début implémentation gestion utilisateurs
This commit is contained in:
parent
769671b0d4
commit
f991ffdca5
39
README.md
39
README.md
@ -51,9 +51,11 @@ Puis d'installer Flask comme suit:
|
||||
|
||||
Installation:
|
||||
|
||||
apt-get install libcrack2-dev
|
||||
pip install flask
|
||||
# et pas mal d'autres paquets
|
||||
|
||||
|
||||
donc utiliser:
|
||||
|
||||
pip install -r requirements.txt
|
||||
@ -62,6 +64,43 @@ pour régénerer ce fichier:
|
||||
|
||||
pip freeze > requirements.txt
|
||||
|
||||
## Bases de données
|
||||
ScoDoc8 utilise les bases de département de ScoDoc7, mais une nouvelle base
|
||||
utilisateurs nommée `SCO8USERS` (au lieu de `SCOUSERS`), qui est manipulée
|
||||
via `sqlalchemy`.
|
||||
|
||||
### Configuration de la base utilisateurs
|
||||
|
||||
On va créer une base nommée `SCO8USERS`, appartenant à l'utilisateur (aka role) postgres `scodoc`.
|
||||
Cet utilisateur sera créé ainsi sur le serveur linux::
|
||||
|
||||
su - postgres
|
||||
createuser --no-createdb --no-createrole --pwprompt scodoc
|
||||
|
||||
Puis création de la base (en tant qu'utilisateur `postgres`):
|
||||
|
||||
createdb -O scodoc SCO8USERS
|
||||
|
||||
### Initialisation base par flask
|
||||
|
||||
En tant qu'utilisateur `www-data` (compat. avec ScoDoc7):
|
||||
|
||||
flask db init
|
||||
flask db migrate -m "users and roles tables"
|
||||
flask db upgrade
|
||||
|
||||
Puis initialisation de l'appli:
|
||||
|
||||
flask user-db-init
|
||||
|
||||
On peut ensuite créer des utilisateurs tests avec:
|
||||
|
||||
flask user-create toto Ens RT
|
||||
flask user-create tata Ens RT
|
||||
flask user-create tutu Ens Info
|
||||
flask user-create titi Secr RT
|
||||
|
||||
|
||||
### Bidouilles temporaires
|
||||
|
||||
Installer le bon vieux `pyExcelerator` dans l'environnement:
|
||||
|
@ -68,12 +68,15 @@ def create_app(config_class=Config):
|
||||
|
||||
from app.views import scolar_bp
|
||||
from app.views import notes_bp
|
||||
from app.views import users_bp
|
||||
from app.views import absences_bp
|
||||
|
||||
# https://scodoc.fr/ScoDoc/RT/Scolarite/...
|
||||
app.register_blueprint(scolar_bp, url_prefix="/ScoDoc/<scodoc_dept>/Scolarite")
|
||||
# https://scodoc.fr/ScoDoc/RT/Scolarite/Notes/...
|
||||
app.register_blueprint(notes_bp, url_prefix="/ScoDoc/<scodoc_dept>/Scolarite/Notes")
|
||||
# https://scodoc.fr/ScoDoc/RT/Scolarite/Users/...
|
||||
app.register_blueprint(users_bp, url_prefix="/ScoDoc/<scodoc_dept>/Scolarite/Users")
|
||||
# https://scodoc.fr/ScoDoc/RT/Scolarite/Absences/...
|
||||
app.register_blueprint(
|
||||
absences_bp, url_prefix="/ScoDoc/<scodoc_dept>/Scolarite/Absences"
|
||||
|
@ -16,14 +16,14 @@ _l = _
|
||||
|
||||
|
||||
class LoginForm(FlaskForm):
|
||||
username = StringField(_l("Username"), validators=[DataRequired()])
|
||||
user_name = StringField(_l("Username"), validators=[DataRequired()])
|
||||
password = PasswordField(_l("Password"), validators=[DataRequired()])
|
||||
remember_me = BooleanField(_l("Remember Me"))
|
||||
submit = SubmitField(_l("Sign In"))
|
||||
|
||||
|
||||
class UserCreationForm(FlaskForm):
|
||||
username = StringField(_l("Username"), validators=[DataRequired()])
|
||||
user_name = StringField(_l("Username"), validators=[DataRequired()])
|
||||
email = StringField(_l("Email"), validators=[DataRequired(), Email()])
|
||||
password = PasswordField(_l("Password"), validators=[DataRequired()])
|
||||
password2 = PasswordField(
|
||||
@ -31,10 +31,10 @@ class UserCreationForm(FlaskForm):
|
||||
)
|
||||
submit = SubmitField(_l("Register"))
|
||||
|
||||
def validate_username(self, username):
|
||||
user = User.query.filter_by(username=username.data).first()
|
||||
def validate_user_name(self, user_name):
|
||||
user = User.query.filter_by(user_name=user_name.data).first()
|
||||
if user is not None:
|
||||
raise ValidationError(_("Please use a different username."))
