API etudiants: qq routes departementales manquantes

This commit is contained in:
Emmanuel Viennet 2023-12-08 13:37:43 +01:00
parent a70e6236d4
commit 1c59cfdd93

View File

@ -25,7 +25,6 @@ from app.but import bulletin_but_court
from app.decorators import scodoc, permission_required
from app.models import (
Admission,
Adresse,
Departement,
FormSemestreInscription,
FormSemestre,
@ -422,9 +421,9 @@ def bulletin(
)
@bp.route(
"/etudiant/etudid/<int:etudid>/formsemestre/<int:formsemestre_id>/groups",
methods=["GET"],
@bp.route("/etudiant/etudid/<int:etudid>/formsemestre/<int:formsemestre_id>/groups")
@api_web_bp.route(
"/etudiant/etudid/<int:etudid>/formsemestre/<int:formsemestre_id>/groups"
)
@scodoc
@permission_required(Permission.ScoView)
@ -462,7 +461,6 @@ def etudiant_groups(formsemestre_id: int, etudid: int = None):
}
]
"""
query = FormSemestre.query.filter_by(id=formsemestre_id)
if g.scodoc_dept:
query = query.filter_by(dept_id=g.scodoc_dept_id)
@ -483,6 +481,8 @@ def etudiant_groups(formsemestre_id: int, etudid: int = None):
@bp.route("/etudiant/create", methods=["POST"], defaults={"force": False})
@bp.route("/etudiant/create/force", methods=["POST"], defaults={"force": True})
@api_web_bp.route("/etudiant/create", methods=["POST"], defaults={"force": False})
@api_web_bp.route("/etudiant/create/force", methods=["POST"], defaults={"force": True})
@scodoc
@permission_required(Permission.EtudInscrit)
@as_json
@ -499,7 +499,10 @@ def etudiant_create(force=False):
dept_o = Departement.query.filter_by(acronym=dept).first()
if not dept_o:
return scu.json_error(400, "dept invalide")
app.set_sco_dept(dept)
if g.scodoc_dept and g.scodoc_dept_id != dept_o.id:
return scu.json_error(400, "dept invalide (route departementale)")
else:
app.set_sco_dept(dept)
args["dept_id"] = dept_o.id
# vérifie que le département de création est bien autorisé
if not current_user.has_permission(Permission.EtudInscrit, dept):
@ -545,6 +548,7 @@ def etudiant_create(force=False):
@bp.route("/etudiant/<string:code_type>/<string:code>/edit", methods=["POST"])
@api_web_bp.route("/etudiant/<string:code_type>/<string:code>/edit", methods=["POST"])
@scodoc
@permission_required(Permission.EtudInscrit)
def etudiant_edit(