from admin_tools.menu import items, Menu
from project.rh.decorators import in_drh_or_admin
+from project.rh import groups
class CustomMenu(Menu):
"""
Use this method if you need to access the request context.
"""
request = context['request']
- if in_drh_or_admin(request.user):
+ user_groups = request.user.groups.all()
+ if in_drh_or_admin(request.user) or\
+ groups.grp_correspondants_rh in user_groups or\
+ groups.grp_administrateurs in user_groups or\
+ groups.grp_directeurs_bureau in user_groups:
self.children += [
items.MenuItem('Rapports',
children=[
from project.decorators import redirect_interdiction
+def in_one_of_group(groups):
+ """
+ Test si le user appartient au moins 1 des ces groupes
+ """
+ def wrapper(fn):
+ def wrapped(request, *args, **kwargs):
+ user_groups = request.user.groups.all()
+ for g in user_groups:
+ if g in groups:
+ return fn(request, *args, **kwargs)
+ msg = u"Votre compte ne permet pas d'accéder à cette partie de l'application."
+ return redirect_interdiction(request, msg)
+ return wrapped
+ return wrapper
+
def in_drh_or_admin(user):
"""
Teste si un user Django fait parti du groupe DRH, DRH2 ou s'il est admin
from datamaster_modeles.models import Implantation, Region
from rh.models import TypeContrat
-
+from project.rh import groups
+# pas de reference a DAE devrait etre refactorisé
+from dae.utils import get_employe_from_user
register = Library()
@register.inclusion_tag('admin/filter.html', takes_context=True)
def filter_region(context, prefix=None):
-
label = "".join([prefix or "", "implantation__region"])
return {'title': u"région",
'choices': prepare_choices(Region.objects.values_list('id', 'nom'), label, context, remove=['pays', 'nord_sud'])}
@register.inclusion_tag('admin/filter.html', takes_context=True)
def filter_implantation(context, prefix=None):
-
label = "".join([prefix or "", "implantation"])
return {'title': u"implantation",
'choices': prepare_choices(Implantation.objects.values_list('id', 'nom'), label, context)}
@register.inclusion_tag('admin/filter.html', takes_context=True)
def filter_region_contrat(context):
+ request = context['request']
+ user_groups = request.user.groups.all()
+ if groups.grp_correspondants_rh in user_groups or\
+ groups.grp_administrateurs in user_groups or\
+ groups.grp_directeurs_bureau in user_groups:
+ employe = get_employe_from_user(request.user)
+ regions = Region.objects.filter(id=employe.implantation.region.id)
+ else:
+ regions = Region.objects.all()
return {'title': u"région",
- 'choices': prepare_choices(Region.objects.values_list('id', 'nom'), 'dossier__poste__implantation__region', context, remove=['pays', 'nord_sud'])}
+ 'choices': prepare_choices(regions.values_list('id', 'nom'), 'dossier__poste__implantation__region', context, remove=['pays', 'nord_sud'])}
@register.inclusion_tag('admin/filter.html', takes_context=True)
def filter_region_dossier(context):
@register.inclusion_tag('admin/filter.html', takes_context=True)
def filter_implantation_contrat(context):
+ request = context['request']
+ user_groups = request.user.groups.all()
+ if groups.grp_correspondants_rh in user_groups or\
+ groups.grp_administrateurs in user_groups or\
+ groups.grp_directeurs_bureau in user_groups:
+ employe = get_employe_from_user(request.user)
+ implantations = Implantation.objects.filter(region=employe.implantation.region)
+ else:
+ implantations = Implantation.objects.all()
return {'title': u"implantation",
- 'choices': prepare_choices(Implantation.objects.values_list('id', 'nom'), 'dossier__poste__implantation', context)}
+ 'choices': prepare_choices(implantations.values_list('id', 'nom'), 'dossier__poste__implantation', context)}
@register.inclusion_tag('admin/filter.html', takes_context=True)
"""
self.password = "0000"
- today = datetime.datetime.now()
+ self.today = datetime.datetime.now()
#########################
# Régions / Implantations
#########################
self.poste_cnf_bangui.save()
self.dossier_cnf_ngaoundere = rh.Dossier(poste=self.poste_cnf_ngaoundere,
- employe=self.employe_cnf_ngaoundere, date_debut=today)
+ employe=self.employe_cnf_ngaoundere, date_debut=self.today)
self.dossier_cnf_bangui = rh.Dossier(poste=self.poste_cnf_bangui,
- employe=self.employe_cnf_bangui, date_debut=today)
+ employe=self.employe_cnf_bangui, date_debut=self.today)
self.dossier_cnf_ngaoundere.save()
self.dossier_cnf_bangui.save()
self.poste_bap_ifi.save()
self.dossier_bap_bureau = rh.Dossier(poste=self.poste_bap_bureau,
- employe=self.employe_bap_bureau, date_debut=today)
+ employe=self.employe_bap_bureau, date_debut=self.today)