|
||||
raise ValidationError(_("Please use a different user_name."))
|
||||
|
||||
def validate_email(self, email):
|
||||
user = User.query.filter_by(email=email.data).first()
|
||||
|
@ -26,13 +26,23 @@ class User(UserMixin, db.Model):
|
||||
"""ScoDoc users, handled by Flask / SQLAlchemy"""
|
||||
|
||||
id = db.Column(db.Integer, primary_key=True)
|
||||
username = db.Column(db.String(64), index=True, unique=True)
|
||||
user_name = db.Column(db.String(64), index=True, unique=True)
|
||||
email = db.Column(db.String(120), index=True, unique=True)
|
||||
|
||||
nom = db.Column(db.String(64))
|
||||
prenom = db.Column(db.String(64))
|
||||
dept = db.Column(db.String(32), index=True)
|
||||
is_old = db.Column(db.Boolean, default=False, index=True)
|
||||
|
||||
password_hash = db.Column(db.String(128))
|
||||
about_me = db.Column(db.String(140))
|
||||
last_seen = db.Column(db.DateTime, default=datetime.utcnow)
|
||||
date_modif_passwd = db.Column(db.DateTime, default=datetime.utcnow)
|
||||
date_created = db.Column(db.DateTime, default=datetime.utcnow)
|
||||
date_expiration = db.Column(db.DateTime, default=None)
|
||||
passwd_temp = db.Column(db.Boolean, default=False)
|
||||
token = db.Column(db.String(32), index=True, unique=True)
|
||||
token_expiration = db.Column(db.DateTime)
|
||||
|
||||
roles = db.relationship("Role", secondary="user_role", viewonly=True)
|
||||
Permission = Permission
|
||||
|
||||
@ -52,10 +62,10 @@ class User(UserMixin, db.Model):
|
||||
current_app.logger.info("creating user with roles={}".format(self.roles))
|
||||
|
||||
def __repr__(self):
|
||||
return "<User {}>".format(self.username)
|
||||
return "<User {u.user_name} id={u.id} dept={u.dept}>".format(u=self)
|
||||
|
||||
def __str__(self):
|
||||
return self.username
|
||||
return self.user_name
|
||||
|
||||
def set_password(self, password):
|
||||
"Set password"
|
||||
@ -91,17 +101,32 @@ class User(UserMixin, db.Model):
|
||||
|
||||
def to_dict(self, include_email=False):
|
||||
data = {
|
||||
"date_expiration": self.date_expiration.isoformat() + "Z"
|
||||
if self.date_expiration
|
||||
else None,
|
||||
"date_modif_passwd": self.date_modif_passwd.isoformat() + "Z"
|
||||
if self.date_modif_passwd
|
||||
else None,
|
||||
"date_created": self.date_created.isoformat() + "Z"
|
||||
if self.date_created
|
||||
else None,
|
||||
"dept": self.dept,
|
||||
"id": self.id,
|
||||
"username": self.username,
|
||||
"is_old": self.is_old,
|
||||
"status_txt": "(ancien)" if self.is_old else "",
|
||||
"last_seen": self.last_seen.isoformat() + "Z",
|
||||
"about_me": self.about_me,
|
||||
"nom": self.nom,
|
||||
"prenom": self.prenom,
|
||||
"roles": self.roles,
|
||||
"roles_string": self.get_roles_string(),
|
||||
"user_name": self.user_name,
|
||||
}
|
||||
if include_email:
|
||||
data["email"] = self.email
|
||||
return data
|
||||
|
||||
def from_dict(self, data, new_user=False):
|
||||
for field in ["username", "email", "about_me"]:
|
||||
for field in ["user_name", "non", "prenom", "dept", "status", "email"]:
|
||||
if field in data:
|
||||
setattr(self, field, data[field])
|
||||
if new_user and "password" in data:
|
||||
@ -169,6 +194,12 @@ class User(UserMixin, db.Model):
|
||||
for role in self.roles:
|
||||
yield role
|
||||
|
||||
def get_roles_string(self):
|
||||
"""string repr. of user's roles (with depts)
|
||||
e.g. "EnsRT, EnsInfo, SecrCJ"
|
||||
"""
|
||||
return ", ".join("{r.role.name}{r.dept}".format(r=r) for r in self.user_roles)
|
||||
|
||||
def is_administrator(self):
|
||||
return self.has_permission(Permission.ScoSuperAdmin, None)
|
||||
|
||||
|
@ -15,9 +15,11 @@ from app.auth.forms import (
|
||||
ResetPasswordRequestForm,
|
||||
ResetPasswordForm,
|
||||
)
|
||||
from app.auth.models import Permission
|
||||
from app.auth.models import User
|
||||
from app.auth.email import send_password_reset_email
|
||||
from app.decorators import scodoc7func, admin_required
|
||||
from app.decorators import admin_required
|
||||
|
||||
|
||||
_ = lambda x: x # sans babel
|
||||
_l = _
|
||||
@ -29,9 +31,9 @@ def login():
|
||||
return redirect(url_for("main.index"))
|
||||
form = LoginForm()
|
||||
if form.validate_on_submit():
|
||||
user = User.query.filter_by(username=form.username.data).first()
|
||||
user = User.query.filter_by(user_name=form.user_name.data).first()
|
||||
if user is None or not user.check_password(form.password.data):
|
||||
flash(_("Invalid username or password"))
|
||||
flash(_("Invalid user_name or password"))
|
||||
return redirect(url_for("auth.login"))
|
||||
login_user(user, remember=form.remember_me.data)
|
||||
next_page = request.args.get("next")
|
||||
@ -53,11 +55,11 @@ def create_user():
|
||||
"Form creating new user"
|
||||
form = UserCreationForm()
|
||||
if form.validate_on_submit():
|
||||
user = User(username=form.username.data, email=form.email.data)
|
||||
user = User(user_name=form.user_name.data, email=form.email.data)
|
||||
user.set_password(form.password.data)
|
||||
db.session.add(user)
|
||||
db.session.commit()
|
||||
flash("User {} created".format(user.username))
|
||||
flash("User {} created".format(user.user_name))
|
||||
return redirect(url_for("main.index"))
|
||||
return render_template(
|
||||
"auth/register.html", title=u"Création utilisateur", form=form
|
||||
|
@ -26,7 +26,7 @@ class ZUser(object):
|
||||
|
||||
def __init__(self):
|
||||
"create, based on `flask_login.current_user`"
|
||||
self.username = current_user.username
|
||||
self.username = current_user.user_name
|
||||
|
||||
def __str__(self):
|
||||
return self.username
|
||||
|
@ -27,6 +27,9 @@
|
||||
|
||||
"""Page accueil département (liste des semestres, etc)
|
||||
"""
|
||||
|
||||
from flask import g
|
||||
|
||||
import app.scodoc.sco_utils as scu
|
||||
from app.scodoc.gen_tables import GenTable
|
||||
from app.scodoc.sco_permissions import Permission
|
||||
@ -37,6 +40,7 @@ from app.scodoc import sco_modalites
|
||||
from app.scodoc import sco_news
|
||||
from app.scodoc import sco_preferences
|
||||
from app.scodoc import sco_up_to_date
|
||||
from app.scodoc import sco_users
|
||||
|
||||
|
||||
def index_html(context, REQUEST=None, showcodes=0, showsemtable=0):
|
||||
@ -90,7 +94,7 @@ def index_html(context, REQUEST=None, showcodes=0, showsemtable=0):
|
||||
sem["groupicon"] = emptygroupicon
|
||||
|
||||
# S'il n'y a pas d'utilisateurs dans la base, affiche message
|
||||
if not context.Users.get_userlist():
|
||||
if not sco_users.get_user_list(dept=g.scodoc_dept):
|
||||
H.append(
|
||||
"""<h2>Aucun utilisateur défini !</h2><p>Pour définir des utilisateurs
|
||||
<a href="Users">passez par la page Utilisateurs</a>.
|
||||
|
@ -43,6 +43,7 @@ from app.scodoc import sco_compute_moy
|
||||
from app.scodoc import sco_edit_matiere
|
||||
from app.scodoc import sco_edit_module
|
||||
from app.scodoc import sco_edit_ue
|
||||
from app.scodoc import sco_etud
|
||||
from app.scodoc import sco_evaluations
|
||||
from app.scodoc import sco_formations
|
||||
from app.scodoc import sco_formsemestre
|
||||
@ -52,7 +53,7 @@ from app.scodoc import sco_parcours_dut
|
||||
from app.scodoc import sco_permissions_check
|
||||
from app.scodoc import sco_portal_apogee
|
||||
from app.scodoc import sco_preferences
|
||||
from app.scodoc import sco_etud
|
||||
from app.scodoc import sco_users
|
||||
|
||||
|
||||
def _default_sem_title(F):
|
||||
@ -139,7 +140,7 @@ def do_formsemestre_createwithmodules(context, REQUEST=None, edit=False):
|
||||
)
|
||||
|
||||
# Liste des enseignants avec forme pour affichage / saisie avec suggestion
|
||||
userlist = context.Users.get_userlist()
|
||||
userlist = [sco_users.user_info(u) for u in sco_users.get_user_list()]
|
||||
login2display = {} # user_name : forme pour affichage = "NOM Prenom (login)"
|
||||
for u in userlist:
|
||||
login2display[u["user_name"]] = u["nomplogin"]
|
||||
|
@ -3,6 +3,8 @@
|
||||
|
||||
"""Functions checking permissions for some common operations
|
||||
"""
|
||||
from flask import g
|
||||
from flask_login import current_user
|
||||
|
||||
import app.scodoc.notesdb as ndb
|
||||
from app.scodoc.sco_permissions import Permission
|
||||
@ -188,3 +190,26 @@ def can_change_groups(context, REQUEST, formsemestre_id):
|
||||
if uid in sem["responsables"]:
|
||||
return True
|
||||
return False
|
||||
|
||||
|
||||
def can_handle_passwd(user, allow_admindepts=False):
|
||||
"""True if the current user can see or change passwd info of user.
|
||||
If allow_admindepts, allow Admin from all depts (so they can view users from other depts
|
||||
and add roles to them).
|
||||
user is a User instance.
|
||||
"""
|
||||
if current_user.is_administrator():
|
||||
return True # super admin
|
||||
# Anyone can change his own passwd (or see his informations)
|
||||
if user.user_name == current_user.user_name:
|
||||
return True
|
||||
# If don't have permission in the current dept, abort
|
||||
if not current_user.has_permission(Permission.ScoUsersAdmin, g.scodoc_dept):
|
||||
return False
|
||||
# Now check that current_user can manage users from this departement
|
||||
if not current_user.dept:
|
||||
return True # if no dept, can access users from all depts !
|
||||
if (current_user.dept == user.dept) or allow_admindepts:
|
||||
return True
|
||||
else:
|
||||
return False
|
@ -28,12 +28,48 @@
|
||||
"""Fonctions sur les utilisateurs
|
||||
"""
|
||||
|
||||
# Anciennement dans ZScoUsers.py, séparé pour migration
|
||||
# Anciennement ZScoUsers.py, fonctions de gestion des données réécrite avec flask/SQLAlchemy
|
||||
|
||||
import string
|
||||
import re
|
||||
import time
|
||||
import md5
|
||||
import base64
|
||||
import jaxml
|
||||
|
||||
from flask import current_app, url_for, g
|
||||
from flask_login import current_user
|
||||
|
||||
import cracklib # pylint: disable=import-error
|
||||
|
||||
|
||||
from app.auth.models import Permission
|
||||
from app.auth.models import User
|
||||
|
||||
from app.scodoc import html_sco_header
|
||||
from app.scodoc import sco_cache
|
||||
from app.scodoc import sco_etud
|
||||
from app.scodoc import sco_excel
|
||||
from app.scodoc import sco_import_users
|
||||
from app.scodoc import sco_preferences
|
||||
from app.scodoc.gen_tables import GenTable
|
||||
from app.scodoc.notes_log import log
|
||||
from app.scodoc.sco_permissions_check import can_handle_passwd
|
||||
from app.scodoc.scolog import logdb
|
||||
from app.scodoc.sco_etud import format_prenom, format_nom
|
||||
from app.scodoc.TrivialFormulator import TrivialFormulator, tf_error_message
|
||||
import app.scodoc.notesdb as ndb
|
||||
import app.scodoc.sco_utils as scu
|
||||
|
||||
from app.scodoc.sco_exceptions import (
|
||||
AccessDenied,
|
||||
ScoException,
|
||||
ScoValueError,
|
||||
ScoInvalidDateError,
|
||||
ScoLockedFormError,
|
||||
ScoGenError,
|
||||
)
|
||||
|
||||
|
||||
def is_valid_password(cleartxt):
|
||||
"""Check password.
|
||||
@ -50,3 +86,170 @@ def is_valid_password(cleartxt):
|
||||
return True
|
||||
except ValueError:
|
||||
return False
|
||||
|
||||
|
||||
# ---------------
|
||||
|
||||
# ---------------
|
||||
# XXX TODO supprimer ndb.GetUsersDBConnexion
|
||||
|
||||
|
||||
def index_html(context, REQUEST, all_depts=False, with_olds=False, format="html"):
|
||||
"gestion utilisateurs..."
|
||||
all_depts = int(all_depts)
|
||||
with_olds = int(with_olds)
|
||||
|
||||
H = [html_sco_header.html_sem_header(context, REQUEST, "Gestion des utilisateurs")]
|
||||
H.append("<h2>Gestion des utilisateurs</h2>")
|
||||
|
||||
if current_user.has_permission(Permission.ScoUsersAdmin, g.scodoc_dept):
|
||||
H.append(
|
||||
'<p><a href="{}" class="stdlink">Ajouter un utilisateur</a>'.format(
|
||||
url_for("users.create_user_form", scodoc_dept=g.scodoc_dept).encode(
|
||||
scu.SCO_ENCODING
|
||||
) # sco8
|
||||
)
|
||||
)
|
||||
H.append(
|
||||
' <a href="{}" class="stdlink">Importer des utilisateurs</a></p>'.format(
|
||||
url_for("users.import_users_form", scodoc_dept=g.scodoc_dept).encode(
|
||||
scu.SCO_ENCODING
|
||||
) # sco8
|
||||
)
|
||||
)
|
||||
if all_depts:
|
||||
checked = "checked"
|
||||
else:
|
||||
checked = ""
|
||||
if with_olds:
|
||||
