ynerant/med
1
0
Fork 0
mirror of https://gitlab.crans.org/mediatek/med.git synced 2025-06-21 03:18:23 +02:00
Code Issues Releases Wiki Activity

Massive cleanup (1)

Browse Source
This commit is contained in:
Alexandre Iooss
2019-08-02 14:57:53 +02:00
parent ca394afe20
commit c5f98991aa
38 changed files with 479 additions and 729 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
users/admin.py
View File

@ -1,32 +1,14 @@
# Re2o est un logiciel d'administration développé initiallement au rezometz. Il
# se veut agnostique au réseau considéré, de manière à être installable en
# quelques clics.
#
# Copyright © 2017 Gabriel Détraz
# Copyright © 2017 Goulven Kermarec
# Copyright © 2017 Augustin Lemesle
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# -*- mode: python; coding: utf-8 -*-
# Copyright (C) 2017-2019 by BDE ENS Paris-Saclay
# SPDX-License-Identifier: GPL-3.0-or-later
from django.contrib import admin
from django.contrib.auth.models import Group
from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
from django.contrib.auth.models import Group
from reversion.admin import VersionAdmin
from .models import User, Right, Adhesion, ListRight, Clef, Request
from .forms import UserChangeForm, UserCreationForm
from .models import User, Right, Adhesion, ListRight, Clef, Request
class UserAdmin(admin.ModelAdmin):
@ -37,23 +19,29 @@ class UserAdmin(admin.ModelAdmin):
'email',
'state'
)
search_fields = ('name','surname','pseudo')
search_fields = ('name', 'surname', 'pseudo')
class RequestAdmin(admin.ModelAdmin):
list_display = ('user', 'type', 'created_at', 'expires_at')
class RightAdmin(VersionAdmin):
list_display = ('user', 'right')
class ClefAdmin(VersionAdmin):
list_display = ('proprio', 'nom')
class AdhesionAdmin(VersionAdmin):
list_display = ('annee_debut', 'annee_fin')
class ListRightAdmin(VersionAdmin):
list_display = ('listright',)
class UserAdmin(VersionAdmin, BaseUserAdmin):
# The forms to add and change user instances
form = UserChangeForm
@ -67,7 +55,7 @@ class UserAdmin(VersionAdmin, BaseUserAdmin):
fieldsets = (
(None, {'fields': ('pseudo', 'password')}),
('Personal info', {'fields': ('name', 'surname', 'email')}),
('Permissions', {'fields': ('is_admin', )}),
('Permissions', {'fields': ('is_admin',)}),
)
# add_fieldsets is not a standard ModelAdmin attribute. UserAdmin
# overrides get_fieldsets to use this attribute when creating a user.
@ -75,12 +63,13 @@ class UserAdmin(VersionAdmin, BaseUserAdmin):
(None, {
'classes': ('wide',),
'fields': ('pseudo', 'name', 'surname', 'email', 'is_admin', 'password1', 'password2')}
),
),
)
search_fields = ('pseudo',)
ordering = ('pseudo',)
filter_horizontal = ()
admin.site.register(User, UserAdmin)
admin.site.register(Request, RequestAdmin)
admin.site.register(ListRight, ListRightAdmin)

43
users/decorators.py
View File

@ -1,46 +1,29 @@
# Re2o est un logiciel d'administration développé initiallement au rezometz. Il
# se veut agnostique au réseau considéré, de manière à être installable en
# quelques clics.
#
# Copyright © 2017 Gabriel Détraz
# Copyright © 2017 Goulven Kermarec
# Copyright © 2017 Augustin Lemesle
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# -*- mode: python; coding: utf-8 -*-
# Copyright (C) 2017-2019 by BDE ENS Paris-Saclay
# SPDX-License-Identifier: GPL-3.0-or-later
# App de gestion des users pour med
# Goulven Kermarec, Gabriel Détraz, Lemesle Augustin
# Gplv2
from django.core.exceptions import PermissionDenied
from django.shortcuts import redirect
from med.settings import AUTHORIZED_IP_RANGE, AUTHORIZED_IP6_RANGE
import ipaddress
from django.shortcuts import redirect
from med.settings import AUTHORIZED_IP_RANGE, AUTHORIZED_IP6_RANGE
def user_is_in_campus(function):
def wrap(request, *args, **kwargs):
if not request.user.is_authenticated:
remote_ip = get_ip(request)
if not ipaddress.ip_address(remote_ip) in ipaddress.ip_network(AUTHORIZED_IP_RANGE) and not ipaddress.ip_address(remote_ip) in ipaddress.ip_network(AUTHORIZED_IP6_RANGE):
if not ipaddress.ip_address(remote_ip) in ipaddress.ip_network(
AUTHORIZED_IP_RANGE) and not ipaddress.ip_address(remote_ip) in ipaddress.ip_network(
AUTHORIZED_IP6_RANGE):
return redirect("/")
return function(request, *args, **kwargs)
wrap.__doc__ = function.__doc__
wrap.__name__ = function.__name__
return wrap
def get_ip(request):
"""Returns the IP of the request, accounting for the possibility of being
behind a proxy.

69
users/forms.py
View File

@ -1,46 +1,29 @@
# Re2o est un logiciel d'administration développé initiallement au rezometz. Il
# se veut agnostique au réseau considéré, de manière à être installable en
# quelques clics.
#
# Copyright © 2017 Gabriel Détraz
# Copyright © 2017 Goulven Kermarec
# Copyright © 2017 Augustin Lemesle
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# -*- coding: utf-8 -*-
# -*- mode: python; coding: utf-8 -*-
# Copyright (C) 2017-2019 by BDE ENS Paris-Saclay
# SPDX-License-Identifier: GPL-3.0-or-later
from django import forms
from django.forms import ModelForm, Form
from django.contrib.auth.forms import ReadOnlyPasswordHashField
from django.core.validators import MinLengthValidator
from django.utils import timezone
from django.forms import ModelForm, Form
from .models import Adhesion, Clef, ListRight, Right, User
from .models import Adhesion, Clef, ListRight, Right, Request, User
class PassForm(forms.Form):
passwd1 = forms.CharField(label=u'Nouveau mot de passe', max_length=255, validators=[MinLengthValidator(8)], widget=forms.PasswordInput)
passwd2 = forms.CharField(label=u'Saisir à nouveau le mot de passe', max_length=255, validators=[MinLengthValidator(8)], widget=forms.PasswordInput)
passwd1 = forms.CharField(label=u'Nouveau mot de passe', max_length=255, validators=[MinLengthValidator(8)],
widget=forms.PasswordInput)
passwd2 = forms.CharField(label=u'Saisir à nouveau le mot de passe', max_length=255,
validators=[MinLengthValidator(8)], widget=forms.PasswordInput)
class UserCreationForm(forms.ModelForm):
"""A form for creating new users. Includes all the required
fields, plus a repeated password."""
password1 = forms.CharField(label='Password', widget=forms.PasswordInput, validators=[MinLengthValidator(8)], max_length=255)
password2 = forms.CharField(label='Password confirmation', widget=forms.PasswordInput, validators=[MinLengthValidator(8)], max_length=255)
password1 = forms.CharField(label='Password', widget=forms.PasswordInput, validators=[MinLengthValidator(8)],
max_length=255)
password2 = forms.CharField(label='Password confirmation', widget=forms.PasswordInput,
validators=[MinLengthValidator(8)], max_length=255)
is_admin = forms.BooleanField(label='is admin')
class Meta:
@ -95,16 +78,18 @@ class UserChangeForm(forms.ModelForm):
user.save()
return user
class ResetPasswordForm(forms.Form):
pseudo = forms.CharField(label=u'Pseudo', max_length=255)
email = forms.EmailField(max_length=255)
class BaseInfoForm(ModelForm):
def __init__(self, *args, **kwargs):
super(BaseInfoForm, self).__init__(*args, **kwargs)
self.fields['name'].label = 'Prénom'
self.fields['surname'].label = 'Nom'
#self.fields['comment'].label = 'Commentaire'
# self.fields['comment'].label = 'Commentaire'
class Meta:
model = User
@ -117,9 +102,10 @@ class BaseInfoForm(ModelForm):
'adresse',
]
class InfoForm(BaseInfoForm):
class Meta(BaseInfoForm.Meta):
fields = [
fields = [
'name',
'pseudo',
'surname',
@ -135,22 +121,26 @@ class PasswordForm(ModelForm):
model = User
fields = ['password']
class StateForm(ModelForm):
class Meta:
model = User
fields = ['state']
class ClefForm(ModelForm):
class Meta:
model = Clef
fields = '__all__'
class BaseClefForm(ClefForm):
class Meta(ClefForm.Meta):
fields = [
fields = [
'commentaire',
]
class AdhesionForm(ModelForm):
adherent = forms.ModelMultipleChoiceField(User.objects.all(), widget=forms.CheckboxSelectMultiple, required=False)
@ -158,6 +148,7 @@ class AdhesionForm(ModelForm):
model = Adhesion
fields = '__all__'
class RightForm(ModelForm):
def __init__(self, *args, **kwargs):
super(RightForm, self).__init__(*args, **kwargs)
@ -170,12 +161,13 @@ class RightForm(ModelForm):
class DelRightForm(Form):
rights = forms.ModelMultipleChoiceField(queryset=Right.objects.all(), widget=forms.CheckboxSelectMultiple)
rights = forms.ModelMultipleChoiceField(queryset=Right.objects.all(), widget=forms.CheckboxSelectMultiple)
def __init__(self, right, *args, **kwargs):
super(DelRightForm, self).__init__(*args, **kwargs)
self.fields['rights'].queryset = Right.objects.filter(right=right)
class ListRightForm(ModelForm):
class Meta:
model = ListRight
@ -185,11 +177,12 @@ class ListRightForm(ModelForm):
super(ListRightForm, self).__init__(*args, **kwargs)
self.fields['listright'].label = 'Nom du droit/groupe'
class NewListRightForm(ListRightForm):
class Meta(ListRightForm.Meta):
fields = '__all__'
class DelListRightForm(Form):
listrights = forms.ModelMultipleChoiceField(queryset=ListRight.objects.all(), label="Droits actuels", widget=forms.CheckboxSelectMultiple)
listrights = forms.ModelMultipleChoiceField(queryset=ListRight.objects.all(), label="Droits actuels",
widget=forms.CheckboxSelectMultiple)