self.dossier_bap_ifi = rh.Dossier(poste=self.poste_bap_ifi,
- employe=self.employe_bap_ifi, date_debut=today)
+ employe=self.employe_bap_ifi, date_debut=self.today)
self.dossier_bap_bureau.save()
self.dossier_bap_ifi.save()
--- /dev/null
+# -*- coding: utf-8 -*-
+
+from django.core.urlresolvers import reverse
+from project.rh.test.common import RhTest
+from project.rh import models as rh
+
+class RapportContratTest(RhTest):
+ """
+ Test l'accès au rapport des contrats
+ """
+ url = reverse('rhr_contrats')
+
+ def setUp(self):
+ super(RapportContratTest, self).setUp()
+
+ cdi = rh.TypeContrat(nom="CDI")
+ cdi.save()
+
+ contrat = rh.Contrat(
+ type_contrat=cdi,
+ date_debut=self.today,
+ dossier=self.dossier_cnf_ngaoundere,)
+ contrat.save()
+
+ contrat = rh.Contrat(
+ type_contrat=cdi,
+ date_debut=self.today,
+ dossier=self.dossier_bap_ifi)
+ contrat.save()
+
+
+
+ def test_anonyme(self):
+ """
+ Un anonyme ne peut pas accéder à ce rapport
+ """
+ self._test_anonyme()
+ self._test_acces_ko(self.url)
+
+ def test_correspondant_rh(self):
+ """
+ Un correspondant RH peut accéder à ce rapport
+ """
+ self._test_correspondant_rh()
+ self._test_acces_ok(self.url)
+ contrats = self.client.get(self.url).context['contrats']
+ self.assertEqual(len(contrats), 1)
+
+ def test_administrateur_regional(self):
+ """
+ Un administrateur peut accéder à ce rapport
+ """
+ self._test_administrateur_regional()
+ self._test_acces_ok(self.url)
+ contrats = self.client.get(self.url).context['contrats']
+ self.assertEqual(len(contrats), 1)
+
+ def test_directeur_bureau(self):
+ """
+ Un directeur de bureau peut accéder à ce rapport
+ """
+ self._test_directeur_bureau()
+ self._test_acces_ok(self.url)
+ contrats = self.client.get(self.url).context['contrats']
+ self.assertEqual(len(contrats), 1)
+
+ def test_drh(self):
+ """
+ Un DRH peut accéder à ce rapport
+ """
+ self._test_drh()
+ self._test_acces_ok(self.url)
+ contrats = self.client.get(self.url).context['contrats']
+ self.assertEqual(len(contrats), 2)
+
+ def test_drh2(self):
+ """
+ Un DRH (2ieme niveau) peut accéder à ce rapport
+ """
+ self._test_drh2()
+ self._test_acces_ok(self.url)
+ contrats = self.client.get(self.url).context['contrats']
+ self.assertEqual(len(contrats), 2)
+
+ def _test_grp_accior(self):
+ """
+ Un membre de l'ACCIOR ne peut pas accéder à ce rapport
+ """
+ self._test_grp_accior()
+ self._test_acces_ko(self.url)
+
+ def _test_grp_abf(self):
+ """
+ Un membre de l'ABF ne peut pas accéder à ce rapport
+ """
+ self._test_grp_abf(self)
+ self._test_acces_ko(self.url)
+
+ def _test_grp_haute_direction(self):
+ """
+ Un membre de la haute direction ne peut pas accéder à ce rapport
+ """
+ self._test_grp_haute_direction()
+ self._test_acces_ko(self.url)
+
+ def _test_grp_service_utilisateurs(self):
+ """
+ Un membre du groupe service utilisateur ne peut pas accéder à ce rapport
+ """
+ self._test_grp_service_utilisateurs()
+ self._test_acces_ko(self.url)
from project.rh.test.employe import *
from project.rh.test.dossier import *
from project.rh.test.poste import *
+from project.rh.test.rapport import *
from rh import models as rh
from rh.lib import calc_remun
-from rh.decorators import drh_or_admin_required
+from project.rh.decorators import drh_or_admin_required, in_one_of_group
from rh.templatetags.rapports import SortHeaders
from rh.change_list import RechercheTemporelle
from rh import graph as rh_graph
# pas de reference a DAE devrait etre refactorisé
from dae.utils import get_employe_from_user
from dae.decorators import redirect_interdiction
-from dae.workflow import grp_drh, grp_correspondants_rh
from django.conf import settings
from project.rh.decorators import in_drh_or_admin
from project.rh import groups
@login_required
-@drh_or_admin_required
+@in_one_of_group((groups.grp_correspondants_rh,
+ groups.grp_administrateurs,
+ groups.grp_directeurs_bureau,
+ groups.grp_drh,
+ groups.grp_drh2))
def rapports_contrat(request):
if 'HTTP_REFERER' in request.META.keys():
referer = request.META['HTTP_REFERER']
lookup_params = cl.purge_params(lookup_params)
q_temporel = cl.get_q_temporel(contrats)
q = Q(**lookup_params) & q_temporel
+ user_groups = request.user.groups.all()
+ if groups.grp_correspondants_rh in user_groups or\
+ groups.grp_administrateurs in user_groups or\
+ groups.grp_directeurs_bureau in user_groups:
+ employe = get_employe_from_user(request.user)
+ q = q & Q(dossier__poste__implantation__region=employe.implantation.region)
+
contrats = contrats.filter(q).exclude(dossier__employe__supprime=1)
if 'o' in request.GET:
projets / auf_rh_dae.git / commitdiff
