Mauvaise redirection apres affectation d'évaluateurs
[auf_rh_dae.git] / project / views.py
1 # -*- encoding: utf-8 -*-
2
3 import os
4 from sendfile import sendfile
5
6 from django.conf import settings
7 from django.contrib.auth.decorators import login_required
8 from django.contrib.auth.views import login
9 from django.shortcuts import get_object_or_404
10
11 from project.decorators import redirect_interdiction
12 from project.rh import models as rh_models
13 from project.dae import models as dae_models
14
15 def index(request):
16 return login(request, template_name='index.html')
17
18 @login_required
19 def piece(request, filename):
20 """Téléchargement d'une pièce jointe à un poste."""
21 # compatibilité avec DAE prod avant sécurité
22 try:
23 app, model, id, f = filename.split('/')
24 except:
25 path = os.path.join(settings.PRIVE_MEDIA_ROOT, filename)
26 return sendfile(request, path)
27
28 if app == 'rh':
29 application = rh_models
30 elif app == 'dae':
31 application = dae_models
32 else:
33 assert False
34 if model == 'contrat':
35 # TODO definir peut-être un controle d'accès
36 piece = get_object_or_404(application.Contrat, fichier=filename)
37 return sendfile(request, piece.fichier.path)
38 if model == 'employe':
39 # TODO definir peut-être un controle d'accès
40 piece = get_object_or_404(application.EmployePiece, fichier=filename)
41 return sendfile(request, piece.fichier.path)
42 if model == 'poste':
43 piece = get_object_or_404(application.PostePiece, fichier=filename)
44 if application.Poste.objects.ma_region_ou_service(request.user).filter(id=piece.poste_id).exists():
45 return sendfile(request, piece.fichier.path)
46 else:
47 return redirect_interdiction(request)
48 if model == 'dossier':
49 piece = get_object_or_404(application.DossierPiece, fichier=filename)
50 if application.Dossier.objects.ma_region_ou_service(request.user).filter(id=piece.dossier_id).exists():
51 return sendfile(request, piece.fichier.path)
52 else:
53 return redirect_interdiction(request)
54