olds_checked = "checked"
|
||||
else:
|
||||
olds_checked = ""
|
||||
H.append(
|
||||
"""<p><form name="f" action="%s" method="get">
|
||||
<input type="checkbox" name="all_depts" value="1" onchange="document.f.submit();" %s>Tous les départements</input>
|
||||
<input type="checkbox" name="with_olds" value="1" onchange="document.f.submit();" %s>Avec anciens utilisateurs</input>
|
||||
</form></p>"""
|
||||
% (REQUEST.URL0, checked, olds_checked)
|
||||
)
|
||||
|
||||
L = list_users(
|
||||
context,
|
||||
g.scodoc_dept,
|
||||
all_depts=all_depts,
|
||||
with_olds=with_olds,
|
||||
format=format,
|
||||
REQUEST=REQUEST,
|
||||
with_links=current_user.has_permission(Permission.ScoUsersAdmin, g.scodoc_dept),
|
||||
)
|
||||
if format != "html":
|
||||
return L
|
||||
H.append(L)
|
||||
|
||||
F = html_sco_header.sco_footer(context, REQUEST)
|
||||
return "\n".join(H) + F
|
||||
|
||||
|
||||
def list_users(
|
||||
context,
|
||||
dept,
|
||||
all_depts=False, # tous les departements
|
||||
with_olds=False, # inclut les anciens utilisateurs (status "old")
|
||||
format="html",
|
||||
with_links=True,
|
||||
REQUEST=None,
|
||||
):
|
||||
"List users, returns a table in the specified format"
|
||||
if dept and not all_depts:
|
||||
users = get_user_list(dept=dept, with_olds=with_olds)
|
||||
comm = "dept. %s" % dept.encode(scu.SCO_ENCODING) # sco8
|
||||
else:
|
||||
r = get_user_list(with_olds=with_olds)
|
||||
comm = "tous"
|
||||
if with_olds:
|
||||
comm += ", avec anciens"
|
||||
comm = "(" + comm + ")"
|
||||
# -- Add some information and links:
|
||||
r = []
|
||||
for u in users:
|
||||
# Can current user modify this user ?
|
||||
can_modify = can_handle_passwd(u, allow_admindepts=True)
|
||||
|
||||
d = u.to_dict()
|
||||
r.append(d)
|
||||
# Add links
|
||||
if with_links and can_modify:
|
||||
target = url_for(
|
||||
"users.userinfo", scodoc_dept=g.scodoc_dept, user_name=u.user_name
|
||||
).encode(
|
||||
scu.SCO_ENCODING
|
||||
) # sco8
|
||||
d["_user_name_target"] = target
|
||||
d["_nom_target"] = target
|
||||
d["_prenom_target"] = target
|
||||
|
||||
# Hide passwd modification date (depending on visitor's permission)
|
||||
if not can_modify:
|
||||
d["date_modif_passwd"] = "(non visible)"
|
||||
|
||||
title = "Utilisateurs définis dans ScoDoc"
|
||||
tab = GenTable(
|
||||
rows=r,
|
||||
columns_ids=(
|
||||
"user_name",
|
||||
"nom_fmt",
|
||||
"prenom_fmt",
|
||||
"email",
|
||||
"dept",
|
||||
"roles_string",
|
||||
"date_expiration",
|
||||
"date_modif_passwd",
|
||||
"passwd_temp",
|
||||
"status_txt",
|
||||
),
|
||||
titles={
|
||||
"user_name": "Login",
|
||||
"nom_fmt": "Nom",
|
||||
"prenom_fmt": "Prénom",
|
||||
"email": "Mail",
|
||||
"dept": "Dept.",
|
||||
"roles": "Rôles",
|
||||
"date_expiration": "Expiration",
|
||||
"date_modif_passwd": "Modif. mot de passe",
|
||||
"passwd_temp": "Temp.",
|
||||
"status_txt": "Etat",
|
||||
},
|
||||
caption=title,
|
||||
page_title="title",
|
||||
html_title="""<h2>%d utilisateurs %s</h2>
|
||||
<p class="help">Cliquer sur un nom pour changer son mot de passe</p>"""
|
||||
% (len(r), comm),
|
||||
html_class="table_leftalign list_users",
|
||||
html_with_td_classes=True,
|
||||
html_sortable=True,
|
||||
base_url="%s?all=%s" % (REQUEST.URL0, all),
|
||||
pdf_link=False, # table is too wide to fit in a paper page => disable pdf
|
||||
preferences=sco_preferences.SemPreferences(context),
|
||||
)
|
||||
|
||||
return tab.make_page(
|
||||
context, format=format, with_html_headers=False, REQUEST=REQUEST
|
||||
)
|
||||
|
||||
|
||||
def get_user_list(dept=None, with_olds=False):
|
||||
"""Returns list of users.
|
||||
If dept, select users from this dept,
|
||||
else return all users.
