1
0
forked from ScoDoc/ScoDoc

Remplace partout sco_permissions_check.can_change_groups() par FormSemestre.can_change_groups()

This commit is contained in:
Emmanuel Viennet 2023-09-02 22:19:35 +02:00
parent b2826c4838
commit 6f097bbb46
4 changed files with 54 additions and 67 deletions

View File

@ -73,7 +73,6 @@ from app.scodoc import sco_formsemestre
from app.scodoc import sco_formsemestre_inscriptions
from app.scodoc import sco_groups
from app.scodoc import sco_moduleimpl
from app.scodoc import sco_permissions_check
from app.scodoc import sco_preferences
from app.scodoc import sco_users
from app.scodoc.gen_tables import GenTable
@ -340,6 +339,7 @@ def formsemestre_status_menubar(formsemestre: FormSemestre) -> str:
},
]
can_change_groups = formsemestre.can_change_groups()
menu_groupes = [
{
"title": "Listes, photos, feuilles...",
@ -352,27 +352,20 @@ def formsemestre_status_menubar(formsemestre: FormSemestre) -> str:
"title": "Modifier groupes et partitions",
"endpoint": "scolar.partition_editor",
"args": {"formsemestre_id": formsemestre_id},
"enabled": sco_groups.sco_permissions_check.can_change_groups(
formsemestre_id
),
"enabled": can_change_groups,
"helpmsg": "Editeur de partitions",
},
{
"title": "Ancienne page édition partitions",
"endpoint": "scolar.edit_partition_form",
"args": {"formsemestre_id": formsemestre_id},
"enabled": sco_groups.sco_permissions_check.can_change_groups(
formsemestre_id
),
"enabled": can_change_groups,
},
]
# 1 item / partition:
partitions = sco_groups.get_partitions_list(formsemestre_id, with_default=False)
submenu = []
enabled = (
sco_groups.sco_permissions_check.can_change_groups(formsemestre_id)
and partitions
)
enabled = can_change_groups and partitions
for partition in partitions:
submenu.append(
{
@ -922,7 +915,7 @@ def _make_listes_sem(formsemestre: FormSemestre, with_absences=True):
H.append("</table>")
if partition_is_empty:
H.append('<p class="help indent">Aucun groupe peuplé dans cette partition')
if sco_groups.sco_permissions_check.can_change_groups(formsemestre.id):
if formsemestre.can_change_groups():
H.append(
f""" (<a href="{url_for("scolar.partition_editor",
scodoc_dept=g.scodoc_dept,
@ -931,7 +924,7 @@ def _make_listes_sem(formsemestre: FormSemestre, with_absences=True):
}" class="stdlink">créer</a>)"""
)
H.append("</p>")
if sco_groups.sco_permissions_check.can_change_groups(formsemestre.id):
if formsemestre.can_change_groups():
H.append(
f"""<h4><a class="stdlink"
href="{url_for("scolar.partition_editor",

View File

@ -26,12 +26,6 @@
##############################################################################
"""Gestion des groupes, nouvelle mouture (juin/nov 2009)
TODO:
Optimisation possible:
revoir do_evaluation_listeetuds_groups() pour extraire aussi les groupes (de chaque etudiant)
et éviter ainsi l'appel ulterieur à get_etud_groups() dans _make_table_notes
"""
import collections
import time
@ -49,7 +43,7 @@ from app.comp import res_sem
from app.comp.res_compat import NotesTableCompat
from app.models import FormSemestre, Identite, Scolog
from app.models import GROUPNAME_STR_LEN, SHORT_STR_LEN
from app.models.groups import GroupDescr, Partition, group_membership
from app.models.groups import GroupDescr, Partition
import app.scodoc.sco_utils as scu
import app.scodoc.notesdb as ndb
from app.scodoc.scolog import logdb
@ -59,7 +53,6 @@ from app.scodoc import codes_cursus
from app.scodoc import sco_cursus
from app.scodoc import sco_etud
from app.scodoc.sco_etud import etud_sort_key
from app.scodoc import sco_permissions_check
from app.scodoc import sco_xml
from app.scodoc.sco_exceptions import ScoException, AccessDenied, ScoValueError
from app.scodoc.TrivialFormulator import TrivialFormulator
@ -720,18 +713,19 @@ def setGroups(
log(msg)
return xml_error(msg, code=403)
if not sco_permissions_check.can_change_groups(partition.formsemestre.id):
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
log("***setGroups: partition_id=%s" % partition_id)
log("groupsLists=%s" % groupsLists)
log("groupsToCreate=%s" % groupsToCreate)
log("groupsToDelete=%s" % groupsToDelete)
if not partition.formsemestre.etat:
raise AccessDenied("Modification impossible: semestre verrouillé")
if not partition.formsemestre.can_change_groups():
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
log(
f"""***setGroups: partition={partition}
groupsLists={groupsLists}
groupsToCreate={groupsToCreate}
groupsToDelete={groupsToDelete}
"""
)
groupsToDelete = [g for g in groupsToDelete.split(";") if g]
etud_groups = formsemestre_get_etud_groupnames(
partition.formsemestre.id, attr="group_id"
)
@ -811,7 +805,7 @@ def create_group(partition_id, group_name="", default=False) -> GroupDescr:
Obsolete: utiliser Partition.create_group
"""
partition = Partition.query.get_or_404(partition_id)
if not sco_permissions_check.can_change_groups(partition.formsemestre_id):
if not partition.formsemestre.can_change_groups():
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
#
if group_name:
@ -847,7 +841,7 @@ def delete_group(group_id, partition_id=None):
if partition_id:
if partition_id != group.partition_id:
raise ValueError("inconsistent partition/group")
if not sco_permissions_check.can_change_groups(group.partition.formsemestre_id):
if not group.partition.formsemestre.can_change_groups():
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
log(f"delete_group: group={group} partition={group.partition}")
formsemestre = group.partition.formsemestre
@ -863,7 +857,8 @@ def partition_create(
redirect=True,
):
"""Create a new partition"""
if not sco_permissions_check.can_change_groups(formsemestre_id):
formsemestre = FormSemestre.get_formsemestre(formsemestre_id)
if not formsemestre.can_change_groups():
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
if partition_name:
partition_name = str(partition_name).strip()
@ -924,9 +919,10 @@ def get_arrow_icons_tags():
def edit_partition_form(formsemestre_id=None):
"""Form to create/suppress partitions"""
# ad-hoc form
if not sco_permissions_check.can_change_groups(formsemestre_id):
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
formsemestre = FormSemestre.get_formsemestre(formsemestre_id)
if not formsemestre.can_change_groups():
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
partitions = get_partitions_list(formsemestre_id)
arrow_up, arrow_down, arrow_none = get_arrow_icons_tags()
suppricon = scu.icontag(
@ -1093,21 +1089,22 @@ def edit_partition_form(formsemestre_id=None):
def partition_set_attr(partition_id, attr, value):
"""Set partition attribute: bul_show_rank or show_in_lists"""
if attr not in {"bul_show_rank", "show_in_lists"}:
raise ValueError("invalid partition attribute: %s" % attr)
raise ValueError(f"invalid partition attribute: {attr}")
partition = get_partition(partition_id)
formsemestre_id = partition["formsemestre_id"]
if not sco_permissions_check.can_change_groups(formsemestre_id):
partition = Partition.query.get_or_404(partition_id)
if not partition.formsemestre.can_change_groups():
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
log("partition_set_attr(%s, %s, %s)" % (partition_id, attr, value))
log(f"partition_set_attr({partition_id}, {attr}, {value})")
value = int(value)
cnx = ndb.GetDBConnexion()
partition[attr] = value
partitionEditor.edit(cnx, partition)
if getattr(partition, attr, None) != value:
setattr(partition, attr, value)
db.session.add(partition)
db.session.commit()
# invalid bulletin cache
sco_cache.invalidate_formsemestre(formsemestre_id=partition["formsemestre_id"])
sco_cache.invalidate_formsemestre(
formsemestre_id=partition.formsemestre.id["formsemestre_id"]
)
return "enregistré"
@ -1118,9 +1115,9 @@ def partition_delete(partition_id, force=False, redirect=1, dialog_confirmed=Fal
"""
partition = get_partition(partition_id)
formsemestre_id = partition["formsemestre_id"]
if not sco_permissions_check.can_change_groups(formsemestre_id):
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
formsemestre = FormSemestre.get_formsemestre(formsemestre_id)
if not formsemestre.can_change_groups():
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
if not partition["partition_name"] and not force:
raise ValueError("cannot suppress this partition")
@ -1163,7 +1160,8 @@ def partition_move(partition_id, after=0, redirect=1):
"""Move before/after previous one (decrement/increment numero)"""
partition = get_partition(partition_id)
formsemestre_id = partition["formsemestre_id"]
if not sco_permissions_check.can_change_groups(formsemestre_id):
formsemestre = FormSemestre.get_formsemestre(formsemestre_id)
if not formsemestre.can_change_groups():
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
#
redirect = int(redirect)
@ -1221,7 +1219,8 @@ def partition_rename(partition_id):
"""Form to rename a partition"""
partition = get_partition(partition_id)
formsemestre_id = partition["formsemestre_id"]
if not sco_permissions_check.can_change_groups(formsemestre_id):
formsemestre = FormSemestre.get_formsemestre(formsemestre_id)
if not formsemestre.can_change_groups():
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
H = ["<h2>Renommer une partition</h2>"]
tf = TrivialFormulator(
@ -1272,7 +1271,9 @@ def partition_set_name(partition_id, partition_name, redirect=1):
if partition_name == scu.PARTITION_PARCOURS:
raise ScoValueError(f"nom de partition {scu.PARTITION_PARCOURS} réservé.")
formsemestre_id = partition["formsemestre_id"]
formsemestre = FormSemestre.get_formsemestre(formsemestre_id)
if not formsemestre.can_change_groups():
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
# check unicity
r = ndb.SimpleDictFetch(
"""SELECT p.* FROM partition p
@ -1285,9 +1286,6 @@ def partition_set_name(partition_id, partition_name, redirect=1):
raise ScoValueError(
f"Partition {partition_name} déjà existante dans ce semestre !"
)
if not sco_permissions_check.can_change_groups(formsemestre_id):
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
redirect = int(redirect)
cnx = ndb.GetDBConnexion()
partitionEditor.edit(
@ -1304,7 +1302,7 @@ def partition_set_name(partition_id, partition_name, redirect=1):
def group_set_name(group: GroupDescr, group_name: str, redirect=True):
"""Set group name"""
if not sco_permissions_check.can_change_groups(group.partition.formsemestre.id):
if not group.partition.formsemestre.can_change_groups():
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
if group.group_name is None:
raise ValueError("can't set a name to default group")
@ -1337,7 +1335,8 @@ def group_rename(group_id):
"""Form to rename a group"""
group = GroupDescr.query.get_or_404(group_id)
formsemestre_id = group.partition.formsemestre_id
if not sco_permissions_check.can_change_groups(formsemestre_id):
formsemestre = FormSemestre.get_formsemestre(formsemestre_id)
if not formsemestre.can_change_groups():
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
H = [f"<h2>Renommer un groupe de {group.partition.partition_name or '-'}</h2>"]
tf = TrivialFormulator(
@ -1395,7 +1394,7 @@ def groups_auto_repartition(partition_id=None):
scodoc_dept=g.scodoc_dept,
formsemestre_id=formsemestre_id,
)
if not sco_permissions_check.can_change_groups(formsemestre_id):
if not formsemestre.can_change_groups():
raise AccessDenied("Vous n'avez pas le droit d'effectuer cette opération !")
descr = [