22
users/locale/fr/LC_MESSAGES/django.po Normal file
View File

@ -0,0 +1,22 @@
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2019-08-02 14:42+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
#: models.py:195
msgid "right"
msgstr ""
#: models.py:196
msgid "rights"
msgstr ""

79
users/models.py
View File

@ -1,39 +1,16 @@
# Re2o est un logiciel d'administration développé initiallement au rezometz. Il
# se veut agnostique au réseau considéré, de manière à être installable en
# quelques clics.
#
# Copyright © 2017 Gabriel Détraz
# Copyright © 2017 Goulven Kermarec
# Copyright © 2017 Augustin Lemesle
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# -*- mode: python; coding: utf-8 -*-
# Copyright (C) 2017-2019 by BDE ENS Paris-Saclay
# SPDX-License-Identifier: GPL-3.0-or-later
import datetime
import uuid
from django.contrib.auth.models import AbstractBaseUser, BaseUserManager
from django.db import models
from django.db.models import Q
from django.db.models.signals import post_save, post_delete
from django.dispatch import receiver
from django.utils.functional import cached_property
from django.utils import timezone
from django.utils.translation import gettext_lazy as _
from med.settings import MAX_EMPRUNT, REQ_EXPIRE_HRS
import re, uuid
import datetime
from django.utils import timezone
from django.contrib.auth.models import AbstractBaseUser, BaseUserManager
import subprocess
class UserManager(BaseUserManager):
@ -75,23 +52,23 @@ class User(AbstractBaseUser):
STATE_DISABLED = 1
STATE_ARCHIVE = 2
STATES = (
(0, 'STATE_ACTIVE'),
(1, 'STATE_DISABLED'),
(2, 'STATE_ARCHIVE'),
)
(0, 'STATE_ACTIVE'),
(1, 'STATE_DISABLED'),
(2, 'STATE_ARCHIVE'),
)
name = models.CharField(max_length=255)
surname = models.CharField(max_length=255)
email = models.EmailField()
telephone = models.CharField(max_length=15, null=True, blank=True)
adresse = models.CharField(max_length=255, null=True, blank=True)
maxemprunt = models.IntegerField(default=MAX_EMPRUNT, help_text="Maximum d'emprunts autorisés")
maxemprunt = models.IntegerField(default=MAX_EMPRUNT, help_text="Maximum d'emprunts autorisés")
state = models.IntegerField(choices=STATES, default=STATE_ACTIVE)
pseudo = models.CharField(max_length=32, unique=True, help_text="Doit contenir uniquement des lettres, chiffres, ou tirets. ")
pseudo = models.CharField(max_length=32, unique=True,
help_text="Doit contenir uniquement des lettres, chiffres, ou tirets. ")
comment = models.CharField(help_text="Commentaire, promo", max_length=255, blank=True)
registered = models.DateTimeField(auto_now_add=True)
USERNAME_FIELD = 'pseudo'
REQUIRED_FIELDS = ['name', 'surname', 'email']
@ -150,16 +127,16 @@ class User(AbstractBaseUser):
def get_admin_right(self):
admin, created = ListRight.objects.get_or_create(listright="admin")
return admin
return admin
def make_admin(self):
""" Make User admin """
user_admin_right = Right(user=self, right=self.get_admin_right())
user_admin_right.save()
def un_admin(self):
try:
user_right = Right.objects.get(user=self,right=self.get_admin_right())
user_right = Right.objects.get(user=self, right=self.get_admin_right())
except Right.DoesNotExist:
return
user_right.delete()
@ -184,40 +161,44 @@ class Request(models.Model):
def save(self):
if not self.expires_at:
self.expires_at = timezone.now() \
+ datetime.timedelta(hours=REQ_EXPIRE_HRS)
+ datetime.timedelta(hours=REQ_EXPIRE_HRS)
if not self.token:
self.token = str(uuid.uuid4()).replace('-', '') # remove hyphens
super(Request, self).save()
class Right(models.Model):
PRETTY_NAME = "Droits affectés à des users"
user = models.ForeignKey('User', on_delete=models.PROTECT)
right = models.ForeignKey('ListRight', on_delete=models.PROTECT)
class Meta:
verbose_name = _("right")
verbose_name_plural = _("rights")
unique_together = ("user", "right")
def __str__(self):
return str(self.user)
class ListRight(models.Model):
PRETTY_NAME = "Liste des droits existants"
listright = models.CharField(max_length=255, unique=True)
details = models.CharField(help_text="Description", max_length=255, blank=True)
def __str__(self):
return self.listright
class Clef(models.Model):
nom = models.CharField(max_length=255, unique=True)
proprio = models.ForeignKey('User', on_delete=models.PROTECT, blank=True, null=True)
commentaire = models.CharField(max_length=255, null=True, blank=True)
class Adhesion(models.Model):
annee_debut = models.IntegerField(unique=True)
annee_fin = models.IntegerField(unique=True)
adherent = models.ManyToManyField('User', blank=True)

25
users/tests.py
View File

@ -1,25 +0,0 @@
# Re2o est un logiciel d'administration développé initiallement au rezometz. Il
# se veut agnostique au réseau considéré, de manière à être installable en
# quelques clics.
#
# Copyright © 2017 Gabriel Détraz
# Copyright © 2017 Goulven Kermarec
# Copyright © 2017 Augustin Lemesle
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
from django.test import TestCase
# Create your tests here.

