Commit 27b58257 authored by Charlie Jacomme's avatar Charlie Jacomme

[intranet] New rights systems

Le droits crans_name appartient au groupe crans_name
parent ba4cc4df
......@@ -21,15 +21,38 @@
import ldap
from django.contrib.auth.models import Group, User
from django.contrib.auth.models import Group, User, Permission
from django.contrib.auth.backends import ModelBackend
from django.views.decorators.debug import sensitive_variables
from django.contrib.contenttypes.models import ContentType
# Pour se connecter à la base ldap
import lc_ldap.shortcuts
from intranet import conn_pool, settings
GROUPES_SPECIAUX = { # Dictionnaire de groupe spéciaux à attribuer selon le test correspondant
"crans_paiement_ok": lambda u: u.paiement_ok(),
"crans_imprimeur_club": lambda u: u.imprimeur_clubs(),
"crans_respo_club": lambda u: u.clubs(),
"crans_adherent": lambda u: 'aid' in u,
"crans_club": lambda u: 'cid' in u,
}
def get_or_create_cransgroup(name):
""" Crée le groupe crans_name avec le droit crans_name.
"""
group, created = Group.objects.get_or_create(name=name)
if created:
user_type = ContentType.objects.get(app_label="auth", model="user")
permission,created = Permission.objects.get_or_create(codename=name,
name=name,
content_type=user_type)
group.permissions.add(permission)
group.save()
return group
def refresh_droits(user, cl_user):
"""Rafraîchit les droits de l'utilisateur django `user' depuis
l'utilisateur LDAP `cl_user'"""
......@@ -48,29 +71,10 @@ def refresh_droits(user, cl_user):
groups = []
for cl_droit in cl_droits:
group, created = Group.objects.get_or_create(name="crans_%s" % cl_droit.lower())
group.save()
groups.append(group)
if cl_user.paiement_ok():
group, created = Group.objects.get_or_create(name="crans_paiement_ok")
group.save()
groups.append(group)
if cl_user.imprimeur_clubs():
group, created = Group.objects.get_or_create(name="crans_imprimeur_club")
group.save()
groups.append(group)
if cl_user.clubs():
group, created = Group.objects.get_or_create(name="crans_respo_club")
group.save()
groups.append(group)
if 'aid' in cl_user:
group, created = Group.objects.get_or_create(name="crans_adherent")
group.save()
groups.append(group)
if 'aid' in cl_user:
group, created = Group.objects.get_or_create(name="crans_club")
group.save()
groups.append(group)
groups.append(get_or_create_cransgroup(name=u"crans_%s" % cl_droit.lower()))
for group in GROUPES_SPECIAUX:
if GROUPES_SPECIAUX[group](cl_user):
groups.append(get_or_create_cransgroup(name=group))
user.groups = [ group for group in user.groups.all() if not group.name.startswith('crans_') ]
user.groups.add(*groups)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment