"""
Décorateurs AUF
"""
-from django.contrib.auth.decorators import user_passes_test
-from django.core.urlresolvers import reverse
+#from django.contrib.auth.decorators import user_passes_test
+#from django.core.exceptions import PermissionDenied
+#from django.core.urlresolvers import reverse
from django.http import HttpResponseRedirect
+from django.shortcuts import redirect
from permissions import is_employe, is_admin
+#from datamaster_modeles import models as ref
+from dae.utils import get_employe_from_user
+from rh import models as rh
+
# Décorateurs des fonctions dans views (pour tester permissions dans views)
def admin_required(fn):
tup = login_url, REDIRECT_FIELD_NAME, path
return HttpResponseRedirect('%s?%s=%s' % tup)
return inner
+
+def user_is_this_employe(fn):
+ """
+ Décorateur qui vérifie si le user est l'employé demandé.
+ Succes = execution de la vue.
+ Echec = page d'erreur de permission
+ """
+ def inner(request, id, *args, **kwargs):
+ id = int(id)
+ user = request.user
+ employe = get_employe_from_user(user)
+ if user.is_authenticated() and employe and id==employe.id:
+ return fn(request, id, *args, **kwargs)
+# raise PermissionDenied
+ return redirect('550')
+ return inner
urlpatterns = patterns(
'project.rh.views',
url(r'^employes/$', 'employes_liste', name='rh_employes'),
- url(r'^employes/(?P<id>.*)/perso$', 'perso', name='rh_perso'),
- url(r'^employes/(?P<id>.*)$', 'employe', name='rh_employe'),
+ url(r'^employes/(?P<id>\d+)/perso$', 'perso', name='rh_perso'),
+ url(r'^employes/(?P<id>\d+)$', 'employe', name='rh_employe'),
)
# -*- encoding: utf-8 -*-
+from django.contrib.auth.decorators import login_required
from django.shortcuts import redirect, render_to_response, get_object_or_404
from django.template import RequestContext
#from datamaster_modeles import models as ref
from project.rh import models as rh
+from project.decorators import user_is_this_employe
-# homes
+# homes
+@user_is_this_employe
def perso(request, id):
"""Espace personnel de l'employé."""
try:
return render_to_response('rh/perso.html', c, RequestContext(request))
# employes
+@login_required
def employes_liste(request):
"""Liste des employés."""
employes = rh.Employe.objects.all()
}
return render_to_response('rh/employes_liste.html', c, RequestContext(request))
+@login_required
def employe(request, id):
"""Information publique sur un employé."""
try:
--- /dev/null
+{% extends 'base.html' %}
+
+{% block title %}RH - Erreur{% endblock %}
+{% block sous_titre %}Erreur 404{% endblock %}
+
+{% block main %}
+<h1 class="msgNegatif">Page non trouvée</h1>
+
+<p>
+La page demandée n'a pas été trouvée dans le système.
+</p>
+{% endblock %}
--- /dev/null
+{% extends 'base.html' %}
+
+{% block title %}RH - Erreur{% endblock %}
+{% block sous_titre %}Erreur 500{% endblock %}
+
+{% block main %}
+<h1 class="msgNegatif">Erreur interne du système</h1>
+
+<p>
+Le système a rencontré une erreur interne et n'a pas pu traiter votre demande.
+</p>
+{% endblock %}
--- /dev/null
+{% extends 'base.html' %}
+
+{% block title %}RH - Erreur{% endblock %}
+{% block sous_titre %}Erreur 550{% endblock %}
+
+{% block main %}
+<h1 class="msgNegatif">Permission non accordée</h1>
+
+<p>
+Vous n'avez pas les permissions nécessaires pour faire l'action demandée.
+</p>
+{% endblock %}
(r'^tinymce/', include('tinymce.urls')),
(r'^prive/(?P<path>.*)$', 'django.views.static.serve',
{'document_root': settings.PRIVE_MEDIA_ROOT}),
+ url(r'^404$', 'project.views.erreur404', name='404'),
+ url(r'^500$', 'project.views.erreur500', name='500'),
+ url(r'^550$', 'project.views.erreur550', name='550'),
# apps
(r'^dae/', include('project.dae.urls')),
@login_required
def index(request):
return render_to_response('index.html', {}, RequestContext(request))
+
+def erreur404(request) :
+ c = {
+ 'user':request.user,
+ }
+ return render_to_response('404.html', c,
+ context_instance = RequestContext(request))
+
+def erreur500(request) :
+ c = {
+ 'user':request.user,
+ }
+ return render_to_response('500.html', c,
+ context_instance = RequestContext(request))
+
+def erreur550(request) :
+ c = {
+ 'user':request.user,
+ }
+ return render_to_response('550.html', c,
+ context_instance = RequestContext(request))