From 8a16216d4bc7f34d63afed1dd7fc123e91fdba1a Mon Sep 17 00:00:00 2001 From: Emmanuel Viennet Date: Wed, 15 Sep 2021 15:19:08 +0200 Subject: [PATCH] =?UTF-8?q?fixes:=20lien=20params=20seulement=20pour=20adm?= =?UTF-8?q?in,=20type=20passage=20=C3=A9tudiants,=20log=20sources=20ips?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/__init__.py | 5 ++++- app/scodoc/sco_inscr_passage.py | 2 +- app/scodoc/sco_preferences.py | 7 +++++-- app/scodoc/sco_saisie_notes.py | 17 +++++++++-------- sco_version.py | 2 +- 5 files changed, 20 insertions(+), 13 deletions(-) diff --git a/app/__init__.py b/app/__init__.py index 327976b43..83b6c9087 100644 --- a/app/__init__.py +++ b/app/__init__.py @@ -2,6 +2,7 @@ # pylint: disable=invalid-name import os +import re import socket import sys import time @@ -103,7 +104,9 @@ class LogExceptionFormatter(logging.Formatter): def format(self, record): if has_request_context(): record.url = request.url - record.remote_addr = request.remote_addr + record.remote_addr = request.environ.get( + "HTTP_X_FORWARDED_FOR", request.remote_addr + ) record.http_referrer = request.referrer record.http_method = request.method if request.method == "GET": diff --git a/app/scodoc/sco_inscr_passage.py b/app/scodoc/sco_inscr_passage.py index 1635dec77..04cd2dcd6 100644 --- a/app/scodoc/sco_inscr_passage.py +++ b/app/scodoc/sco_inscr_passage.py @@ -149,7 +149,7 @@ def list_inscrits_date(sem): """SELECT ins.etudid FROM notes_formsemestre_inscription ins, - notes_formsemestre S, + notes_formsemestre S WHERE ins.formsemestre_id = S.id AND S.id != %(formsemestre_id)s AND S.date_debut <= %(date_debut_iso)s diff --git a/app/scodoc/sco_preferences.py b/app/scodoc/sco_preferences.py index 26ff4ec2d..ccdc6764d 100644 --- a/app/scodoc/sco_preferences.py +++ b/app/scodoc/sco_preferences.py @@ -112,6 +112,7 @@ get_base_preferences(formsemestre_id) """ import flask from flask import g, url_for +from flask_login import current_user from app.models import Departement from app.scodoc import sco_cache @@ -2022,7 +2023,9 @@ class BasePreferences(object): html_sco_header.sco_header(page_title="Préférences"), "

Préférences globales pour %s

" % scu.ScoURL(), f"""

modification des logos du département (pour documents pdf)

""", + }">modification des logos du département (pour documents pdf)

""" + if current_user.is_administrator() + else "", """

Ces paramètres s'appliquent par défaut à tous les semestres, sauf si ceux-ci définissent des valeurs spécifiques.

Attention: cliquez sur "Enregistrer les modifications" en bas de page pour appliquer vos changements !

""", @@ -2253,7 +2256,7 @@ function set_global_pref(el, pref_name) { # def doc_preferences(): - """ Liste les preferences en MarkDown, pour la documentation""" + """Liste les preferences en MarkDown, pour la documentation""" L = [] for cat, cat_descr in PREF_CATEGORIES: L.append([""]) diff --git a/app/scodoc/sco_saisie_notes.py b/app/scodoc/sco_saisie_notes.py index faba5e2c6..bca5722ba 100644 --- a/app/scodoc/sco_saisie_notes.py +++ b/app/scodoc/sco_saisie_notes.py @@ -494,9 +494,10 @@ def _notes_add(user, evaluation_id: int, notes: list, comment=None, do_it=True): } ndb.quote_dict(aa) cursor.execute( - """INSERT INTO notes_notes - (etudid,evaluation_id,value,comment,date,uid) - VALUES (%(etudid)s,%(evaluation_id)s,%(value)s,%(comment)s,%(date)s,%(uid)s)""", + """INSERT INTO notes_notes + (etudid, evaluation_id, value, comment, date, uid) + VALUES (%(etudid)s,%(evaluation_id)s,%(value)s,%(comment)s,%(date)s,%(uid)s) + """, aa, ) changed = True @@ -515,10 +516,10 @@ def _notes_add(user, evaluation_id: int, notes: list, comment=None, do_it=True): # recopie l'ancienne note dans notes_notes_log, puis update if do_it: cursor.execute( - """INSERT INTO notes_notes_log + """INSERT INTO notes_notes_log (etudid,evaluation_id,value,comment,date,uid) SELECT etudid, evaluation_id, value, comment, date, uid - FROM notes_notes + FROM notes_notes WHERE etudid=%(etudid)s and evaluation_id=%(evaluation_id)s """, @@ -536,8 +537,8 @@ def _notes_add(user, evaluation_id: int, notes: list, comment=None, do_it=True): if value != scu.NOTES_SUPPRESS: if do_it: cursor.execute( - """UPDATE notes_notes - SET value=%(value)s, comment=%(comment)s, date=%(date)s, uid=%(uid)s + """UPDATE notes_notes + SET value=%(value)s, comment=%(comment)s, date=%(date)s, uid=%(uid)s WHERE etudid = %(etudid)s and evaluation_id = %(evaluation_id)s """, @@ -550,7 +551,7 @@ def _notes_add(user, evaluation_id: int, notes: list, comment=None, do_it=True): % (evaluation_id, etudid, oldval) ) cursor.execute( - """DELETE FROM notes_notes + """DELETE FROM notes_notes WHERE etudid = %(etudid)s AND evaluation_id = %(evaluation_id)s """, diff --git a/sco_version.py b/sco_version.py index 51a6dea7e..a509e44c6 100644 --- a/sco_version.py +++ b/sco_version.py @@ -1,7 +1,7 @@ # -*- mode: python -*- # -*- coding: utf-8 -*- -SCOVERSION = "9.0.24" +SCOVERSION = "9.0.25" SCONAME = "ScoDoc"