Commit | Line | Data |
---|---|---|
fd5f1d55 | 1 | # -*- encoding: utf-8 -*- |
5be60939 OL |
2 | |
3 | import os | |
4 | from sendfile import sendfile | |
5 | ||
6 | from django.conf import settings | |
5be60939 | 7 | from django.contrib.auth.decorators import login_required |
852aca18 | 8 | from django.contrib.auth.views import login |
987dc083 | 9 | from django.http import Http404 |
5be60939 | 10 | |
acbc95a1 | 11 | from project.decorators import redirect_interdiction |
811d6ad1 EMS |
12 | from project.rh import models as rh_models |
13 | from project.dae import models as dae_models | |
fd5f1d55 | 14 | |
987dc083 | 15 | |
fd5f1d55 | 16 | def index(request): |
852aca18 | 17 | return login(request, template_name='index.html') |
5be60939 | 18 | |
987dc083 | 19 | |
5be60939 OL |
20 | @login_required |
21 | def piece(request, filename): | |
22 | """Téléchargement d'une pièce jointe à un poste.""" | |
23 | # compatibilité avec DAE prod avant sécurité | |
24 | try: | |
25 | app, model, id, f = filename.split('/') | |
26 | except: | |
27 | path = os.path.join(settings.PRIVE_MEDIA_ROOT, filename) | |
28 | return sendfile(request, path) | |
29 | ||
811d6ad1 EMS |
30 | if app == 'rh': |
31 | application = rh_models | |
32 | elif app == 'dae': | |
33 | application = dae_models | |
34 | else: | |
35 | assert False | |
5be60939 OL |
36 | if model == 'contrat': |
37 | # TODO definir peut-être un controle d'accès | |
987dc083 EMS |
38 | for contrat in application.Contrat.objects.filter(fichier=filename): |
39 | if contrat.fichier.name == filename: | |
40 | return sendfile(request, contrat.fichier.path) | |
41 | raise Http404 | |
42 | elif model == 'employe': | |
5be60939 | 43 | # TODO definir peut-être un controle d'accès |
987dc083 EMS |
44 | for piece in application.EmployePiece.objects.filter(fichier=filename): |
45 | if piece.fichier.name == filename: | |
46 | return sendfile(request, piece.fichier.path) | |
47 | raise Http404 | |
48 | elif model == 'poste': | |
49 | for piece in application.PostePiece.objects.filter(fichier=filename): | |
50 | if piece.fichier.name == filename: | |
51 | if application.Poste.objects \ | |
52 | .ma_region_ou_service(request.user) \ | |
53 | .filter(id=piece.poste_id).exists(): | |
54 | return sendfile(request, piece.fichier.path) | |
55 | else: | |
56 | return redirect_interdiction(request) | |
57 | raise Http404 | |
58 | elif model == 'dossier': | |
59 | for piece in application.DossierPiece.objects.filter(fichier=filename): | |
60 | if piece.fichier.name == filename: | |
61 | if application.Dossier.objects \ | |
62 | .ma_region_ou_service(request.user) \ | |
63 | .filter(id=piece.dossier_id).exists(): | |
64 | return sendfile(request, piece.fichier.path) | |
65 | else: | |
66 | return redirect_interdiction(request) | |
67 | raise Http404 |