Commit 0d78dcad authored by LEVY-FALK Hugo's avatar LEVY-FALK Hugo Committed by root

@can_create et @can_edit sur l'ajout de ban, l'ajout de droit,...

@can_create et @can_edit sur l'ajout de ban, l'ajout de droit, l'édition/création de service, l'édition de password, les états et l'édition d'utilisateurs.
parent cf642bad
......@@ -921,6 +921,11 @@ class ServiceUser(AbstractBaseUser):
else:
return user.has_perms(('infra',))
def can_edit(instance, user):
return user.has_perms(('infra',))
def get_instance(userid):
return ServiceUser.objects.get(pk=userid)
@receiver(post_save, sender=ServiceUser)
def service_user_post_save(sender, **kwargs):
......@@ -951,6 +956,9 @@ class Right(models.Model):
def __str__(self):
return str(self.user)
def can_create(user):
return user.has_perms('bureau')
@receiver(post_save, sender=Right)
def right_post_save(sender, **kwargs):
......@@ -1095,6 +1103,9 @@ class Ban(models.Model):
def __str__(self):
return str(self.user) + ' ' + str(self.raison)
def can_create(user):
return user.has_perms(('bofh',))
@receiver(post_save, sender=Ban)
def ban_post_save(sender, **kwargs):
......
......@@ -226,14 +226,10 @@ def edit_info(request, user, userid):
@login_required
@permission_required('bureau')
def state(request, userid):
@can_edit(User)
def state(request, user, userid):
""" Changer l'etat actif/desactivé/archivé d'un user,
need droit bureau """
try:
user = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect(reverse('users:index'))
state = StateForm(request.POST or None, instance=user)
if state.is_valid():
with transaction.atomic(), reversion.create_revision():
......@@ -257,21 +253,11 @@ def state(request, userid):
@login_required
def password(request, userid):
@can_edit(User)
def password(request, user, userid):
""" Reinitialisation d'un mot de passe à partir de l'userid,
pour self par défaut, pour tous sans droit si droit cableur,
pour tous si droit bureau """
try:
user = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect(reverse('users'))
if not user.can_edit(request.user):
messages.error(request, "Vous ne pouvez pas accéder à ce menu")
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
if not request.user.has_perms(('bureau',)) and user != request.user\
and Right.objects.filter(user=user):
messages.error(request, "Il faut les droits bureau pour modifier le\
......@@ -307,16 +293,9 @@ def new_serviceuser(request):
@login_required
@permission_required('infra')
def edit_serviceuser(request, userid):
""" Edite un utilisateur à partir de son id,
si l'id est différent de request.user,
vérifie la possession du droit cableur """
try:
user = ServiceUser.objects.get(pk=userid)
except ServiceUser.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect(reverse('users:index'))
@can_edit(ServiceUser)
def edit_serviceuser(request, user, userid):
""" Edit a ServiceUser """
user = EditServiceUserForm(request.POST or None, instance=user)
if user.is_valid():
user_object = user.save(commit=False)
......@@ -356,14 +335,10 @@ def del_serviceuser(request, userid):
@login_required
@permission_required('bureau')
def add_right(request, userid):
@can_create(Right)
@can_edit(User)
def add_right(request, user, userid):
""" Ajout d'un droit à un user, need droit bureau """
try:
user = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect(reverse('users:index'))
right = RightForm(request.POST or None)
if right.is_valid():
right = right.save(commit=False)
......@@ -405,16 +380,12 @@ def del_right(request):
@login_required
@permission_required('bofh')
def add_ban(request, userid):
@can_create(Ban)
@can_edit(User)
def add_ban(request, user, userid):
""" Ajouter un banissement, nécessite au moins le droit bofh
(a fortiori bureau)
Syntaxe : JJ/MM/AAAA , heure optionnelle, prend effet immédiatement"""
try:
user = User.objects.get(pk=userid)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect(reverse('users:index'))
ban_instance = Ban(user=user)
ban = BanForm(request.POST or None, instance=ban_instance)
if ban.is_valid():
......@@ -434,7 +405,6 @@ def add_ban(request, userid):
)
return form({'userform': ban}, 'users/user.html', request)
@login_required
@permission_required('bofh')
def edit_ban(request, banid):
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment