upgrade
[auf_rh_dae.git] / project / views.py
1 # -*- encoding: utf-8 -*-
2
3 import os
4 from sendfile import sendfile
5
6 from django.conf import settings
7 from django.shortcuts import render
8 from django.contrib.auth.decorators import login_required
9 from django.http import Http404
10
11 from project.decorators import redirect_interdiction
12 from project.rh import models as rh_models
13 from project.dae import models as dae_models
14
15
16 @login_required
17 def index(request):
18 c = {}
19 return render(request, 'index.html', c)
20
21
22 @login_required
23 def piece(request, filename):
24 """Téléchargement d'une pièce jointe à un poste."""
25 # compatibilité avec DAE prod avant sécurité
26 try:
27 app, model, id, f = filename.split('/')
28 except:
29 path = os.path.join(settings.PRIVE_MEDIA_ROOT, filename)
30 return sendfile(request, path)
31
32 if app == 'rh':
33 application = rh_models
34 elif app == 'dae':
35 application = dae_models
36 else:
37 assert False
38 if model == 'contrat':
39 # TODO definir peut-être un controle d'accès
40 for contrat in application.Contrat.objects.filter(fichier=filename):
41 if contrat.fichier.name == filename:
42 return sendfile(request, contrat.fichier.path)
43 raise Http404
44 elif model == 'employe':
45 # TODO definir peut-être un controle d'accès
46 for piece in application.EmployePiece.objects.filter(fichier=filename):
47 if piece.fichier.name == filename:
48 return sendfile(request, piece.fichier.path)
49 raise Http404
50 elif model == 'poste':
51 for piece in application.PostePiece.objects.filter(fichier=filename):
52 if piece.fichier.name == filename:
53 if application.Poste.objects \
54 .ma_region_ou_service(request.user) \
55 .filter(id=piece.poste_id).exists():
56 return sendfile(request, piece.fichier.path)
57 else:
58 return redirect_interdiction(request)
59 raise Http404
60 elif model == 'dossier':
61 for piece in application.DossierPiece.objects.filter(fichier=filename):
62 if piece.fichier.name == filename:
63 if application.Dossier.objects \
64 .ma_region_ou_service(request.user) \
65 .filter(id=piece.dossier_id).exists():
66 return sendfile(request, piece.fichier.path)
67 else:
68 return redirect_interdiction(request)
69 raise Http404