[auf_rh_dae.git] / project / views.py

# -*- encoding: utf-8 -*-

import os
from sendfile import sendfile

from django.conf import settings
from django.contrib.auth.decorators import login_required
from django.contrib.auth.views import login
from django.shortcuts import get_object_or_404

from project.decorators import redirect_interdiction
from project.rh import models as rh_models
from project.dae import models as dae_models

def index(request):
    return login(request, template_name='index.html')

@login_required
def piece(request, filename):
    """Téléchargement d'une pièce jointe à un poste."""
    # compatibilité avec DAE prod avant sécurité
    try:
        app, model, id, f = filename.split('/')
    except:
        path = os.path.join(settings.PRIVE_MEDIA_ROOT, filename)
        return sendfile(request, path)

    if app == 'rh':
        application = rh_models
    elif app == 'dae':
        application = dae_models
    else:
        assert False
    if model == 'contrat':
        # TODO definir peut-être un controle d'accès
        piece = get_object_or_404(application.Contrat, fichier=filename)
        return sendfile(request, piece.fichier.path)
    if model == 'employe':
        # TODO definir peut-être un controle d'accès
        piece = get_object_or_404(application.EmployePiece, fichier=filename)
        return sendfile(request, piece.fichier.path)
    if model == 'poste':
        piece = get_object_or_404(application.PostePiece, fichier=filename)
        if application.Poste.objects.ma_region_ou_service(request.user).filter(id=piece.poste_id).exists():
            return sendfile(request, piece.fichier.path)
        else:
            return redirect_interdiction(request)
    if model == 'dossier':
        piece = get_object_or_404(application.DossierPiece, fichier=filename)
        if application.Dossier.objects.ma_region_ou_service(request.user).filter(id=piece.dossier_id).exists():
            return sendfile(request, piece.fichier.path)
        else:
            return redirect_interdiction(request)
Commit	Line	Data
fd5f1d55	1	# -- encoding: utf-8 --
5be60939 OL	2
	3	import os
	4	from sendfile import sendfile
	5
	6	from django.conf import settings
5be60939	7	from django.contrib.auth.decorators import login_required
852aca18	8	from django.contrib.auth.views import login
890b80e7	9	from django.shortcuts import get_object_or_404
5be60939	10
acbc95a1	11	from project.decorators import redirect_interdiction
811d6ad1 EMS	12	from project.rh import models as rh_models
811d6ad1 EMS	13	from project.dae import models as dae_models
fd5f1d55	14
fd5f1d55	15	def index(request):
852aca18	16	return login(request, template_name='index.html')
5be60939 OL	17
	18	@login_required
	19	def piece(request, filename):
	20	"""Téléchargement d'une pièce jointe à un poste."""
	21	# compatibilité avec DAE prod avant sécurité
	22	try:
	23	app, model, id, f = filename.split('/')
	24	except:
	25	path = os.path.join(settings.PRIVE_MEDIA_ROOT, filename)
	26	return sendfile(request, path)
	27
811d6ad1 EMS	28	if app == 'rh':
	29	application = rh_models
	30	elif app == 'dae':
	31	application = dae_models
	32	else:
	33	assert False
5be60939 OL	34	if model == 'contrat':
	35	# TODO definir peut-être un controle d'accès
	36	piece = get_object_or_404(application.Contrat, fichier=filename)
	37	return sendfile(request, piece.fichier.path)
	38	if model == 'employe':
	39	# TODO definir peut-être un controle d'accès
	40	piece = get_object_or_404(application.EmployePiece, fichier=filename)
	41	return sendfile(request, piece.fichier.path)
	42	if model == 'poste':
	43	piece = get_object_or_404(application.PostePiece, fichier=filename)
	44	if application.Poste.objects.ma_region_ou_service(request.user).filter(id=piece.poste_id).exists():
	45	return sendfile(request, piece.fichier.path)
	46	else:
	47	return redirect_interdiction(request)
	48	if model == 'dossier':
	49	piece = get_object_or_404(application.DossierPiece, fichier=filename)
	50	if application.Dossier.objects.ma_region_ou_service(request.user).filter(id=piece.dossier_id).exists():
	51	return sendfile(request, piece.fichier.path)
	52	else:
	53	return redirect_interdiction(request)
	54