forked from ScoDoc/DocScoDoc
fixes: lien params seulement pour admin, type passage étudiants, log sources ips
This commit is contained in:
parent
96f457260f
commit
8a16216d4b
@ -2,6 +2,7 @@
|
|||||||
# pylint: disable=invalid-name
|
# pylint: disable=invalid-name
|
||||||
|
|
||||||
import os
|
import os
|
||||||
|
import re
|
||||||
import socket
|
import socket
|
||||||
import sys
|
import sys
|
||||||
import time
|
import time
|
||||||
@ -103,7 +104,9 @@ class LogExceptionFormatter(logging.Formatter):
|
|||||||
def format(self, record):
|
def format(self, record):
|
||||||
if has_request_context():
|
if has_request_context():
|
||||||
record.url = request.url
|
record.url = request.url
|
||||||
record.remote_addr = request.remote_addr
|
record.remote_addr = request.environ.get(
|
||||||
|
"HTTP_X_FORWARDED_FOR", request.remote_addr
|
||||||
|
)
|
||||||
record.http_referrer = request.referrer
|
record.http_referrer = request.referrer
|
||||||
record.http_method = request.method
|
record.http_method = request.method
|
||||||
if request.method == "GET":
|
if request.method == "GET":
|
||||||
|
@ -149,7 +149,7 @@ def list_inscrits_date(sem):
|
|||||||
"""SELECT ins.etudid
|
"""SELECT ins.etudid
|
||||||
FROM
|
FROM
|
||||||
notes_formsemestre_inscription ins,
|
notes_formsemestre_inscription ins,
|
||||||
notes_formsemestre S,
|
notes_formsemestre S
|
||||||
WHERE ins.formsemestre_id = S.id
|
WHERE ins.formsemestre_id = S.id
|
||||||
AND S.id != %(formsemestre_id)s
|
AND S.id != %(formsemestre_id)s
|
||||||
AND S.date_debut <= %(date_debut_iso)s
|
AND S.date_debut <= %(date_debut_iso)s
|
||||||
|
@ -112,6 +112,7 @@ get_base_preferences(formsemestre_id)
|
|||||||
"""
|
"""
|
||||||
import flask
|
import flask
|
||||||
from flask import g, url_for
|
from flask import g, url_for
|
||||||
|
from flask_login import current_user
|
||||||
|
|
||||||
from app.models import Departement
|
from app.models import Departement
|
||||||
from app.scodoc import sco_cache
|
from app.scodoc import sco_cache
|
||||||
@ -2022,7 +2023,9 @@ class BasePreferences(object):
|
|||||||
html_sco_header.sco_header(page_title="Préférences"),
|
html_sco_header.sco_header(page_title="Préférences"),
|
||||||
"<h2>Préférences globales pour %s</h2>" % scu.ScoURL(),
|
"<h2>Préférences globales pour %s</h2>" % scu.ScoURL(),
|
||||||
f"""<p><a href="{url_for("scolar.config_logos", scodoc_dept=g.scodoc_dept)
|
f"""<p><a href="{url_for("scolar.config_logos", scodoc_dept=g.scodoc_dept)
|
||||||
}">modification des logos du département (pour documents pdf)</a></p>""",
|
}">modification des logos du département (pour documents pdf)</a></p>"""
|
||||||
|
if current_user.is_administrator()
|
||||||
|
else "",
|
||||||
"""<p class="help">Ces paramètres s'appliquent par défaut à tous les semestres, sauf si ceux-ci définissent des valeurs spécifiques.</p>
|
"""<p class="help">Ces paramètres s'appliquent par défaut à tous les semestres, sauf si ceux-ci définissent des valeurs spécifiques.</p>
|
||||||
<p class="msg">Attention: cliquez sur "Enregistrer les modifications" en bas de page pour appliquer vos changements !</p>
|
<p class="msg">Attention: cliquez sur "Enregistrer les modifications" en bas de page pour appliquer vos changements !</p>
|
||||||
""",
|
""",
|
||||||
@ -2253,7 +2256,7 @@ function set_global_pref(el, pref_name) {
|
|||||||
|
|
||||||
#
|
#
|
||||||
def doc_preferences():
|
def doc_preferences():
|
||||||
""" Liste les preferences en MarkDown, pour la documentation"""
|
"""Liste les preferences en MarkDown, pour la documentation"""
|
||||||
L = []
|
L = []
|
||||||
for cat, cat_descr in PREF_CATEGORIES:
|
for cat, cat_descr in PREF_CATEGORIES:
|
||||||
L.append([""])
|
L.append([""])
|
||||||
|
@ -494,9 +494,10 @@ def _notes_add(user, evaluation_id: int, notes: list, comment=None, do_it=True):
|
|||||||
}
|
}
|
||||||
ndb.quote_dict(aa)
|
ndb.quote_dict(aa)
|
||||||
cursor.execute(
|
cursor.execute(
|
||||||
"""INSERT INTO notes_notes
|
"""INSERT INTO notes_notes
|
||||||
(etudid,evaluation_id,value,comment,date,uid)
|
(etudid, evaluation_id, value, comment, date, uid)
|
||||||
VALUES (%(etudid)s,%(evaluation_id)s,%(value)s,%(comment)s,%(date)s,%(uid)s)""",
|
VALUES (%(etudid)s,%(evaluation_id)s,%(value)s,%(comment)s,%(date)s,%(uid)s)
|
||||||
|
""",
|
||||||
aa,
|
aa,
|
||||||
)
|
)
|
||||||
changed = True
|
changed = True
|
||||||
@ -515,10 +516,10 @@ def _notes_add(user, evaluation_id: int, notes: list, comment=None, do_it=True):
|
|||||||
# recopie l'ancienne note dans notes_notes_log, puis update
|
# recopie l'ancienne note dans notes_notes_log, puis update
|
||||||
if do_it:
|
if do_it:
|
||||||
cursor.execute(
|
cursor.execute(
|
||||||
"""INSERT INTO notes_notes_log
|
"""INSERT INTO notes_notes_log
|
||||||
(etudid,evaluation_id,value,comment,date,uid)
|
(etudid,evaluation_id,value,comment,date,uid)
|
||||||
SELECT etudid, evaluation_id, value, comment, date, uid
|
SELECT etudid, evaluation_id, value, comment, date, uid
|
||||||
FROM notes_notes
|
FROM notes_notes
|
||||||
WHERE etudid=%(etudid)s
|
WHERE etudid=%(etudid)s
|
||||||
and evaluation_id=%(evaluation_id)s
|
and evaluation_id=%(evaluation_id)s
|
||||||
""",
|
""",
|
||||||
@ -536,8 +537,8 @@ def _notes_add(user, evaluation_id: int, notes: list, comment=None, do_it=True):
|
|||||||
if value != scu.NOTES_SUPPRESS:
|
if value != scu.NOTES_SUPPRESS:
|
||||||
if do_it:
|
if do_it:
|
||||||
cursor.execute(
|
cursor.execute(
|
||||||
"""UPDATE notes_notes
|
"""UPDATE notes_notes
|
||||||
SET value=%(value)s, comment=%(comment)s, date=%(date)s, uid=%(uid)s
|
SET value=%(value)s, comment=%(comment)s, date=%(date)s, uid=%(uid)s
|
||||||
WHERE etudid = %(etudid)s
|
WHERE etudid = %(etudid)s
|
||||||
and evaluation_id = %(evaluation_id)s
|
and evaluation_id = %(evaluation_id)s
|
||||||
""",
|
""",
|
||||||
@ -550,7 +551,7 @@ def _notes_add(user, evaluation_id: int, notes: list, comment=None, do_it=True):
|
|||||||
% (evaluation_id, etudid, oldval)
|
% (evaluation_id, etudid, oldval)
|
||||||
)
|
)
|
||||||
cursor.execute(
|
cursor.execute(
|
||||||
"""DELETE FROM notes_notes
|
"""DELETE FROM notes_notes
|
||||||
WHERE etudid = %(etudid)s
|
WHERE etudid = %(etudid)s
|
||||||
AND evaluation_id = %(evaluation_id)s
|
AND evaluation_id = %(evaluation_id)s
|
||||||
""",
|
""",
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
# -*- mode: python -*-
|
# -*- mode: python -*-
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
SCOVERSION = "9.0.24"
|
SCOVERSION = "9.0.25"
|
||||||
|
|
||||||
SCONAME = "ScoDoc"
|
SCONAME = "ScoDoc"
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user