WIP refactoring: permissions, ...

This commit is contained in:
Emmanuel Viennet 2021-06-12 22:43:22 +02:00
parent dcb53e9c35
commit 7b61b25ff1
34 changed files with 368 additions and 237 deletions

View File

@ -76,7 +76,7 @@ class ZResponse(object):
return flask.redirect(url) # http 302 return flask.redirect(url) # http 302
def setHeader(self, header, value): def setHeader(self, header, value):
self.headers[header.tolower()] = value self.headers[header.lower()] = value
def permission_required(permission): def permission_required(permission):

View File

@ -111,7 +111,9 @@ class ZEntreprises(
<ul class="insidebar">""" <ul class="insidebar">"""
% params, % params,
] ]
if REQUEST.AUTHENTICATED_USER.has_permission(ScoEntrepriseChange, self): if REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoEntrepriseChange, self
):
H.append( H.append(
"""<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_create" class="sidebar">Nouvelle entreprise</a> </li>""" """<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_create" class="sidebar">Nouvelle entreprise</a> </li>"""
% params % params
@ -138,7 +140,9 @@ class ZEntreprises(
<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_correspondant_list?entreprise_id=%(entreprise_id)s" class="sidebar">Corresp.</a></li>""" <li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_correspondant_list?entreprise_id=%(entreprise_id)s" class="sidebar">Corresp.</a></li>"""
% params % params
) # """ ) # """
if REQUEST.AUTHENTICATED_USER.has_permission(ScoEntrepriseChange, self): if REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoEntrepriseChange, self
):
H.append( H.append(
"""<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_correspondant_create?entreprise_id=%(entreprise_id)s" class="sidebar">Nouveau Corresp.</a></li>""" """<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_correspondant_create?entreprise_id=%(entreprise_id)s" class="sidebar">Nouveau Corresp.</a></li>"""
% params % params
@ -147,7 +151,9 @@ class ZEntreprises(
"""<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_contact_list?entreprise_id=%(entreprise_id)s" class="sidebar">Contacts</a></li>""" """<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_contact_list?entreprise_id=%(entreprise_id)s" class="sidebar">Contacts</a></li>"""
% params % params
) )
if REQUEST.AUTHENTICATED_USER.has_permission(ScoEntrepriseChange, self): if REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoEntrepriseChange, self
):
H.append( H.append(
"""<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_contact_create?entreprise_id=%(entreprise_id)s" class="sidebar">Nouveau "contact"</a></li>""" """<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_contact_create?entreprise_id=%(entreprise_id)s" class="sidebar">Nouveau "contact"</a></li>"""
% params % params
@ -156,7 +162,9 @@ class ZEntreprises(
# #
H.append("""<br/><br/>%s""" % scu.icontag("entreprise_side_img")) H.append("""<br/><br/>%s""" % scu.icontag("entreprise_side_img"))
if not REQUEST.AUTHENTICATED_USER.has_permission(ScoEntrepriseChange, self): if not REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoEntrepriseChange, self
):
H.append("""<br/><em>(Lecture seule)</em>""") H.append("""<br/><em>(Lecture seule)</em>""")
H.append("""</div> </div> <!-- end of sidebar -->""") H.append("""</div> </div> <!-- end of sidebar -->""")
return "".join(H) return "".join(H)
@ -336,7 +344,9 @@ class ZEntreprises(
H.append(tab.html()) H.append(tab.html())
if REQUEST.AUTHENTICATED_USER.has_permission(ScoEntrepriseChange, self): if REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoEntrepriseChange, self
):
if entreprise_id: if entreprise_id:
H.append( H.append(
"""<p class="entreprise_create"><a class="entreprise_create" href="entreprise_contact_create?entreprise_id=%(entreprise_id)s">nouveau "contact"</a></p> """<p class="entreprise_create"><a class="entreprise_create" href="entreprise_contact_create?entreprise_id=%(entreprise_id)s">nouveau "contact"</a></p>
@ -443,7 +453,9 @@ class ZEntreprises(
H.append(tab.html()) H.append(tab.html())
if REQUEST.AUTHENTICATED_USER.has_permission(ScoEntrepriseChange, self): if REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoEntrepriseChange, self
):
H.append( H.append(
"""<p class="entreprise_create"><a class="entreprise_create" href="entreprise_correspondant_create?entreprise_id=%(entreprise_id)s">Ajouter un correspondant dans l'entreprise %(nom)s</a></p> """<p class="entreprise_create"><a class="entreprise_create" href="entreprise_correspondant_create?entreprise_id=%(entreprise_id)s">Ajouter un correspondant dans l'entreprise %(nom)s</a></p>
""" """
@ -556,7 +568,9 @@ class ZEntreprises(
if tf[0] == 0: if tf[0] == 0:
H.append(tf[1]) H.append(tf[1])
if REQUEST.AUTHENTICATED_USER.has_permission(ScoEntrepriseChange, self): if REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoEntrepriseChange, self
):
H.append( H.append(
"""<p class="entreprise_descr"><a class="entreprise_delete" href="entreprise_contact_delete?entreprise_contact_id=%s">Supprimer ce contact</a> </p>""" """<p class="entreprise_descr"><a class="entreprise_delete" href="entreprise_contact_delete?entreprise_contact_id=%s">Supprimer ce contact</a> </p>"""
% entreprise_contact_id % entreprise_contact_id
@ -1130,7 +1144,7 @@ class ZEntreprises(
def entreprise_edit(self, entreprise_id, REQUEST=None, start=1): def entreprise_edit(self, entreprise_id, REQUEST=None, start=1):
"""Form. edit entreprise""" """Form. edit entreprise"""
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
readonly = not authuser.has_permission(ScoEntrepriseChange, self) readonly = not authuser.has_permission(Permission.ScoEntrepriseChange, self)
F = sco_entreprises.do_entreprise_list( F = sco_entreprises.do_entreprise_list(
self, args={"entreprise_id": entreprise_id} self, args={"entreprise_id": entreprise_id}
)[0] )[0]

View File

@ -131,7 +131,9 @@ class ZScoDoc(ObjectManager, PropertyManager, RoleManager, Item, Persistent, Imp
def _check_admin_perm(self, REQUEST): def _check_admin_perm(self, REQUEST):
"""Check if user has permission to add/delete departements""" """Check if user has permission to add/delete departements"""
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
if authuser.has_role("manager") or authuser.has_permission(ScoSuperAdmin, self): if authuser.has_role("manager") or authuser.has_permission(
Permission.ScoSuperAdmin, self
):
return "" return ""
else: else:
return """<h2>Vous n'avez pas le droit d'accéder à cette page</h2>""" return """<h2>Vous n'avez pas le droit d'accéder à cette page</h2>"""
@ -294,7 +296,8 @@ class ZScoDoc(ObjectManager, PropertyManager, RoleManager, Item, Persistent, Imp
[ [
d.id d.id
for d in self._list_depts() for d in self._list_depts()
if (not viewable) or authuser.has_permission(ScoView, d.Scolarite) if (not viewable)
or authuser.has_permission(Permission.ScoView, d.Scolarite)
], ],
name="depts", name="depts",
format=format, format=format,
@ -480,7 +483,7 @@ class ZScoDoc(ObjectManager, PropertyManager, RoleManager, Item, Persistent, Imp
else: else:
dest_folder = "" dest_folder = ""
for deptFolder in self._list_depts(): for deptFolder in self._list_depts():
if authuser.has_permission(ScoView, deptFolder.Scolarite): if authuser.has_permission(Permission.ScoView, deptFolder.Scolarite):
link_cls = "link_accessible" link_cls = "link_accessible"
else: else:
link_cls = "link_unauthorized" link_cls = "link_unauthorized"
@ -561,7 +564,7 @@ E. Viennet (Université Paris 13).</p>
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
try: try:
dept = getattr(self, deptfoldername) dept = getattr(self, deptfoldername)
if authuser.has_permission(ScoView, dept): if authuser.has_permission(Permission.ScoView, dept):
return REQUEST.RESPONSE.redirect("ScoDoc/%s/Scolarite" % deptfoldername) return REQUEST.RESPONSE.redirect("ScoDoc/%s/Scolarite" % deptfoldername)
except: except:
log( log(

View File

@ -141,7 +141,7 @@ class ZScoUsers(
H = [self.sco_header(REQUEST, page_title="Gestion des utilisateurs")] H = [self.sco_header(REQUEST, page_title="Gestion des utilisateurs")]
H.append("<h2>Gestion des utilisateurs</h2>") H.append("<h2>Gestion des utilisateurs</h2>")
if authuser.has_permission(ScoUsersAdmin, self): if authuser.has_permission(Permission.ScoUsersAdmin, self):
H.append( H.append(
'<p><a href="create_user_form" class="stdlink">Ajouter un utilisateur</a>' '<p><a href="create_user_form" class="stdlink">Ajouter un utilisateur</a>'
) )
@ -170,7 +170,7 @@ class ZScoUsers(
with_olds=with_olds, with_olds=with_olds,
format=format, format=format,
REQUEST=REQUEST, REQUEST=REQUEST,
with_links=authuser.has_permission(ScoUsersAdmin, self), with_links=authuser.has_permission(Permission.ScoUsersAdmin, self),
) )
if format != "html": if format != "html":
return L return L
@ -338,7 +338,7 @@ class ZScoUsers(
if str(authuser) == user_name: if str(authuser) == user_name:
return True return True
# has permission ? # has permission ?
if not authuser.has_permission(ScoUsersAdmin, self): if not authuser.has_permission(Permission.ScoUsersAdmin, self):
return False return False
# Ok, now check that authuser can manage users from this departement # Ok, now check that authuser can manage users from this departement
# Get user info # Get user info
@ -499,11 +499,11 @@ class ZScoUsers(
"<p>L' utilisateur '%s' n'est pas défini dans ce module.</p>" "<p>L' utilisateur '%s' n'est pas défini dans ce module.</p>"
% user_name % user_name
) )
if authuser.has_permission(ScoEditAllNotes, self): if authuser.has_permission(Permission.ScoEditAllNotes, self):
H.append("<p>(il peut modifier toutes les notes)</p>") H.append("<p>(il peut modifier toutes les notes)</p>")
if authuser.has_permission(ScoEditAllEvals, self): if authuser.has_permission(Permission.ScoEditAllEvals, self):
H.append("<p>(il peut modifier toutes les évaluations)</p>") H.append("<p>(il peut modifier toutes les évaluations)</p>")
if authuser.has_permission(ScoImplement, self): if authuser.has_permission(Permission.ScoImplement, self):
H.append("<p>(il peut creer des formations)</p>") H.append("<p>(il peut creer des formations)</p>")
else: else:
H.append( H.append(
@ -520,7 +520,7 @@ class ZScoUsers(
<li><a class="stdlink" href="form_change_password?user_name=%(user_name)s">changer le mot de passe</a></li>""" <li><a class="stdlink" href="form_change_password?user_name=%(user_name)s">changer le mot de passe</a></li>"""
% info[0] % info[0]
) )
if authuser.has_permission(ScoUsersAdmin, self): if authuser.has_permission(Permission.ScoUsersAdmin, self):
H.append( H.append(
""" """
<li><a class="stdlink" href="create_user_form?user_name=%(user_name)s&edit=1">modifier/déactiver ce compte</a></li> <li><a class="stdlink" href="create_user_form?user_name=%(user_name)s&edit=1">modifier/déactiver ce compte</a></li>
@ -560,7 +560,7 @@ class ZScoUsers(
b = "non" b = "non"
H.append("<li>%s : %s</li>" % (permname, b)) H.append("<li>%s : %s</li>" % (permname, b))
H.append("</ul></div>") H.append("</ul></div>")
if authuser.has_permission(ScoUsersAdmin, self): if authuser.has_permission(Permission.ScoUsersAdmin, self):
H.append( H.append(
'<p><a class="stdlink" href="%s/Users">Liste de tous les utilisateurs</a></p>' '<p><a class="stdlink" href="%s/Users">Liste de tous les utilisateurs</a></p>'
% self.ScoURL() % self.ScoURL()
@ -602,13 +602,13 @@ class ZScoUsers(
else: else:
H.append("<h2>Création d'un utilisateur</h2>") H.append("<h2>Création d'un utilisateur</h2>")
if authuser.has_permission(ScoSuperAdmin, self): if authuser.has_permission(Permission.ScoSuperAdmin, self):
H.append("""<p class="warning">Vous êtes super administrateur !</p>""") H.append("""<p class="warning">Vous êtes super administrateur !</p>""")
# Noms de roles pouvant etre attribues aux utilisateurs via ce dialogue # Noms de roles pouvant etre attribues aux utilisateurs via ce dialogue
# si pas SuperAdmin, restreint aux rôles EnsX, SecrX, DeptX # si pas SuperAdmin, restreint aux rôles EnsX, SecrX, DeptX
# #
if authuser.has_permission(ScoSuperAdmin, self): if authuser.has_permission(Permission.ScoSuperAdmin, self):
log("create_user_form called by %s (super admin)" % (auth_name,)) log("create_user_form called by %s (super admin)" % (auth_name,))
editable_roles = set(self._all_roles()) editable_roles = set(self._all_roles())
else: else:

View File

@ -28,7 +28,6 @@
import cgi import cgi
import sco_utils as scu import sco_utils as scu
from sco_formsemestre_status import formsemestre_page_title
""" """
HTML Header/Footer for ScoDoc pages HTML Header/Footer for ScoDoc pages
@ -263,3 +262,6 @@ def sco_footer(context, REQUEST=None):
return ( return (
"""</div><!-- /gtrcontent -->""" + scu.CUSTOM_HTML_FOOTER + """</body></html>""" """</div><!-- /gtrcontent -->""" + scu.CUSTOM_HTML_FOOTER + """</body></html>"""
) )
from sco_formsemestre_status import formsemestre_page_title

View File

@ -62,14 +62,14 @@ def sidebar_common(context, REQUEST=None):
% params, % params,
] ]
if authuser.has_permission(ScoUsersAdmin, context) or authuser.has_permission( if authuser.has_permission(
ScoUsersView, context Permission.ScoUsersAdmin, context
): ) or authuser.has_permission(ScoUsersView, context):
H.append( H.append(
"""<a href="%(UsersURL)s" class="sidebar">Utilisateurs</a> <br/>""" % params """<a href="%(UsersURL)s" class="sidebar">Utilisateurs</a> <br/>""" % params
) )
if authuser.has_permission(ScoChangePreferences, context): if authuser.has_permission(Permission.ScoChangePreferences, context):
H.append( H.append(
"""<a href="%(ScoURL)s/edit_preferences" class="sidebar">Paramétrage</a> <br/>""" """<a href="%(ScoURL)s/edit_preferences" class="sidebar">Paramétrage</a> <br/>"""
% params % params
@ -120,7 +120,7 @@ def sidebar(context, REQUEST=None):
) )
H.append("<ul>") H.append("<ul>")
if REQUEST.AUTHENTICATED_USER.has_permission(ScoAbsChange, context): if REQUEST.AUTHENTICATED_USER.has_permission(Permission.ScoAbsChange, context):
H.append( H.append(
""" """
<li> <a href="%(ScoURL)s/Absences/SignaleAbsenceEtud?etudid=%(etudid)s">Ajouter</a></li> <li> <a href="%(ScoURL)s/Absences/SignaleAbsenceEtud?etudid=%(etudid)s">Ajouter</a></li>

View File

@ -88,7 +88,13 @@ def doSignaleAbsence(
nbadded += 2 nbadded += 2
else: else:
context._AddAbsence( context._AddAbsence(
etudid, jour, demijournee, estjust, REQUEST, description_abs, moduleimpl_id etudid,
jour,
demijournee,
estjust,
REQUEST,
description_abs,
moduleimpl_id,
) )
nbadded += 1 nbadded += 1
# #
@ -846,7 +852,7 @@ def absences_index_html(context, REQUEST=None):
"""<p>Pour signaler, annuler ou justifier une absence, choisissez d'abord l'étudiant concerné:</p>""" """<p>Pour signaler, annuler ou justifier une absence, choisissez d'abord l'étudiant concerné:</p>"""
) )
H.append(sco_find_etud.form_search_etud(context, REQUEST)) H.append(sco_find_etud.form_search_etud(context, REQUEST))
if authuser.has_permission(ScoAbsChange, context): if authuser.has_permission(Permission.ScoAbsChange, context):
H.extend( H.extend(
( (
"""<hr/> """<hr/>

View File

@ -53,7 +53,7 @@ EtudsArchive = EtudsArchiver()
def can_edit_etud_archive(context, authuser): def can_edit_etud_archive(context, authuser):
"""True si l'utilisateur peut modifier les archives etudiantes""" """True si l'utilisateur peut modifier les archives etudiantes"""
return authuser.has_permission(ScoEtudAddAnnotations, context) return authuser.has_permission(Permission.ScoEtudAddAnnotations, context)
def etud_list_archives_html(context, REQUEST, etudid): def etud_list_archives_html(context, REQUEST, etudid):

View File

@ -842,7 +842,7 @@ def can_send_bulletin_by_mail(context, formsemestre_id, REQUEST):
sem = sco_formsemestre.get_formsemestre(context, formsemestre_id) sem = sco_formsemestre.get_formsemestre(context, formsemestre_id)
return ( return (
context.get_preference("bul_mail_allowed_for_all", formsemestre_id) context.get_preference("bul_mail_allowed_for_all", formsemestre_id)
or authuser.has_permission(ScoImplement, context) or authuser.has_permission(Permission.ScoImplement, context)
or str(authuser) in sem["responsables"] or str(authuser) in sem["responsables"]
) )
@ -1077,7 +1077,7 @@ def _formsemestre_bulletinetud_header_html(
"url": "formsemestre_edit_options?formsemestre_id=%s&target_url=%s" "url": "formsemestre_edit_options?formsemestre_id=%s&target_url=%s"
% (formsemestre_id, qurl), % (formsemestre_id, qurl),
"enabled": (uid in sem["responsables"]) "enabled": (uid in sem["responsables"])
or authuser.has_permission(ScoImplement, context), or authuser.has_permission(Permission.ScoImplement, context),
}, },
{ {
"title": 'Version papier (pdf, format "%s")' "title": 'Version papier (pdf, format "%s")'
@ -1120,14 +1120,14 @@ def _formsemestre_bulletinetud_header_html(
% (etudid, formsemestre_id), % (etudid, formsemestre_id),
"enabled": ( "enabled": (
(authuser in sem["responsables"]) (authuser in sem["responsables"])
or (authuser.has_permission(ScoEtudInscrit, context)) or (authuser.has_permission(Permission.ScoEtudInscrit, context))
), ),
}, },
{ {
"title": "Enregistrer un semestre effectué ailleurs", "title": "Enregistrer un semestre effectué ailleurs",
"url": "formsemestre_ext_create_form?etudid=%s&formsemestre_id=%s" "url": "formsemestre_ext_create_form?etudid=%s&formsemestre_id=%s"
% (etudid, formsemestre_id), % (etudid, formsemestre_id),
"enabled": authuser.has_permission(ScoImplement, context), "enabled": authuser.has_permission(Permission.ScoImplement, context),
}, },
{ {
"title": "Enregistrer une validation d'UE antérieure", "title": "Enregistrer une validation d'UE antérieure",

View File

@ -316,7 +316,7 @@ class BulletinGeneratorLegacy(sco_bulletins_generator.BulletinGenerator):
# le dir. des etud peut ajouter des appreciations, # le dir. des etud peut ajouter des appreciations,
# mais aussi le chef (perm. ScoEtudInscrit) # mais aussi le chef (perm. ScoEtudInscrit)
can_edit_app = (str(authuser) in self.infos["responsables"]) or ( can_edit_app = (str(authuser) in self.infos["responsables"]) or (
authuser.has_permission(ScoEtudInscrit, self.context) authuser.has_permission(Permission.ScoEtudInscrit, self.context)
) )
H.append('<div class="bull_appreciations">') H.append('<div class="bull_appreciations">')
if I["appreciations_list"]: if I["appreciations_list"]:

View File

@ -153,7 +153,7 @@ class BulletinGeneratorStandard(sco_bulletins_generator.BulletinGenerator):
# le dir. des etud peut ajouter des appreciations, # le dir. des etud peut ajouter des appreciations,
# mais aussi le chef (perm. ScoEtudInscrit) # mais aussi le chef (perm. ScoEtudInscrit)
can_edit_app = (str(self.authuser) in self.infos["responsables"]) or ( can_edit_app = (str(self.authuser) in self.infos["responsables"]) or (
self.authuser.has_permission(ScoEtudInscrit, self.context) self.authuser.has_permission(Permission.ScoEtudInscrit, self.context)
) )
H.append('<div class="bull_appreciations">') H.append('<div class="bull_appreciations">')
for app in self.infos["appreciations_list"]: for app in self.infos["appreciations_list"]:

7
app/scodoc/sco_core.py Normal file → Executable file
View File

@ -17,3 +17,10 @@ def sco_get_version(context, REQUEST=None):
def test_refactor(context, x=1): def test_refactor(context, x=1):
x = context.toto() x = context.toto()
y = ("context=" + context.module_is_locked("alpha")) + "23" y = ("context=" + context.module_is_locked("alpha")) + "23"
z = context.sco_header(
a_long_argument_hahahahaha=1,
another_very_long_arggggggggggggg=2,
z=6,
u=99,
kkkkkk=1,
)

View File

@ -138,7 +138,7 @@ Chercher étape courante: <input name="etape_apo" type="text" size="8" spellchec
) )
# #
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
if authuser.has_permission(ScoEtudInscrit, context): if authuser.has_permission(Permission.ScoEtudInscrit, context):
H.append( H.append(
"""<hr> """<hr>
<h3>Gestion des étudiants</h3> <h3>Gestion des étudiants</h3>
@ -151,7 +151,7 @@ Chercher étape courante: <input name="etape_apo" type="text" size="8" spellchec
""" """
) )
# #
if authuser.has_permission(ScoEditApo, context): if authuser.has_permission(Permission.ScoEditApo, context):
H.append( H.append(
"""<hr> """<hr>
<h3>Exports Apogée</h3> <h3>Exports Apogée</h3>

View File

@ -35,6 +35,7 @@ from TrivialFormulator import TrivialFormulator, TF, tf_error_message
import sco_codes_parcours import sco_codes_parcours
import sco_formsemestre import sco_formsemestre
from sco_exceptions import ScoValueError from sco_exceptions import ScoValueError
import sco_formation
def formation_delete(context, formation_id=None, dialog_confirmed=False, REQUEST=None): def formation_delete(context, formation_id=None, dialog_confirmed=False, REQUEST=None):
@ -223,6 +224,32 @@ def formation_edit(context, formation_id=None, create=False, REQUEST=None):
return REQUEST.RESPONSE.redirect("ue_list?formation_id=%s" % formation_id) return REQUEST.RESPONSE.redirect("ue_list?formation_id=%s" % formation_id)
def do_formation_create(context, args, REQUEST):
"create a formation"
cnx = context.GetDBConnexion()
# check unique acronyme/titre/version
a = args.copy()
if a.has_key("formation_id"):
del a["formation_id"]
F = context.formation_list(args=a)
if len(F) > 0:
log("do_formation_create: error: %d formations matching args=%s" % (len(F), a))
raise ScoValueError("Formation non unique (%s) !" % str(a))
# Si pas de formation_code, l'enleve (default SQL)
if args.has_key("formation_code") and not args["formation_code"]:
del args["formation_code"]
#
r = _formationEditor.create(cnx, args)
sco_news.add(
context,
REQUEST,
typ=NEWS_FORM,
text="Création de la formation %(titre)s (%(acronyme)s)" % args,
)
return r
def do_formation_edit(context, args): def do_formation_edit(context, args):
"edit a formation" "edit a formation"
# log('do_formation_edit( args=%s )'%args) # log('do_formation_edit( args=%s )'%args)
@ -238,7 +265,7 @@ def do_formation_edit(context, args):
del args["formation_code"] del args["formation_code"]
cnx = context.GetDBConnexion() cnx = context.GetDBConnexion()
context._formationEditor.edit(cnx, args) sco_formation._formationEditor.edit(cnx, args)
# Invalide les semestres utilisant cette formation: # Invalide les semestres utilisant cette formation:
for sem in sco_formsemestre.do_formsemestre_list( for sem in sco_formsemestre.do_formsemestre_list(

View File

@ -417,7 +417,9 @@ def module_list(context, formation_id, REQUEST=None):
% F, % F,
'<ul class="notes_module_list">', '<ul class="notes_module_list">',
] ]
editable = REQUEST.AUTHENTICATED_USER.has_permission(ScoChangeFormation, context) editable = REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoChangeFormation, context
)
for Mod in context.do_module_list(args={"formation_id": formation_id}): for Mod in context.do_module_list(args={"formation_id": formation_id}):
H.append('<li class="notes_module_list">%s' % Mod) H.append('<li class="notes_module_list">%s' % Mod)

View File

@ -300,14 +300,16 @@ def ue_list(context, formation_id=None, msg="", REQUEST=None):
ue_list.sort(key=lambda u: (u["semestre_id"], u["numero"])) ue_list.sort(key=lambda u: (u["semestre_id"], u["numero"]))
has_duplicate_ue_codes = len(set([ue["ue_code"] for ue in ue_list])) != len(ue_list) has_duplicate_ue_codes = len(set([ue["ue_code"] for ue in ue_list])) != len(ue_list)
perm_change = authuser.has_permission(ScoChangeFormation, context) perm_change = authuser.has_permission(Permission.ScoChangeFormation, context)
# editable = (not locked) and perm_change # editable = (not locked) and perm_change
# On autorise maintanant la modification des formations qui ont des semestres verrouillés, # On autorise maintanant la modification des formations qui ont des semestres verrouillés,
# sauf si cela affect les notes passées (verrouillées): # sauf si cela affect les notes passées (verrouillées):
# - pas de modif des modules utilisés dans des semestres verrouillés # - pas de modif des modules utilisés dans des semestres verrouillés
# - pas de changement des codes d'UE utilisés dans des semestres verrouillés # - pas de changement des codes d'UE utilisés dans des semestres verrouillés
editable = perm_change editable = perm_change
tag_editable = authuser.has_permission(ScoEditFormationTags, context) or perm_change tag_editable = (
authuser.has_permission(Permission.ScoEditFormationTags, context) or perm_change
)
if locked: if locked:
lockicon = scu.icontag("lock32_img", title="verrouillé") lockicon = scu.icontag("lock32_img", title="verrouillé")
else: else:
@ -653,7 +655,7 @@ Si vous souhaitez modifier cette formation (par exemple pour y ajouter un module
H.append("</li>") H.append("</li>")
H.append("</ul>") H.append("</ul>")
if authuser.has_permission(ScoImplement, context): if authuser.has_permission(Permission.ScoImplement, context):
H.append( H.append(
"""<ul> """<ul>
<li><a class="stdlink" href="formsemestre_createwithmodules?formation_id=%(formation_id)s&semestre_id=1">Mettre en place un nouveau semestre de formation %(acronyme)s</a> <li><a class="stdlink" href="formsemestre_createwithmodules?formation_id=%(formation_id)s&semestre_id=1">Mettre en place un nouveau semestre de formation %(acronyme)s</a>

View File

@ -266,7 +266,7 @@ def form_search_etud_in_accessible_depts(context, REQUEST):
def can_view_dept(context, REQUEST): def can_view_dept(context, REQUEST):
"""True if auth user can access (View) this context""" """True if auth user can access (View) this context"""
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
return authuser.has_permission(ScoView, context) return authuser.has_permission(Permission.ScoView, context)
def search_etud_in_accessible_depts(context, expnom=None, code_nip=None, REQUEST=None): def search_etud_in_accessible_depts(context, expnom=None, code_nip=None, REQUEST=None):

View File

@ -217,7 +217,9 @@ def formation_list_table(context, formation_id=None, args={}, REQUEST=None):
"edit_img", border="0", alt="modifier", title="Modifier titres et code" "edit_img", border="0", alt="modifier", title="Modifier titres et code"
) )
editable = REQUEST.AUTHENTICATED_USER.has_permission(ScoChangeFormation, context) editable = REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoChangeFormation, context
)
# Traduit/ajoute des champs à afficher: # Traduit/ajoute des champs à afficher:
for f in formations: for f in formations:

View File

@ -105,7 +105,7 @@ def can_edit_sem(context, REQUEST, formsemestre_id="", sem=None):
"""Return sem if user can edit it, False otherwise""" """Return sem if user can edit it, False otherwise"""
sem = sem or sco_formsemestre.get_formsemestre(context, formsemestre_id) sem = sem or sco_formsemestre.get_formsemestre(context, formsemestre_id)
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
if not authuser.has_permission(ScoImplement, context): # pas chef if not authuser.has_permission(Permission.ScoImplement, context): # pas chef
if not sem["resp_can_edit"] or str(authuser) not in sem["responsables"]: if not sem["resp_can_edit"] or str(authuser) not in sem["responsables"]:
return False return False
return sem return sem
@ -118,7 +118,7 @@ def do_formsemestre_createwithmodules(context, REQUEST=None, edit=False):
formsemestre_id = REQUEST.form["formsemestre_id"] formsemestre_id = REQUEST.form["formsemestre_id"]
sem = sco_formsemestre.get_formsemestre(context, formsemestre_id) sem = sco_formsemestre.get_formsemestre(context, formsemestre_id)
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
if not authuser.has_permission(ScoImplement, context): if not authuser.has_permission(Permission.ScoImplement, context):
if not edit: if not edit:
# il faut ScoImplement pour creer un semestre # il faut ScoImplement pour creer un semestre
raise AccessDenied("vous n'avez pas le droit d'effectuer cette opération") raise AccessDenied("vous n'avez pas le droit d'effectuer cette opération")
@ -434,7 +434,7 @@ def do_formsemestre_createwithmodules(context, REQUEST=None, edit=False):
}, },
), ),
] ]
if authuser.has_permission(ScoImplement, context): if authuser.has_permission(Permission.ScoImplement, context):
modform += [ modform += [
( (
"resp_can_edit", "resp_can_edit",

View File

@ -157,7 +157,7 @@ def formsemestre_status_menubar(context, sem, REQUEST):
"url": "formsemestre_editwithmodules?formation_id=%(formation_id)s&formsemestre_id=%(formsemestre_id)s" "url": "formsemestre_editwithmodules?formation_id=%(formation_id)s&formsemestre_id=%(formsemestre_id)s"
% sem, % sem,
"enabled": ( "enabled": (
authuser.has_permission(ScoImplement, context) authuser.has_permission(Permission.ScoImplement, context)
or ( or (
str(REQUEST.AUTHENTICATED_USER) in sem["responsables"] str(REQUEST.AUTHENTICATED_USER) in sem["responsables"]
and sem["resp_can_edit"] and sem["resp_can_edit"]
@ -171,7 +171,7 @@ def formsemestre_status_menubar(context, sem, REQUEST):
"url": "formsemestre_edit_preferences?formsemestre_id=%(formsemestre_id)s" "url": "formsemestre_edit_preferences?formsemestre_id=%(formsemestre_id)s"
% sem, % sem,
"enabled": ( "enabled": (
authuser.has_permission(ScoImplement, context) authuser.has_permission(Permission.ScoImplement, context)
or ( or (
str(REQUEST.AUTHENTICATED_USER) in sem["responsables"] str(REQUEST.AUTHENTICATED_USER) in sem["responsables"]
and sem["resp_can_edit"] and sem["resp_can_edit"]
@ -184,14 +184,14 @@ def formsemestre_status_menubar(context, sem, REQUEST):
"title": "Réglages bulletins", "title": "Réglages bulletins",
"url": "formsemestre_edit_options?formsemestre_id=" + formsemestre_id, "url": "formsemestre_edit_options?formsemestre_id=" + formsemestre_id,
"enabled": (uid in sem["responsables"]) "enabled": (uid in sem["responsables"])
or authuser.has_permission(ScoImplement, context), or authuser.has_permission(Permission.ScoImplement, context),
"helpmsg": "Change les options", "helpmsg": "Change les options",
}, },
{ {
"title": change_lock_msg, "title": change_lock_msg,
"url": "formsemestre_change_lock?formsemestre_id=" + formsemestre_id, "url": "formsemestre_change_lock?formsemestre_id=" + formsemestre_id,
"enabled": (uid in sem["responsables"]) "enabled": (uid in sem["responsables"])
or authuser.has_permission(ScoImplement, context), or authuser.has_permission(Permission.ScoImplement, context),
"helpmsg": "", "helpmsg": "",
}, },
{ {
@ -216,21 +216,21 @@ def formsemestre_status_menubar(context, sem, REQUEST):
{ {
"title": "Cloner ce semestre", "title": "Cloner ce semestre",
"url": "formsemestre_clone?formsemestre_id=" + formsemestre_id, "url": "formsemestre_clone?formsemestre_id=" + formsemestre_id,
"enabled": authuser.has_permission(ScoImplement, context), "enabled": authuser.has_permission(Permission.ScoImplement, context),
"helpmsg": "", "helpmsg": "",
}, },
{ {
"title": "Associer à une nouvelle version du programme", "title": "Associer à une nouvelle version du programme",
"url": "formsemestre_associate_new_version?formsemestre_id=" "url": "formsemestre_associate_new_version?formsemestre_id="
+ formsemestre_id, + formsemestre_id,
"enabled": authuser.has_permission(ScoChangeFormation, context) "enabled": authuser.has_permission(Permission.ScoChangeFormation, context)
and (sem["etat"] == "1"), and (sem["etat"] == "1"),
"helpmsg": "", "helpmsg": "",
}, },
{ {
"title": "Supprimer ce semestre", "title": "Supprimer ce semestre",
"url": "formsemestre_delete?formsemestre_id=" + formsemestre_id, "url": "formsemestre_delete?formsemestre_id=" + formsemestre_id,
"enabled": authuser.has_permission(ScoImplement, context), "enabled": authuser.has_permission(Permission.ScoImplement, context),
"helpmsg": "", "helpmsg": "",
}, },
] ]
@ -254,13 +254,13 @@ def formsemestre_status_menubar(context, sem, REQUEST):
{ {
"title": "Passage des étudiants depuis d'autres semestres", "title": "Passage des étudiants depuis d'autres semestres",
"url": "formsemestre_inscr_passage?formsemestre_id=" + formsemestre_id, "url": "formsemestre_inscr_passage?formsemestre_id=" + formsemestre_id,
"enabled": authuser.has_permission(ScoEtudInscrit, context) "enabled": authuser.has_permission(Permission.ScoEtudInscrit, context)
and (sem["etat"] == "1"), and (sem["etat"] == "1"),
}, },
{ {
"title": "Synchroniser avec étape Apogée", "title": "Synchroniser avec étape Apogée",
"url": "formsemestre_synchro_etuds?formsemestre_id=" + formsemestre_id, "url": "formsemestre_synchro_etuds?formsemestre_id=" + formsemestre_id,
"enabled": authuser.has_permission(ScoView, context) "enabled": authuser.has_permission(Permission.ScoView, context)
and context.get_preference("portal_url") and context.get_preference("portal_url")
and (sem["etat"] == "1"), and (sem["etat"] == "1"),
}, },
@ -268,26 +268,26 @@ def formsemestre_status_menubar(context, sem, REQUEST):
"title": "Inscrire un étudiant", "title": "Inscrire un étudiant",
"url": "formsemestre_inscription_with_modules_etud?formsemestre_id=" "url": "formsemestre_inscription_with_modules_etud?formsemestre_id="
+ formsemestre_id, + formsemestre_id,
"enabled": authuser.has_permission(ScoEtudInscrit, context) "enabled": authuser.has_permission(Permission.ScoEtudInscrit, context)
and (sem["etat"] == "1"), and (sem["etat"] == "1"),
}, },
{ {
"title": "Importer des étudiants dans ce semestre (table Excel)", "title": "Importer des étudiants dans ce semestre (table Excel)",
"url": "form_students_import_excel?formsemestre_id=" + formsemestre_id, "url": "form_students_import_excel?formsemestre_id=" + formsemestre_id,
"enabled": authuser.has_permission(ScoEtudInscrit, context) "enabled": authuser.has_permission(Permission.ScoEtudInscrit, context)
and (sem["etat"] == "1"), and (sem["etat"] == "1"),
}, },
{ {
"title": "Import/export des données admission", "title": "Import/export des données admission",
"url": "form_students_import_infos_admissions?formsemestre_id=" "url": "form_students_import_infos_admissions?formsemestre_id="
+ formsemestre_id, + formsemestre_id,
"enabled": authuser.has_permission(ScoView, context), "enabled": authuser.has_permission(Permission.ScoView, context),
}, },
{ {
"title": "Resynchroniser données identité", "title": "Resynchroniser données identité",
"url": "formsemestre_import_etud_admission?formsemestre_id=" "url": "formsemestre_import_etud_admission?formsemestre_id="
+ formsemestre_id, + formsemestre_id,
"enabled": authuser.has_permission(ScoEtudChangeAdr, context) "enabled": authuser.has_permission(Permission.ScoEtudChangeAdr, context)
and context.get_preference("portal_url"), and context.get_preference("portal_url"),
}, },
{ {
@ -750,7 +750,7 @@ def _make_listes_sem(context, sem, REQUEST=None, with_absences=True):
# #
H = [] H = []
# pas de menu absences si pas autorise: # pas de menu absences si pas autorise:
if with_absences and not authuser.has_permission(ScoAbsChange, context): if with_absences and not authuser.has_permission(Permission.ScoAbsChange, context):
with_absences = False with_absences = False
# #

View File

@ -62,7 +62,7 @@ def can_change_groups(context, REQUEST, formsemestre_id):
if sem["etat"] != "1": if sem["etat"] != "1":
return False # semestre verrouillé return False # semestre verrouillé
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
if authuser.has_permission(ScoEtudChangeGroups, context): if authuser.has_permission(Permission.ScoEtudChangeGroups, context):
return True # admin, chef dept return True # admin, chef dept
uid = str(authuser) uid = str(authuser)
if uid in sem["responsables"]: if uid in sem["responsables"]:

View File

@ -851,13 +851,13 @@ def tab_absences_html(context, groups_infos, etat=None, REQUEST=None):
# Lien pour verif codes INE/NIP # Lien pour verif codes INE/NIP
# (pour tous les etudiants du semestre) # (pour tous les etudiants du semestre)
group_id = sco_groups.get_default_group(context, groups_infos.formsemestre_id) group_id = sco_groups.get_default_group(context, groups_infos.formsemestre_id)
if authuser.has_permission(ScoEtudInscrit, context): if authuser.has_permission(Permission.ScoEtudInscrit, context):
H.append( H.append(
'<li><a class="stdlink" href="check_group_apogee?group_id=%s&etat=%s">Vérifier codes Apogée</a> (de tous les groupes)</li>' '<li><a class="stdlink" href="check_group_apogee?group_id=%s&etat=%s">Vérifier codes Apogée</a> (de tous les groupes)</li>'
% (group_id, etat or "") % (group_id, etat or "")
) )
# Lien pour ajout fichiers étudiants # Lien pour ajout fichiers étudiants
if authuser.has_permission(ScoEtudAddAnnotations, context): if authuser.has_permission(Permission.ScoEtudAddAnnotations, context):
H.append( H.append(
"""<li><a class="stdlink" href="etudarchive_import_files_form?group_id=%s">Télécharger des fichiers associés aux étudiants (e.g. dossiers d'admission)</a></li>""" """<li><a class="stdlink" href="etudarchive_import_files_form?group_id=%s">Télécharger des fichiers associés aux étudiants (e.g. dossiers d'admission)</a></li>"""
% (group_id) % (group_id)
@ -880,7 +880,7 @@ def form_choix_jour_saisie_hebdo(
): ):
"""Formulaire choix jour semaine pour saisie.""" """Formulaire choix jour semaine pour saisie."""
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
if not authuser.has_permission(ScoAbsChange, context): if not authuser.has_permission(Permission.ScoAbsChange, context):
return "" return ""
sem = groups_infos.formsemestre sem = groups_infos.formsemestre
first_monday = sco_abs.ddmmyyyy(sem["date_debut"]).prev_monday() first_monday = sco_abs.ddmmyyyy(sem["date_debut"]).prev_monday()
@ -921,7 +921,7 @@ def form_choix_jour_saisie_hebdo(
# Formulaire saisie absences semaine # Formulaire saisie absences semaine
def form_choix_saisie_semaine(context, groups_infos, REQUEST=None): def form_choix_saisie_semaine(context, groups_infos, REQUEST=None):
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
if not authuser.has_permission(ScoAbsChange, context): if not authuser.has_permission(Permission.ScoAbsChange, context):
return "" return ""
# construit l'URL "destination" # construit l'URL "destination"
# (a laquelle on revient apres saisie absences) # (a laquelle on revient apres saisie absences)

View File

@ -302,7 +302,7 @@ def can_change_module_resp(context, REQUEST, moduleimpl_id):
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
uid = str(authuser) uid = str(authuser)
# admin ou resp. semestre avec flag resp_can_change_resp # admin ou resp. semestre avec flag resp_can_change_resp
if not authuser.has_permission(ScoImplement, context) and ( if not authuser.has_permission(Permission.ScoImplement, context) and (
(uid not in sem["responsables"]) or (not sem["resp_can_change_ens"]) (uid not in sem["responsables"]) or (not sem["resp_can_change_ens"])
): ):
raise AccessDenied("Modification impossible pour %s" % uid) raise AccessDenied("Modification impossible pour %s" % uid)
@ -325,7 +325,7 @@ def can_change_ens(context, REQUEST, moduleimpl_id, raise_exc=True):
# admin, resp. module ou resp. semestre # admin, resp. module ou resp. semestre
if ( if (
uid != M["responsable_id"] uid != M["responsable_id"]
and not authuser.has_permission(ScoImplement, context) and not authuser.has_permission(Permission.ScoImplement, context)
and (uid not in sem["responsables"]) and (uid not in sem["responsables"])
): ):
if raise_exc: if raise_exc:

View File

@ -245,7 +245,10 @@ def moduleimpl_inscriptions_stats(context, formsemestre_id, REQUEST=None):
context, formsemestre_id context, formsemestre_id
) )
can_change = authuser.has_permission(ScoEtudInscrit, context) and sem["etat"] == "1" can_change = (
authuser.has_permission(Permission.ScoEtudInscrit, context)
and sem["etat"] == "1"
)
# Liste des modules # Liste des modules
Mlist = sco_moduleimpl.do_moduleimpl_withmodule_list( Mlist = sco_moduleimpl.do_moduleimpl_withmodule_list(

View File

@ -217,7 +217,7 @@ def moduleimpl_status(context, moduleimpl_id=None, partition_id=None, REQUEST=No
"""<tr><td class="fichetitre2">Inscrits: </td><td> %d étudiants""" """<tr><td class="fichetitre2">Inscrits: </td><td> %d étudiants"""
% len(ModInscrits) % len(ModInscrits)
) )
if authuser.has_permission(ScoEtudInscrit, context): if authuser.has_permission(Permission.ScoEtudInscrit, context):
H.append( H.append(
"""<a class="stdlink" style="margin-left:2em;" href="moduleimpl_inscriptions_edit?moduleimpl_id=%s">modifier</a>""" """<a class="stdlink" style="margin-left:2em;" href="moduleimpl_inscriptions_edit?moduleimpl_id=%s">modifier</a>"""
% M["moduleimpl_id"] % M["moduleimpl_id"]

View File

@ -67,80 +67,78 @@ def _menuScolarite(context, authuser, sem, etudid):
return lockicon # no menu return lockicon # no menu
if not authuser.has_permission( if not authuser.has_permission(
ScoEtudInscrit, context ScoEtudInscrit, context
) and not authuser.has_permission(ScoEtudChangeGroups, context): ) and not authuser.has_permission(Permission.ScoEtudChangeGroups, context):
return "" # no menu return "" # no menu
ins = sem["ins"] ins = sem["ins"]
args = {"etudid": etudid, "formsemestre_id": ins["formsemestre_id"]} args = {"etudid": etudid, "formsemestre_id": ins["formsemestre_id"]}
if ins["etat"] != "D": if ins["etat"] != "D":
dem_title = "Démission" dem_title = "Démission"
dem_url = ( dem_url = "formDem?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s" % args
"formDem?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s" % args
)
else: else:
dem_title = "Annuler la démission" dem_title = "Annuler la démission"
dem_url = ( dem_url = (
"doCancelDem?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s" "doCancelDem?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s" % args
% args
) )
# Note: seul un etudiant inscrit (I) peut devenir défaillant. # Note: seul un etudiant inscrit (I) peut devenir défaillant.
if ins["etat"] != sco_codes_parcours.DEF: if ins["etat"] != sco_codes_parcours.DEF:
def_title = "Déclarer défaillance" def_title = "Déclarer défaillance"
def_url = ( def_url = "formDef?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s" % args
"formDef?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s" % args
)
elif ins["etat"] == sco_codes_parcours.DEF: elif ins["etat"] == sco_codes_parcours.DEF:
def_title = "Annuler la défaillance" def_title = "Annuler la défaillance"
def_url = ( def_url = (
"doCancelDef?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s" "doCancelDef?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s" % args
% args
) )
def_enabled = ( def_enabled = (
(ins["etat"] != "D") (ins["etat"] != "D")
and authuser.has_permission(ScoEtudInscrit, context) and authuser.has_permission(Permission.ScoEtudInscrit, context)
and not locked and not locked
) )
items = [ items = [
# { 'title' : 'Changer de groupe', # { 'title' : 'Changer de groupe',
# 'url' : 'formChangeGroup?etudid=%s&formsemestre_id=%s' % (etudid,ins['formsemestre_id']), # 'url' : 'formChangeGroup?etudid=%s&formsemestre_id=%s' % (etudid,ins['formsemestre_id']),
# 'enabled' : authuser.has_permission(ScoEtudChangeGroups,context) and not locked, # 'enabled' : authuser.has_permission(Permission.ScoEtudChangeGroups,context) and not locked,
# }, # },
{ {
"title": dem_title, "title": dem_title,
"url": dem_url, "url": dem_url,
"enabled": authuser.has_permission(ScoEtudInscrit, context) and not locked, "enabled": authuser.has_permission(Permission.ScoEtudInscrit, context)
and not locked,
}, },
{ {
"title": "Validation du semestre (jury)", "title": "Validation du semestre (jury)",
"url": "Notes/formsemestre_validation_etud_form?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s" "url": "Notes/formsemestre_validation_etud_form?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s"
% args, % args,
"enabled": authuser.has_permission(ScoEtudInscrit, context) and not locked, "enabled": authuser.has_permission(Permission.ScoEtudInscrit, context)
and not locked,
}, },
{"title": def_title, "url": def_url, "enabled": def_enabled}, {"title": def_title, "url": def_url, "enabled": def_enabled},
{ {
"title": "Inscrire à un module optionnel (ou au sport)", "title": "Inscrire à un module optionnel (ou au sport)",
"url": "Notes/formsemestre_inscription_option?formsemestre_id=%(formsemestre_id)s&etudid=%(etudid)s" "url": "Notes/formsemestre_inscription_option?formsemestre_id=%(formsemestre_id)s&etudid=%(etudid)s"
% args, % args,
"enabled": authuser.has_permission(ScoEtudInscrit, context) and not locked, "enabled": authuser.has_permission(Permission.ScoEtudInscrit, context)
and not locked,
}, },
{ {
"title": "Désinscrire (en cas d'erreur)", "title": "Désinscrire (en cas d'erreur)",
"url": "Notes/formsemestre_desinscription?formsemestre_id=%(formsemestre_id)s&etudid=%(etudid)s" "url": "Notes/formsemestre_desinscription?formsemestre_id=%(formsemestre_id)s&etudid=%(etudid)s"
% args, % args,
"enabled": authuser.has_permission(ScoEtudInscrit, context) and not locked, "enabled": authuser.has_permission(Permission.ScoEtudInscrit, context)
and not locked,
}, },
{ {
"title": "Inscrire à un autre semestre", "title": "Inscrire à un autre semestre",
"url": "Notes/formsemestre_inscription_with_modules_form?etudid=%(etudid)s" "url": "Notes/formsemestre_inscription_with_modules_form?etudid=%(etudid)s"
% args, % args,
"enabled": authuser.has_permission(ScoEtudInscrit, context), "enabled": authuser.has_permission(Permission.ScoEtudInscrit, context),
}, },
{ {
"title": "Enregistrer un semestre effectué ailleurs", "title": "Enregistrer un semestre effectué ailleurs",
"url": "Notes/formsemestre_ext_create_form?formsemestre_id=%(formsemestre_id)s&etudid=%(etudid)s" "url": "Notes/formsemestre_ext_create_form?formsemestre_id=%(formsemestre_id)s&etudid=%(etudid)s"
% args, % args,
"enabled": authuser.has_permission(ScoImplement, context), "enabled": authuser.has_permission(Permission.ScoImplement, context),
}, },
] ]
@ -206,7 +204,7 @@ def ficheEtud(context, etudid=None, REQUEST=None):
else: else:
info["emaillink"] = "<em>(pas d'adresse e-mail)</em>" info["emaillink"] = "<em>(pas d'adresse e-mail)</em>"
# champs dependant des permissions # champs dependant des permissions
if authuser.has_permission(ScoEtudChangeAdr, context): if authuser.has_permission(Permission.ScoEtudChangeAdr, context):
info["modifadresse"] = ( info["modifadresse"] = (
'<a class="stdlink" href="formChangeCoordonnees?etudid=%s">modifier adresse</a>' '<a class="stdlink" href="formChangeCoordonnees?etudid=%s">modifier adresse</a>'
% etudid % etudid
@ -272,7 +270,7 @@ def ficheEtud(context, etudid=None, REQUEST=None):
else: else:
# non inscrit # non inscrit
l = ["<p><b>Etudiant%s non inscrit%s" % (info["ne"], info["ne"])] l = ["<p><b>Etudiant%s non inscrit%s" % (info["ne"], info["ne"])]
if authuser.has_permission(ScoEtudInscrit, context): if authuser.has_permission(Permission.ScoEtudInscrit, context):
l.append( l.append(
'<a href="%s/Notes/formsemestre_inscription_with_modules_form?etudid=%s">inscrire</a></li>' '<a href="%s/Notes/formsemestre_inscription_with_modules_form?etudid=%s">inscrire</a></li>'
% (context.ScoURL(), etudid) % (context.ScoURL(), etudid)
@ -517,17 +515,17 @@ def menus_etud(context, REQUEST=None):
{ {
"title": "Changer la photo", "title": "Changer la photo",
"url": "formChangePhoto?etudid=%(etudid)s" % etud, "url": "formChangePhoto?etudid=%(etudid)s" % etud,
"enabled": authuser.has_permission(ScoEtudChangeAdr, context), "enabled": authuser.has_permission(Permission.ScoEtudChangeAdr, context),
}, },
{ {
"title": "Changer les données identité/admission", "title": "Changer les données identité/admission",
"url": "etudident_edit_form?etudid=%(etudid)s" % etud, "url": "etudident_edit_form?etudid=%(etudid)s" % etud,
"enabled": authuser.has_permission(ScoEtudInscrit, context), "enabled": authuser.has_permission(Permission.ScoEtudInscrit, context),
}, },
{ {
"title": "Supprimer cet étudiant...", "title": "Supprimer cet étudiant...",
"url": "etudident_delete?etudid=%(etudid)s" % etud, "url": "etudident_delete?etudid=%(etudid)s" % etud,
"enabled": authuser.has_permission(ScoEtudInscrit, context), "enabled": authuser.has_permission(Permission.ScoEtudInscrit, context),
}, },
{ {
"title": "Voir le journal...", "title": "Voir le journal...",

View File

@ -74,12 +74,12 @@ def can_edit_notes(context, authuser, moduleimpl_id, allow_ens=True):
if sco_parcours_dut.formsemestre_has_decisions(context, sem["formsemestre_id"]): if sco_parcours_dut.formsemestre_has_decisions(context, sem["formsemestre_id"]):
# il y a des décisions de jury dans ce semestre ! # il y a des décisions de jury dans ce semestre !
return ( return (
authuser.has_permission(ScoEditAllNotes, context) authuser.has_permission(Permission.ScoEditAllNotes, context)
or uid in sem["responsables"] or uid in sem["responsables"]
) )
else: else:
if ( if (
(not authuser.has_permission(ScoEditAllNotes, context)) (not authuser.has_permission(Permission.ScoEditAllNotes, context))
and uid != M["responsable_id"] and uid != M["responsable_id"]
and uid not in sem["responsables"] and uid not in sem["responsables"]
): ):

View File

@ -90,7 +90,7 @@ def formsemestre_synchro_etuds(
sem["etape_apo_str"] = sco_formsemestre.formsemestre_etape_apo_str(sem) sem["etape_apo_str"] = sco_formsemestre.formsemestre_etape_apo_str(sem)
# Write access ? # Write access ?
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
if not authuser.has_permission(ScoEtudInscrit, context): if not authuser.has_permission(Permission.ScoEtudInscrit, context):
read_only = True read_only = True
if read_only: if read_only:
submitted = False submitted = False

View File

@ -237,7 +237,7 @@ def module_tag_set(context, module_id="", taglist=[], REQUEST=None):
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
tag_editable = authuser.has_permission( tag_editable = authuser.has_permission(
ScoEditFormationTags, context ScoEditFormationTags, context
) or authuser.has_permission(ScoChangeFormation, context) ) or authuser.has_permission(Permission.ScoChangeFormation, context)
if not tag_editable: if not tag_editable:
raise AccessDenied("Modification des tags impossible pour %s" % authuser) raise AccessDenied("Modification des tags impossible pour %s" % authuser)
# #

View File

@ -81,7 +81,7 @@ def external_ue_create(
sem = sco_formsemestre.get_formsemestre(context, formsemestre_id) sem = sco_formsemestre.get_formsemestre(context, formsemestre_id)
# Contrôle d'accès: # Contrôle d'accès:
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
if not authuser.has_permission(ScoImplement, context): if not authuser.has_permission(Permission.ScoImplement, context):
if not sem["resp_can_edit"] or str(authuser) not in sem["responsables"]: if not sem["resp_can_edit"] or str(authuser) not in sem["responsables"]:
raise AccessDenied("vous n'avez pas le droit d'effectuer cette opération") raise AccessDenied("vous n'avez pas le droit d'effectuer cette opération")
# #
@ -210,7 +210,7 @@ def external_ue_create_form(context, formsemestre_id, etudid, REQUEST=None):
sem = sco_formsemestre.get_formsemestre(context, formsemestre_id) sem = sco_formsemestre.get_formsemestre(context, formsemestre_id)
# Contrôle d'accès: # Contrôle d'accès:
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
if not authuser.has_permission(ScoImplement, context): if not authuser.has_permission(Permission.ScoImplement, context):
if not sem["resp_can_edit"] or str(authuser) not in sem["responsables"]: if not sem["resp_can_edit"] or str(authuser) not in sem["responsables"]:
raise AccessDenied("vous n'avez pas le droit d'effectuer cette opération") raise AccessDenied("vous n'avez pas le droit d'effectuer cette opération")

View File

@ -95,6 +95,16 @@ from app.scodoc.sco_abs import ddmmyyyy
CSSSTYLES = html_sco_header.BOOTSTRAP_MULTISELECT_CSS CSSSTYLES = html_sco_header.BOOTSTRAP_MULTISELECT_CSS
context = ScoDoc7Context(globals())
def sco_publish(route, function, permission):
"""Declare a route for a python function,
protected by permission and called following ScoDoc 7 Zope standards.
"""
bp.route(route)(permission_required(permission)(scodoc7func(context)(function)))
def _toboolean(x): def _toboolean(x):
"convert a value to boolean (ensure backward compat with OLD intranet code)" "convert a value to boolean (ensure backward compat with OLD intranet code)"
if type(x) == type(""): if type(x) == type(""):

View File

@ -67,68 +67,68 @@ from app.scodoc.sco_exceptions import (
ScoGenError, ScoGenError,
AccessDenied, AccessDenied,
) )
from app.scodoc.sco_permissions import Permission, ScoImplement
from app.scodoc.TrivialFormulator import TrivialFormulator
import app.scodoc.htmlutils as htmlutils
import app.scodoc.sco_excel as sco_excel
from app.scodoc.gen_tables import GenTable
from app.scodoc import sco_cache as sco_cache
from app.scodoc import scolars as scolars
from app.scodoc import sco_news as sco_news
from app.scodoc.sco_news import NEWS_INSCR, NEWS_NOTE, NEWS_FORM, NEWS_SEM, NEWS_MISC
from app.scodoc import sco_formsemestre as sco_formsemestre
from app.scodoc import sco_formsemestre_edit as sco_formsemestre_edit
from app.scodoc import sco_formsemestre_status as sco_formsemestre_status
from app.scodoc import sco_formsemestre_inscriptions as sco_formsemestre_inscriptions
from app.scodoc import sco_formsemestre_custommenu as sco_formsemestre_custommenu
from app.scodoc import sco_moduleimpl as sco_moduleimpl
from app.scodoc import sco_moduleimpl_status as sco_moduleimpl_status
from app.scodoc import sco_moduleimpl_inscriptions as sco_moduleimpl_inscriptions
from app.scodoc import sco_evaluations as sco_evaluations
from app.scodoc import sco_groups as sco_groups
from app.scodoc import sco_edit_ue as sco_edit_ue
from app.scodoc import sco_edit_formation as sco_edit_formation
from app.scodoc import sco_edit_matiere as sco_edit_matiere
from app.scodoc import sco_edit_module as sco_edit_module
from app.scodoc import sco_tag_module as sco_tag_module
from app.scodoc import sco_bulletins as sco_bulletins
from app.scodoc import sco_bulletins_pdf as sco_bulletins_pdf
from app.scodoc import sco_compute_moy as sco_compute_moy
from app.scodoc import sco_recapcomplet as sco_recapcomplet
from app.scodoc import sco_liste_notes as sco_liste_notes
from app.scodoc import sco_saisie_notes as sco_saisie_notes
from app.scodoc import sco_placement as sco_placement
from app.scodoc import sco_undo_notes as sco_undo_notes
from app.scodoc import sco_formations as sco_formations
from app.scodoc import sco_report as sco_report
from app.scodoc import sco_lycee as sco_lycee
from app.scodoc import sco_poursuite_dut as sco_poursuite_dut
from app.scodoc import pe_view as pe_view
from app.scodoc import sco_debouche as sco_debouche
from app.scodoc import sco_ue_external as sco_ue_external
from app.scodoc import sco_cost_formation as sco_cost_formation
from app.scodoc import sco_formsemestre_validation as sco_formsemestre_validation
from app.scodoc import sco_parcours_dut as sco_parcours_dut
from app.scodoc import sco_codes_parcours as sco_codes_parcours
from app.scodoc import sco_pvjury as sco_pvjury
from app.scodoc import sco_pvpdf as sco_pvpdf
from app.scodoc import sco_prepajury as sco_prepajury
from app.scodoc import sco_inscr_passage as sco_inscr_passage
from app.scodoc import sco_synchro_etuds as sco_synchro_etuds
from app.scodoc import sco_archives as sco_archives
from app.scodoc import sco_apogee_csv as sco_apogee_csv
from app.scodoc import sco_etape_apogee_view as sco_etape_apogee_view
from app.scodoc import sco_apogee_compare as sco_apogee_compare
from app.scodoc import sco_semset as sco_semset
from app.scodoc import sco_export_results as sco_export_results
from app.scodoc import sco_formsemestre_exterieurs as sco_formsemestre_exterieurs
from app.scodoc.sco_pdf import PDFLOCK from app.scodoc.sco_pdf import PDFLOCK
from app.scodoc import notes_table as notes_table
from app.scodoc.notes_table import NOTES_CACHE_INST, CacheNotesTable from app.scodoc.notes_table import NOTES_CACHE_INST, CacheNotesTable
import app.scodoc.VERSION as VERSION import app.scodoc.VERSION as VERSION
from app.scodoc.sco_news import NEWS_INSCR, NEWS_NOTE, NEWS_FORM, NEWS_SEM, NEWS_MISC
from app.scodoc.gen_tables import GenTable
from app.scodoc.sco_permissions import Permission, ScoImplement
from app.scodoc.TrivialFormulator import TrivialFormulator
from app.scodoc import htmlutils
from app.scodoc import sco_excel
from app.scodoc import sco_cache
from app.scodoc import scolars
from app.scodoc import sco_news
from app.scodoc import sco_formsemestre
from app.scodoc import sco_formsemestre_edit
from app.scodoc import sco_formsemestre_status
from app.scodoc import sco_formsemestre_inscriptions
from app.scodoc import sco_formsemestre_custommenu
from app.scodoc import sco_moduleimpl
from app.scodoc import sco_moduleimpl_status
from app.scodoc import sco_moduleimpl_inscriptions
from app.scodoc import sco_evaluations
from app.scodoc import sco_groups
from app.scodoc import sco_edit_ue
from app.scodoc import sco_edit_formation
from app.scodoc import sco_edit_matiere
from app.scodoc import sco_edit_module
from app.scodoc import sco_tag_module
from app.scodoc import sco_bulletins
from app.scodoc import sco_bulletins_pdf
from app.scodoc import sco_compute_moy
from app.scodoc import sco_recapcomplet
from app.scodoc import sco_liste_notes
from app.scodoc import sco_saisie_notes
from app.scodoc import sco_placement
from app.scodoc import sco_undo_notes
from app.scodoc import sco_formations
from app.scodoc import sco_report
from app.scodoc import sco_lycee
from app.scodoc import sco_poursuite_dut
from app.scodoc import pe_view
from app.scodoc import sco_debouche
from app.scodoc import sco_ue_external
from app.scodoc import sco_cost_formation
from app.scodoc import sco_formsemestre_validation
from app.scodoc import sco_parcours_dut
from app.scodoc import sco_codes_parcours
from app.scodoc import sco_pvjury
from app.scodoc import sco_pvpdf
from app.scodoc import sco_prepajury
from app.scodoc import sco_inscr_passage
from app.scodoc import sco_synchro_etuds
from app.scodoc import sco_archives
from app.scodoc import sco_apogee_csv
from app.scodoc import sco_etape_apogee_view
from app.scodoc import sco_apogee_compare
from app.scodoc import sco_semset
from app.scodoc import sco_export_results
from app.scodoc import sco_formsemestre_exterieurs
from app.scodoc import notes_table
context = ScoDoc7Context(globals())
def sco_publish(route, function, permission): def sco_publish(route, function, permission):
@ -405,7 +405,9 @@ sco_publish(
def index_html(context, REQUEST=None): def index_html(context, REQUEST=None):
"Page accueil formations" "Page accueil formations"
editable = REQUEST.AUTHENTICATED_USER.has_permission(ScoChangeFormation, context) editable = REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoChangeFormation, g.scodoc_dept
)
H = [ H = [
context.sco_header(REQUEST, page_title="Programmes formations"), context.sco_header(REQUEST, page_title="Programmes formations"),
@ -435,21 +437,6 @@ def index_html(context, REQUEST=None):
# -------------------------------------------------------------------- # --------------------------------------------------------------------
# --- Formations # --- Formations
_formationEditor = ndb.EditableTable(
"notes_formations",
"formation_id",
(
"formation_id",
"acronyme",
"titre",
"titre_officiel",
"version",
"formation_code",
"type_parcours",
"code_specialite",
),
sortkey="acronyme",
)
@bp.route("/do_formation_create") @bp.route("/do_formation_create")
@ -470,7 +457,7 @@ def do_formation_create(context, args, REQUEST):
if args.has_key("formation_code") and not args["formation_code"]: if args.has_key("formation_code") and not args["formation_code"]:
del args["formation_code"] del args["formation_code"]
# #
r = context._formationEditor.create(cnx, args) r = _formationEditor.create(cnx, args)
sco_news.add( sco_news.add(
context, context,
@ -497,7 +484,7 @@ def do_formation_delete(context, oid, REQUEST):
for ue in ues: for ue in ues:
context._do_ue_delete(ue["ue_id"], REQUEST=REQUEST, force=True) context._do_ue_delete(ue["ue_id"], REQUEST=REQUEST, force=True)
context._formationEditor.delete(cnx, oid) _formationEditor.delete(cnx, oid)
# news # news
sco_news.add( sco_news.add(
@ -523,7 +510,7 @@ def formation_list(context, format=None, REQUEST=None, formation_id=None, args={
else: else:
args = {"formation_id": formation_id} args = {"formation_id": formation_id}
cnx = context.GetDBConnexion() cnx = context.GetDBConnexion()
r = context._formationEditor.list(cnx, args=args) r = _formationEditor.list(cnx, args=args)
# log('%d formations found' % len(r)) # log('%d formations found' % len(r))
return scu.sendResult(REQUEST, r, name="formation", format=format) return scu.sendResult(REQUEST, r, name="formation", format=format)
@ -2247,7 +2234,7 @@ def _evaluation_check_write_access(context, REQUEST, moduleimpl_id=None):
sem = sco_formsemestre.get_formsemestre(context, M["formsemestre_id"]) sem = sco_formsemestre.get_formsemestre(context, M["formsemestre_id"])
if ( if (
(not authuser.has_permission(ScoEditAllEvals, context)) (not authuser.has_permission(Permission.ScoEditAllEvals, context))
and uid != M["responsable_id"] and uid != M["responsable_id"]
and uid not in sem["responsables"] and uid not in sem["responsables"]
): ):
@ -2834,7 +2821,7 @@ def appreciation_add_form(
sem = sco_formsemestre.get_formsemestre(context, formsemestre_id) sem = sco_formsemestre.get_formsemestre(context, formsemestre_id)
# check custom access permission # check custom access permission
can_edit_app = (str(authuser) in sem["responsables"]) or ( can_edit_app = (str(authuser) in sem["responsables"]) or (
authuser.has_permission(ScoEtudInscrit, context) authuser.has_permission(Permission.ScoEtudInscrit, context)
) )
if not can_edit_app: if not can_edit_app:
raise AccessDenied("vous n'avez pas le droit d'ajouter une appreciation") raise AccessDenied("vous n'avez pas le droit d'ajouter une appreciation")
@ -2923,7 +2910,7 @@ def _can_edit_pv(context, REQUEST, formsemestre_id):
# Autorise les secrétariats, repérés via la permission ScoEtudChangeAdr # Autorise les secrétariats, repérés via la permission ScoEtudChangeAdr
# (ceci nous évite d'ajouter une permission Zope aux installations existantes) # (ceci nous évite d'ajouter une permission Zope aux installations existantes)
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
return authuser.has_permission(ScoEtudChangeAdr, context) return authuser.has_permission(Permission.ScoEtudChangeAdr, context)
# --- FORMULAIRE POUR VALIDATION DES UE ET SEMESTRES # --- FORMULAIRE POUR VALIDATION DES UE ET SEMESTRES
@ -2939,7 +2926,7 @@ def _can_validate_sem(context, REQUEST, formsemestre_id):
def _is_chef_or_diretud(context, REQUEST, sem): def _is_chef_or_diretud(context, REQUEST, sem):
"Vrai si utilisateur est admin, chef dept ou responsable du semestre" "Vrai si utilisateur est admin, chef dept ou responsable du semestre"
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
if authuser.has_permission(ScoImplement, context): if authuser.has_permission(Permission.ScoImplement, context):
return True # admin, chef dept return True # admin, chef dept
uid = str(authuser) uid = str(authuser)
if uid in sem["responsables"]: if uid in sem["responsables"]:

View File

@ -88,7 +88,6 @@ from app.scodoc.sco_permissions import (
ScoEditApo, ScoEditApo,
ScoSuperAdmin, ScoSuperAdmin,
) )
import app.scodoc.sco_permissions
from app.scodoc.sco_exceptions import ( from app.scodoc.sco_exceptions import (
AccessDenied, AccessDenied,
ScoException, ScoException,
@ -99,10 +98,9 @@ from app.scodoc.sco_exceptions import (
ScoInvalidDept, ScoInvalidDept,
) )
from app.scodoc.TrivialFormulator import TrivialFormulator, tf_error_message from app.scodoc.TrivialFormulator import TrivialFormulator, tf_error_message
import app.scodoc.scolars from app.scodoc.sco_news import NEWS_INSCR, NEWS_NOTE, NEWS_FORM, NEWS_SEM, NEWS_MISC
import app.scodoc.sco_codes_parcours from app.scodoc.VERSION import SCOVERSION, SCONEWS
import app.scodoc.sco_preferences
import app.scodoc.sco_formations
from app.scodoc.scolars import ( from app.scodoc.scolars import (
format_nom, format_nom,
format_prenom, format_prenom,
@ -111,40 +109,50 @@ from app.scodoc.scolars import (
format_lycee_from_code, format_lycee_from_code,
) )
from app.scodoc.scolars import format_telephone, format_pays, make_etud_args from app.scodoc.scolars import format_telephone, format_pays, make_etud_args
import app.scodoc.sco_find_etud
import app.scodoc.sco_photos
import app.scodoc.sco_formsemestre
import app.scodoc.sco_formsemestre_edit
import app.scodoc.sco_news
from app.scodoc.sco_news import NEWS_INSCR, NEWS_NOTE, NEWS_FORM, NEWS_SEM, NEWS_MISC
import app.scodoc.html_sco_header
import app.scodoc.html_sidebar
from app.scodoc.gen_tables import GenTable from app.scodoc.gen_tables import GenTable
import app.scodoc.sco_excel
import app.scodoc.imageresize
import app.scodoc.ImportScolars from app.scodoc import scolars
import app.scodoc.sco_abs from app.scodoc import sco_codes_parcours
import app.scodoc.sco_portal_apogee from app.scodoc import sco_preferences
import app.scodoc.sco_synchro_etuds from app.scodoc import sco_formations
import app.scodoc.sco_page_etud from app.scodoc import sco_permissions
import app.scodoc.sco_groups from app.scodoc import sco_find_etud
import app.scodoc.sco_trombino from app.scodoc import sco_photos
import app.scodoc.sco_groups_view from app.scodoc import sco_formsemestre
import app.scodoc.sco_trombino_tours from app.scodoc import sco_formsemestre_edit
import app.scodoc.sco_parcours_dut from app.scodoc import sco_news
import app.scodoc.sco_report from app.scodoc import html_sco_header
import app.scodoc.sco_archives_etud from app.scodoc import html_sidebar
import app.scodoc.sco_debouche from app.scodoc import sco_excel
import app.scodoc.sco_groups_edit from app.scodoc import imageresize
import app.scodoc.sco_up_to_date from app.scodoc import ImportScolars
import app.scodoc.sco_edt_cal from app.scodoc import sco_abs
import app.scodoc.sco_dept from app.scodoc import sco_portal_apogee
import app.scodoc.sco_dump_db from app.scodoc import sco_synchro_etuds
from app.scodoc import sco_page_etud
from app.scodoc import sco_groups
from app.scodoc import sco_trombino
from app.scodoc import sco_groups_view
from app.scodoc import sco_trombino_tours
from app.scodoc import sco_parcours_dut
from app.scodoc import sco_report
from app.scodoc import sco_archives_etud
from app.scodoc import sco_debouche
from app.scodoc import sco_groups_edit
from app.scodoc import sco_up_to_date
from app.scodoc import sco_edt_cal
from app.scodoc import sco_dept
from app.scodoc import sco_dump_db
from app.scodoc.VERSION import SCOVERSION, SCONEWS
context = ScoDoc7Context(globals())
def sco_publish(route, function, permission):
"""Declare a route for a python function,
protected by permission and called following ScoDoc 7 Zope standards.
"""
bp.route(route)(permission_required(permission)(scodoc7func(context)(function)))
log.set_log_directory(Config.INSTANCE_HOME + "/log") log.set_log_directory(Config.INSTANCE_HOME + "/log")
@ -221,7 +229,7 @@ def formsemestre_edit_preferences(context, formsemestre_id, REQUEST):
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
sem = sco_formsemestre.get_formsemestre(context.Notes, formsemestre_id) sem = sco_formsemestre.get_formsemestre(context.Notes, formsemestre_id)
ok = ( ok = (
authuser.has_permission(ScoImplement, context) authuser.has_permission(Permission.ScoImplement, context)
or ((str(authuser) in sem["responsables"]) and sem["resp_can_edit"]) or ((str(authuser) in sem["responsables"]) and sem["resp_can_edit"])
) and (sem["etat"] == "1") ) and (sem["etat"] == "1")
if ok: if ok:
@ -361,7 +369,8 @@ sco_publish(
# XMLgetEtudInfos était le nom dans l'ancienne API ScoDoc 6 # XMLgetEtudInfos était le nom dans l'ancienne API ScoDoc 6
@bp.route("/etud_info", "/XMLgetEtudInfos") @bp.route("/etud_info")
@bp.route("/XMLgetEtudInfos")
@permission_required(Permission.ScoView) @permission_required(Permission.ScoView)
@scodoc7func(context) @scodoc7func(context)
def etud_info(context, etudid=None, format="xml", REQUEST=None): def etud_info(context, etudid=None, format="xml", REQUEST=None):
@ -494,7 +503,7 @@ sco_publish(
# vrai si l'utilisateur peut modifier les informations de suivi sur la page etud" # vrai si l'utilisateur peut modifier les informations de suivi sur la page etud"
def can_edit_suivi(context, REQUEST=None): def can_edit_suivi(context, REQUEST=None):
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
return authuser.has_permission(ScoEtudChangeAdr, context) return authuser.has_permission(Permission.ScoEtudChangeAdr, context)
sco_publish( sco_publish(
@ -561,8 +570,8 @@ def canSuppressAnnotation(context, annotation_id, REQUEST):
# c'est pourquoi on teste aussi ScoEtudInscrit (normalement détenue par le chef) # c'est pourquoi on teste aussi ScoEtudInscrit (normalement détenue par le chef)
return ( return (
(str(authuser) == anno["zope_authenticated_user"]) (str(authuser) == anno["zope_authenticated_user"])
or authuser.has_permission(ScoEtudSupprAnnotations, context) or authuser.has_permission(Permission.ScoEtudSupprAnnotations, context)
or authuser.has_permission(ScoEtudInscrit, context) or authuser.has_permission(Permission.ScoEtudInscrit, context)
) )
@ -1861,7 +1870,7 @@ def form_students_import_infos_admissions(context, REQUEST, formsemestre_id=None
"formulaire import xls" "formulaire import xls"
authuser = REQUEST.AUTHENTICATED_USER authuser = REQUEST.AUTHENTICATED_USER
F = context.sco_footer(REQUEST) F = context.sco_footer(REQUEST)
if not authuser.has_permission(ScoEtudInscrit, context): if not authuser.has_permission(Permission.ScoEtudInscrit, context):
# autorise juste l'export # autorise juste l'export
H = [ H = [
context.sco_header( context.sco_header(

View File

@ -16,21 +16,21 @@ Pour chaque module dans views et dans scodoc:
from __future__ import print_function from __future__ import print_function
import re import re
from pprint import pprint as pp from pprint import pprint as pp
import os
import sys import sys
import types import types
import tempfile
import shutil
import click import click
import flask
import app # import flask
from app import create_app, cli, db
from app.auth.models import User, Role, UserRole
from config import Config # import app
# from app import create_app, cli, db
# from app.auth.models import User, Role, UserRole
from app.views import notes # from app.views import notes
TYPES_TO_SCAN = { TYPES_TO_SCAN = {
types.FunctionType, types.FunctionType,
@ -61,6 +61,8 @@ def scan_views_symbols():
"""Scan modules in app.views and returns """Scan modules in app.views and returns
{ } { }
""" """
import app
views_modules = [ views_modules = [
getattr(app.views, mod_name) getattr(app.views, mod_name)
for mod_name in dir(app.views) for mod_name in dir(app.views)
@ -102,6 +104,63 @@ def replace_context_calls(sourcefilename, sym2mod):
return source2, undefined_list return source2, undefined_list
sym2mod = scan_views_symbols() # sym2mod = scan_views_symbols()
source2, undefined_list = replace_context_calls("app/scodoc/sco_core.py", sym2mod) # source2, undefined_list = replace_context_calls("app/scodoc/sco_core.py", sym2mod)
def list_context_calls(sourcefilename):
"""List of methods called on context in this file"""
source = open(sourcefilename).read()
exp = re.compile(r"context\.([a-zA-Z0-9_]+)")
return sorted(set(exp.findall(source)))
@click.group()
def cli():
pass
@cli.command()
@click.argument("src_filenames", nargs=-1)
def showcontextcalls(src_filenames):
click.echo("Initialized the database")
S = {}
for sourcefilename in src_filenames:
l = list_context_calls(sourcefilename)
module_name = os.path.splitext(os.path.split(sourcefilename)[1])[0]
for m in l:
if m in S:
S[m].append(module_name)
else:
S[m] = [module_name]
#
for method in sorted(S.keys()):
print(method + ":\t" + ", ".join(S[method]))
@cli.command()
@click.argument("method", nargs=1)
@click.argument("module", nargs=1)
@click.argument("src_filenames", nargs=-1)
def refactor(method, module, src_filenames):
"""Replace call context.method
by module.method
in all given source filenames
"""
backup = tempfile.mkdtemp(dir="/tmp")
for sourcefilename in src_filenames:
print("reading %s" % sourcefilename)
source = open(sourcefilename).read()
source2 = source.replace("context." + method, module + "." + method)
shutil.move(sourcefilename, backup)
open(sourcefilename, "w").write(source2)
print("Done.\noriginal files saved in %s\n" % backup)
if __name__ == "__main__":
try:
cli(obj={})
except SystemExit as e:
if e.code != 0:
raise