[auf_rh_dae.git] / project / views.py

# -*- encoding: utf-8 -*-

import os
from sendfile import sendfile

from django.conf import settings
from django.contrib.auth.decorators import login_required
from django.contrib.auth.views import login
from django.http import Http404

from project.decorators import redirect_interdiction
from project.rh import models as rh_models
from project.dae import models as dae_models


def index(request):
    return login(request, template_name='index.html')


@login_required
def piece(request, filename):
    """Téléchargement d'une pièce jointe à un poste."""
    # compatibilité avec DAE prod avant sécurité
    try:
        app, model, id, f = filename.split('/')
    except:
        path = os.path.join(settings.PRIVE_MEDIA_ROOT, filename)
        return sendfile(request, path)

    if app == 'rh':
        application = rh_models
    elif app == 'dae':
        application = dae_models
    else:
        assert False
    if model == 'contrat':
        # TODO definir peut-être un controle d'accès
        for contrat in application.Contrat.objects.filter(fichier=filename):
            if contrat.fichier.name == filename:
                return sendfile(request, contrat.fichier.path)
        raise Http404
    elif model == 'employe':
        # TODO definir peut-être un controle d'accès
        for piece in application.EmployePiece.objects.filter(fichier=filename):
            if piece.fichier.name == filename:
                return sendfile(request, piece.fichier.path)
        raise Http404
    elif model == 'poste':
        for piece in application.PostePiece.objects.filter(fichier=filename):
            if piece.fichier.name == filename:
                if application.Poste.objects \
                   .ma_region_ou_service(request.user) \
                   .filter(id=piece.poste_id).exists():
                    return sendfile(request, piece.fichier.path)
                else:
                    return redirect_interdiction(request)
        raise Http404
    elif model == 'dossier':
        for piece in application.DossierPiece.objects.filter(fichier=filename):
            if piece.fichier.name == filename:
                if application.Dossier.objects \
                   .ma_region_ou_service(request.user) \
                   .filter(id=piece.dossier_id).exists():
                    return sendfile(request, piece.fichier.path)
                else:
                    return redirect_interdiction(request)
        raise Http404
Commit	Line	Data
fd5f1d55	1	# -- encoding: utf-8 --
5be60939 OL	2
	3	import os
	4	from sendfile import sendfile
	5
	6	from django.conf import settings
5be60939	7	from django.contrib.auth.decorators import login_required
852aca18	8	from django.contrib.auth.views import login
987dc083	9	from django.http import Http404
5be60939	10
acbc95a1	11	from project.decorators import redirect_interdiction
811d6ad1 EMS	12	from project.rh import models as rh_models
811d6ad1 EMS	13	from project.dae import models as dae_models
fd5f1d55	14
987dc083	15
fd5f1d55	16	def index(request):
852aca18	17	return login(request, template_name='index.html')
5be60939	18
987dc083	19
5be60939 OL	20	@login_required
	21	def piece(request, filename):
	22	"""Téléchargement d'une pièce jointe à un poste."""
	23	# compatibilité avec DAE prod avant sécurité
	24	try:
	25	app, model, id, f = filename.split('/')
	26	except:
	27	path = os.path.join(settings.PRIVE_MEDIA_ROOT, filename)
	28	return sendfile(request, path)
	29
811d6ad1 EMS	30	if app == 'rh':
	31	application = rh_models
	32	elif app == 'dae':
	33	application = dae_models
	34	else:
	35	assert False
5be60939 OL	36	if model == 'contrat':
5be60939 OL	37	# TODO definir peut-être un controle d'accès
987dc083 EMS	38	for contrat in application.Contrat.objects.filter(fichier=filename):
	39	if contrat.fichier.name == filename:
	40	return sendfile(request, contrat.fichier.path)
	41	raise Http404
	42	elif model == 'employe':
5be60939	43	# TODO definir peut-être un controle d'accès
987dc083 EMS	44	for piece in application.EmployePiece.objects.filter(fichier=filename):
	45	if piece.fichier.name == filename:
	46	return sendfile(request, piece.fichier.path)
	47	raise Http404
	48	elif model == 'poste':
	49	for piece in application.PostePiece.objects.filter(fichier=filename):
	50	if piece.fichier.name == filename:
	51	if application.Poste.objects \
	52	.ma_region_ou_service(request.user) \
	53	.filter(id=piece.poste_id).exists():
	54	return sendfile(request, piece.fichier.path)
	55	else:
	56	return redirect_interdiction(request)
	57	raise Http404
	58	elif model == 'dossier':
	59	for piece in application.DossierPiece.objects.filter(fichier=filename):
	60	if piece.fichier.name == filename:
	61	if application.Dossier.objects \
	62	.ma_region_ou_service(request.user) \
	63	.filter(id=piece.dossier_id).exists():
	64	return sendfile(request, piece.fichier.path)
	65	else:
	66	return redirect_interdiction(request)
	67	raise Http404