View File

@ -31,7 +31,6 @@ from flask import render_template
from app.models import Partition
from app.scodoc import html_sco_header
from app.scodoc import sco_groups
from app.scodoc.sco_exceptions import AccessDenied
@ -41,10 +40,10 @@ def affect_groups(partition_id):
"""
# réécrit pour 9.0.47 avec un template
partition = Partition.query.get_or_404(partition_id)
formsemestre_id = partition.formsemestre_id
if not sco_groups.sco_permissions_check.can_change_groups(formsemestre_id):
formsemestre = partition.formsemestre
if not formsemestre.can_change_groups():
raise AccessDenied("vous n'avez pas la permission de modifier les groupes")
partition.formsemestre.setup_parcours_groups()
formsemestre.setup_parcours_groups()
return render_template(
"scolar/affect_groups.j2",
sco_header=html_sco_header.sco_header(
@ -58,5 +57,5 @@ def affect_groups(partition_id):
partitions_list=partition.formsemestre.partitions.filter(
Partition.partition_name != None
),
formsemestre_id=formsemestre_id,
formsemestre_id=formsemestre.id,
)

View File

@ -923,15 +923,11 @@ def partition_editor(formsemestre_id: int, edit_partition=False):
page_title=f"Partitions de {formsemestre.titre_annee()}",
init_datatables=True,
),
f"""<h2>
</h2>
""",
"""<h2></h2>""",
render_template(
"scolar/partition_editor.j2",
formsemestre=formsemestre,
read_only=not sco_groups.sco_permissions_check.can_change_groups(
formsemestre_id
),
read_only=not formsemestre.can_change_groups(),
edit_partition=edit_partition,
),
html_sco_header.sco_footer(),