|
||||
"""
|
||||
# was get_userlist
|
||||
q = User.query
|
||||
if dept is not None:
|
||||
q = q.filter_by(dept=dept)
|
||||
if not with_olds:
|
||||
q = q.filter_by(is_old=False)
|
||||
return q.all()
|
||||
|
||||
|
||||
# def get_user_infos(user_list):
|
||||
# return [ user_info(u) for u in user_list ]
|
||||
|
@ -26,7 +26,7 @@
|
||||
{% if current_user.is_anonymous %}
|
||||
<li><a href="{{ url_for('auth.login') }}">Login</a></li>
|
||||
{% else %}
|
||||
<li>{{current_user.username}}</li>
|
||||
<li>{{current_user.user_name}}</li>
|
||||
<li><a href="{{ url_for('auth.logout') }}">Logout</a></li>
|
||||
{% endif %}
|
||||
</ul>
|
||||
|
@ -1,4 +1,4 @@
|
||||
<p>Bonjour {{ user.username }},</p>
|
||||
<p>Bonjour {{ user.user_name }},</p>
|
||||
<p>
|
||||
Pour réinitialiser votre mot de passe ScoDoc,
|
||||
<a href="{{ url_for('auth.reset_password', token=token, _external=True) }}">
|
||||
|
@ -1,4 +1,4 @@
|
||||
Bonjour {{ user.username }},
|
||||
Bonjour {{ user.user_name }},
|
||||
|
||||
Pour réinitialiser votre mot de passe ScoDoc, suivre le lien:
|
||||
|
||||
|
@ -5,9 +5,10 @@ from flask import Blueprint
|
||||
|
||||
scolar_bp = Blueprint("scolar", __name__)
|
||||
notes_bp = Blueprint("notes", __name__)
|
||||
users_bp = Blueprint("users", __name__)
|
||||
absences_bp = Blueprint("absences", __name__)
|
||||
essais_bp = Blueprint("essais", __name__)
|
||||
|
||||
from app.views import notes, scolar, absences, essais
|
||||
from app.views import notes, scolar, absences, users, essais
|
||||
|
||||
scolar.context.Notes = notes.context # XXX transitoire #sco8
|
||||
|
@ -123,6 +123,7 @@ from app.scodoc import sco_synchro_etuds
|
||||
from app.scodoc import sco_tag_module
|
||||
from app.scodoc import sco_ue_external
|
||||
from app.scodoc import sco_undo_notes
|
||||
from app.scodoc import sco_users
|
||||
from app.scodoc.gen_tables import GenTable
|
||||
from app.scodoc.sco_pdf import PDFLOCK
|
||||
from app.scodoc.sco_permissions import Permission
|
||||
@ -712,7 +713,7 @@ def edit_enseignants_form(context, REQUEST, moduleimpl_id):
|
||||
footer = html_sco_header.sco_footer(context, REQUEST)
|
||||
|
||||
# Liste des enseignants avec forme pour affichage / saisie avec suggestion
|
||||
userlist = context.Users.get_userlist()
|
||||
userlist = sco_users.get_user_list()
|
||||
login2display = {} # user_name : forme pour affichage = "NOM Prenom (login)"
|
||||
for u in userlist:
|
||||
login2display[u["user_name"]] = u["nomplogin"]
|
||||
@ -821,9 +822,9 @@ def edit_moduleimpl_resp(context, REQUEST, moduleimpl_id):
|
||||
bodyOnLoad="init_tf_form('')",
|
||||
)
|
||||
]
|
||||
help = """<p class="help">Taper le début du nom de l'enseignant.</p>"""
|
||||
help_str = """<p class="help">Taper le début du nom de l'enseignant.</p>"""
|
||||
# Liste des enseignants avec forme pour affichage / saisie avec suggestion
|
||||
userlist = context.Users.get_userlist()
|
||||
userlist = [sco_users.user_info(u) for u in sco_users.get_user_list()]
|
||||
login2display = {} # user_name : forme pour affichage = "NOM Prenom (login)"
|
||||
for u in userlist:
|
||||
login2display[u["user_name"]] = u["nomplogin"]
|
||||
@ -863,7 +864,10 @@ def edit_moduleimpl_resp(context, REQUEST, moduleimpl_id):
|
||||
)
|
||||
if tf[0] == 0:
|
||||
return (
|
||||
"\n".join(H) + tf[1] + help + html_sco_header.sco_footer(context, REQUEST)
|
||||
"\n".join(H)
|
||||
+ tf[1]
|
||||
+ help_str
|
||||
+ html_sco_header.sco_footer(context, REQUEST)
|
||||
)
|
||||
elif tf[0] == -1:
