#3774
[auf_rh_dae.git] / project / permissions.py
CommitLineData
7000b7b3
DB
1# -*- encoding: utf-8 -*
2
3from project import groups
4from project.groups import get_employe_from_user
5from project.decorators import in_drh_or_admin
6
7from rh import models as rh
8
9def user_gere_obj_de_sa_region(user):
3383b2d1
OL
10 user_groups = [g.name for g in user.groups.all()]
11 if groups.CORRESPONDANT_RH in user_groups or \
12 groups.ADMINISTRATEURS in user_groups or \
13 groups.DIRECTEUR_DE_BUREAU in user_groups:
7000b7b3
DB
14 return True
15 return False
16
17def user_can_add_obj(user):
18 if user_gere_obj_de_sa_region(user) or \
19 in_drh_or_admin(user):
20 return True
21 return False
22
25f2c148
OL
23def user_can_list_obj(user):
24 if user_gere_obj_de_sa_region(user) or \
25 in_drh_or_admin(user):
26 return True
27 return False
28
7000b7b3
DB
29def user_can_change_obj(user, obj):
30 if in_drh_or_admin(user) or (
31 user_gere_obj_de_sa_region(user) and \
32 obj_in_region_user(user, obj)):
33 return True
34 return False
35
36def user_can_delete_obj(user, obj):
37 return in_drh_or_admin(user)
38
39# helpers
40def obj_in_region_user(user, obj):
41 region_user = get_region_user(user)
42 if isinstance(obj, rh.Employe):
43 return True
44 if isinstance(obj, rh.Dossier):
45 return True
46 if isinstance(obj, rh.Poste):
b0cf30b8 47 return obj.implantation.zone_administrative == region_user
7000b7b3
DB
48 return False
49
50def get_region_user(user):
51 # gère actuellement qu'une seule région par user
52 employe = get_employe_from_user(user)
b0cf30b8 53 region_user = employe.implantation.zone_administrative
7000b7b3 54 return region_user