1
0
forked from ScoDoc/ScoDoc

WIP refactoring: permissions, ...

This commit is contained in:
Emmanuel Viennet 2021-06-12 22:43:22 +02:00
parent dcb53e9c35
commit 7b61b25ff1
34 changed files with 368 additions and 237 deletions

View File

@ -76,7 +76,7 @@ class ZResponse(object):
return flask.redirect(url) # http 302
def setHeader(self, header, value):
self.headers[header.tolower()] = value
self.headers[header.lower()] = value
def permission_required(permission):

View File

@ -111,7 +111,9 @@ class ZEntreprises(
<ul class="insidebar">"""
% params,
]
if REQUEST.AUTHENTICATED_USER.has_permission(ScoEntrepriseChange, self):
if REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoEntrepriseChange, self
):
H.append(
"""<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_create" class="sidebar">Nouvelle entreprise</a> </li>"""
% params
@ -138,7 +140,9 @@ class ZEntreprises(
<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_correspondant_list?entreprise_id=%(entreprise_id)s" class="sidebar">Corresp.</a></li>"""
% params
) # """
if REQUEST.AUTHENTICATED_USER.has_permission(ScoEntrepriseChange, self):
if REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoEntrepriseChange, self
):
H.append(
"""<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_correspondant_create?entreprise_id=%(entreprise_id)s" class="sidebar">Nouveau Corresp.</a></li>"""
% params
@ -147,7 +151,9 @@ class ZEntreprises(
"""<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_contact_list?entreprise_id=%(entreprise_id)s" class="sidebar">Contacts</a></li>"""
% params
)
if REQUEST.AUTHENTICATED_USER.has_permission(ScoEntrepriseChange, self):
if REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoEntrepriseChange, self
):
H.append(
"""<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_contact_create?entreprise_id=%(entreprise_id)s" class="sidebar">Nouveau "contact"</a></li>"""
% params
@ -156,7 +162,9 @@ class ZEntreprises(
#
H.append("""<br/><br/>%s""" % scu.icontag("entreprise_side_img"))
if not REQUEST.AUTHENTICATED_USER.has_permission(ScoEntrepriseChange, self):
if not REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoEntrepriseChange, self
):
H.append("""<br/><em>(Lecture seule)</em>""")
H.append("""</div> </div> <!-- end of sidebar -->""")
return "".join(H)
@ -336,7 +344,9 @@ class ZEntreprises(
H.append(tab.html())
if REQUEST.AUTHENTICATED_USER.has_permission(ScoEntrepriseChange, self):
if REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoEntrepriseChange, self
):
if entreprise_id:
H.append(
"""<p class="entreprise_create"><a class="entreprise_create" href="entreprise_contact_create?entreprise_id=%(entreprise_id)s">nouveau "contact"</a></p>
@ -443,7 +453,9 @@ class ZEntreprises(
H.append(tab.html())
if REQUEST.AUTHENTICATED_USER.has_permission(ScoEntrepriseChange, self):
if REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoEntrepriseChange, self
):
H.append(
"""<p class="entreprise_create"><a class="entreprise_create" href="entreprise_correspondant_create?entreprise_id=%(entreprise_id)s">Ajouter un correspondant dans l'entreprise %(nom)s</a></p>
"""
@ -556,7 +568,9 @@ class ZEntreprises(
if tf[0] == 0:
H.append(tf[1])
if REQUEST.AUTHENTICATED_USER.has_permission(ScoEntrepriseChange, self):
if REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoEntrepriseChange, self
):
H.append(
"""<p class="entreprise_descr"><a class="entreprise_delete" href="entreprise_contact_delete?entreprise_contact_id=%s">Supprimer ce contact</a> </p>"""
% entreprise_contact_id
@ -1130,7 +1144,7 @@ class ZEntreprises(
def entreprise_edit(self, entreprise_id, REQUEST=None, start=1):
"""Form. edit entreprise"""
authuser = REQUEST.AUTHENTICATED_USER
readonly = not authuser.has_permission(ScoEntrepriseChange, self)
readonly = not authuser.has_permission(Permission.ScoEntrepriseChange, self)
F = sco_entreprises.do_entreprise_list(
self, args={"entreprise_id": entreprise_id}
)[0]

View File

@ -131,7 +131,9 @@ class ZScoDoc(ObjectManager, PropertyManager, RoleManager, Item, Persistent, Imp
def _check_admin_perm(self, REQUEST):
"""Check if user has permission to add/delete departements"""
authuser = REQUEST.AUTHENTICATED_USER
if authuser.has_role("manager") or authuser.has_permission(ScoSuperAdmin, self):
if authuser.has_role("manager") or authuser.has_permission(
Permission.ScoSuperAdmin, self
):
return ""
else:
return """<h2>Vous n'avez pas le droit d'accéder à cette page</h2>"""
@ -294,7 +296,8 @@ class ZScoDoc(ObjectManager, PropertyManager, RoleManager, Item, Persistent, Imp
[
d.id
for d in self._list_depts()
if (not viewable) or authuser.has_permission(ScoView, d.Scolarite)
if (not viewable)
or authuser.has_permission(Permission.ScoView, d.Scolarite)
],
name="depts",
format=format,
@ -480,7 +483,7 @@ class ZScoDoc(ObjectManager, PropertyManager, RoleManager, Item, Persistent, Imp
else:
dest_folder = ""
for deptFolder in self._list_depts():
if authuser.has_permission(ScoView, deptFolder.Scolarite):
if authuser.has_permission(Permission.ScoView, deptFolder.Scolarite):
link_cls = "link_accessible"
else:
link_cls = "link_unauthorized"
@ -561,7 +564,7 @@ E. Viennet (Université Paris 13).</p>
authuser = REQUEST.AUTHENTICATED_USER
try:
dept = getattr(self, deptfoldername)
if authuser.has_permission(ScoView, dept):
if authuser.has_permission(Permission.ScoView, dept):
return REQUEST.RESPONSE.redirect("ScoDoc/%s/Scolarite" % deptfoldername)
except:
log(

View File

@ -141,7 +141,7 @@ class ZScoUsers(
H = [self.sco_header(REQUEST, page_title="Gestion des utilisateurs")]
H.append("<h2>Gestion des utilisateurs</h2>")
if authuser.has_permission(ScoUsersAdmin, self):
if authuser.has_permission(Permission.ScoUsersAdmin, self):
H.append(
'<p><a href="create_user_form" class="stdlink">Ajouter un utilisateur</a>'
)
@ -170,7 +170,7 @@ class ZScoUsers(
with_olds=with_olds,
format=format,
REQUEST=REQUEST,
with_links=authuser.has_permission(ScoUsersAdmin, self),
with_links=authuser.has_permission(Permission.ScoUsersAdmin, self),
)
if format != "html":
return L
@ -338,7 +338,7 @@ class ZScoUsers(
if str(authuser) == user_name:
return True
# has permission ?
if not authuser.has_permission(ScoUsersAdmin, self):
if not authuser.has_permission(Permission.ScoUsersAdmin, self):
return False
# Ok, now check that authuser can manage users from this departement
# Get user info
@ -499,11 +499,11 @@ class ZScoUsers(
"<p>L' utilisateur '%s' n'est pas défini dans ce module.</p>"
% user_name
)
if authuser.has_permission(ScoEditAllNotes, self):
if authuser.has_permission(Permission.ScoEditAllNotes, self):
H.append("<p>(il peut modifier toutes les notes)</p>")
if authuser.has_permission(ScoEditAllEvals, self):
if authuser.has_permission(Permission.ScoEditAllEvals, self):
H.append("<p>(il peut modifier toutes les évaluations)</p>")
if authuser.has_permission(ScoImplement, self):
if authuser.has_permission(Permission.ScoImplement, self):
H.append("<p>(il peut creer des formations)</p>")
else:
H.append(
@ -520,7 +520,7 @@ class ZScoUsers(
<li><a class="stdlink" href="form_change_password?user_name=%(user_name)s">changer le mot de passe</a></li>"""
% info[0]
)
if authuser.has_permission(ScoUsersAdmin, self):
if authuser.has_permission(Permission.ScoUsersAdmin, self):
H.append(
"""
<li><a class="stdlink" href="create_user_form?user_name=%(user_name)s&edit=1">modifier/déactiver ce compte</a></li>
@ -560,7 +560,7 @@ class ZScoUsers(
b = "non"
H.append("<li>%s : %s</li>" % (permname, b))
H.append("</ul></div>")
if authuser.has_permission(ScoUsersAdmin, self):
if authuser.has_permission(Permission.ScoUsersAdmin, self):
H.append(
'<p><a class="stdlink" href="%s/Users">Liste de tous les utilisateurs</a></p>'
% self.ScoURL()
@ -602,13 +602,13 @@ class ZScoUsers(
else:
H.append("<h2>Création d'un utilisateur</h2>")
if authuser.has_permission(ScoSuperAdmin, self):
if authuser.has_permission(Permission.ScoSuperAdmin, self):
H.append("""<p class="warning">Vous êtes super administrateur !</p>""")
# Noms de roles pouvant etre attribues aux utilisateurs via ce dialogue
# si pas SuperAdmin, restreint aux rôles EnsX, SecrX, DeptX
#
if authuser.has_permission(ScoSuperAdmin, self):
if authuser.has_permission(Permission.ScoSuperAdmin, self):
log("create_user_form called by %s (super admin)" % (auth_name,))
editable_roles = set(self._all_roles())
else:

View File

@ -28,7 +28,6 @@
import cgi
import sco_utils as scu
from sco_formsemestre_status import formsemestre_page_title
"""
HTML Header/Footer for ScoDoc pages
@ -263,3 +262,6 @@ def sco_footer(context, REQUEST=None):
return (
"""</div><!-- /gtrcontent -->""" + scu.CUSTOM_HTML_FOOTER + """</body></html>"""
)
from sco_formsemestre_status import formsemestre_page_title

View File

@ -62,14 +62,14 @@ def sidebar_common(context, REQUEST=None):
% params,
]
if authuser.has_permission(ScoUsersAdmin, context) or authuser.has_permission(
ScoUsersView, context
):
if authuser.has_permission(
Permission.ScoUsersAdmin, context
) or authuser.has_permission(ScoUsersView, context):
H.append(
"""<a href="%(UsersURL)s" class="sidebar">Utilisateurs</a> <br/>""" % params
)
if authuser.has_permission(ScoChangePreferences, context):
if authuser.has_permission(Permission.ScoChangePreferences, context):
H.append(
"""<a href="%(ScoURL)s/edit_preferences" class="sidebar">Paramétrage</a> <br/>"""
% params
@ -120,7 +120,7 @@ def sidebar(context, REQUEST=None):
)
H.append("<ul>")
if REQUEST.AUTHENTICATED_USER.has_permission(ScoAbsChange, context):
if REQUEST.AUTHENTICATED_USER.has_permission(Permission.ScoAbsChange, context):
H.append(
"""
<li> <a href="%(ScoURL)s/Absences/SignaleAbsenceEtud?etudid=%(etudid)s">Ajouter</a></li>

View File

@ -88,7 +88,13 @@ def doSignaleAbsence(
nbadded += 2
else:
context._AddAbsence(
etudid, jour, demijournee, estjust, REQUEST, description_abs, moduleimpl_id
etudid,
jour,
demijournee,
estjust,
REQUEST,
description_abs,
moduleimpl_id,
)
nbadded += 1
#
@ -846,7 +852,7 @@ def absences_index_html(context, REQUEST=None):
"""<p>Pour signaler, annuler ou justifier une absence, choisissez d'abord l'étudiant concerné:</p>"""
)
H.append(sco_find_etud.form_search_etud(context, REQUEST))
if authuser.has_permission(ScoAbsChange, context):
if authuser.has_permission(Permission.ScoAbsChange, context):
H.extend(
(
"""<hr/>

View File

@ -53,7 +53,7 @@ EtudsArchive = EtudsArchiver()
def can_edit_etud_archive(context, authuser):
"""True si l'utilisateur peut modifier les archives etudiantes"""
return authuser.has_permission(ScoEtudAddAnnotations, context)
return authuser.has_permission(Permission.ScoEtudAddAnnotations, context)
def etud_list_archives_html(context, REQUEST, etudid):

View File

@ -842,7 +842,7 @@ def can_send_bulletin_by_mail(context, formsemestre_id, REQUEST):
sem = sco_formsemestre.get_formsemestre(context, formsemestre_id)
return (
context.get_preference("bul_mail_allowed_for_all", formsemestre_id)
or authuser.has_permission(ScoImplement, context)
or authuser.has_permission(Permission.ScoImplement, context)
or str(authuser) in sem["responsables"]
)
@ -1077,7 +1077,7 @@ def _formsemestre_bulletinetud_header_html(
"url": "formsemestre_edit_options?formsemestre_id=%s&target_url=%s"
% (formsemestre_id, qurl),
"enabled": (uid in sem["responsables"])
or authuser.has_permission(ScoImplement, context),
or authuser.has_permission(Permission.ScoImplement, context),
},
{
"title": 'Version papier (pdf, format "%s")'
@ -1120,14 +1120,14 @@ def _formsemestre_bulletinetud_header_html(
% (etudid, formsemestre_id),
"enabled": (
(authuser in sem["responsables"])
or (authuser.has_permission(ScoEtudInscrit, context))
or (authuser.has_permission(Permission.ScoEtudInscrit, context))
),
},
{
"title": "Enregistrer un semestre effectué ailleurs",
"url": "formsemestre_ext_create_form?etudid=%s&formsemestre_id=%s"
% (etudid, formsemestre_id),
"enabled": authuser.has_permission(ScoImplement, context),
"enabled": authuser.has_permission(Permission.ScoImplement, context),
},
{
"title": "Enregistrer une validation d'UE antérieure",

View File

@ -316,7 +316,7 @@ class BulletinGeneratorLegacy(sco_bulletins_generator.BulletinGenerator):
# le dir. des etud peut ajouter des appreciations,
# mais aussi le chef (perm. ScoEtudInscrit)
can_edit_app = (str(authuser) in self.infos["responsables"]) or (
authuser.has_permission(ScoEtudInscrit, self.context)
authuser.has_permission(Permission.ScoEtudInscrit, self.context)
)
H.append('<div class="bull_appreciations">')
if I["appreciations_list"]:

View File

@ -153,7 +153,7 @@ class BulletinGeneratorStandard(sco_bulletins_generator.BulletinGenerator):
# le dir. des etud peut ajouter des appreciations,
# mais aussi le chef (perm. ScoEtudInscrit)
can_edit_app = (str(self.authuser) in self.infos["responsables"]) or (
self.authuser.has_permission(ScoEtudInscrit, self.context)
self.authuser.has_permission(Permission.ScoEtudInscrit, self.context)
)
H.append('<div class="bull_appreciations">')
for app in self.infos["appreciations_list"]:

7
app/scodoc/sco_core.py Normal file → Executable file
View File

@ -17,3 +17,10 @@ def sco_get_version(context, REQUEST=None):
def test_refactor(context, x=1):
x = context.toto()
y = ("context=" + context.module_is_locked("alpha")) + "23"
z = context.sco_header(
a_long_argument_hahahahaha=1,
another_very_long_arggggggggggggg=2,
z=6,
u=99,
kkkkkk=1,
)

View File

@ -138,7 +138,7 @@ Chercher étape courante: <input name="etape_apo" type="text" size="8" spellchec
)
#
authuser = REQUEST.AUTHENTICATED_USER
if authuser.has_permission(ScoEtudInscrit, context):
if authuser.has_permission(Permission.ScoEtudInscrit, context):
H.append(
"""<hr>
<h3>Gestion des étudiants</h3>
@ -151,7 +151,7 @@ Chercher étape courante: <input name="etape_apo" type="text" size="8" spellchec
"""
)
#
if authuser.has_permission(ScoEditApo, context):
if authuser.has_permission(Permission.ScoEditApo, context):
H.append(
"""<hr>
<h3>Exports Apogée</h3>

View File

@ -35,6 +35,7 @@ from TrivialFormulator import TrivialFormulator, TF, tf_error_message
import sco_codes_parcours
import sco_formsemestre
from sco_exceptions import ScoValueError
import sco_formation
def formation_delete(context, formation_id=None, dialog_confirmed=False, REQUEST=None):
@ -223,6 +224,32 @@ def formation_edit(context, formation_id=None, create=False, REQUEST=None):
return REQUEST.RESPONSE.redirect("ue_list?formation_id=%s" % formation_id)
def do_formation_create(context, args, REQUEST):
"create a formation"
cnx = context.GetDBConnexion()
# check unique acronyme/titre/version
a = args.copy()
if a.has_key("formation_id"):
del a["formation_id"]
F = context.formation_list(args=a)
if len(F) > 0:
log("do_formation_create: error: %d formations matching args=%s" % (len(F), a))
raise ScoValueError("Formation non unique (%s) !" % str(a))
# Si pas de formation_code, l'enleve (default SQL)
if args.has_key("formation_code") and not args["formation_code"]:
del args["formation_code"]
#
r = _formationEditor.create(cnx, args)
sco_news.add(
context,
REQUEST,
typ=NEWS_FORM,
text="Création de la formation %(titre)s (%(acronyme)s)" % args,
)
return r
def do_formation_edit(context, args):
"edit a formation"
# log('do_formation_edit( args=%s )'%args)
@ -238,7 +265,7 @@ def do_formation_edit(context, args):
del args["formation_code"]
cnx = context.GetDBConnexion()
context._formationEditor.edit(cnx, args)
sco_formation._formationEditor.edit(cnx, args)
# Invalide les semestres utilisant cette formation:
for sem in sco_formsemestre.do_formsemestre_list(

View File

@ -417,7 +417,9 @@ def module_list(context, formation_id, REQUEST=None):
% F,
'<ul class="notes_module_list">',
]
editable = REQUEST.AUTHENTICATED_USER.has_permission(ScoChangeFormation, context)
editable = REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoChangeFormation, context
)
for Mod in context.do_module_list(args={"formation_id": formation_id}):
H.append('<li class="notes_module_list">%s' % Mod)

View File

@ -300,14 +300,16 @@ def ue_list(context, formation_id=None, msg="", REQUEST=None):
ue_list.sort(key=lambda u: (u["semestre_id"], u["numero"]))
has_duplicate_ue_codes = len(set([ue["ue_code"] for ue in ue_list])) != len(ue_list)
perm_change = authuser.has_permission(ScoChangeFormation, context)
perm_change = authuser.has_permission(Permission.ScoChangeFormation, context)
# editable = (not locked) and perm_change
# On autorise maintanant la modification des formations qui ont des semestres verrouillés,
# sauf si cela affect les notes passées (verrouillées):
# - pas de modif des modules utilisés dans des semestres verrouillés
# - pas de changement des codes d'UE utilisés dans des semestres verrouillés
editable = perm_change
tag_editable = authuser.has_permission(ScoEditFormationTags, context) or perm_change
tag_editable = (
authuser.has_permission(Permission.ScoEditFormationTags, context) or perm_change
)
if locked:
lockicon = scu.icontag("lock32_img", title="verrouillé")
else:
@ -653,7 +655,7 @@ Si vous souhaitez modifier cette formation (par exemple pour y ajouter un module
H.append("</li>")
H.append("</ul>")
if authuser.has_permission(ScoImplement, context):
if authuser.has_permission(Permission.ScoImplement, context):
H.append(
"""<ul>
<li><a class="stdlink" href="formsemestre_createwithmodules?formation_id=%(formation_id)s&semestre_id=1">Mettre en place un nouveau semestre de formation %(acronyme)s</a>

View File

@ -266,7 +266,7 @@ def form_search_etud_in_accessible_depts(context, REQUEST):
def can_view_dept(context, REQUEST):
"""True if auth user can access (View) this context"""
authuser = REQUEST.AUTHENTICATED_USER
return authuser.has_permission(ScoView, context)
return authuser.has_permission(Permission.ScoView, context)
def search_etud_in_accessible_depts(context, expnom=None, code_nip=None, REQUEST=None):

View File

@ -217,7 +217,9 @@ def formation_list_table(context, formation_id=None, args={}, REQUEST=None):
"edit_img", border="0", alt="modifier", title="Modifier titres et code"
)
editable = REQUEST.AUTHENTICATED_USER.has_permission(ScoChangeFormation, context)
editable = REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoChangeFormation, context
)
# Traduit/ajoute des champs à afficher:
for f in formations:

View File

@ -105,7 +105,7 @@ def can_edit_sem(context, REQUEST, formsemestre_id="", sem=None):
"""Return sem if user can edit it, False otherwise"""
sem = sem or sco_formsemestre.get_formsemestre(context, formsemestre_id)
authuser = REQUEST.AUTHENTICATED_USER
if not authuser.has_permission(ScoImplement, context): # pas chef
if not authuser.has_permission(Permission.ScoImplement, context): # pas chef
if not sem["resp_can_edit"] or str(authuser) not in sem["responsables"]:
return False
return sem
@ -118,7 +118,7 @@ def do_formsemestre_createwithmodules(context, REQUEST=None, edit=False):
formsemestre_id = REQUEST.form["formsemestre_id"]
sem = sco_formsemestre.get_formsemestre(context, formsemestre_id)
authuser = REQUEST.AUTHENTICATED_USER
if not authuser.has_permission(ScoImplement, context):
if not authuser.has_permission(Permission.ScoImplement, context):
if not edit:
# il faut ScoImplement pour creer un semestre
raise AccessDenied("vous n'avez pas le droit d'effectuer cette opération")
@ -434,7 +434,7 @@ def do_formsemestre_createwithmodules(context, REQUEST=None, edit=False):
},
),
]
if authuser.has_permission(ScoImplement, context):
if authuser.has_permission(Permission.ScoImplement, context):
modform += [
(
"resp_can_edit",

