X-Git-Url: http://git.auf.org/?p=auf_rh_dae.git;a=blobdiff_plain;f=project%2Fviews.py;h=fd832643650194dda3918378af38a1a165d6c271;hp=a69e1b12a85c184f9c86a8b029690737d6501ddc;hb=332de18540677c8aaad118f02ce4e04fa5ed2bab;hpb=1d7c6a04c6f73fb0cc4996704bdc90279419f0d1 diff --git a/project/views.py b/project/views.py index a69e1b1..fd83264 100644 --- a/project/views.py +++ b/project/views.py @@ -4,14 +4,20 @@ import os from sendfile import sendfile from django.conf import settings +from django.shortcuts import render from django.contrib.auth.decorators import login_required -from django.contrib.auth.views import login -from django.shortcuts import get_object_or_404 +from django.http import Http404 from project.decorators import redirect_interdiction +from project.rh import models as rh_models +from project.dae import models as dae_models + +@login_required def index(request): - return login(request, template_name='index.html') + c = {} + return render(request, 'index.html', c) + @login_required def piece(request, filename): @@ -23,25 +29,41 @@ def piece(request, filename): path = os.path.join(settings.PRIVE_MEDIA_ROOT, filename) return sendfile(request, path) - application = __import__('project.' + app).models + if app == 'rh': + application = rh_models + elif app == 'dae': + application = dae_models + else: + assert False if model == 'contrat': # TODO definir peut-être un controle d'accès - piece = get_object_or_404(application.Contrat, fichier=filename) - return sendfile(request, piece.fichier.path) - if model == 'employe': + for contrat in application.Contrat.objects.filter(fichier=filename): + if contrat.fichier.name == filename: + return sendfile(request, contrat.fichier.path) + raise Http404 + elif model == 'employe': # TODO definir peut-être un controle d'accès - piece = get_object_or_404(application.EmployePiece, fichier=filename) - return sendfile(request, piece.fichier.path) - if model == 'poste': - piece = get_object_or_404(application.PostePiece, fichier=filename) - if application.Poste.objects.ma_region_ou_service(request.user).filter(id=piece.poste_id).exists(): - return sendfile(request, piece.fichier.path) - else: - return redirect_interdiction(request) - if model == 'dossier': - piece = get_object_or_404(application.DossierPiece, fichier=filename) - if application.Dossier.objects.ma_region_ou_service(request.user).filter(id=piece.dossier_id).exists(): - return sendfile(request, piece.fichier.path) - else: - return redirect_interdiction(request) - + for piece in application.EmployePiece.objects.filter(fichier=filename): + if piece.fichier.name == filename: + return sendfile(request, piece.fichier.path) + raise Http404 + elif model == 'poste': + for piece in application.PostePiece.objects.filter(fichier=filename): + if piece.fichier.name == filename: + if application.Poste.objects \ + .ma_region_ou_service(request.user) \ + .filter(id=piece.poste_id).exists(): + return sendfile(request, piece.fichier.path) + else: + return redirect_interdiction(request) + raise Http404 + elif model == 'dossier': + for piece in application.DossierPiece.objects.filter(fichier=filename): + if piece.fichier.name == filename: + if application.Dossier.objects \ + .ma_region_ou_service(request.user) \ + .filter(id=piece.dossier_id).exists(): + return sendfile(request, piece.fichier.path) + else: + return redirect_interdiction(request) + raise Http404