|
||||
return REQUEST.RESPONSE.redirect(
|
||||
|
85
app/views/users.py
Normal file
85
app/views/users.py
Normal file
@ -0,0 +1,85 @@
|
||||
# -*- mode: python -*-
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
##############################################################################
|
||||
#
|
||||
# ScoDoc
|
||||
#
|
||||
# Copyright (c) 1999 - 2021 Emmanuel Viennet. All rights reserved.
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
#
|
||||
# Emmanuel Viennet emmanuel.viennet@viennet.net
|
||||
#
|
||||
##############################################################################
|
||||
|
||||
"""
|
||||
Module users: interface gestion utilisateurs
|
||||
ré-écriture pour Flask ScoDoc7 / ZScoUsers.py
|
||||
|
||||
Vues s'appuyant sur auth et sco_users
|
||||
|
||||
Emmanuel Viennet, 2021
|
||||
"""
|
||||
|
||||
from flask import g
|
||||
from flask import current_app
|
||||
|
||||
from app.auth.models import Permission
|
||||
from app.auth.models import User
|
||||
from app.decorators import (
|
||||
scodoc7func,
|
||||
ScoDoc7Context,
|
||||
permission_required,
|
||||
admin_required,
|
||||
login_required,
|
||||
)
|
||||
|
||||
from app.scodoc import sco_users
|
||||
|
||||
from app.views import users_bp as bp
|
||||
|
||||
|
||||
context = ScoDoc7Context("users") # sco8
|
||||
|
||||
|
||||
# ------- Fonctions vraiment spécifiques à ScoDoc:
|
||||
@bp.route("/")
|
||||
@bp.route("/index_html")
|
||||
@permission_required(Permission.ScoUsersView)
|
||||
@scodoc7func(context)
|
||||
def index_html(context, REQUEST, all_depts=False, with_olds=False, format="html"):
|
||||
return sco_users.index_html(
|
||||
context,
|
||||
REQUEST=REQUEST,
|
||||
all_depts=all_depts,
|
||||
with_olds=with_olds,
|
||||
format=format,
|
||||
)
|
||||
|
||||
|
||||
@bp.route("/create_user_form")
|
||||
def create_user_form():
|
||||
raise NotImplementedError()
|
||||
|
||||
|
||||
@bp.route("/import_users_form")
|
||||
def import_users_form():
|
||||
raise NotImplementedError()
|
||||
|
||||
|
||||
@bp.route("/userinfo")
|
||||
def userinfo():
|
||||
raise NotImplementedError()
|
@ -8,7 +8,7 @@ Usage:
|
||||
check_zope_usage.py publishedmethods.csv string-constants.txt
|
||||
|
||||
publishedmethods.csv : fichier texte, module et un nom de méthode / ligne
|
||||
ZScoUsers get_userlist
|
||||
ZScoUsers get_user_list
|
||||
comme extrait par zopelistmethods.py
|
||||
|
||||
string-constants.txt : les constantes chaines, extraites par extract_code_strings.py
|
||||
|
@ -1,13 +1,18 @@
|
||||
alembic==1.5.5
|
||||
astroid==1.6.6
|
||||
attrdict==2.0.1
|
||||
Babel==2.9.0
|
||||
backports.functools-lru-cache==1.6.4
|
||||
blinker==1.4
|
||||
certifi==2021.5.30
|
||||
chardet==4.0.0
|
||||
click==7.1.2
|
||||
configparser==4.0.2
|
||||
cracklib==2.9.3
|
||||
dnspython==1.16.0
|
||||
dominate==2.6.0
|
||||
email-validator==1.1.2
|
||||
enum34==1.1.10
|
||||
Flask==1.1.4
|
||||
Flask-Babel==2.0.0
|
||||
Flask-Bootstrap==3.3.7.1
|
||||
@ -17,18 +22,23 @@ Flask-Migrate==2.7.0
|
||||
Flask-Moment==0.11.0
|
||||
Flask-SQLAlchemy==2.4.4
|
||||
Flask-WTF==0.14.3
|
||||
futures==3.3.0
|
||||
icalendar==4.0.7
|
||||
idna==2.10
|
||||
isort==4.3.21
|
||||
itsdangerous==1.1.0
|
||||
jaxml==3.2
|
||||
Jinja2==2.11.2
|
||||
lazy-object-proxy==1.6.0
|
||||
Mako==1.1.4
|
||||
MarkupSafe==1.1.1
|
||||
mccabe==0.6.1
|
||||
Pillow==6.2.2
|
||||
pkg-resources==0.0.0
|
||||
psycopg2==2.8.6
|
||||
pyExcelerator==0.6.3a0
|
||||
PyJWT==1.7.1
|
||||
pylint==1.9.5
|
||||
PyRSS2Gen==1.1
|
||||
python-dateutil==2.8.1
|
||||
python-dotenv==0.15.0
|
||||
@ -36,6 +46,7 @@ python-editor==1.0.4
|
||||
pytz==2021.1
|
||||
reportlab==3.5.59
|
||||
requests==2.25.1
|
||||
singledispatch==3.6.2
|
||||
six==1.15.0
|
||||
SQLAlchemy==1.3.23
|
||||
stripogram==1.5
|
||||
@ -43,4 +54,5 @@ typing==3.7.4.3
|
||||
urllib3==1.26.5
|
||||
visitor==0.1.3
|
||||
Werkzeug==1.0.1
|
||||
wrapt==1.12.1
|
||||
WTForms==2.3.3
|
||||
|
16
scodoc.py
16
scodoc.py
@ -52,14 +52,14 @@ def user_db_init():
|
||||
click.echo("created initial roles")
|
||||
