protect against usurpation
[auf_rh_dae.git] / project / recrutement / views.py
CommitLineData
6f2d5d58 1# -*- encoding: utf-8 -*-
89e948de 2
32834000 3from django.core.urlresolvers import reverse
76b89254 4from django.contrib import messages
7f25c8a6 5from django.views.static import serve
940c9dd8
OL
6from django.http import HttpResponseRedirect
7from django.shortcuts import render_to_response, redirect
32834000
NBV
8from django.template import Context, RequestContext, Template
9from django.core.mail import EmailMultiAlternatives
6f2d5d58 10
362a3534 11from forms import *
12from models import *
940c9dd8 13from recrutement.workflow import recrutement_groupes
7f25c8a6
OL
14
15################################################################################
16# MEDIA PRIVE
17################################################################################
18
19def mediaserve(request, path, document_root=None, show_indexes=False):
20 """
21 Sécuriser l'accès aux fichiers uploadés
22 """
23 grant_ok = False
24 user = request.user
25
26 for grp in user.groups.all():
27 if grp in recrutement_groupes:
28 grant_ok = True
29 break
30
31 if not grant_ok:
32 return redirect_interdiction(request)
33
34 return serve(request, path, document_root, show_indexes)
6f2d5d58 35
36def index(request):
362a3534 37 return render_to_response('recrutement/index.html', {},
38 RequestContext(request))
39
32834000
NBV
40def selectionner_template(request):
41 candidat_ids = request.GET.get('ids')
42 if request.method == "POST":
43 form = CandidatCourrielTemplateForm(request.POST)
44 if form.is_valid():
45 form.save()
46 courriel_template_id = form.get_template()
47
48 return HttpResponseRedirect(reverse('envoyer_courriel_candidats')+
dc7faf2b 49 "?ids_cand=%s&id_temp=%s" % (candidat_ids, courriel_template_id))
32834000
NBV
50 else:
51 form = CandidatCourrielTemplateForm()
52
53 c = {'form' : form}
54 return render_to_response("recrutement/selectionner_template.html",
55 Context(c), context_instance = RequestContext(request))
56
d84c3a68 57def envoyer_courriel_candidats(request):
32834000 58 candidat_ids = request.GET.get('ids_cand').split(',')
d84c3a68 59 candidats = Candidat.objects.filter(id__in=candidat_ids)
32834000
NBV
60 template_id = request.GET.get('id_temp')
61 template = CourrielTemplate.objects.get(id=template_id)
4e8340cf 62
d84c3a68 63 if request.method == "POST":
32834000
NBV
64 form = CandidatCourrielForm(request.POST, instance=template,
65 candidats=candidats, template=template)
66
d84c3a68 67 if form.is_valid():
68 form.save()
32834000
NBV
69 courriel_template = CourrielTemplate()
70 courriel_template.nom_modele = template.nom_modele
71 courriel_template.sujet = form.data['sujet']
72 courriel_template.plain_text = form.data['plain_text']
73 courriel_template.html = form.data['html']
74 for cand in candidats:
ba70513a 75 send_templated_email(cand, courriel_template)
d84c3a68 76 messages.add_message(request, messages.SUCCESS,
32834000 77 "Le email a été envoyé aux candidats.")
d84c3a68 78 return redirect("admin:recrutement_candidat_changelist")
79 else:
32834000
NBV
80 form = CandidatCourrielForm(candidats=candidats, template=template,
81 initial={'sujet': template.sujet,
82 'plain_text': template.plain_text,
83 'html': template.html})
d84c3a68 84
85 c = {'form' : form}
86 return render_to_response("recrutement/envoyer_courriel_candidats.html",
87 Context(c), context_instance = RequestContext(request))
88
514db699
NBV
89def affecter_evaluateurs_offre_emploi(request):
90 offre_emploi_ids = request.GET.get('ids').split(',')
91 offres_emploi = OffreEmploi.objects.filter(id__in=offre_emploi_ids)
514db699 92 if request.method == "POST":
540dfae4 93 form = EvaluateurForm(request.POST, offres_emploi=offres_emploi)
514db699
NBV
94 if form.is_valid():
95 form.save()
96 messages.add_message(request, messages.SUCCESS,
540dfae4 97 "Les évaluateurs ont été affectés aux offres d'emploi.")
940c9dd8 98 return redirect("admin:recrutement_proxyoffreemploi_changelist")
514db699 99 else:
540dfae4 100 form = EvaluateurForm(offres_emploi=offres_emploi)
514db699
NBV
101
102 c = {'form' : form}
103 return render_to_response("recrutement/affecter_evaluateurs.html",
104 Context(c), context_instance = RequestContext(request))
b8b74dee
NBV
105
106def send_templated_email(candidat, template):
76b89254 107 from django.conf import settings
b8b74dee
NBV
108 # Sujet
109 sujet_template = Template(template.sujet)
110 dict_sujet = {"offre_emploi": candidat.offre_emploi.nom,}
111 sujet = Context(dict_sujet)
112 # Plain text
113 texte_template = Template(template.plain_text)
114 dict_texte = {"nom_candidat": candidat.nom,
115 "prenom_candidat": candidat.prenom,
116 "offre_emploi": candidat.offre_emploi.nom,
117 "genre_candidat": "Monsieur" if candidat.genre == "M" \
118 else "Madame",
119 }
120 texte = Context(dict_texte)
121 # HTML text
122 html_template = Template(template.html)
123 texte_html = Context(dict_texte)
76b89254
OL
124 if settings.DEBUG:
125 dst_emails = ['developpeurs@ca.auf.org', ]
126 else:
127 dst_emails = [candidat.email, ]
b8b74dee
NBV
128 msg = EmailMultiAlternatives(sujet_template.render(sujet),
129 texte_template.render(texte),
130 'recrutement@auf.org',
76b89254
OL
131 dst_emails,
132 )
b8b74dee
NBV
133 msg.attach_alternative(texte_template.render(texte_html), "text/html")
134 msg.send()
32c22f96
NBV
135
136
137def candidat_pdf(request):
138 candidat_id = request.GET.get('id')
139 candidat = Candidat.objects.get(id=candidat_id)
140
141 return render_to_response("recrutement/candidat_pdf.html",
142 Context({'candidat' : candidat}), context_instance = RequestContext(request))