From e7ee680f51c539527b17c6fd9cf02b357bedffcb Mon Sep 17 00:00:00 2001 From: =?utf8?q?Olivier=20Larchev=C3=AAque?= Date: Mon, 6 Jun 2011 12:08:30 -0400 Subject: [PATCH] fix #1594 --- project/dae/decorators.py | 7 ++++--- project/dae/templates/dae/embauche_consulter.html | 2 +- project/dae/templates/dae/poste_consulter.html | 2 +- project/dae/templatetags/dae.py | 6 ++++-- 4 files changed, 10 insertions(+), 7 deletions(-) diff --git a/project/dae/decorators.py b/project/dae/decorators.py index 9deacac..0e4b20b 100644 --- a/project/dae/decorators.py +++ b/project/dae/decorators.py @@ -163,10 +163,10 @@ def dossier_est_modifiable(fn): dossier_id = kwargs.get('dossier_id', None) if dossier_id is not None: dossier = dae.Dossier.objects.get(id=dossier_id) - if dossier.etat not in ETATS_EDITABLE: + if grp_drh not in request.user.groups.all() and \ + (dossier.etat not in ETATS_EDITABLE or dossier not in dae.Dossier.objects.mes_choses_a_faire(request.user).all()): msg = u"Ce dossier d'embauche ne peut plus être modifié." return redirect_interdiction(request, msg) - return fn(request, *args, **kwargs) return inner @@ -176,7 +176,8 @@ def poste_est_modifiable(fn): if key is not None and key.split('-')[0] == 'dae': poste_id = key.split('-')[1] poste = dae.Poste.objects.get(id=poste_id) - if poste.etat not in ETATS_EDITABLE: + if grp_drh not in request.user.groups.all() and \ + (poste.etat not in ETATS_EDITABLE or poste not in dae.Poste.objects.mes_choses_a_faire(request.user).all()): msg = u"Ce poste ne peut plus être modifié." return redirect_interdiction(request, msg) diff --git a/project/dae/templates/dae/embauche_consulter.html b/project/dae/templates/dae/embauche_consulter.html index ced0bc2..6fc81c8 100644 --- a/project/dae/templates/dae/embauche_consulter.html +++ b/project/dae/templates/dae/embauche_consulter.html @@ -12,7 +12,7 @@ {% block main %}

Demande d'autorisation d'engagement de personnel

Format impression -{% if dossier|est_editable %}Modifier{% endif %} +{% if dossier|est_editable:request.user %}Modifier{% endif %}

SECTION 1 - POSTE

diff --git a/project/dae/templates/dae/poste_consulter.html b/project/dae/templates/dae/poste_consulter.html index 28d535d..b200fe3 100644 --- a/project/dae/templates/dae/poste_consulter.html +++ b/project/dae/templates/dae/poste_consulter.html @@ -15,7 +15,7 @@ Demande d'autorisation d'embauche

Demande d'autorisation de création de poste

Format impression -{% if poste|est_editable %}Modifier{% endif %} +{% if poste|est_editable:request.user %}Modifier{% endif %}
{% include "dae/poste_resume.html" %} diff --git a/project/dae/templatetags/dae.py b/project/dae/templatetags/dae.py index e4df312..05a2197 100644 --- a/project/dae/templatetags/dae.py +++ b/project/dae/templatetags/dae.py @@ -12,8 +12,10 @@ def peut_ajouter(user): return False @register.filter -def est_editable(obj): - if obj.etat in ETATS_EDITABLE: +def est_editable(obj, user): + klass = obj.__class__ + groupes_users = user.groups.all() + if (obj.etat in ETATS_EDITABLE and obj in klass.objects.mes_choses_a_faire(user).all()) or grp_drh in groupes_users: return True else: return False -- 1.7.10.4