26
users/urls.py
View File

@ -1,24 +1,6 @@
# Re2o est un logiciel d'administration développé initiallement au rezometz. Il
# se veut agnostique au réseau considéré, de manière à être installable en
# quelques clics.
#
# Copyright © 2017 Gabriel Détraz
# Copyright © 2017 Goulven Kermarec
# Copyright © 2017 Augustin Lemesle
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# -*- mode: python; coding: utf-8 -*-
# Copyright (C) 2017-2019 by BDE ENS Paris-Saclay
# SPDX-License-Identifier: GPL-3.0-or-later
from django.conf.urls import url
@ -56,5 +38,3 @@ urlpatterns = [
url(r'^$', views.index, name='index'),
url(r'^index_ajour/$', views.index_ajour, name='index-ajour'),
]

165
users/views.py
View File

@ -1,52 +1,29 @@
# Re2o est un logiciel d'administration développé initiallement au rezometz. Il
# se veut agnostique au réseau considéré, de manière à être installable en
# quelques clics.
#
# Copyright © 2017 Gabriel Détraz
# Copyright © 2017 Goulven Kermarec
# Copyright © 2017 Augustin Lemesle
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# -*- mode: python; coding: utf-8 -*-
# Copyright (C) 2017-2019 by BDE ENS Paris-Saclay
# SPDX-License-Identifier: GPL-3.0-or-later
# App de gestion des users pour med
# Goulven Kermarec, Gabriel Détraz, Lemesle Augustin
# Gplv2
from django.shortcuts import get_object_or_404, render, redirect
from django.template.context_processors import csrf
from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger
from django.template import Context, RequestContext, loader
from django.contrib import messages
from django.contrib.auth.decorators import login_required, permission_required
from django.contrib.auth.signals import user_logged_in
from django.db.models import Max, ProtectedError
from django.db import IntegrityError
from django.core.mail import send_mail
from django.utils import timezone
from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger
from django.core.urlresolvers import reverse
from django.db import IntegrityError
from django.db import transaction
from reversion.models import Version
from django.db.models import ProtectedError
from django.shortcuts import get_object_or_404, render, redirect
from django.template import loader
from django.template.context_processors import csrf
from django.utils import timezone
from reversion import revisions as reversion
from users.forms import DelListRightForm, NewListRightForm, ListRightForm, RightForm, DelRightForm
from users.forms import InfoForm, BaseInfoForm, StateForm, ClefForm, BaseClefForm, AdhesionForm
from users.models import User, Request, ListRight, Right, Clef, Adhesion
from users.forms import PassForm, ResetPasswordForm
from users.decorators import user_is_in_campus
from media.models import Emprunt
from reversion.models import Version
from med.settings import REQ_EXPIRE_STR, EMAIL_FROM, ASSO_NAME, ASSO_EMAIL, SITE_NAME, PAGINATION_NUMBER
from media.models import Emprunt
from users.decorators import user_is_in_campus
from users.forms import DelListRightForm, NewListRightForm, ListRightForm, RightForm, DelRightForm
from users.forms import InfoForm, BaseInfoForm, StateForm, ClefForm, AdhesionForm
from users.forms import PassForm, ResetPasswordForm
from users.models import User, Request, ListRight, Right, Clef, Adhesion
def form(ctx, template, request):
@ -54,6 +31,7 @@ def form(ctx, template, request):
c.update(csrf(request))
return render(request, template, c)
def password_change_action(u_form, user, request, req=False):
""" Fonction qui effectue le changeemnt de mdp bdd"""
if u_form.cleaned_data['passwd1'] != u_form.cleaned_data['passwd2']:
@ -69,20 +47,21 @@ def password_change_action(u_form, user, request, req=False):
return redirect("/")
return redirect("/users/profil/" + str(user.id))
def reset_passwd_mail(req, request):
""" Prend en argument un request, envoie un mail de réinitialisation de mot de pass """
t = loader.get_template('users/email_passwd_request')
c = {
'name': str(req.user.name) + ' ' + str(req.user.surname),
