e14a10d6538c2ba2e95d462b97039cf346dcbffc
1 # -*- encoding: utf-8 -*-
4 from sendfile
import sendfile
6 from django
.conf
import settings
7 from django
.contrib
.auth
.decorators
import login_required
8 from django
.contrib
.auth
.views
import login
9 from django
.shortcuts
import get_object_or_404
11 from project
.decorators
import redirect_interdiction
12 from project
.rh
import models
as rh_models
13 from project
.dae
import models
as dae_models
16 return login(request
, template_name
='index.html')
19 def piece(request
, filename
):
20 """Téléchargement d'une pièce jointe à un poste."""
21 # compatibilité avec DAE prod avant sécurité
23 app
, model
, id, f
= filename
.split('/')
25 path
= os
.path
.join(settings
.PRIVE_MEDIA_ROOT
, filename
)
26 return sendfile(request
, path
)
29 application
= rh_models
31 application
= dae_models
34 if model
== 'contrat':
35 # TODO definir peut-être un controle d'accès
36 piece
= get_object_or_404(application
.Contrat
, fichier
=filename
)
37 return sendfile(request
, piece
.fichier
.path
)
38 if model
== 'employe':
39 # TODO definir peut-être un controle d'accès
40 piece
= get_object_or_404(application
.EmployePiece
, fichier
=filename
)
41 return sendfile(request
, piece
.fichier
.path
)
43 piece
= get_object_or_404(application
.PostePiece
, fichier
=filename
)
44 if application
.Poste
.objects
.ma_region_ou_service(request
.user
).filter(id=piece
.poste_id
).exists():
45 return sendfile(request
, piece
.fichier
.path
)
47 return redirect_interdiction(request
)
48 if model
== 'dossier':
49 piece
= get_object_or_404(application
.DossierPiece
, fichier
=filename
)
50 if application
.Dossier
.objects
.ma_region_ou_service(request
.user
).filter(id=piece
.dossier_id
).exists():
51 return sendfile(request
, piece
.fichier
.path
)
53 return redirect_interdiction(request
)
projets / auf_rh_dae.git / blob