View File

@ -157,7 +157,7 @@ def formsemestre_status_menubar(context, sem, REQUEST):
"url": "formsemestre_editwithmodules?formation_id=%(formation_id)s&formsemestre_id=%(formsemestre_id)s"
% sem,
"enabled": (
authuser.has_permission(ScoImplement, context)
authuser.has_permission(Permission.ScoImplement, context)
or (
str(REQUEST.AUTHENTICATED_USER) in sem["responsables"]
and sem["resp_can_edit"]
@ -171,7 +171,7 @@ def formsemestre_status_menubar(context, sem, REQUEST):
"url": "formsemestre_edit_preferences?formsemestre_id=%(formsemestre_id)s"
% sem,
"enabled": (
authuser.has_permission(ScoImplement, context)
authuser.has_permission(Permission.ScoImplement, context)
or (
str(REQUEST.AUTHENTICATED_USER) in sem["responsables"]
and sem["resp_can_edit"]
@ -184,14 +184,14 @@ def formsemestre_status_menubar(context, sem, REQUEST):
"title": "Réglages bulletins",
"url": "formsemestre_edit_options?formsemestre_id=" + formsemestre_id,
"enabled": (uid in sem["responsables"])
or authuser.has_permission(ScoImplement, context),
or authuser.has_permission(Permission.ScoImplement, context),
"helpmsg": "Change les options",
},
{
"title": change_lock_msg,
"url": "formsemestre_change_lock?formsemestre_id=" + formsemestre_id,
"enabled": (uid in sem["responsables"])
or authuser.has_permission(ScoImplement, context),
or authuser.has_permission(Permission.ScoImplement, context),
"helpmsg": "",
},
{
@ -216,21 +216,21 @@ def formsemestre_status_menubar(context, sem, REQUEST):
{
"title": "Cloner ce semestre",
"url": "formsemestre_clone?formsemestre_id=" + formsemestre_id,
"enabled": authuser.has_permission(ScoImplement, context),
"enabled": authuser.has_permission(Permission.ScoImplement, context),
"helpmsg": "",
},
{
"title": "Associer à une nouvelle version du programme",
"url": "formsemestre_associate_new_version?formsemestre_id="
+ formsemestre_id,
"enabled": authuser.has_permission(ScoChangeFormation, context)
"enabled": authuser.has_permission(Permission.ScoChangeFormation, context)
and (sem["etat"] == "1"),
"helpmsg": "",
},
{
"title": "Supprimer ce semestre",
"url": "formsemestre_delete?formsemestre_id=" + formsemestre_id,
"enabled": authuser.has_permission(ScoImplement, context),
"enabled": authuser.has_permission(Permission.ScoImplement, context),
"helpmsg": "",
},
]
@ -254,13 +254,13 @@ def formsemestre_status_menubar(context, sem, REQUEST):
{
"title": "Passage des étudiants depuis d'autres semestres",
"url": "formsemestre_inscr_passage?formsemestre_id=" + formsemestre_id,
"enabled": authuser.has_permission(ScoEtudInscrit, context)
"enabled": authuser.has_permission(Permission.ScoEtudInscrit, context)
and (sem["etat"] == "1"),
},
{
"title": "Synchroniser avec étape Apogée",
"url": "formsemestre_synchro_etuds?formsemestre_id=" + formsemestre_id,
"enabled": authuser.has_permission(ScoView, context)
"enabled": authuser.has_permission(Permission.ScoView, context)
and context.get_preference("portal_url")
and (sem["etat"] == "1"),
},
@ -268,26 +268,26 @@ def formsemestre_status_menubar(context, sem, REQUEST):
"title": "Inscrire un étudiant",
"url": "formsemestre_inscription_with_modules_etud?formsemestre_id="
+ formsemestre_id,
"enabled": authuser.has_permission(ScoEtudInscrit, context)
"enabled": authuser.has_permission(Permission.ScoEtudInscrit, context)
and (sem["etat"] == "1"),
},
{
"title": "Importer des étudiants dans ce semestre (table Excel)",
"url": "form_students_import_excel?formsemestre_id=" + formsemestre_id,
"enabled": authuser.has_permission(ScoEtudInscrit, context)
"enabled": authuser.has_permission(Permission.ScoEtudInscrit, context)
and (sem["etat"] == "1"),
},
{
"title": "Import/export des données admission",
"url": "form_students_import_infos_admissions?formsemestre_id="
+ formsemestre_id,
"enabled": authuser.has_permission(ScoView, context),
"enabled": authuser.has_permission(Permission.ScoView, context),
},
{
"title": "Resynchroniser données identité",
"url": "formsemestre_import_etud_admission?formsemestre_id="
+ formsemestre_id,
"enabled": authuser.has_permission(ScoEtudChangeAdr, context)
"enabled": authuser.has_permission(Permission.ScoEtudChangeAdr, context)
and context.get_preference("portal_url"),
},
{
@ -750,7 +750,7 @@ def _make_listes_sem(context, sem, REQUEST=None, with_absences=True):
#
H = []
# pas de menu absences si pas autorise:
if with_absences and not authuser.has_permission(ScoAbsChange, context):
if with_absences and not authuser.has_permission(Permission.ScoAbsChange, context):
with_absences = False
#

View File

@ -62,7 +62,7 @@ def can_change_groups(context, REQUEST, formsemestre_id):
if sem["etat"] != "1":
return False # semestre verrouillé
authuser = REQUEST.AUTHENTICATED_USER
if authuser.has_permission(ScoEtudChangeGroups, context):
if authuser.has_permission(Permission.ScoEtudChangeGroups, context):
return True # admin, chef dept
uid = str(authuser)
if uid in sem["responsables"]:

View File

@ -851,13 +851,13 @@ def tab_absences_html(context, groups_infos, etat=None, REQUEST=None):
# Lien pour verif codes INE/NIP
# (pour tous les etudiants du semestre)
group_id = sco_groups.get_default_group(context, groups_infos.formsemestre_id)
if authuser.has_permission(ScoEtudInscrit, context):
if authuser.has_permission(Permission.ScoEtudInscrit, context):
H.append(
'<li><a class="stdlink" href="check_group_apogee?group_id=%s&etat=%s">Vérifier codes Apogée</a> (de tous les groupes)</li>'
% (group_id, etat or "")
)
# Lien pour ajout fichiers étudiants
if authuser.has_permission(ScoEtudAddAnnotations, context):
if authuser.has_permission(Permission.ScoEtudAddAnnotations, context):
H.append(
"""<li><a class="stdlink" href="etudarchive_import_files_form?group_id=%s">Télécharger des fichiers associés aux étudiants (e.g. dossiers d'admission)</a></li>"""
% (group_id)
@ -880,7 +880,7 @@ def form_choix_jour_saisie_hebdo(
):
"""Formulaire choix jour semaine pour saisie."""
authuser = REQUEST.AUTHENTICATED_USER
if not authuser.has_permission(ScoAbsChange, context):
if not authuser.has_permission(Permission.ScoAbsChange, context):
return ""
sem = groups_infos.formsemestre
first_monday = sco_abs.ddmmyyyy(sem["date_debut"]).prev_monday()
@ -921,7 +921,7 @@ def form_choix_jour_saisie_hebdo(
# Formulaire saisie absences semaine
def form_choix_saisie_semaine(context, groups_infos, REQUEST=None):
authuser = REQUEST.AUTHENTICATED_USER
if not authuser.has_permission(ScoAbsChange, context):
if not authuser.has_permission(Permission.ScoAbsChange, context):
return ""
# construit l'URL "destination"
# (a laquelle on revient apres saisie absences)

View File

@ -302,7 +302,7 @@ def can_change_module_resp(context, REQUEST, moduleimpl_id):
authuser = REQUEST.AUTHENTICATED_USER
uid = str(authuser)
# admin ou resp. semestre avec flag resp_can_change_resp
if not authuser.has_permission(ScoImplement, context) and (
if not authuser.has_permission(Permission.ScoImplement, context) and (
(uid not in sem["responsables"]) or (not sem["resp_can_change_ens"])
):
raise AccessDenied("Modification impossible pour %s" % uid)
@ -325,7 +325,7 @@ def can_change_ens(context, REQUEST, moduleimpl_id, raise_exc=True):
# admin, resp. module ou resp. semestre
if (
uid != M["responsable_id"]
and not authuser.has_permission(ScoImplement, context)
and not authuser.has_permission(Permission.ScoImplement, context)
and (uid not in sem["responsables"])
):
if raise_exc:

View File

@ -245,7 +245,10 @@ def moduleimpl_inscriptions_stats(context, formsemestre_id, REQUEST=None):
context, formsemestre_id
)
can_change = authuser.has_permission(ScoEtudInscrit, context) and sem["etat"] == "1"
can_change = (
authuser.has_permission(Permission.ScoEtudInscrit, context)
and sem["etat"] == "1"
)
# Liste des modules
Mlist = sco_moduleimpl.do_moduleimpl_withmodule_list(

View File

@ -217,7 +217,7 @@ def moduleimpl_status(context, moduleimpl_id=None, partition_id=None, REQUEST=No
"""<tr><td class="fichetitre2">Inscrits: </td><td> %d étudiants"""
% len(ModInscrits)
)
if authuser.has_permission(ScoEtudInscrit, context):
if authuser.has_permission(Permission.ScoEtudInscrit, context):
H.append(
"""<a class="stdlink" style="margin-left:2em;" href="moduleimpl_inscriptions_edit?moduleimpl_id=%s">modifier</a>"""
% M["moduleimpl_id"]

View File

@ -67,80 +67,78 @@ def _menuScolarite(context, authuser, sem, etudid):
return lockicon # no menu
if not authuser.has_permission(
ScoEtudInscrit, context
) and not authuser.has_permission(ScoEtudChangeGroups, context):
) and not authuser.has_permission(Permission.ScoEtudChangeGroups, context):
return "" # no menu
ins = sem["ins"]
args = {"etudid": etudid, "formsemestre_id": ins["formsemestre_id"]}
if ins["etat"] != "D":
dem_title = "Démission"
dem_url = (
"formDem?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s" % args
)
dem_url = "formDem?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s" % args
else:
dem_title = "Annuler la démission"
dem_url = (
"doCancelDem?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s"
% args
"doCancelDem?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s" % args
)
# Note: seul un etudiant inscrit (I) peut devenir défaillant.
if ins["etat"] != sco_codes_parcours.DEF:
def_title = "Déclarer défaillance"
def_url = (
"formDef?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s" % args
)
def_url = "formDef?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s" % args
elif ins["etat"] == sco_codes_parcours.DEF:
def_title = "Annuler la défaillance"
def_url = (
"doCancelDef?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s"
% args
"doCancelDef?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s" % args
)
def_enabled = (
(ins["etat"] != "D")
and authuser.has_permission(ScoEtudInscrit, context)
and authuser.has_permission(Permission.ScoEtudInscrit, context)
and not locked
)
items = [
# { 'title' : 'Changer de groupe',
# 'url' : 'formChangeGroup?etudid=%s&formsemestre_id=%s' % (etudid,ins['formsemestre_id']),
# 'enabled' : authuser.has_permission(ScoEtudChangeGroups,context) and not locked,
# 'enabled' : authuser.has_permission(Permission.ScoEtudChangeGroups,context) and not locked,
# },
{
"title": dem_title,
"url": dem_url,
"enabled": authuser.has_permission(ScoEtudInscrit, context) and not locked,
"enabled": authuser.has_permission(Permission.ScoEtudInscrit, context)
and not locked,
},
{
"title": "Validation du semestre (jury)",
"url": "Notes/formsemestre_validation_etud_form?etudid=%(etudid)s&formsemestre_id=%(formsemestre_id)s"
% args,
"enabled": authuser.has_permission(ScoEtudInscrit, context) and not locked,
"enabled": authuser.has_permission(Permission.ScoEtudInscrit, context)
and not locked,
},
{"title": def_title, "url": def_url, "enabled": def_enabled},
{
"title": "Inscrire à un module optionnel (ou au sport)",
"url": "Notes/formsemestre_inscription_option?formsemestre_id=%(formsemestre_id)s&etudid=%(etudid)s"
% args,
"enabled": authuser.has_permission(ScoEtudInscrit, context) and not locked,
"enabled": authuser.has_permission(Permission.ScoEtudInscrit, context)
and not locked,
},
{
"title": "Désinscrire (en cas d'erreur)",
"url": "Notes/formsemestre_desinscription?formsemestre_id=%(formsemestre_id)s&etudid=%(etudid)s"
% args,
"enabled": authuser.has_permission(ScoEtudInscrit, context) and not locked,
"enabled": authuser.has_permission(Permission.ScoEtudInscrit, context)
and not locked,
},
{
"title": "Inscrire à un autre semestre",
"url": "Notes/formsemestre_inscription_with_modules_form?etudid=%(etudid)s"
% args,
"enabled": authuser.has_permission(ScoEtudInscrit, context),
"enabled": authuser.has_permission(Permission.ScoEtudInscrit, context),
},
{
"title": "Enregistrer un semestre effectué ailleurs",
"url": "Notes/formsemestre_ext_create_form?formsemestre_id=%(formsemestre_id)s&etudid=%(etudid)s"
% args,
"enabled": authuser.has_permission(ScoImplement, context),
"enabled": authuser.has_permission(Permission.ScoImplement, context),
},
]
@ -206,7 +204,7 @@ def ficheEtud(context, etudid=None, REQUEST=None):
else:
info["emaillink"] = "<em>(pas d'adresse e-mail)</em>"
# champs dependant des permissions
if authuser.has_permission(ScoEtudChangeAdr, context):
if authuser.has_permission(Permission.ScoEtudChangeAdr, context):
info["modifadresse"] = (
'<a class="stdlink" href="formChangeCoordonnees?etudid=%s">modifier adresse</a>'
% etudid
@ -272,7 +270,7 @@ def ficheEtud(context, etudid=None, REQUEST=None):
else:
# non inscrit
l = ["<p><b>Etudiant%s non inscrit%s" % (info["ne"], info["ne"])]
if authuser.has_permission(ScoEtudInscrit, context):
if authuser.has_permission(Permission.ScoEtudInscrit, context):
l.append(
'<a href="%s/Notes/formsemestre_inscription_with_modules_form?etudid=%s">inscrire</a></li>'
% (context.ScoURL(), etudid)
@ -517,17 +515,17 @@ def menus_etud(context, REQUEST=None):
{
"title": "Changer la photo",
"url": "formChangePhoto?etudid=%(etudid)s" % etud,
"enabled": authuser.has_permission(ScoEtudChangeAdr, context),
"enabled": authuser.has_permission(Permission.ScoEtudChangeAdr, context),
},
{
"title": "Changer les données identité/admission",
"url": "etudident_edit_form?etudid=%(etudid)s" % etud,
"enabled": authuser.has_permission(ScoEtudInscrit, context),
"enabled": authuser.has_permission(Permission.ScoEtudInscrit, context),
},
{
"title": "Supprimer cet étudiant...",
"url": "etudident_delete?etudid=%(etudid)s" % etud,
"enabled": authuser.has_permission(ScoEtudInscrit, context),
"enabled": authuser.has_permission(Permission.ScoEtudInscrit, context),
},
{
"title": "Voir le journal...",

View File

@ -74,12 +74,12 @@ def can_edit_notes(context, authuser, moduleimpl_id, allow_ens=True):
if sco_parcours_dut.formsemestre_has_decisions(context, sem["formsemestre_id"]):
# il y a des décisions de jury dans ce semestre !
return (
authuser.has_permission(ScoEditAllNotes, context)
authuser.has_permission(Permission.ScoEditAllNotes, context)
or uid in sem["responsables"]
)
else:
if (
(not authuser.has_permission(ScoEditAllNotes, context))
(not authuser.has_permission(Permission.ScoEditAllNotes, context))
and uid != M["responsable_id"]
and uid not in sem["responsables"]
):

View File

@ -90,7 +90,7 @@ def formsemestre_synchro_etuds(
sem["etape_apo_str"] = sco_formsemestre.formsemestre_etape_apo_str(sem)
# Write access ?
authuser = REQUEST.AUTHENTICATED_USER
if not authuser.has_permission(ScoEtudInscrit, context):
if not authuser.has_permission(Permission.ScoEtudInscrit, context):
read_only = True
if read_only:
submitted = False

View File

@ -237,7 +237,7 @@ def module_tag_set(context, module_id="", taglist=[], REQUEST=None):
authuser = REQUEST.AUTHENTICATED_USER
tag_editable = authuser.has_permission(
ScoEditFormationTags, context
) or authuser.has_permission(ScoChangeFormation, context)
) or authuser.has_permission(Permission.ScoChangeFormation, context)
if not tag_editable:
raise AccessDenied("Modification des tags impossible pour %s" % authuser)
#

View File

@ -81,7 +81,7 @@ def external_ue_create(
sem = sco_formsemestre.get_formsemestre(context, formsemestre_id)
# Contrôle d'accès:
authuser = REQUEST.AUTHENTICATED_USER
if not authuser.has_permission(ScoImplement, context):
if not authuser.has_permission(Permission.ScoImplement, context):
if not sem["resp_can_edit"] or str(authuser) not in sem["responsables"]:
raise AccessDenied("vous n'avez pas le droit d'effectuer cette opération")
#
@ -210,7 +210,7 @@ def external_ue_create_form(context, formsemestre_id, etudid, REQUEST=None):
sem = sco_formsemestre.get_formsemestre(context, formsemestre_id)
# Contrôle d'accès:
authuser = REQUEST.AUTHENTICATED_USER
if not authuser.has_permission(ScoImplement, context):
if not authuser.has_permission(Permission.ScoImplement, context):
if not sem["resp_can_edit"] or str(authuser) not in sem["responsables"]:
raise AccessDenied("vous n'avez pas le droit d'effectuer cette opération")

View File

@ -95,6 +95,16 @@ from app.scodoc.sco_abs import ddmmyyyy
CSSSTYLES = html_sco_header.BOOTSTRAP_MULTISELECT_CSS
context = ScoDoc7Context(globals())
def sco_publish(route, function, permission):
"""Declare a route for a python function,
protected by permission and called following ScoDoc 7 Zope standards.
"""
bp.route(route)(permission_required(permission)(scodoc7func(context)(function)))
def _toboolean(x):
"convert a value to boolean (ensure backward compat with OLD intranet code)"
if type(x) == type(""):

View File

@ -67,68 +67,68 @@ from app.scodoc.sco_exceptions import (
ScoGenError,
AccessDenied,
)
from app.scodoc.sco_permissions import Permission, ScoImplement
from app.scodoc.TrivialFormulator import TrivialFormulator
import app.scodoc.htmlutils as htmlutils
import app.scodoc.sco_excel as sco_excel
from app.scodoc.gen_tables import GenTable
from app.scodoc import sco_cache as sco_cache
from app.scodoc import scolars as scolars
from app.scodoc import sco_news as sco_news
from app.scodoc.sco_news import NEWS_INSCR, NEWS_NOTE, NEWS_FORM, NEWS_SEM, NEWS_MISC
from app.scodoc import sco_formsemestre as sco_formsemestre
from app.scodoc import sco_formsemestre_edit as sco_formsemestre_edit
from app.scodoc import sco_formsemestre_status as sco_formsemestre_status
from app.scodoc import sco_formsemestre_inscriptions as sco_formsemestre_inscriptions
from app.scodoc import sco_formsemestre_custommenu as sco_formsemestre_custommenu
from app.scodoc import sco_moduleimpl as sco_moduleimpl
from app.scodoc import sco_moduleimpl_status as sco_moduleimpl_status
from app.scodoc import sco_moduleimpl_inscriptions as sco_moduleimpl_inscriptions
from app.scodoc import sco_evaluations as sco_evaluations
from app.scodoc import sco_groups as sco_groups
from app.scodoc import sco_edit_ue as sco_edit_ue
from app.scodoc import sco_edit_formation as sco_edit_formation
from app.scodoc import sco_edit_matiere as sco_edit_matiere
from app.scodoc import sco_edit_module as sco_edit_module
from app.scodoc import sco_tag_module as sco_tag_module
from app.scodoc import sco_bulletins as sco_bulletins
from app.scodoc import sco_bulletins_pdf as sco_bulletins_pdf
from app.scodoc import sco_compute_moy as sco_compute_moy
from app.scodoc import sco_recapcomplet as sco_recapcomplet
from app.scodoc import sco_liste_notes as sco_liste_notes
from app.scodoc import sco_saisie_notes as sco_saisie_notes
from app.scodoc import sco_placement as sco_placement
from app.scodoc import sco_undo_notes as sco_undo_notes
from app.scodoc import sco_formations as sco_formations
from app.scodoc import sco_report as sco_report
from app.scodoc import sco_lycee as sco_lycee
from app.scodoc import sco_poursuite_dut as sco_poursuite_dut
from app.scodoc import pe_view as pe_view
from app.scodoc import sco_debouche as sco_debouche
from app.scodoc import sco_ue_external as sco_ue_external
from app.scodoc import sco_cost_formation as sco_cost_formation
from app.scodoc import sco_formsemestre_validation as sco_formsemestre_validation
from app.scodoc import sco_parcours_dut as sco_parcours_dut
from app.scodoc import sco_codes_parcours as sco_codes_parcours
from app.scodoc import sco_pvjury as sco_pvjury
from app.scodoc import sco_pvpdf as sco_pvpdf
from app.scodoc import sco_prepajury as sco_prepajury
from app.scodoc import sco_inscr_passage as sco_inscr_passage
from app.scodoc import sco_synchro_etuds as sco_synchro_etuds
from app.scodoc import sco_archives as sco_archives
from app.scodoc import sco_apogee_csv as sco_apogee_csv
from app.scodoc import sco_etape_apogee_view as sco_etape_apogee_view
from app.scodoc import sco_apogee_compare as sco_apogee_compare
from app.scodoc import sco_semset as sco_semset
from app.scodoc import sco_export_results as sco_export_results
from app.scodoc import sco_formsemestre_exterieurs as sco_formsemestre_exterieurs
from app.scodoc.sco_pdf import PDFLOCK
from app.scodoc import notes_table as notes_table
from app.scodoc.notes_table import NOTES_CACHE_INST, CacheNotesTable
import app.scodoc.VERSION as VERSION
from app.scodoc.sco_news import NEWS_INSCR, NEWS_NOTE, NEWS_FORM, NEWS_SEM, NEWS_MISC
from app.scodoc.gen_tables import GenTable
from app.scodoc.sco_permissions import Permission, ScoImplement
from app.scodoc.TrivialFormulator import TrivialFormulator
from app.scodoc import htmlutils
from app.scodoc import sco_excel
from app.scodoc import sco_cache
from app.scodoc import scolars
from app.scodoc import sco_news
from app.scodoc import sco_formsemestre
from app.scodoc import sco_formsemestre_edit
from app.scodoc import sco_formsemestre_status
from app.scodoc import sco_formsemestre_inscriptions
from app.scodoc import sco_formsemestre_custommenu
from app.scodoc import sco_moduleimpl
from app.scodoc import sco_moduleimpl_status
from app.scodoc import sco_moduleimpl_inscriptions
from app.scodoc import sco_evaluations
from app.scodoc import sco_groups
from app.scodoc import sco_edit_ue
from app.scodoc import sco_edit_formation
from app.scodoc import sco_edit_matiere
from app.scodoc import sco_edit_module
from app.scodoc import sco_tag_module
from app.scodoc import sco_bulletins
from app.scodoc import sco_bulletins_pdf
from app.scodoc import sco_compute_moy
from app.scodoc import sco_recapcomplet
from app.scodoc import sco_liste_notes
from app.scodoc import sco_saisie_notes
from app.scodoc import sco_placement
from app.scodoc import sco_undo_notes
from app.scodoc import sco_formations
from app.scodoc import sco_report
from app.scodoc import sco_lycee
from app.scodoc import sco_poursuite_dut
from app.scodoc import pe_view
from app.scodoc import sco_debouche
from app.scodoc import sco_ue_external
from app.scodoc import sco_cost_formation
from app.scodoc import sco_formsemestre_validation
from app.scodoc import sco_parcours_dut
from app.scodoc import sco_codes_parcours
from app.scodoc import sco_pvjury
from app.scodoc import sco_pvpdf
from app.scodoc import sco_prepajury
from app.scodoc import sco_inscr_passage
from app.scodoc import sco_synchro_etuds
from app.scodoc import sco_archives
from app.scodoc import sco_apogee_csv
from app.scodoc import sco_etape_apogee_view
from app.scodoc import sco_apogee_compare
from app.scodoc import sco_semset
from app.scodoc import sco_export_results
from app.scodoc import sco_formsemestre_exterieurs
from app.scodoc import notes_table
context = ScoDoc7Context(globals())
def sco_publish(route, function, permission):
@ -405,7 +405,9 @@ sco_publish(
def index_html(context, REQUEST=None):
"Page accueil formations"
editable = REQUEST.AUTHENTICATED_USER.has_permission(ScoChangeFormation, context)
editable = REQUEST.AUTHENTICATED_USER.has_permission(
Permission.ScoChangeFormation, g.scodoc_dept
)
H = [
context.sco_header(REQUEST, page_title="Programmes formations"),
@ -435,21 +437,6 @@ def index_html(context, REQUEST=None):
# --------------------------------------------------------------------
# --- Formations
_formationEditor = ndb.EditableTable(
"notes_formations",
"formation_id",
(
"formation_id",
"acronyme",
"titre",
"titre_officiel",
"version",
"formation_code",
"type_parcours",
"code_specialite",
),
sortkey="acronyme",
)
@bp.route("/do_formation_create")
@ -470,7 +457,7 @@ def do_formation_create(context, args, REQUEST):
if args.has_key("formation_code") and not args["formation_code"]:
del args["formation_code"]
#
r = context._formationEditor.create(cnx, args)
r = _formationEditor.create(cnx, args)
sco_news.add(
context,
@ -497,7 +484,7 @@ def do_formation_delete(context, oid, REQUEST):
for ue in ues:
context._do_ue_delete(ue["ue_id"], REQUEST=REQUEST, force=True)
context._formationEditor.delete(cnx, oid)
_formationEditor.delete(cnx, oid)
# news
sco_news.add(
@ -523,7 +510,7 @@ def formation_list(context, format=None, REQUEST=None, formation_id=None, args={
else:
args = {"formation_id": formation_id}
cnx = context.GetDBConnexion()
r = context._formationEditor.list(cnx, args=args)
r = _formationEditor.list(cnx, args=args)
# log('%d formations found' % len(r))
return scu.sendResult(REQUEST, r, name="formation", format=format)
@ -2247,7 +2234,7 @@ def _evaluation_check_write_access(context, REQUEST, moduleimpl_id=None):
sem = sco_formsemestre.get_formsemestre(context, M["formsemestre_id"])
if (
(not authuser.has_permission(ScoEditAllEvals, context))
(not authuser.has_permission(Permission.ScoEditAllEvals, context))
and uid != M["responsable_id"]
and uid not in sem["responsables"]
):
@ -2834,7 +2821,7 @@ def appreciation_add_form(
sem = sco_formsemestre.get_formsemestre(context, formsemestre_id)
# check custom access permission
can_edit_app = (str(authuser) in sem["responsables"]) or (
authuser.has_permission(ScoEtudInscrit, context)
authuser.has_permission(Permission.ScoEtudInscrit, context)
)
if not can_edit_app:
raise AccessDenied("vous n'avez pas le droit d'ajouter une appreciation")
@ -2923,7 +2910,7 @@ def _can_edit_pv(context, REQUEST, formsemestre_id):
# Autorise les secrétariats, repérés via la permission ScoEtudChangeAdr
# (ceci nous évite d'ajouter une permission Zope aux installations existantes)
authuser = REQUEST.AUTHENTICATED_USER
return authuser.has_permission(ScoEtudChangeAdr, context)
return authuser.has_permission(Permission.ScoEtudChangeAdr, context)
# --- FORMULAIRE POUR VALIDATION DES UE ET SEMESTRES
@ -2939,7 +2926,7 @@ def _can_validate_sem(context, REQUEST, formsemestre_id):
def _is_chef_or_diretud(context, REQUEST, sem):
"Vrai si utilisateur est admin, chef dept ou responsable du semestre"
authuser = REQUEST.AUTHENTICATED_USER
if authuser.has_permission(ScoImplement, context):
if authuser.has_permission(Permission.ScoImplement, context):
return True # admin, chef dept
uid = str(authuser)
if uid in sem["responsables"]:

View File

@ -88,7 +88,6 @@ from app.scodoc.sco_permissions import (
ScoEditApo,
ScoSuperAdmin,
)
import app.scodoc.sco_permissions
from app.scodoc.sco_exceptions import (
AccessDenied,
ScoException,
@ -99,10 +98,9 @@ from app.scodoc.sco_exceptions import (
ScoInvalidDept,
)
from app.scodoc.TrivialFormulator import TrivialFormulator, tf_error_message
import app.scodoc.scolars
import app.scodoc.sco_codes_parcours
import app.scodoc.sco_preferences
import app.scodoc.sco_formations
from app.scodoc.sco_news import NEWS_INSCR, NEWS_NOTE, NEWS_FORM, NEWS_SEM, NEWS_MISC
from app.scodoc.VERSION import SCOVERSION, SCONEWS
from app.scodoc.scolars import (
format_nom,
format_prenom,
@ -111,40 +109,50 @@ from app.scodoc.scolars import (
format_lycee_from_code,
)
from app.scodoc.scolars import format_telephone, format_pays, make_etud_args
import app.scodoc.sco_find_etud
import app.scodoc.sco_photos
import app.scodoc.sco_formsemestre
import app.scodoc.sco_formsemestre_edit
import app.scodoc.sco_news
from app.scodoc.sco_news import NEWS_INSCR, NEWS_NOTE, NEWS_FORM, NEWS_SEM, NEWS_MISC
import app.scodoc.html_sco_header
import app.scodoc.html_sidebar
from app.scodoc.gen_tables import GenTable
import app.scodoc.sco_excel
import app.scodoc.imageresize
import app.scodoc.ImportScolars
import app.scodoc.sco_abs
import app.scodoc.sco_portal_apogee
import app.scodoc.sco_synchro_etuds
import app.scodoc.sco_page_etud
import app.scodoc.sco_groups
import app.scodoc.sco_trombino
import app.scodoc.sco_groups_view
import app.scodoc.sco_trombino_tours
import app.scodoc.sco_parcours_dut
import app.scodoc.sco_report
import app.scodoc.sco_archives_etud
import app.scodoc.sco_debouche
import app.scodoc.sco_groups_edit
import app.scodoc.sco_up_to_date
import app.scodoc.sco_edt_cal
import app.scodoc.sco_dept
import app.scodoc.sco_dump_db
from app.scodoc import scolars
from app.scodoc import sco_codes_parcours
from app.scodoc import sco_preferences
from app.scodoc import sco_formations
from app.scodoc import sco_permissions
from app.scodoc import sco_find_etud
from app.scodoc import sco_photos
from app.scodoc import sco_formsemestre
from app.scodoc import sco_formsemestre_edit
from app.scodoc import sco_news
from app.scodoc import html_sco_header
from app.scodoc import html_sidebar
from app.scodoc import sco_excel
from app.scodoc import imageresize
from app.scodoc import ImportScolars
from app.scodoc import sco_abs
from app.scodoc import sco_portal_apogee
from app.scodoc import sco_synchro_etuds
from app.scodoc import sco_page_etud
from app.scodoc import sco_groups
from app.scodoc import sco_trombino
from app.scodoc import sco_groups_view
from app.scodoc import sco_trombino_tours
from app.scodoc import sco_parcours_dut
from app.scodoc import sco_report
from app.scodoc import sco_archives_etud
from app.scodoc import sco_debouche
from app.scodoc import sco_groups_edit
from app.scodoc import sco_up_to_date
from app.scodoc import sco_edt_cal
from app.scodoc import sco_dept
from app.scodoc import sco_dump_db
from app.scodoc.VERSION import SCOVERSION, SCONEWS
context = ScoDoc7Context(globals())
def sco_publish(route, function, permission):
"""Declare a route for a python function,
protected by permission and called following ScoDoc 7 Zope standards.
"""
bp.route(route)(permission_required(permission)(scodoc7func(context)(function)))
log.set_log_directory(Config.INSTANCE_HOME + "/log")
@ -221,7 +229,7 @@ def formsemestre_edit_preferences(context, formsemestre_id, REQUEST):
authuser = REQUEST.AUTHENTICATED_USER
sem = sco_formsemestre.get_formsemestre(context.Notes, formsemestre_id)
ok = (
authuser.has_permission(ScoImplement, context)
authuser.has_permission(Permission.ScoImplement, context)
or ((str(authuser) in sem["responsables"]) and sem["resp_can_edit"])
) and (sem["etat"] == "1")
if ok:
@ -361,7 +369,8 @@ sco_publish(
# XMLgetEtudInfos était le nom dans l'ancienne API ScoDoc 6
@bp.route("/etud_info", "/XMLgetEtudInfos")
@bp.route("/etud_info")
@bp.route("/XMLgetEtudInfos")
@permission_required(Permission.ScoView)
@scodoc7func(context)
def etud_info(context, etudid=None, format="xml", REQUEST=None):
@ -494,7 +503,7 @@ sco_publish(
# vrai si l'utilisateur peut modifier les informations de suivi sur la page etud"
def can_edit_suivi(context, REQUEST=None):
authuser = REQUEST.AUTHENTICATED_USER
return authuser.has_permission(ScoEtudChangeAdr, context)
return authuser.has_permission(Permission.ScoEtudChangeAdr, context)
sco_publish(
@ -561,8 +570,8 @@ def canSuppressAnnotation(context, annotation_id, REQUEST):
# c'est pourquoi on teste aussi ScoEtudInscrit (normalement détenue par le chef)
return (
(str(authuser) == anno["zope_authenticated_user"])
or authuser.has_permission(ScoEtudSupprAnnotations, context)
or authuser.has_permission(ScoEtudInscrit, context)
or authuser.has_permission(Permission.ScoEtudSupprAnnotations, context)
or authuser.has_permission(Permission.ScoEtudInscrit, context)
)
@ -1861,7 +1870,7 @@ def form_students_import_infos_admissions(context, REQUEST, formsemestre_id=None
"formulaire import xls"
authuser = REQUEST.AUTHENTICATED_USER
F = context.sco_footer(REQUEST)
if not authuser.has_permission(ScoEtudInscrit, context):
if not authuser.has_permission(Permission.ScoEtudInscrit, context):
# autorise juste l'export
H = [
context.sco_header(

View File

@ -16,21 +16,21 @@ Pour chaque module dans views et dans scodoc:
from __future__ import print_function
import re
from pprint import pprint as pp
import os
import sys
import types
import tempfile
import shutil
import click
import flask
import app
from app import create_app, cli, db
from app.auth.models import User, Role, UserRole
# import flask
from config import Config
# import app
# from app import create_app, cli, db
# from app.auth.models import User, Role, UserRole
from app.views import notes
# from app.views import notes
TYPES_TO_SCAN = {
types.FunctionType,
@ -61,6 +61,8 @@ def scan_views_symbols():
"""Scan modules in app.views and returns
{ }
"""
import app
views_modules = [
getattr(app.views, mod_name)
for mod_name in dir(app.views)
@ -102,6 +104,63 @@ def replace_context_calls(sourcefilename, sym2mod):
return source2, undefined_list
sym2mod = scan_views_symbols()
# sym2mod = scan_views_symbols()
source2, undefined_list = replace_context_calls("app/scodoc/sco_core.py", sym2mod)
# source2, undefined_list = replace_context_calls("app/scodoc/sco_core.py", sym2mod)
def list_context_calls(sourcefilename):
"""List of methods called on context in this file"""
source = open(sourcefilename).read()
exp = re.compile(r"context\.([a-zA-Z0-9_]+)")
return sorted(set(exp.findall(source)))
@click.group()
def cli():
pass
@cli.command()
@click.argument("src_filenames", nargs=-1)
def showcontextcalls(src_filenames):
click.echo("Initialized the database")
S = {}
for sourcefilename in src_filenames:
l = list_context_calls(sourcefilename)
module_name = os.path.splitext(os.path.split(sourcefilename)[1])[0]
for m in l:
if m in S:
S[m].append(module_name)
else:
S[m] = [module_name]
#
for method in sorted(S.keys()):
print(method + ":\t" + ", ".join(S[method]))
@cli.command()
@click.argument("method", nargs=1)
@click.argument("module", nargs=1)
@click.argument("src_filenames", nargs=-1)
def refactor(method, module, src_filenames):
"""Replace call context.method
by module.method
in all given source filenames
"""
backup = tempfile.mkdtemp(dir="/tmp")
for sourcefilename in src_filenames:
print("reading %s" % sourcefilename)
source = open(sourcefilename).read()
source2 = source.replace("context." + method, module + "." + method)
shutil.move(sourcefilename, backup)
open(sourcefilename, "w").write(source2)
print("Done.\noriginal files saved in %s\n" % backup)
if __name__ == "__main__":
try:
cli(obj={})
except SystemExit as e:
if e.code != 0:
raise