'asso': ASSO_NAME,
'asso_mail': ASSO_EMAIL,
'site_name': SITE_NAME,
'url': request.build_absolute_uri(
reverse('users:process', kwargs={'token': req.token})),
'expire_in': REQ_EXPIRE_STR,
'name': str(req.user.name) + ' ' + str(req.user.surname),
'asso': ASSO_NAME,
'asso_mail': ASSO_EMAIL,
'site_name': SITE_NAME,
'url': request.build_absolute_uri(
reverse('users:process', kwargs={'token': req.token})),
'expire_in': REQ_EXPIRE_STR,
}
send_mail('Votre compte %s' % SITE_NAME, t.render(c),
EMAIL_FROM, [req.user.email], fail_silently=False)
EMAIL_FROM, [req.user.email], fail_silently=False)
return
@ -101,10 +80,12 @@ def new_user(request):
req.user = user
req.save()
reset_passwd_mail(req, request)
messages.success(request, "L'utilisateur %s a été crée, un mail pour l'initialisation du mot de passe a été envoyé" % user.pseudo)
messages.success(request,
"L'utilisateur %s a été crée, un mail pour l'initialisation du mot de passe a été envoyé" % user.pseudo)
return redirect("/users/profil/" + str(user.id))
return form({'userform': user}, 'users/user.html', request)
@login_required
def edit_info(request, userid):
""" Edite un utilisateur à partir de son id, si l'id est différent de request.user, vérifie la possession du droit admin """
@ -129,6 +110,7 @@ def edit_info(request, userid):
return redirect("/users/profil/" + userid)
return form({'userform': user}, 'users/user.html', request)
@login_required
@permission_required('bureau')
def state(request, userid):
@ -148,6 +130,7 @@ def state(request, userid):
return redirect("/users/profil/" + userid)
return form({'userform': state}, 'users/user.html', request)
@login_required
def password(request, userid):
""" Reinitialisation d'un mot de passe à partir de l'userid,
@ -166,6 +149,7 @@ def password(request, userid):
return password_change_action(u_form, user, request)
return form({'userform': u_form}, 'users/user.html', request)
@login_required
@permission_required('bureau')
def add_listright(request):
@ -181,6 +165,7 @@ def add_listright(request):
return redirect("/users/index_listright/")
return form({'userform': listright}, 'users/user.html', request)
@login_required
@permission_required('bureau')
def edit_listright(request, listrightid):
@ -188,7 +173,7 @@ def edit_listright(request, listrightid):
try:
listright_instance = ListRight.objects.get(pk=listrightid)
except ListRight.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
messages.error(request, u"Entrée inexistante")
return redirect("/users/")
listright = ListRightForm(request.POST or None, instance=listright_instance)
if listright.is_valid():
@ -200,6 +185,7 @@ def edit_listright(request, listrightid):
return redirect("/users/index_listright/")
return form({'userform': listright}, 'users/user.html', request)
@login_required
@permission_required('bureau')
def del_listright(request):
@ -221,6 +207,7 @@ def del_listright(request):
return redirect("/users/index_listright/")
return form({'userform': listright}, 'users/user.html', request)
@login_required
@permission_required('bureau')
def add_right(request, userid):
@ -245,30 +232,34 @@ def add_right(request, userid):
return redirect("/users/profil/" + userid)
return form({'userform': right}, 'users/user.html', request)
@login_required
@permission_required('bureau')
def del_right(request):
""" Supprimer un droit à un user, need droit bureau """
user_right_list = dict()
for right in ListRight.objects.all():
user_right_list[right]= DelRightForm(right, request.POST or None)
user_right_list[right] = DelRightForm(right, request.POST or None)
for keys, right_item in user_right_list.items():
if right_item.is_valid():
right_del = right_item.cleaned_data['rights']
with transaction.atomic(), reversion.create_revision():
reversion.set_user(request.user)
reversion.set_comment("Retrait des droit %s" % ','.join(str(deleted_right) for deleted_right in right_del))
reversion.set_comment(
"Retrait des droit %s" % ','.join(str(deleted_right) for deleted_right in right_del))
