page perso : permission

diff --git a/project/decorators.py b/project/decorators.py
index 03430bf..2c543c8 100644 (file)
--- a/project/decorators.py
+++ b/project/decorators.py
@@ -2,11 +2,17 @@
 """
 Décorateurs AUF
 """
-from django.contrib.auth.decorators import user_passes_test
-from django.core.urlresolvers import reverse
+#from django.contrib.auth.decorators import user_passes_test
+#from django.core.exceptions import PermissionDenied
+#from django.core.urlresolvers import reverse
 from django.http import HttpResponseRedirect
+from django.shortcuts import redirect
 from permissions import is_employe, is_admin
 
+#from datamaster_modeles import models as ref
+from dae.utils import get_employe_from_user
+from rh import models as rh
+
 # Décorateurs des fonctions dans views (pour tester permissions dans views)
     
 def admin_required(fn):
@@ -23,3 +29,19 @@ def admin_required(fn):
             tup = login_url, REDIRECT_FIELD_NAME, path
             return HttpResponseRedirect('%s?%s=%s' % tup)
     return inner
+    
+def user_is_this_employe(fn):
+    """
+    Décorateur qui vérifie si le user est l'employé demandé.
+    Succes = execution de la vue.
+    Echec = page d'erreur de permission
+    """
+    def inner(request, id, *args, **kwargs):
+        id = int(id)
+        user = request.user
+        employe = get_employe_from_user(user)
+        if user.is_authenticated() and employe and id==employe.id:
+            return fn(request, id, *args, **kwargs)
+#        raise PermissionDenied
+        return redirect('550')
+    return inner

diff --git a/project/rh/urls.py b/project/rh/urls.py
index 3096093..76f1b89 100644 (file)
--- a/project/rh/urls.py
+++ b/project/rh/urls.py
@@ -4,6 +4,6 @@ from django.conf.urls.defaults import patterns, url
 urlpatterns = patterns(
     'project.rh.views',
     url(r'^employes/$', 'employes_liste', name='rh_employes'),
-    url(r'^employes/(?P<id>.*)/perso$', 'perso', name='rh_perso'),
-    url(r'^employes/(?P<id>.*)$', 'employe', name='rh_employe'),
+    url(r'^employes/(?P<id>\d+)/perso$', 'perso', name='rh_perso'),
+    url(r'^employes/(?P<id>\d+)$', 'employe', name='rh_employe'),
 )

diff --git a/project/rh/views.py b/project/rh/views.py
index 446dce3..17530fb 100644 (file)
--- a/project/rh/views.py
+++ b/project/rh/views.py
@@ -1,12 +1,15 @@
 # -*- encoding: utf-8 -*-
+from django.contrib.auth.decorators import login_required
 from django.shortcuts import redirect, render_to_response, get_object_or_404
 from django.template import RequestContext
 
 #from datamaster_modeles import models as ref
 from project.rh import models as rh
+from project.decorators import user_is_this_employe
 
 
-# homes    
+# homes
+@user_is_this_employe
 def perso(request, id):
     """Espace personnel de l'employé."""
     try:
@@ -20,6 +23,7 @@ def perso(request, id):
     return render_to_response('rh/perso.html', c, RequestContext(request))
     
 # employes
+@login_required
 def employes_liste(request):
     """Liste des employés."""
     employes = rh.Employe.objects.all()
@@ -29,6 +33,7 @@ def employes_liste(request):
         }
     return render_to_response('rh/employes_liste.html', c, RequestContext(request))
     
+@login_required
 def employe(request, id):
     """Information publique sur un employé."""
     try:

diff --git a/project/templates/404.html b/project/templates/404.html
new file mode 100644 (file)
index 0000000..cd0dda5
--- /dev/null
+++ b/project/templates/404.html
@@ -0,0 +1,12 @@
+{% extends 'base.html' %}
+
+{% block title %}RH - Erreur{% endblock %}
+{% block sous_titre %}Erreur 404{% endblock %}
+
+{% block main %}
+<h1 class="msgNegatif">Page non trouvée</h1>
+
+<p>
+La page demandée n'a pas été trouvée dans le système.
+</p>
+{% endblock %}

diff --git a/project/templates/500.html b/project/templates/500.html
new file mode 100644 (file)
index 0000000..b084e4e
--- /dev/null
+++ b/project/templates/500.html
@@ -0,0 +1,12 @@
+{% extends 'base.html' %}
+
+{% block title %}RH - Erreur{% endblock %}
+{% block sous_titre %}Erreur 500{% endblock %}
+
+{% block main %}
+<h1 class="msgNegatif">Erreur interne du système</h1>
+
+<p>
+Le système a rencontré une erreur interne et n'a pas pu traiter votre demande.
+</p>
+{% endblock %}

diff --git a/project/templates/550.html b/project/templates/550.html
new file mode 100644 (file)
index 0000000..ea1be49
--- /dev/null
+++ b/project/templates/550.html
@@ -0,0 +1,12 @@
+{% extends 'base.html' %}
+
+{% block title %}RH - Erreur{% endblock %}
+{% block sous_titre %}Erreur 550{% endblock %}
+
+{% block main %}
+<h1 class="msgNegatif">Permission non accordée</h1>
+
+<p>
+Vous n'avez pas les permissions nécessaires pour faire l'action demandée.
+</p>
+{% endblock %}

diff --git a/project/urls.py b/project/urls.py
index 2b1f742..2ee2a78 100644 (file)
--- a/project/urls.py
+++ b/project/urls.py
@@ -20,6 +20,9 @@ urlpatterns = patterns(
     (r'^tinymce/', include('tinymce.urls')),
     (r'^prive/(?P<path>.*)$', 'django.views.static.serve', 
         {'document_root': settings.PRIVE_MEDIA_ROOT}),
+    url(r'^404$', 'project.views.erreur404', name='404'),
+    url(r'^500$', 'project.views.erreur500', name='500'),
+    url(r'^550$', 'project.views.erreur550', name='550'),
 
     # apps
     (r'^dae/', include('project.dae.urls')),

diff --git a/project/views.py b/project/views.py
index 85fb6c7..b14a92b 100644 (file)
--- a/project/views.py
+++ b/project/views.py
@@ -6,3 +6,24 @@ from django.template import RequestContext
 @login_required
 def index(request):
     return render_to_response('index.html', {}, RequestContext(request))
+
+def erreur404(request) :
+    c = {
+        'user':request.user,
+    }
+    return render_to_response('404.html', c,
+            context_instance = RequestContext(request))
+
+def erreur500(request) :
+    c = {
+        'user':request.user,
+    }
+    return render_to_response('500.html', c,
+            context_instance = RequestContext(request))
+            
+def erreur550(request) :
+    c = {
+        'user':request.user,
+    }
+    return render_to_response('550.html', c,
+            context_instance = RequestContext(request))