an object.
:return: a message and a boolean which is True if the user can create.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant les mails"
def can_edit(self, user_request, *args, **kwargs):
"""Check if an user can edit a MailMessageOption object.
:param self: The MailMessageOption which is to be edited.
:param user_request: The user who requests to edit self.
:return: a message and a boolean which is True if edition is granted.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant les mails"
def can_delete_all(user_request, *args, **kwargs):
return True, None
def can_delete(self, user_request, *args, **kwargs):
return True, None
"""Check if an user can delete a AssoOption object.
:param self: The AssoOption which is to be deleted.
:param user_request: The user who requests deletion.
:return: True if deletion is granted, and a message.
"""
return user_request.has_perms(('admin',)), u"Vous n'avez pas le droit\
d'éditer les préférences concernant les mails"
def can_view_all(user_request, *args, **kwargs):
"""Check if an user can access to the list of every AssoOption objects
:param user_request: The user who wants to view the list.
:return: True if the user can view the list and an explanation message.
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant les mails"
def can_view(self, user_request, *args, **kwargs):
"""Check if an user can view a AssoOption object.
:param self: The targeted AssoOption.
:param user_request: The user who ask for viewing the target.
:return: A boolean telling if the acces is granted and an explanation
text
"""
return user_request.has_perms(('cableur',)), u"Vous n'avez pas le droit\
de voir les préférences concernant les mails"

6
preferences/templates/preferences/aff_service.html
View File

@ -21,7 +21,7 @@ You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
{% endcomment %}
{% load acl %}
<table class="table table-striped">
<thead>
<tr>
@ -40,9 +40,9 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<td>{{ service.description }}</td>
<td>{{ service.image }}</td>
<td class="text-right">
{% if is_admin %}
{% can_edit service%}
{% include 'buttons/edit.html' with href='preferences:edit-service' id=service.id %}
{% endif %}
{% acl_end %}
{% include 'buttons/history.html' with href='preferences:history' name='service' id=service.id %}
</td>
</tr>

25
preferences/templates/preferences/display_preferences.html
View File

@ -24,17 +24,16 @@ with this program; if not, write to the Free Software Foundation, Inc.,
{% endcomment %}
{% load bootstrap3 %}
{% load acl %}
{% block title %}Création et modification des préférences{% endblock %}
{% block content %}
<h4>Préférences utilisateur</h4>
{% if is_bureau %}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:edit-options' 'OptionalUser' %}">
<i class="glyphicon glyphicon-edit"></i>
Editer
</a>
{% endif %}
<p>
</p>
<table class="table table-striped">
@ -58,12 +57,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
</tr>
</table>
<h4>Préférences machines</h4>
{% if is_bureau %}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:edit-options' 'OptionalMachine' %}">
<i class="glyphicon glyphicon-edit"></i>
Editer
</a>
{% endif %}
<p>
</p>
<table class="table table-striped">
@ -81,12 +78,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
</tr>
</table>
<h4>Préférences topologie</h4>
{% if is_bureau %}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:edit-options' 'OptionalTopologie' %}">
<i class="glyphicon glyphicon-edit"></i>
Editer
</a>
{% endif %}
<p>
</p>
<table class="table table-striped">
@ -104,14 +99,12 @@ with this program; if not, write to the Free Software Foundation, Inc.,
</tr>
</table>
<h4>Préférences generales</h4>
{% if is_bureau %}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:edit-options' 'GeneralOption' %}">
<i class="glyphicon glyphicon-edit"></i>
Editer
</a>
{% endif %}
<p>
</p>
</p>
<table class="table table-striped">
<tr>
<th>Nom du site web</th>
@ -137,12 +130,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<tr>
</table>
<h4>Données de l'association</h4>
{% if is_bureau %}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:edit-options' 'AssoOption' %}">
<i class="glyphicon glyphicon-edit"></i>
Editer
</a>
{% endif %}
<p>
</p>
<table class="table table-striped">
@ -164,19 +155,17 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<td>{{ assooptions.telephone }}</td>
<th>Pseudo d'usage</th>
<td>{{ assooptions.pseudo }}</td>
</tr>
</tr>
<tr>
<th>Objet utilisateur de l'association</th>
<td>{{ assooptions.utilisateur_asso }}</td>
</tr>
</table>
</tr>
</table>
<h4>Messages personalisé dans les mails</h4>
{% if is_bureau %}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:edit-options' 'MailMessageOption' %}">
<i class="glyphicon glyphicon-edit"></i>
Editer
</a>
{% endif %}
<p>
</p>
<table class="table table-striped">
@ -190,10 +179,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
</tr>
</table>
<h2>Liste des services page d'accueil</h2>
{% if is_infra %}
{% can_create Service%}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:add-service' %}"><i class="glyphicon glyphicon-plus"></i> Ajouter un service</a>
{% acl_end %}
<a class="btn btn-danger btn-sm" role="button" href="{% url 'preferences:del-services' %}"><i class="glyphicon glyphicon-trash"></i> Supprimer un ou plusieurs service</a>
{% endif %}
{% include "preferences/aff_service.html" with service_list=service_list %}
<br />
<br />