right_del.delete()
messages.success(request, "Droit retiré avec succès")
return redirect("/users/")
return form({'userform': user_right_list}, 'users/del_right.html', request)
@login_required
@permission_required('perm')
def index_listright(request):
""" Affiche l'ensemble des droits , need droit perm """
listright_list = ListRight.objects.order_by('listright')
return render(request, 'users/index_listright.html', {'listright_list':listright_list})
return render(request, 'users/index_listright.html', {'listright_list': listright_list})
@login_required
@permission_required('bureau')
@ -283,12 +274,13 @@ def add_clef(request):
return redirect("/users/index_clef/")
return form({'userform': clef}, 'users/user.html', request)
@user_is_in_campus
def edit_clef(request, clefid):
try:
clef_instance = Clef.objects.get(pk=clefid)
except Clef.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
messages.error(request, u"Entrée inexistante")
return redirect("/users/index_clef/")
clef = ClefForm(request.POST or None, instance=clef_instance)
if clef.is_valid():
@ -301,13 +293,14 @@ def edit_clef(request, clefid):
return redirect("/users/index_clef/")
return form({'userform': clef}, 'users/user.html', request)
@login_required
@permission_required('bureau')
def del_clef(request, clefid):
try:
clef_instance = Clef.objects.get(pk=clefid)
except Clef.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
messages.error(request, u"Entrée inexistante")
return redirect("/users/index_clef/")
if request.method == "POST":
with transaction.atomic(), reversion.create_revision():
@ -317,10 +310,12 @@ def del_clef(request, clefid):
return redirect("/users/index_clef")
return form({'objet': clef_instance, 'objet_name': 'clef'}, 'users/delete.html', request)
@user_is_in_campus
def index_clef(request):
clef_list = Clef.objects.all().order_by('nom')
return render(request, 'users/index_clef.html', {'clef_list':clef_list})
return render(request, 'users/index_clef.html', {'clef_list': clef_list})
@login_required
@permission_required('bureau')
@ -335,13 +330,14 @@ def add_adhesion(request):
return redirect("/users/index_adhesion/")
return form({'userform': adhesion}, 'users/user.html', request)
@login_required
@permission_required('bureau')
def edit_adhesion(request, adhesionid):
try:
adhesion_instance = Adhesion.objects.get(pk=adhesionid)
except Adhesion.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
messages.error(request, u"Entrée inexistante")
return redirect("/users/index_adhesion/")
adhesion = AdhesionForm(request.POST or None, instance=adhesion_instance)
if adhesion.is_valid():
@ -353,13 +349,14 @@ def edit_adhesion(request, adhesionid):
return redirect("/users/index_adhesion/")
return form({'userform': adhesion}, 'users/user.html', request)
@login_required
@permission_required('bureau')
def del_adhesion(request, adhesionid):
try:
adhesion_instance = Adhesion.objects.get(pk=adhesionid)
except Adhesion.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
messages.error(request, u"Entrée inexistante")
return redirect("/users/index_adhesion/")
if request.method == "POST":
with transaction.atomic(), reversion.create_revision():
@ -369,10 +366,12 @@ def del_adhesion(request, adhesionid):
return redirect("/users/index_adhesion")
return form({'objet': adhesion_instance, 'objet_name': 'adhesion'}, 'users/delete.html', request)
@login_required
def index_adhesion(request):
adhesion_list = Adhesion.objects.all()
return render(request, 'users/index_adhesion.html', {'adhesion_list':adhesion_list})
return render(request, 'users/index_adhesion.html', {'adhesion_list': adhesion_list})
@login_required
@permission_required('perm')
@ -391,6 +390,7 @@ def index(request):
users_list = paginator.page(paginator.num_pages)
return render(request, 'users/index.html', {'users_list': users_list})
@login_required
@permission_required('perm')
def index_ajour(request):
@ -408,46 +408,48 @@ def index_ajour(request):
