fiche_etud: restreint l'accès aux annotations à la permission ViewEtudData
This commit is contained in:
parent
6cbeeedb1c
commit
d7f3376103
@ -327,34 +327,10 @@ def fiche_etud(etudid=None):
|
|||||||
info["link_inscrire_ailleurs"] = ""
|
info["link_inscrire_ailleurs"] = ""
|
||||||
|
|
||||||
# Liste des annotations
|
# Liste des annotations
|
||||||
annotations_list = []
|
html_annotations_list = "\n".join(
|
||||||
annotations = EtudAnnotation.query.filter_by(etudid=etud.id).order_by(
|
[] if restrict_etud_data else get_html_annotations_list(etud)
|
||||||
sa.desc(EtudAnnotation.date)
|
|
||||||
)
|
)
|
||||||
for annot in annotations:
|
|
||||||
del_link = (
|
|
||||||
f"""<td class="annodel"><a href="{
|
|
||||||
url_for("scolar.doSuppressAnnotation",
|
|
||||||
scodoc_dept=g.scodoc_dept, etudid=etudid, annotation_id=annot.id)}">{
|
|
||||||
scu.icontag(
|
|
||||||
"delete_img",
|
|
||||||
border="0",
|
|
||||||
alt="suppress",
|
|
||||||
title="Supprimer cette annotation",
|
|
||||||
)
|
|
||||||
}</a></td>"""
|
|
||||||
if sco_permissions_check.can_suppress_annotation(annot.id)
|
|
||||||
else ""
|
|
||||||
)
|
|
||||||
|
|
||||||
author = User.query.filter_by(user_name=annot.author).first()
|
|
||||||
annotations_list.append(
|
|
||||||
f"""<tr><td><span class="annodate">Le {annot.date.strftime("%d/%m/%Y") if annot.date else "?"}
|
|
||||||
par {author.get_prenomnom() if author else "?"} :
|
|
||||||
</span><span class="annoc">{annot.comment or ""}</span></td>{del_link}</tr>
|
|
||||||
"""
|
|
||||||
)
|
|
||||||
info["liste_annotations"] = "\n".join(annotations_list)
|
|
||||||
# fiche admission
|
# fiche admission
|
||||||
infos_admission = _infos_admission(etud, restrict_etud_data)
|
infos_admission = _infos_admission(etud, restrict_etud_data)
|
||||||
has_adm_notes = any(
|
has_adm_notes = any(
|
||||||
@ -442,11 +418,7 @@ def fiche_etud(etudid=None):
|
|||||||
</div>"""
|
</div>"""
|
||||||
else:
|
else:
|
||||||
info["debouche_html"] = "" # pas de boite "devenir"
|
info["debouche_html"] = "" # pas de boite "devenir"
|
||||||
#
|
|
||||||
if info["liste_annotations"]:
|
|
||||||
info["tit_anno"] = '<div class="fichetitre">Annotations</div>'
|
|
||||||
else:
|
|
||||||
info["tit_anno"] = ""
|
|
||||||
# Inscriptions
|
# Inscriptions
|
||||||
info[
|
info[
|
||||||
"inscriptions_mkup"
|
"inscriptions_mkup"
|
||||||
@ -517,7 +489,9 @@ def fiche_etud(etudid=None):
|
|||||||
)
|
)
|
||||||
|
|
||||||
info_naissance = (
|
info_naissance = (
|
||||||
f"""<tr><td class="fichetitre2">Né{etud.e} le :</td><td>{info["info_naissance"]}</td></tr>"""
|
f"""<tr><td class="fichetitre2">Né{etud.e} le :</td>
|
||||||
|
<td>{info["info_naissance"]}</td></tr>
|
||||||
|
"""
|
||||||
if info["info_naissance"]
|
if info["info_naissance"]
|
||||||
else ""
|
else ""
|
||||||
)
|
)
|
||||||
@ -538,6 +512,35 @@ def fiche_etud(etudid=None):
|
|||||||
"""
|
"""
|
||||||
)
|
)
|
||||||
|
|
||||||
|
info["annotations_mkup"] = (
|
||||||
|
f"""
|
||||||
|
<div class="ficheannotations">
|
||||||
|
<div class="fichetitre">Annotations</div>
|
||||||
|
<table id="etudannotations">{html_annotations_list}</table>
|
||||||
|
|
||||||
|
<form action="doAddAnnotation" method="GET" class="noprint">
|
||||||
|
<input type="hidden" name="etudid" value="{etudid}">
|
||||||
|
<b>Ajouter une annotation sur {etud.nomprenom}: </b>
|
||||||
|
<div>
|
||||||
|
<textarea name="comment" rows="4" cols="50" value=""></textarea>
|
||||||
|
<div style="font-size: small; font-style: italic;">
|
||||||
|
<div>Ces annotations sont lisibles par tous les utilisateurs ayant la permission
|
||||||
|
<tt>ViewEtudData</tt> dans ce département (souvent les enseignants et le
|
||||||
|
secrétariat).
|
||||||
|
</div>
|
||||||
|
<div>L'annotation commençant par "PE:" est un avis de poursuite d'études.</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<input type="hidden" name="author" width=12 value="{current_user}">
|
||||||
|
<input type="submit" value="Ajouter annotation">
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
"""
|
||||||
|
if not restrict_etud_data
|
||||||
|
else ""
|
||||||
|
)
|
||||||
|
|
||||||
tmpl = (
|
tmpl = (
|
||||||
"""<div class="menus_etud">%(menus_etud)s</div>
|
"""<div class="menus_etud">%(menus_etud)s</div>
|
||||||
<div class="fiche_etud" id="fiche_etud"><table>
|
<div class="fiche_etud" id="fiche_etud"><table>
|
||||||
@ -564,27 +567,7 @@ def fiche_etud(etudid=None):
|
|||||||
|
|
||||||
%(debouche_html)s
|
%(debouche_html)s
|
||||||
|
|
||||||
<div class="ficheannotations">
|
%(annotations_mkup)s
|
||||||
%(tit_anno)s
|
|
||||||
<table id="etudannotations">%(liste_annotations)s</table>
|
|
||||||
|
|
||||||
<form action="doAddAnnotation" method="GET" class="noprint">
|
|
||||||
<input type="hidden" name="etudid" value="%(etudid)s">
|
|
||||||
<b>Ajouter une annotation sur %(nomprenom)s: </b>
|
|
||||||
<table><tr>
|
|
||||||
<tr><td><textarea name="comment" rows="4" cols="50" value=""></textarea>
|
|
||||||
<br><font size=-1>
|
|
||||||
<i>Ces annotations sont lisibles par tous les enseignants et le secrétariat.</i>
|
|
||||||
<br>
|
|
||||||
<i>L'annotation commençant par "PE:" est un avis de poursuite d'études.</i>
|
|
||||||
</font>
|
|
||||||
</td></tr>
|
|
||||||
<tr><td>
|
|
||||||
<input type="hidden" name="author" width=12 value="%(authuser)s">
|
|
||||||
<input type="submit" value="Ajouter annotation"></td></tr>
|
|
||||||
</table>
|
|
||||||
</form>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="code_nip">code NIP: %(code_nip)s</div>
|
<div class="code_nip">code NIP: %(code_nip)s</div>
|
||||||
|
|
||||||
@ -613,31 +596,41 @@ def fiche_etud(etudid=None):
|
|||||||
def _format_adresse(adresse: Adresse | None) -> dict:
|
def _format_adresse(adresse: Adresse | None) -> dict:
|
||||||
"""{ "telephonestr" : ..., "telephonemobilestr" : ... } (formats html)"""
|
"""{ "telephonestr" : ..., "telephonemobilestr" : ... } (formats html)"""
|
||||||
d = {
|
d = {
|
||||||
"telephonestr": ("<b>Tél.:</b> " + scu.format_telephone(adresse.telephone))
|
"telephonestr": (
|
||||||
if (adresse and adresse.telephone)
|
("<b>Tél.:</b> " + scu.format_telephone(adresse.telephone))
|
||||||
else "",
|
if (adresse and adresse.telephone)
|
||||||
|
else ""
|
||||||
|
),
|
||||||
"telephonemobilestr": (
|
"telephonemobilestr": (
|
||||||
"<b>Mobile:</b> " + scu.format_telephone(adresse.telephonemobile)
|
("<b>Mobile:</b> " + scu.format_telephone(adresse.telephonemobile))
|
||||||
)
|
if (adresse and adresse.telephonemobile)
|
||||||
if (adresse and adresse.telephonemobile)
|
else ""
|
||||||
else "",
|
),
|
||||||
# e-mail:
|
# e-mail:
|
||||||
"email_link": ", ".join(
|
"email_link": (
|
||||||
[
|
", ".join(
|
||||||
f"""<a class="stdlink" href="mailto:{m}">{m}</a>"""
|
[
|
||||||
for m in [adresse.email, adresse.emailperso]
|
f"""<a class="stdlink" href="mailto:{m}">{m}</a>"""
|
||||||
if m
|
for m in [adresse.email, adresse.emailperso]
|
||||||
]
|
if m
|
||||||
)
|
]
|
||||||
if adresse and (adresse.email or adresse.emailperso)
|
)
|
||||||
else "",
|
if adresse and (adresse.email or adresse.emailperso)
|
||||||
"domicile": (adresse.domicile or "")
|
else ""
|
||||||
if adresse
|
),
|
||||||
and (adresse.domicile or adresse.codepostaldomicile or adresse.villedomicile)
|
"domicile": (
|
||||||
else "<em>inconnue</em>",
|
(adresse.domicile or "")
|
||||||
"paysdomicile": f"{sco_etud.format_pays(adresse.paysdomicile)}"
|
if adresse
|
||||||
if adresse and adresse.paysdomicile
|
and (
|
||||||
else "",
|
adresse.domicile or adresse.codepostaldomicile or adresse.villedomicile
|
||||||
|
)
|
||||||
|
else "<em>inconnue</em>"
|
||||||
|
),
|
||||||
|
"paysdomicile": (
|
||||||
|
f"{sco_etud.format_pays(adresse.paysdomicile)}"
|
||||||
|
if adresse and adresse.paysdomicile
|
||||||
|
else ""
|
||||||
|
),
|
||||||
}
|
}
|
||||||
d["telephones"] = (
|
d["telephones"] = (
|
||||||
f"<br>{d['telephonestr']} {d['telephonemobilestr']}"
|
f"<br>{d['telephonestr']} {d['telephonemobilestr']}"
|
||||||
@ -680,15 +673,15 @@ def _infos_admission(etud: Identite, restrict_etud_data: bool) -> dict:
|
|||||||
"info_lycee": info_lycee,
|
"info_lycee": info_lycee,
|
||||||
"rapporteur": etud.admission.rapporteur if not restrict_etud_data else "",
|
"rapporteur": etud.admission.rapporteur if not restrict_etud_data else "",
|
||||||
"rap": rap,
|
"rap": rap,
|
||||||
"commentaire": (etud.admission.commentaire or "")
|
"commentaire": (
|
||||||
if not restrict_etud_data
|
(etud.admission.commentaire or "") if not restrict_etud_data else ""
|
||||||
else "",
|
),
|
||||||
"classement": (etud.admission.classement or "")
|
"classement": (
|
||||||
if not restrict_etud_data
|
(etud.admission.classement or "") if not restrict_etud_data else ""
|
||||||
else "",
|
),
|
||||||
"type_admission": (etud.admission.type_admission or "")
|
"type_admission": (
|
||||||
if not restrict_etud_data
|
(etud.admission.type_admission or "") if not restrict_etud_data else ""
|
||||||
else "",
|
),
|
||||||
"math": (etud.admission.math or "") if not restrict_etud_data else "",
|
"math": (etud.admission.math or "") if not restrict_etud_data else "",
|
||||||
"physique": (etud.admission.physique or "") if not restrict_etud_data else "",
|
"physique": (etud.admission.physique or "") if not restrict_etud_data else "",
|
||||||
"anglais": (etud.admission.anglais or "") if not restrict_etud_data else "",
|
"anglais": (etud.admission.anglais or "") if not restrict_etud_data else "",
|
||||||
@ -696,6 +689,39 @@ def _infos_admission(etud: Identite, restrict_etud_data: bool) -> dict:
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
def get_html_annotations_list(etud: Identite) -> list[str]:
|
||||||
|
"""Liste de chaînes html décrivant les annotations."""
|
||||||
|
html_annotations_list = []
|
||||||
|
annotations = EtudAnnotation.query.filter_by(etudid=etud.id).order_by(
|
||||||
|
sa.desc(EtudAnnotation.date)
|
||||||
|
)
|
||||||
|
for annot in annotations:
|
||||||
|
del_link = (
|
||||||
|
f"""<td class="annodel"><a href="{
|
||||||
|
url_for("scolar.doSuppressAnnotation",
|
||||||
|
scodoc_dept=g.scodoc_dept, etudid=etud.id, annotation_id=annot.id)}">{
|
||||||
|
scu.icontag(
|
||||||
|
"delete_img",
|
||||||
|
border="0",
|
||||||
|
alt="suppress",
|
||||||
|
title="Supprimer cette annotation",
|
||||||
|
)
|
||||||
|
}</a></td>"""
|
||||||
|
if sco_permissions_check.can_suppress_annotation(annot.id)
|
||||||
|
else ""
|
||||||
|
)
|
||||||
|
|
||||||
|
author = User.query.filter_by(user_name=annot.author).first()
|
||||||
|
html_annotations_list.append(
|
||||||
|
f"""<tr><td><span class="annodate">Le {
|
||||||
|
annot.date.strftime("%d/%m/%Y") if annot.date else "?"}
|
||||||
|
par {author.get_prenomnom() if author else "?"} :
|
||||||
|
</span><span class="annoc">{annot.comment or ""}</span></td>{del_link}</tr>
|
||||||
|
"""
|
||||||
|
)
|
||||||
|
return html_annotations_list
|
||||||
|
|
||||||
|
|
||||||
def menus_etud(etudid):
|
def menus_etud(etudid):
|
||||||
"""Menu etudiant (operations sur l'etudiant)"""
|
"""Menu etudiant (operations sur l'etudiant)"""
|
||||||
authuser = current_user
|
authuser = current_user
|
||||||
|
Loading…
Reference in New Issue
Block a user