employe = get_employe_from_user(request.user)
prefixe_implantation = 'poste1__implantation'
- print employe.implantation
- print employe.implantation.region
q_recherche = Q(complement1__icontains=q) | \
Q(poste1__type_poste__nom__icontains=q) | \
if grp_drh in request.user.groups.all():
q_filtre = q_recherche
else:
- q_filtre = q_place & q_place
-
+ q_filtre = q_place & q_recherche
return rh.Dossier.objects.filter(q_filtre).distinct()
def format_result(self, dossier):
# -*- encoding: utf-8 -*-
+from django.db.models import Q
from django.contrib import messages
from django.contrib.auth.decorators import user_passes_test
from django.core.urlresolvers import reverse
from django.http import HttpResponseRedirect
-from workflow import dae_groupes, ETATS_EDITABLE
+from workflow import dae_groupes, ETATS_EDITABLE, grp_drh
from project.dae import models as dae
from project.rh_v1 import models as rh
+from utils import get_employe_from_user, is_user_dans_service
def user_in_dae_groupes(user):
"""
return poste_dans_ma_region_ou_service(fn)(request, *args, **kwargs)
return inner
+def vieux_dossier_dans_ma_region_ou_service(fn):
+ """
+ Test si le user connecté appartient bien à la même région ou service que le poste.
+ """
+ def inner(request, *args, **kwargs):
+ user = request.user
+ dossier_id = kwargs.get('dossier_id', None)
+
+ employe = get_employe_from_user(request.user)
+ prefixe_implantation = 'poste1__implantation'
+
+ if is_user_dans_service(request.user):
+ q_place = Q(**{ '%s' % prefixe_implantation : employe.implantation })
+ else:
+ q_place = Q(**{ '%s__region' % prefixe_implantation : employe.implantation.region })
+
+
+ if grp_drh in request.user.groups.all():
+ q_filtre = Q(id=dossier_id)
+ else:
+ q_filtre = q_place & Q(id=dossier_id)
+
+ try:
+ dossier = rh.Dossier.objects.get(q_filtre)
+ return fn(request, *args, **kwargs)
+ except Exception, e:
+ msg = u"Vous n'avez pas le droit de consulter ce dossier d'embauche."
+ return redirect_interdiction(request, msg)
+
+
+ return inner
+
def employe_dans_ma_region_ou_service(fn):
"""
Test d'accès à un employé
from decorators import dae_groupe_requis, \
poste_dans_ma_region_ou_service, \
dossier_dans_ma_region_ou_service, \
+ vieux_dossier_dans_ma_region_ou_service, \
employe_dans_ma_region_ou_service, \
dossier_est_modifiable, \
poste_est_modifiable
return dossier
@dae_groupe_requis
-@dossier_dans_ma_region_ou_service
+@vieux_dossier_dans_ma_region_ou_service
def dossier_resume(request, dossier_id=None):
""" Appel AJAX :
input : valeur_point