users_list = paginator.page(paginator.num_pages)
return render(request, 'users/index.html', {'users_list': users_list})
@user_is_in_campus
def history(request, object, id):
""" Affichage de l'historique : (acl, argument)
user : self, userid"""
if object == 'clef':
try:
object_instance = Clef.objects.get(pk=id)
object_instance = Clef.objects.get(pk=id)
except Clef.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect("/users/")
messages.error(request, "Utilisateur inexistant")
return redirect("/users/")
elif not request.user.is_authenticated:
messages.error(request, "Permission denied")
return redirect("/users/")
if object == 'user':
try:
object_instance = User.objects.get(pk=id)
object_instance = User.objects.get(pk=id)
except User.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect("/users/")
messages.error(request, "Utilisateur inexistant")
return redirect("/users/")
if not request.user.has_perms(('perm',)) and object_instance != request.user:
messages.error(request, "Vous ne pouvez pas afficher l'historique d'un autre user que vous sans droit admin")
return redirect("/users/profil/" + str(request.user.id))
messages.error(request,
"Vous ne pouvez pas afficher l'historique d'un autre user que vous sans droit admin")
return redirect("/users/profil/" + str(request.user.id))
elif object == 'clef':
try:
object_instance = Clef.objects.get(pk=id)
object_instance = Clef.objects.get(pk=id)
except Clef.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect("/users/")
messages.error(request, "Utilisateur inexistant")
return redirect("/users/")
elif object == 'adhesion':
try:
object_instance = Adhesion.objects.get(pk=id)
object_instance = Adhesion.objects.get(pk=id)
except Adhesion.DoesNotExist:
messages.error(request, "Utilisateur inexistant")
return redirect("/users/")
messages.error(request, "Utilisateur inexistant")
return redirect("/users/")
elif object == 'listright':
try:
object_instance = ListRight.objects.get(pk=id)
object_instance = ListRight.objects.get(pk=id)
except ListRight.DoesNotExist:
messages.error(request, "Droit inexistant")
return redirect("/users/")
messages.error(request, "Droit inexistant")
return redirect("/users/")
else:
messages.error(request, "Objet inconnu")
return redirect("/users/")
@ -464,10 +466,12 @@ def history(request, object, id):
reversions = paginator.page(paginator.num_pages)
return render(request, 'med/history.html', {'reversions': reversions, 'object': object_instance})
@login_required
def mon_profil(request):
return redirect("/users/profil/" + str(request.user.id))
@login_required
def profil(request, userid):
try:
@ -486,10 +490,11 @@ def profil(request, userid):
{
'user': users,
'emprunts_list': emprunts_list,
'list_droits': list_droits,
'list_droits': list_droits,
}
)
@login_required
@permission_required('bureau')
def adherer(request, userid):
@ -506,13 +511,13 @@ def adherer(request, userid):
reversion.set_comment("Adhesion de %s" % users)
messages.success(request, "Adhesion effectuee")
return redirect("/users/profil/" + userid)
def reset_password(request):
userform = ResetPasswordForm(request.POST or None)
if userform.is_valid():
try:
user = User.objects.get(pseudo=userform.cleaned_data['pseudo'],email=userform.cleaned_data['email'])
user = User.objects.get(pseudo=userform.cleaned_data['pseudo'], email=userform.cleaned_data['email'])
except User.DoesNotExist:
messages.error(request, "Cet utilisateur n'existe pas")
return form({'userform': userform}, 'users/user.html', request)
@ -525,6 +530,7 @@ def reset_password(request):
redirect("/")
return form({'userform': userform}, 'users/user.html', request)
def process(request, token):
valid_reqs = Request.objects.filter(expires_at__gt=timezone.now())
req = get_object_or_404(valid_reqs, token=token)
@ -537,6 +543,7 @@ def process(request, token):
messages.error(request, "Entrée incorrecte, contactez un admin")
redirect("/")
def process_passwd(request, req):
u_form = PassForm(request.POST or None)
user = req.user