url(r'^admin/rh/dossier/(\d+)/apercu/$', 'dossier_apercu', name='dossier_apercu'),
url(r'^admin/rh/employe/(\d+)/apercu/$', 'employe_apercu', name='employe_apercu'),
url(r'^admin/rh/poste/(\d+)/apercu/$', 'poste_apercu', name='poste_apercu'),
- url(r'^prive/(.*)$', 'poste_piece'),
+ url(r'^prive/(?P<filename>.*)$', 'piece'),
)
from rh import models as rh
from rh.lib import calc_remun
+# pas de reference a DAE devrait etre refactorisé
+from dae.utils import get_employe_from_user
+from dae.decorators import redirect_interdiction
+from dae.workflow import grp_drh, grp_correspondants_rh
+
@login_required
-def poste_piece(request, filename):
+def piece(request, filename):
"""Téléchargement d'une pièce jointe à un poste."""
- piece = get_object_or_404(rh.PostePiece, fichier=filename)
- if rh.Poste.objects.ma_region_ou_service(request.user).filter(id=piece.poste_id).exists():
+ model, id, f = filename.split('/')
+ if model == 'employe':
+ # TODO definir peut-être un controle d'accès
+ piece = get_object_or_404(rh.EmployePiece, fichier=filename)
return sendfile(request, piece.fichier.path)
- else:
- return redirect_interdiction(request)
+ if model == 'poste':
+ piece = get_object_or_404(rh.PostePiece, fichier=filename)
+ if rh.Poste.objects.ma_region_ou_service(request.user).filter(id=piece.poste_id).exists():
+ return sendfile(request, piece.fichier.path)
+ else:
+ return redirect_interdiction(request)
# homes
@login_required
def region_protected(model):
def wrapper(func):
def wrapped(request, id):
- from dae.utils import get_employe_from_user
- from dae.decorators import redirect_interdiction
- from dae.workflow import grp_drh, grp_correspondants_rh
if request.user.is_superuser:
return func(request, id)
user_groups = request.user.groups.all()