# Ensure that admin exists
|
||||
if Config.SCODOC_ADMIN_MAIL:
|
||||
admin_username = Config.SCODOC_ADMIN_LOGIN
|
||||
user = User.query.filter_by(username=admin_username).first()
|
||||
admin_user_name = Config.SCODOC_ADMIN_LOGIN
|
||||
user = User.query.filter_by(user_name=admin_user_name).first()
|
||||
if not user:
|
||||
user = User(username=admin_username, email=Config.SCODOC_ADMIN_MAIL)
|
||||
user = User(user_name=admin_user_name, email=Config.SCODOC_ADMIN_MAIL)
|
||||
db.session.add(user)
|
||||
db.session.commit()
|
||||
click.echo(
|
||||
"created initial admin user, login: {u.username}, email: {u.email}".format(
|
||||
"created initial admin user, login: {u.user_name}, email: {u.email}".format(
|
||||
u=user
|
||||
)
|
||||
)
|
||||
@ -90,16 +90,16 @@ def user_create(username, role, dept):
|
||||
if not r:
|
||||
sys.stderr.write("user_create: role {r} does not exists".format(r=r))
|
||||
return 1
|
||||
u = User.query.filter_by(username=username).first()
|
||||
u = User.query.filter_by(user_name=username).first()
|
||||
if u:
|
||||
sys.stderr.write("user_create: user {u} already exists".format(u=u))
|
||||
return 2
|
||||
u = User(username=username)
|
||||
u = User(user_name=username, dept=dept)
|
||||
u.add_role(r, dept)
|
||||
db.session.add(u)
|
||||
db.session.commit()
|
||||
click.echo(
|
||||
"created user, login: {u.username}, with role {r} in dept. {dept}".format(
|
||||
"created user, login: {u.user_name}, with role {r} in dept. {dept}".format(
|
||||
u=u, r=r, dept=dept
|
||||
)
|
||||
)
|
||||
@ -113,7 +113,7 @@ def user_password(username, password=None):
|
||||
if not password:
|
||||
sys.stderr.write("user_password: missing password")
|
||||
return 1
|
||||
u = User.query.filter_by(username=username).first()
|
||||
u = User.query.filter_by(user_name=username).first()
|
||||
if not u:
|
||||
sys.stderr.write("user_password: user {} does not exists".format(username))
|
||||
return 1
|
||||
|
@ -98,5 +98,5 @@ class FakeUsers(object):
|
||||
"date_expiration": None,
|
||||
}
|
||||
|
||||
def get_userlist(self, dept=None, with_olds=False):
|
||||
def get_user_list(self, dept=None, with_olds=False):
|
||||
return [self.user_info()]
|
||||
|
@ -30,7 +30,7 @@ class UserModelCase(unittest.TestCase):
|
||||
db.drop_all()
|
||||
|
||||
def test_password_hashing(self):
|
||||
u = User(username="susan")
|
||||
u = User(user_name="susan")
|
||||
u.set_password("cat")
|
||||
self.assertFalse(u.check_password("dog"))
|
||||
self.assertTrue(u.check_password("cat"))
|
||||
@ -68,7 +68,7 @@ class UserModelCase(unittest.TestCase):
|
||||
dept = "XX"
|
||||
perm = Permission.ScoAbsChange
|
||||
perm2 = Permission.ScoView
|
||||
u = User(username="un enseignant")
|
||||
u = User(user_name="un enseignant")
|
||||
db.session.add(u)
|
||||
self.assertFalse(u.has_permission(perm, dept))
|
||||
r = Role.get_named_role("Ens")
|
||||
@ -76,7 +76,7 @@ class UserModelCase(unittest.TestCase):
|
||||
r = Role(name="Ens", permissions=perm)
|
||||
u.add_role(r, dept)
|
||||
self.assertTrue(u.has_permission(perm, dept))
|
||||
u = User(username="un autre")
|
||||
u = User(user_name="un autre")
|
||||
u.add_role(r, dept)
|
||||
db.session.add(u)
|
||||
db.session.commit()
|
||||
@ -86,7 +86,7 @@ class UserModelCase(unittest.TestCase):
|
||||
r2 = Role(name="Secr", dept=dept, permissions=perm2)
|
||||
u.add_roles([r, r2], dept)
|
||||
self.assertTrue(len(u.roles) == 2)
|
||||
u = User(username="encore un")
|
||||
u = User(user_name="encore un")
|
||||
db.session.add(u)
|
||||
db.session.commit()
|
||||
u.set_roles([r, r2], dept)
|
||||
@ -101,7 +101,7 @@ class UserModelCase(unittest.TestCase):
|
||||
def test_user_admin(self):
|
||||
dept = "XX"
|
||||
perm = 0x1234 # a random perm
|
||||
u = User(username="un admin", email=current_app.config["SCODOC_ADMIN_MAIL"])
|
||||
u = User(user_name="un admin", email=current_app.config["SCODOC_ADMIN_MAIL"])
|
||||
db.session.add(u)
|
||||
self.assertTrue(len(u.roles) == 1)
|
||||
self.assertTrue(u.has_permission(perm, dept))
|
||||
|
Loading…
x
Reference in New Issue
Block a user