5
preferences/urls.py
View File

@ -28,6 +28,7 @@ from __future__ import unicode_literals
from django.conf.urls import url
from . import views
import re2o
urlpatterns = [
@ -69,8 +70,8 @@ urlpatterns = [
),
url(r'^del_services/$', views.del_services, name='del-services'),
url(
r'^history/(?P<object_name>service)/(?P<object_id>[0-9]+)$',
views.history,
r'^history/(?P<object_name>\w+)/(?P<object_id>[0-9]+)$',
re2o.views.history,
name='history'
),
url(r'^$', views.display_options, name='display-options'),

44
preferences/views.py
View File

@ -42,7 +42,7 @@ from reversion.models import Version
from reversion import revisions as reversion
from re2o.views import form
from re2o.utils import can_create, can_edit, can_delete_set
from re2o.utils import can_create, can_edit, can_delete_set, can_view_all
from .forms import ServiceForm, DelServiceForm
from .models import Service, OptionalUser, OptionalMachine, AssoOption
from .models import MailMessageOption, GeneralOption, OptionalTopologie
@ -51,7 +51,12 @@ from . import forms
@login_required
@permission_required('cableur')
@can_view_all(OptionalUser)
@can_view_all(OptionalMachine)
@can_view_all(OptionalTopologie)
@can_view_all(GeneralOption)
@can_view_all(AssoOption)
@can_view_all(MailMessageOption)
def display_options(request):
"""Vue pour affichage des options (en vrac) classé selon les models
correspondants dans un tableau"""
@ -81,6 +86,11 @@ def edit_options(request, section):
form_instance = getattr(forms, 'Edit' + section + 'Form', None)
if model and form:
options_instance, _created = model.objects.get_or_create()
can, msg = options_instance.can_edit(request.user)
if not can:
messages.error(request, msg or "Vous ne pouvez pas éditer cette\
option.")
return redirect('/')
options = form_instance(
request.POST or None,
instance=options_instance
@ -170,33 +180,3 @@ def del_services(request, instances):
'preferences/preferences.html',
request
)
@login_required
@permission_required('cableur')
def history(request, object_name, object_id):
"""Historique de creation et de modification d'un service affiché sur
la page d'accueil"""
if object_name == 'service':
try:
object_instance = Service.objects.get(pk=object_id)
except Service.DoesNotExist:
messages.error(request, "Service inexistant")
return redirect(reverse('preferences:display-options'))
options, _created = GeneralOption.objects.get_or_create()
pagination_number = options.pagination_number
reversions = Version.objects.get_for_object(object_instance)
paginator = Paginator(reversions, pagination_number)
page = request.GET.get('page')
try:
reversions = paginator.page(page)
except PageNotAnInteger:
# If page is not an integer, deliver first page.
reversions = paginator.page(1)
except EmptyPage:
# If page is out of range (e.g. 9999), deliver last page of results.
reversions = paginator.page(paginator.num_pages)
return render(request, 're2o/history.html', {
'reversions': reversions,
'object': object_instance
})

3
re2o/views.py
View File

@ -35,7 +35,7 @@ from reversion.models import Version
from django.contrib import messages
from preferences.models import Service
from preferences.models import OptionalUser, GeneralOption
import users
import users, preferences
def form(ctx, template, request):
"""Form générique, raccourci importé par les fonctions views du site"""
@ -59,6 +59,7 @@ HISTORY_BIND = {
'school' : users.models.School,
'listright' : users.models.ListRight,
'serviceuser' : users.models.ServiceUser,
'service' : preferences.models.Service,
}
@login_required

Write Preview
Loading…
Cancel
Save