From: Davin Baragiotta Date: Wed, 30 May 2012 21:38:13 +0000 (-0400) Subject: region_protected niveau project X-Git-Tag: 1.6.5~97^2^2~1^2~8 X-Git-Url: http://git.auf.org/?p=auf_rh_dae.git;a=commitdiff_plain;h=ae99002a0c6c426f2160dc09fa43faf846984d5a;ds=sidebyside region_protected niveau project --- diff --git a/project/decorators.py b/project/decorators.py index 74c51f4..9f08694 100644 --- a/project/decorators.py +++ b/project/decorators.py @@ -10,7 +10,9 @@ from django.contrib.auth.decorators import user_passes_test from django.core.urlresolvers import reverse from django.utils.http import urlquote -from project.groups import grp_drh, grp_drh2 +from project.groups import grp_drh, grp_drh2, grp_correspondants_rh +from project.utils import get_employe_from_user + def redirect_interdiction(request, msg=u"Vous n'avez pas accès à cette page"): """ @@ -48,3 +50,23 @@ def drh_or_admin_required(fn): return redirect_interdiction(request, msg) return inner + +def region_protected(model): + def wrapper(func): + def wrapped(request, id): + if request.user.is_superuser: + return func(request, id) + user_groups = request.user.groups.all() + if grp_drh in user_groups: + return func(request, id) + if grp_correspondants_rh in user_groups: + employe = get_employe_from_user(request.user) + q = Q(**{ + model.prefix_implantation: employe.implantation.region + }) + qs = model.objects.filter(q) + if int(id) in [o.id for o in qs]: + return func(request, id) + return redirect_interdiction(request) + return wrapped + return wrapper diff --git a/project/rh/views.py b/project/rh/views.py index 7871960..5837f9f 100644 --- a/project/rh/views.py +++ b/project/rh/views.py @@ -19,20 +19,19 @@ from django.utils.encoding import smart_str from auf.django.references import models as ref -from project.lib import get_employe_from_user from project.decorators import redirect_interdiction from project.decorators import drh_or_admin_required +from project.decorators import region_protected +from project.utils import get_employe_from_user from project.rh import models as rh from project.rh import graph as rh_graph from project.rh.change_list import RechercheTemporelle - from project.rh.lib import calc_remun from project.rh.masse_salariale import MasseSalariale from project.rh.templatetags.rapports import SortHeaders # pas de reference a DAE devrait etre refactorisé -from project.dae.utils import get_employe_from_user from project.dae.workflow import grp_drh, grp_correspondants_rh @@ -553,28 +552,6 @@ def rapports_postes_service(request): c['data'] = data return render(request, 'rh/rapports/postes_service.html', c) - -def region_protected(model): - def wrapper(func): - def wrapped(request, id): - if request.user.is_superuser: - return func(request, id) - user_groups = request.user.groups.all() - if grp_drh in user_groups: - return func(request, id) - if grp_correspondants_rh in user_groups: - employe = get_employe_from_user(request.user) - q = Q(**{ - model.prefix_implantation: employe.implantation.region - }) - qs = model.objects.filter(q) - if int(id) in [o.id for o in qs]: - return func(request, id) - return redirect_interdiction(request) - return wrapped - return wrapper - - @region_protected(rh.Dossier) def dossier_apercu(request, dossier_id): d = get_object_or_404(rh.Dossier, pk=dossier_id)