Commit 8b044951 authored by chirac's avatar chirac

Ajoute des acls sur les vues critiques

parent 37cdd1d5
......@@ -5,7 +5,7 @@ from django.shortcuts import render, redirect
from django.shortcuts import render_to_response, get_object_or_404
from django.core.context_processors import csrf
from django.template import Context, RequestContext, loader
from django.contrib.auth.decorators import login_required
from django.contrib.auth.decorators import login_required, permission_required
from django.contrib import messages
from django.db.models import Max, ProtectedError
......@@ -91,6 +91,7 @@ def edit_facture(request, factureid):
return form({'factureform': facture_form}, 'cotisations/facture.html', request)
@login_required
@permission_required('trésorier')
def add_article(request):
article = ArticleForm(request.POST or None)
if article.is_valid():
......@@ -100,6 +101,7 @@ def add_article(request):
return form({'factureform': article}, 'cotisations/facture.html', request)
@login_required
@permission_required('trésorier')
def edit_article(request, articleid):
try:
article_instance = Article.objects.get(pk=articleid)
......@@ -114,6 +116,7 @@ def edit_article(request, articleid):
return form({'factureform': article}, 'cotisations/facture.html', request)
@login_required
@permission_required('trésorier')
def del_article(request):
article = DelArticleForm(request.POST or None)
if article.is_valid():
......@@ -124,6 +127,7 @@ def del_article(request):
return form({'factureform': article}, 'cotisations/facture.html', request)
@login_required
@permission_required('trésorier')
def add_paiement(request):
paiement = PaiementForm(request.POST or None)
if paiement.is_valid():
......@@ -133,6 +137,7 @@ def add_paiement(request):
return form({'factureform': paiement}, 'cotisations/facture.html', request)
@login_required
@permission_required('trésorier')
def edit_paiement(request, paiementid):
try:
paiement_instance = Paiement.objects.get(pk=paiementid)
......@@ -147,6 +152,7 @@ def edit_paiement(request, paiementid):
return form({'factureform': paiement}, 'cotisations/facture.html', request)
@login_required
@permission_required('trésorier')
def del_paiement(request):
paiement = DelPaiementForm(request.POST or None)
if paiement.is_valid():
......@@ -161,6 +167,7 @@ def del_paiement(request):
return form({'factureform': paiement}, 'cotisations/facture.html', request)
@login_required
@permission_required('trésorier')
def add_banque(request):
banque = BanqueForm(request.POST or None)
if banque.is_valid():
......@@ -170,6 +177,7 @@ def add_banque(request):
return form({'factureform': banque}, 'cotisations/facture.html', request)
@login_required
@permission_required('trésorier')
def edit_banque(request, banqueid):
try:
banque_instance = Article.objects.get(pk=banqueid)
......@@ -184,6 +192,7 @@ def edit_banque(request, banqueid):
return form({'factureform': banque}, 'cotisations/facture.html', request)
@login_required
@permission_required('trésorier')
def del_banque(request):
banque = DelBanqueForm(request.POST or None)
if banque.is_valid():
......
from django.shortcuts import render, redirect
from django.contrib import messages
from django.contrib.auth.decorators import login_required
from django.contrib.auth.decorators import login_required, permission_required
from django.db import IntegrityError
from topologie.models import Switch, Port
......@@ -23,6 +23,7 @@ def index_port(request, switch_id):
return render(request, 'topologie/index_p.html', {'port_list':port_list, 'id_switch':switch_id, 'nom_switch':switch})
@login_required
@permission_required('admin')
def new_port(request, switch_id):
try:
switch = Switch.objects.get(pk=switch_id)
......@@ -42,6 +43,7 @@ def new_port(request, switch_id):
return form({'topoform':port}, 'topologie/port.html', request)
@login_required
@permission_required('admin')
def edit_port(request, port_id):
try:
port = Port.objects.get(pk=port_id)
......@@ -56,6 +58,7 @@ def edit_port(request, port_id):
return form({'topoform':port}, 'topologie/port.html', request)
@login_required
@permission_required('admin')
def new_switch(request):
switch = EditSwitchForm(request.POST or None)
if switch.is_valid():
......@@ -65,6 +68,7 @@ def new_switch(request):
return form({'topoform':switch}, 'topologie/port.html', request)
@login_required
@permission_required('admin')
def edit_switch(request, switch_id):
try:
switch = Switch.objects.get(pk=switch_id)
......
......@@ -8,7 +8,6 @@ from django.contrib.auth.models import AbstractBaseUser, BaseUserManager
from topologie.models import Room
def remove_user_room(room):
""" Déménage de force l'ancien locataire de la chambre """
try:
......@@ -133,8 +132,12 @@ class User(AbstractBaseUser):
def get_short_name(self):
return self.name
def has_perm(self, perm, obj=None):
# Simplest version
def has_perms(self, perms, obj=None):
for perm in perms:
try:
Right.objects.get(user=self, right__listright=perm)
except Right.DoesNotExist:
return False
return True
def has_module_perms(self, app_label):
......
......@@ -5,12 +5,12 @@ from django.shortcuts import render_to_response, render, redirect
from django.core.context_processors import csrf
from django.template import RequestContext
from django.contrib import messages
from django.contrib.auth.decorators import login_required
from django.contrib.auth.decorators import login_required, permission_required
from django.db.models import Max, ProtectedError
from django.db import IntegrityError
from django.utils import timezone
from users.models import User, Right, Ban, Whitelist
from users.models import User, Right, Ban, Whitelist, School
from users.models import DelRightForm, BanForm, WhitelistForm, DelSchoolForm
from users.models import InfoForm, StateForm, RightForm, SchoolForm
from cotisations.models import Facture
......@@ -154,6 +154,7 @@ def password(request, userid):
return form({'userform': u_form}, 'users/user.html', request)
@login_required
@permission_required('bureau')
def add_right(request, userid):
try:
user = User.objects.get(pk=userid)
......@@ -173,6 +174,7 @@ def add_right(request, userid):
return form({'userform': right}, 'users/user.html', request)
@login_required
@permission_required('bureau')
def del_right(request):
right = DelRightForm(request.POST or None)
if right.is_valid():
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment