Accès compatibles aux anciennes fonctions API ScoDoc 7
This commit is contained in:
parent
be224b9576
commit
9fd33cf658
@ -28,6 +28,16 @@
|
||||
"""API ScoDoc 9
|
||||
"""
|
||||
# PAS ENCORE IMPLEMENTEE, juste un essai
|
||||
# Pour P. Bouron, il faudrait en priorité l'équivalent de
|
||||
# Scolarite/Notes/do_moduleimpl_withmodule_list
|
||||
# Scolarite/Notes/evaluation_create
|
||||
# Scolarite/Notes/evaluation_delete
|
||||
# Scolarite/Notes/formation_list
|
||||
# Scolarite/Notes/formsemestre_list
|
||||
# Scolarite/Notes/formsemestre_partition_list
|
||||
# Scolarite/Notes/groups_view
|
||||
# Scolarite/Notes/moduleimpl_status
|
||||
# Scolarite/setGroups
|
||||
|
||||
from flask import jsonify, request, url_for, abort
|
||||
from app import db
|
||||
|
@ -16,8 +16,10 @@ from flask import request
|
||||
from flask_login import current_user
|
||||
from flask_login import login_required
|
||||
from flask import current_app
|
||||
import flask_login
|
||||
|
||||
import app
|
||||
from app.auth.models import User
|
||||
|
||||
|
||||
class ZUser(object):
|
||||
@ -141,6 +143,48 @@ def permission_required(permission):
|
||||
return decorator
|
||||
|
||||
|
||||
def permission_required_compat_scodoc7(permission):
|
||||
"""Décorateur pour les fonctions utilisée comme API dans ScoDoc 7
|
||||
Comme @permission_required mais autorise de passer directement
|
||||
les informations d'auth en paramètres:
|
||||
__ac_name, __ac_password
|
||||
"""
|
||||
|
||||
def decorator(f):
|
||||
@wraps(f)
|
||||
def decorated_function(*args, **kwargs):
|
||||
# current_app.logger.warning("PERMISSION; kwargs=%s" % str(kwargs))
|
||||
# cherche les paramètre d'auth:
|
||||
auth_ok = False
|
||||
if request.method == "GET":
|
||||
user_name = request.args.get("__ac_name")
|
||||
user_password = request.args.get("__ac_password")
|
||||
elif request.method == "POST":
|
||||
user_name = request.form.get("__ac_name")
|
||||
user_password = request.form.get("__ac_password")
|
||||
else:
|
||||
abort(405) # method not allowed
|
||||
if user_name and user_password:
|
||||
u = User.query.filter_by(user_name=user_name).first()
|
||||
if u and u.check_password(user_password):
|
||||
auth_ok = True
|
||||
flask_login.login_user(u)
|
||||
|
||||
# reprend le chemin classique:
|
||||
scodoc_dept = getattr(g, "scodoc_dept", None)
|
||||
|
||||
if not current_user.has_permission(permission, scodoc_dept):
|
||||
abort(403)
|
||||
if auth_ok:
|
||||
return f(*args, **kwargs)
|
||||
else:
|
||||
return login_required(f)(*args, **kwargs)
|
||||
|
||||
return decorated_function
|
||||
|
||||
return decorator
|
||||
|
||||
|
||||
def admin_required(f):
|
||||
from app.auth.models import Permission
|
||||
|
||||
|
@ -68,6 +68,7 @@ from app.decorators import (
|
||||
permission_required,
|
||||
admin_required,
|
||||
login_required,
|
||||
permission_required_compat_scodoc7,
|
||||
)
|
||||
|
||||
from app.views import absences_bp as bp
|
||||
@ -1236,7 +1237,7 @@ def listeBilletsEtud(etudid=False, REQUEST=None, format="html"):
|
||||
|
||||
@bp.route("/XMLgetBilletsEtud")
|
||||
@scodoc
|
||||
@permission_required(Permission.ScoView)
|
||||
@permission_required_compat_scodoc7(Permission.ScoView)
|
||||
@scodoc7func
|
||||
def XMLgetBilletsEtud(etudid=False, REQUEST=None):
|
||||
"""Liste billets pour un etudiant"""
|
||||
@ -1250,7 +1251,7 @@ def XMLgetBilletsEtud(etudid=False, REQUEST=None):
|
||||
|
||||
@bp.route("/listeBillets")
|
||||
@scodoc
|
||||
@permission_required(Permission.ScoView)
|
||||
@permission_required_compat_scodoc7(Permission.ScoView)
|
||||
@scodoc7func
|
||||
def listeBillets(REQUEST=None):
|
||||
"""Page liste des billets non traités et formulaire recherche d'un billet"""
|
||||
@ -1459,9 +1460,19 @@ def ProcessBilletAbsenceForm(billet_id, REQUEST=None):
|
||||
return "\n".join(H) + html_sco_header.sco_footer()
|
||||
|
||||
|
||||
# @bp.route("/essai_api7")
|
||||
# @scodoc
|
||||
# @permission_required_compat_scodoc7(Permission.ScoView)
|
||||
# @scodoc7func
|
||||
# def essai_api7(x="xxx"):
|
||||
# "un essai"
|
||||
# log("arfffffffffffffffffff")
|
||||
# return "OK OK x=" + str(x)
|
||||
|
||||
|
||||
@bp.route("/XMLgetAbsEtud")
|
||||
@scodoc
|
||||
@permission_required(Permission.ScoView)
|
||||
@permission_required_compat_scodoc7(Permission.ScoView)
|
||||
@scodoc7func
|
||||
def XMLgetAbsEtud(beg_date="", end_date="", REQUEST=None):
|
||||
"""returns list of absences in date interval"""
|
||||
|
@ -50,6 +50,7 @@ from app.decorators import (
|
||||
scodoc,
|
||||
scodoc7func,
|
||||
permission_required,
|
||||
permission_required_compat_scodoc7,
|
||||
admin_required,
|
||||
login_required,
|
||||
)
|
||||
@ -252,11 +253,34 @@ sco_publish(
|
||||
Permission.ScoChangeFormation,
|
||||
methods=["GET", "POST"],
|
||||
)
|
||||
sco_publish(
|
||||
"/formsemestre_bulletinetud",
|
||||
sco_bulletins.formsemestre_bulletinetud,
|
||||
Permission.ScoView,
|
||||
)
|
||||
|
||||
|
||||
@bp.route("formsemestre_bulletinetud")
|
||||
@scodoc
|
||||
@permission_required_compat_scodoc7(Permission.ScoView)
|
||||
@scodoc7func
|
||||
def formsemestre_bulletinetud(
|
||||
etudid=None,
|
||||
formsemestre_id=None,
|
||||
format="html",
|
||||
version="long",
|
||||
xml_with_decisions=False,
|
||||
force_publishing=False,
|
||||
prefer_mail_perso=False,
|
||||
REQUEST=None,
|
||||
):
|
||||
return sco_bulletins.formsemestre_bulletinetud(
|
||||
etudid=etudid,
|
||||
formsemestre_id=formsemestre_id,
|
||||
format=format,
|
||||
version=version,
|
||||
xml_with_decisions=xml_with_decisions,
|
||||
force_publishing=force_publishing,
|
||||
prefer_mail_perso=prefer_mail_perso,
|
||||
REQUEST=REQUEST,
|
||||
)
|
||||
|
||||
|
||||
sco_publish(
|
||||
"/formsemestre_evaluations_cal",
|
||||
sco_evaluations.formsemestre_evaluations_cal,
|
||||
@ -601,7 +625,7 @@ def formsemestre_list(
|
||||
|
||||
@bp.route("/XMLgetFormsemestres")
|
||||
@scodoc
|
||||
@permission_required(Permission.ScoView)
|
||||
@permission_required_compat_scodoc7(Permission.ScoView)
|
||||
@scodoc7func
|
||||
def XMLgetFormsemestres(etape_apo=None, formsemestre_id=None, REQUEST=None):
|
||||
"""List all formsemestres matching etape, XML format
|
||||
|
@ -30,6 +30,7 @@ Module main: page d'accueil, avec liste des départements
|
||||
|
||||
Emmanuel Viennet, 2021
|
||||
"""
|
||||
from app.auth.models import User
|
||||
import os
|
||||
|
||||
import flask
|
||||
@ -53,7 +54,11 @@ import sco_version
|
||||
from app.scodoc import sco_logos
|
||||
from app.scodoc import sco_find_etud
|
||||
from app.scodoc import sco_utils as scu
|
||||
from app.decorators import admin_required
|
||||
from app.decorators import (
|
||||
admin_required,
|
||||
scodoc7func,
|
||||
permission_required_compat_scodoc7,
|
||||
)
|
||||
from app.scodoc.sco_permissions import Permission
|
||||
from app.views import scodoc_bp as bp
|
||||
|
||||
@ -82,12 +87,12 @@ def table_etud_in_accessible_depts():
|
||||
return sco_find_etud.table_etud_in_accessible_depts(expnom=request.form["expnom"])
|
||||
|
||||
|
||||
# Fonction d'API accessible sans aucun authentification
|
||||
@bp.route("/ScoDoc/get_etud_dept")
|
||||
@login_required
|
||||
def get_etud_dept():
|
||||
"""Returns the dept acronym (eg "GEII") of an etud (identified by etudid,
|
||||
code_nip ou code_ine in the request).
|
||||
API: ramène la chaine brute, sans JSON ou XML.
|
||||
Ancienne API: ramène la chaine brute, texte sans JSON ou XML.
|
||||
"""
|
||||
if "etudid" in request.args:
|
||||
# zero ou une réponse:
|
||||
|
@ -52,6 +52,7 @@ from app.decorators import (
|
||||
scodoc,
|
||||
scodoc7func,
|
||||
permission_required,
|
||||
permission_required_compat_scodoc7,
|
||||
admin_required,
|
||||
login_required,
|
||||
)
|
||||
@ -402,7 +403,7 @@ def search_etud_by_name():
|
||||
@bp.route("/etud_info")
|
||||
@bp.route("/XMLgetEtudInfos")
|
||||
@scodoc
|
||||
@permission_required(Permission.ScoView)
|
||||
@permission_required_compat_scodoc7(Permission.ScoView)
|
||||
@scodoc7func
|
||||
def etud_info(etudid=None, format="xml", REQUEST=None):
|
||||
"Donne les informations sur un etudiant"
|
||||
|
@ -36,7 +36,7 @@ class ScoError(Exception):
|
||||
|
||||
def GET(s, path, errmsg=None):
|
||||
"""Get and returns as JSON"""
|
||||
r = s.get(BASEURL + "/" + path)
|
||||
r = s.get(BASEURL + "/" + path, verify=CHECK_CERTIFICATE)
|
||||
if r.status_code != 200:
|
||||
raise ScoError(errmsg or "erreur !")
|
||||
return r.json() # decode la reponse JSON
|
||||
@ -44,7 +44,7 @@ def GET(s, path, errmsg=None):
|
||||
|
||||
def POST(s, path, data, errmsg=None):
|
||||
"""Post"""
|
||||
r = s.post(BASEURL + "/" + path, data=data)
|
||||
r = s.post(BASEURL + "/" + path, data=data, verify=CHECK_CERTIFICATE)
|
||||
if r.status_code != 200:
|
||||
raise ScoError(errmsg or "erreur !")
|
||||
return r.text
|
||||
|
Loading…
x
Reference in New Issue
Block a user