Multiples zones par user implémenté
[auf_rh_dae.git] / project / permissions.py
CommitLineData
7000b7b3
DB
1# -*- encoding: utf-8 -*
2
3from project import groups
e8b6a20c 4from project.groups import get_employe_from_user, get_zones_from_user
7000b7b3
DB
5from project.decorators import in_drh_or_admin
6
e8b6a20c 7from auf.django.references import models as ref
7000b7b3
DB
8from rh import models as rh
9
10def user_gere_obj_de_sa_region(user):
3383b2d1
OL
11 user_groups = [g.name for g in user.groups.all()]
12 if groups.CORRESPONDANT_RH in user_groups or \
13 groups.ADMINISTRATEURS in user_groups or \
14 groups.DIRECTEUR_DE_BUREAU in user_groups:
7000b7b3
DB
15 return True
16 return False
17
18def user_can_add_obj(user):
19 if user_gere_obj_de_sa_region(user) or \
20 in_drh_or_admin(user):
21 return True
22 return False
23
25f2c148
OL
24def user_can_list_obj(user):
25 if user_gere_obj_de_sa_region(user) or \
26 in_drh_or_admin(user):
27 return True
28 return False
29
7000b7b3
DB
30def user_can_change_obj(user, obj):
31 if in_drh_or_admin(user) or (
32 user_gere_obj_de_sa_region(user) and \
33 obj_in_region_user(user, obj)):
34 return True
35 return False
36
37def user_can_delete_obj(user, obj):
38 return in_drh_or_admin(user)
39
e8b6a20c 40
7000b7b3
DB
41# helpers
42def obj_in_region_user(user, obj):
e8b6a20c 43 zones = get_zones_from_user(user)
7000b7b3
DB
44 if isinstance(obj, rh.Employe):
45 return True
46 if isinstance(obj, rh.Dossier):
47 return True
48 if isinstance(obj, rh.Poste):
e8b6a20c 49 return obj.implantation.zone_administrative in zones
7000b7b3
DB
50 return False
51