forked from ScoDoc/ScoDoc
Modification authentification ScoDoc7 API POST
This commit is contained in:
parent
c29199eff4
commit
0da60384a1
@ -52,7 +52,10 @@ def scodoc(func):
|
||||
def scodoc_function(*args, **kwargs):
|
||||
# interdit les POST si pas loggué
|
||||
if request.method == "POST" and not current_user.is_authenticated:
|
||||
current_app.logger.info("POST by non authenticated user")
|
||||
current_app.logger.info(
|
||||
"POST by non authenticated user (request.form=%s)",
|
||||
str(request.form)[:2048],
|
||||
)
|
||||
return redirect(
|
||||
url_for(
|
||||
"auth.login",
|
||||
|
@ -1047,8 +1047,8 @@ def EtatAbsencesDate(group_ids=[], date=None): # list of groups to display
|
||||
|
||||
# ----- Gestion des "billets d'absence": signalement par les etudiants eux mêmes (à travers le portail)
|
||||
@bp.route("/AddBilletAbsence", methods=["GET", "POST"]) # API ScoDoc 7 compat
|
||||
@scodoc
|
||||
@permission_required_compat_scodoc7(Permission.ScoAbsAddBillet)
|
||||
@scodoc
|
||||
@scodoc7func
|
||||
def AddBilletAbsence(
|
||||
begin,
|
||||
@ -1105,7 +1105,7 @@ def AddBilletAbsence(
|
||||
return billet_id
|
||||
|
||||
|
||||
@bp.route("/AddBilletAbsenceForm")
|
||||
@bp.route("/AddBilletAbsenceForm", methods=["GET", "POST"])
|
||||
@scodoc
|
||||
@permission_required(Permission.ScoAbsAddBillet)
|
||||
@scodoc7func
|
||||
@ -1238,8 +1238,8 @@ def listeBilletsEtud(etudid=False, format="html"):
|
||||
@bp.route(
|
||||
"/XMLgetBilletsEtud", methods=["GET", "POST"]
|
||||
) # pour compat anciens clients PHP
|
||||
@scodoc
|
||||
@permission_required_compat_scodoc7(Permission.ScoView)
|
||||
@scodoc
|
||||
@scodoc7func
|
||||
def XMLgetBilletsEtud(etudid=False):
|
||||
"""Liste billets pour un etudiant"""
|
||||
@ -1464,8 +1464,8 @@ def ProcessBilletAbsenceForm(billet_id):
|
||||
|
||||
|
||||
# @bp.route("/essai_api7")
|
||||
# @scodoc
|
||||
# @permission_required_compat_scodoc7(Permission.ScoView)
|
||||
# @scodoc
|
||||
# @scodoc7func
|
||||
# def essai_api7(x="xxx"):
|
||||
# "un essai"
|
||||
@ -1474,8 +1474,8 @@ def ProcessBilletAbsenceForm(billet_id):
|
||||
|
||||
|
||||
@bp.route("/XMLgetAbsEtud", methods=["GET", "POST"]) # pour compat anciens clients PHP
|
||||
@scodoc
|
||||
@permission_required_compat_scodoc7(Permission.ScoView)
|
||||
@scodoc
|
||||
@scodoc7func
|
||||
def XMLgetAbsEtud(beg_date="", end_date=""):
|
||||
"""returns list of absences in date interval"""
|
||||
|
@ -266,8 +266,8 @@ sco_publish(
|
||||
@bp.route(
|
||||
"formsemestre_bulletinetud", methods=["GET", "POST"]
|
||||
) # POST pour compat anciens clients PHP (deprecated)
|
||||
@scodoc
|
||||
@permission_required_compat_scodoc7(Permission.ScoView)
|
||||
@scodoc
|
||||
@scodoc7func
|
||||
def formsemestre_bulletinetud(
|
||||
etudid=None,
|
||||
@ -642,8 +642,8 @@ sco_publish("/ue_move", sco_edit_formation.ue_move, Permission.ScoChangeFormatio
|
||||
@bp.route(
|
||||
"/formsemestre_list", methods=["GET", "POST"]
|
||||
) # pour compat anciens clients PHP
|
||||
@scodoc
|
||||
@permission_required_compat_scodoc7(Permission.ScoView)
|
||||
@scodoc
|
||||
@scodoc7func
|
||||
def formsemestre_list(
|
||||
format="json",
|
||||
@ -669,8 +669,8 @@ def formsemestre_list(
|
||||
@bp.route(
|
||||
"/XMLgetFormsemestres", methods=["GET", "POST"]
|
||||
) # pour compat anciens clients PHP
|
||||
@scodoc
|
||||
@permission_required_compat_scodoc7(Permission.ScoView)
|
||||
@scodoc
|
||||
@scodoc7func
|
||||
def XMLgetFormsemestres(etape_apo=None, formsemestre_id=None):
|
||||
"""List all formsemestres matching etape, XML format
|
||||
|
@ -358,8 +358,8 @@ def search_etud_by_name():
|
||||
@bp.route(
|
||||
"/Notes/XMLgetEtudInfos", methods=["GET", "POST"]
|
||||
) # pour compat anciens clients PHP
|
||||
@scodoc
|
||||
@permission_required_compat_scodoc7(Permission.ScoView)
|
||||
@scodoc
|
||||
@scodoc7func
|
||||
def etud_info(etudid=None, format="xml"):
|
||||
"Donne les informations sur un etudiant"
|
||||
|
Loading…
Reference in New Issue
Block a user