Commit 56e93f4d authored by LEVY-FALK Hugo's avatar LEVY-FALK Hugo Committed by root

fix de @can_edit

parent f37958fd
...@@ -79,12 +79,12 @@ def can_edit(model, *instance_id): ...@@ -79,12 +79,12 @@ def can_edit(model, *instance_id):
instances = {} instances = {}
for i in instance_id: for i in instance_id:
try: try:
instances[i] = model.objects.get(pk=i) instances[i] = model.objects.get(pk=kwargs[i])
except model.DoesNotExist: except model.DoesNotExist:
messages.error(request, u"Entrée inexistante") messages.error(request, u"Entrée inexistante")
return redirect(reverse('users:index')) return redirect(reverse('users:index'))
kwargs['instances'] = instances kwargs['instances'] = instances
can = all(model.can_edit(request, instances[i]) for i in instances) can = all(model.can_edit(instances[i], request.user) for i in instances)
if not can: if not can:
messages.error(request, "Vous ne pouvez pas accéder à ce menu") messages.error(request, "Vous ne pouvez pas accéder à ce menu")
return redirect(reverse('users:profil', return redirect(reverse('users:profil',
......
...@@ -92,7 +92,7 @@ from machines.models import Machine ...@@ -92,7 +92,7 @@ from machines.models import Machine
from preferences.models import OptionalUser, GeneralOption from preferences.models import OptionalUser, GeneralOption
from re2o.views import form from re2o.views import form
from re2o.utils import all_has_access, SortTable, can_create from re2o.utils import all_has_access, SortTable, can_create, can_edit
def password_change_action(u_form, user, request, req=False): def password_change_action(u_form, user, request, req=False):
""" Fonction qui effectue le changeemnt de mdp bdd""" """ Fonction qui effectue le changeemnt de mdp bdd"""
...@@ -203,7 +203,8 @@ def select_user_edit_form(request, user): ...@@ -203,7 +203,8 @@ def select_user_edit_form(request, user):
@login_required @login_required
def edit_info(request, userid): @can_edit(User, 'userid')
def edit_info(request, userid, **kwargs):
""" Edite un utilisateur à partir de son id, """ Edite un utilisateur à partir de son id,
si l'id est différent de request.user, vérifie la si l'id est différent de request.user, vérifie la
possession du droit cableur """ possession du droit cableur """
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment