Elimine les attributs de ZREQUEST, sauf forms.

This commit is contained in:
Emmanuel Viennet 2021-09-18 13:42:19 +02:00
parent 987800c30e
commit 7daa49f2aa
25 changed files with 127 additions and 175 deletions

View File

@ -55,8 +55,8 @@ class ZRequest(object):
# query_string is bytes: # query_string is bytes:
# self.QUERY_STRING = request.query_string.decode("utf-8") # self.QUERY_STRING = request.query_string.decode("utf-8")
# self.REQUEST_METHOD = request.method # self.REQUEST_METHOD = request.method
self.AUTHENTICATED_USER = current_user # self.AUTHENTICATED_USER = current_user
self.REMOTE_ADDR = request.remote_addr # self.REMOTE_ADDR = request.remote_addr
if request.method == "POST": if request.method == "POST":
# request.form is a werkzeug.datastructures.ImmutableMultiDict # request.form is a werkzeug.datastructures.ImmutableMultiDict
# must copy to get a mutable version (needed by TrivialFormulator) # must copy to get a mutable version (needed by TrivialFormulator)

View File

@ -57,6 +57,7 @@ import time
import flask import flask
from flask import g, request from flask import g, request
from flask_login import current_user
import app.scodoc.sco_utils as scu import app.scodoc.sco_utils as scu
from config import Config from config import Config
@ -382,9 +383,7 @@ def formsemestre_archive(REQUEST, formsemestre_id, group_ids=[]):
(all students or only selected groups) (all students or only selected groups)
""" """
if not sco_permissions_check.can_edit_pv(formsemestre_id): if not sco_permissions_check.can_edit_pv(formsemestre_id):
raise AccessDenied( raise AccessDenied("opération non autorisée pour %s" % str(current_user))
"opération non autorisée pour %s" % str(REQUEST.AUTHENTICATED_USER)
)
sem = sco_formsemestre.get_formsemestre(formsemestre_id) sem = sco_formsemestre.get_formsemestre(formsemestre_id)
if not group_ids: if not group_ids:
@ -559,9 +558,7 @@ def formsemestre_delete_archive(
): ):
"""Delete an archive""" """Delete an archive"""
if not sco_permissions_check.can_edit_pv(formsemestre_id): if not sco_permissions_check.can_edit_pv(formsemestre_id):
raise AccessDenied( raise AccessDenied("opération non autorisée pour %s" % str(current_user))
"opération non autorisée pour %s" % str(REQUEST.AUTHENTICATED_USER)
)
sem = sco_formsemestre.get_formsemestre(formsemestre_id) sem = sco_formsemestre.get_formsemestre(formsemestre_id)
sem_archive_id = formsemestre_id sem_archive_id = formsemestre_id
archive_id = PVArchive.get_id_from_name(sem_archive_id, archive_name) archive_id = PVArchive.get_id_from_name(sem_archive_id, archive_name)

View File

@ -31,6 +31,7 @@
""" """
import flask import flask
from flask import url_for, g, request from flask import url_for, g, request
from flask_login import current_user
import app.scodoc.sco_utils as scu import app.scodoc.sco_utils as scu
from app.scodoc import sco_import_etuds from app.scodoc import sco_import_etuds
@ -60,7 +61,7 @@ def can_edit_etud_archive(authuser):
def etud_list_archives_html(REQUEST, etudid): def etud_list_archives_html(REQUEST, etudid):
"""HTML snippet listing archives""" """HTML snippet listing archives"""
can_edit = can_edit_etud_archive(REQUEST.AUTHENTICATED_USER) can_edit = can_edit_etud_archive(current_user)
etuds = sco_etud.get_etud_info(etudid=etudid) etuds = sco_etud.get_etud_info(etudid=etudid)
if not etuds: if not etuds:
raise ScoValueError("étudiant inexistant") raise ScoValueError("étudiant inexistant")
@ -133,10 +134,8 @@ def add_archives_info_to_etud_list(etuds):
def etud_upload_file_form(REQUEST, etudid): def etud_upload_file_form(REQUEST, etudid):
"""Page with a form to choose and upload a file, with a description.""" """Page with a form to choose and upload a file, with a description."""
# check permission # check permission
if not can_edit_etud_archive(REQUEST.AUTHENTICATED_USER): if not can_edit_etud_archive(current_user):
raise AccessDenied( raise AccessDenied("opération non autorisée pour %s" % current_user)
"opération non autorisée pour %s" % REQUEST.AUTHENTICATED_USER
)
etuds = sco_etud.get_etud_info(filled=True) etuds = sco_etud.get_etud_info(filled=True)
if not etuds: if not etuds:
raise ScoValueError("étudiant inexistant") raise ScoValueError("étudiant inexistant")
@ -202,10 +201,8 @@ def _store_etud_file_to_new_archive(etud_archive_id, data, filename, description
def etud_delete_archive(REQUEST, etudid, archive_name, dialog_confirmed=False): def etud_delete_archive(REQUEST, etudid, archive_name, dialog_confirmed=False):
"""Delete an archive""" """Delete an archive"""
# check permission # check permission
if not can_edit_etud_archive(REQUEST.AUTHENTICATED_USER): if not can_edit_etud_archive(current_user):
raise AccessDenied( raise AccessDenied("opération non autorisée pour %s" % str(current_user))
"opération non autorisée pour %s" % str(REQUEST.AUTHENTICATED_USER)
)
etuds = sco_etud.get_etud_info(filled=True) etuds = sco_etud.get_etud_info(filled=True)
if not etuds: if not etuds:
raise ScoValueError("étudiant inexistant") raise ScoValueError("étudiant inexistant")

View File

@ -48,7 +48,7 @@ import app.scodoc.sco_utils as scu
import app.scodoc.notesdb as ndb import app.scodoc.notesdb as ndb
from app import log from app import log
from app.scodoc.sco_permissions import Permission from app.scodoc.sco_permissions import Permission
from app.scodoc.sco_exceptions import AccessDenied from app.scodoc.sco_exceptions import AccessDenied, ScoValueError
from app.scodoc import html_sco_header from app.scodoc import html_sco_header
from app.scodoc import htmlutils from app.scodoc import htmlutils
from app.scodoc import sco_abs from app.scodoc import sco_abs
@ -121,9 +121,7 @@ def make_context_dict(sem, etud):
return C return C
def formsemestre_bulletinetud_dict( def formsemestre_bulletinetud_dict(formsemestre_id, etudid, version="long"):
formsemestre_id, etudid, version="long", REQUEST=None
):
"""Collecte informations pour bulletin de notes """Collecte informations pour bulletin de notes
Retourne un dictionnaire (avec valeur par défaut chaine vide). Retourne un dictionnaire (avec valeur par défaut chaine vide).
Le contenu du dictionnaire dépend des options (rangs, ...) Le contenu du dictionnaire dépend des options (rangs, ...)
@ -143,10 +141,7 @@ def formsemestre_bulletinetud_dict(
I["etudid"] = etudid I["etudid"] = etudid
I["formsemestre_id"] = formsemestre_id I["formsemestre_id"] = formsemestre_id
I["sem"] = nt.sem I["sem"] = nt.sem
if REQUEST: I["server_name"] = request.url_root
I["server_name"] = request.url_root
else:
I["server_name"] = ""
# Formation et parcours # Formation et parcours
I["formation"] = sco_formations.formation_list( I["formation"] = sco_formations.formation_list(
@ -778,7 +773,10 @@ def formsemestre_bulletinetud(
etud = sco_etud.get_etud_info(filled=True)[0] etud = sco_etud.get_etud_info(filled=True)[0]
etudid = etud["etudid"] etudid = etud["etudid"]
except: except:
return scu.log_unknown_etud(REQUEST, format=format) sco_etud.log_unknown_etud()
raise ScoValueError("étudiant inconnu")
sem = sco_formsemestre.get_formsemestre(formsemestre_id)
bulletin = do_formsemestre_bulletinetud( bulletin = do_formsemestre_bulletinetud(
formsemestre_id, formsemestre_id,
@ -791,7 +789,8 @@ def formsemestre_bulletinetud(
REQUEST=REQUEST, REQUEST=REQUEST,
)[0] )[0]
if format not in {"html", "pdfmail"}: if format not in {"html", "pdfmail"}:
return bulletin filename = scu.bul_filename(sem, etud, format)
return scu.send_file(bulletin, filename, mime=scu.get_mime_suffix(format))
sem = sco_formsemestre.get_formsemestre(formsemestre_id) sem = sco_formsemestre.get_formsemestre(formsemestre_id)
H = [ H = [
@ -862,14 +861,13 @@ def do_formsemestre_bulletinetud(
): ):
"""Génère le bulletin au format demandé. """Génère le bulletin au format demandé.
Retourne: (bul, filigranne) Retourne: (bul, filigranne)
bul est au format demandé (html, pdf, pdfmail, pdfpart, xml) bul est str ou bytes au format demandé (html, pdf, pdfmail, pdfpart, xml, json)
et filigranne est un message à placer en "filigranne" (eg "Provisoire"). et filigranne est un message à placer en "filigranne" (eg "Provisoire").
""" """
if format == "xml": if format == "xml":
bul = sco_bulletins_xml.make_xml_formsemestre_bulletinetud( bul = sco_bulletins_xml.make_xml_formsemestre_bulletinetud(
formsemestre_id, formsemestre_id,
etudid, etudid,
REQUEST=REQUEST,
xml_with_decisions=xml_with_decisions, xml_with_decisions=xml_with_decisions,
force_publishing=force_publishing, force_publishing=force_publishing,
version=version, version=version,
@ -881,19 +879,18 @@ def do_formsemestre_bulletinetud(
bul = sco_bulletins_json.make_json_formsemestre_bulletinetud( bul = sco_bulletins_json.make_json_formsemestre_bulletinetud(
formsemestre_id, formsemestre_id,
etudid, etudid,
REQUEST=REQUEST,
xml_with_decisions=xml_with_decisions, xml_with_decisions=xml_with_decisions,
force_publishing=force_publishing, force_publishing=force_publishing,
version=version, version=version,
) )
return bul, "" return bul, ""
I = formsemestre_bulletinetud_dict(formsemestre_id, etudid, REQUEST=REQUEST) I = formsemestre_bulletinetud_dict(formsemestre_id, etudid)
etud = I["etud"] etud = I["etud"]
if format == "html": if format == "html":
htm, _ = sco_bulletins_generator.make_formsemestre_bulletinetud( htm, _ = sco_bulletins_generator.make_formsemestre_bulletinetud(
I, version=version, format="html", REQUEST=REQUEST I, version=version, format="html"
) )
return htm, I["filigranne"] return htm, I["filigranne"]
@ -903,7 +900,6 @@ def do_formsemestre_bulletinetud(
version=version, version=version,
format="pdf", format="pdf",
stand_alone=(format != "pdfpart"), stand_alone=(format != "pdfpart"),
REQUEST=REQUEST,
) )
if format == "pdf": if format == "pdf":
return ( return (
@ -923,11 +919,11 @@ def do_formsemestre_bulletinetud(
htm = "" # speed up if html version not needed htm = "" # speed up if html version not needed
else: else:
htm, _ = sco_bulletins_generator.make_formsemestre_bulletinetud( htm, _ = sco_bulletins_generator.make_formsemestre_bulletinetud(
I, version=version, format="html", REQUEST=REQUEST I, version=version, format="html"
) )
pdfdata, filename = sco_bulletins_generator.make_formsemestre_bulletinetud( pdfdata, filename = sco_bulletins_generator.make_formsemestre_bulletinetud(
I, version=version, format="pdf", REQUEST=REQUEST I, version=version, format="pdf"
) )
if prefer_mail_perso: if prefer_mail_perso:
@ -998,7 +994,7 @@ def mail_bulletin(formsemestre_id, I, pdfdata, filename, recipient_addr):
# Attach pdf # Attach pdf
msg.attach(filename, scu.PDF_MIMETYPE, pdfdata) msg.attach(filename, scu.PDF_MIMETYPE, pdfdata)
breakpoint()
log("mail bulletin a %s" % recipient_addr) log("mail bulletin a %s" % recipient_addr)
email.send_message(msg) email.send_message(msg)
@ -1119,6 +1115,16 @@ def _formsemestre_bulletinetud_header_html(
"enabled": etud["emailperso"] "enabled": etud["emailperso"]
and can_send_bulletin_by_mail(formsemestre_id), and can_send_bulletin_by_mail(formsemestre_id),
}, },
{
"title": "Version json",
"endpoint": endpoint,
"args": {
"formsemestre_id": formsemestre_id,
"etudid": etudid,
"version": version,
"format": "json",
},
},
{ {
"title": "Version XML", "title": "Version XML",
"endpoint": endpoint, "endpoint": endpoint,

View File

@ -53,6 +53,7 @@ from reportlab.platypus import SimpleDocTemplate, Paragraph, Spacer, Frame, Page
from reportlab.platypus import Table, TableStyle, Image, KeepInFrame from reportlab.platypus import Table, TableStyle, Image, KeepInFrame
from flask import request from flask import request
from flask_login import current_user
from app.scodoc import sco_utils as scu from app.scodoc import sco_utils as scu
from app.scodoc.sco_exceptions import NoteProcessError from app.scodoc.sco_exceptions import NoteProcessError
@ -150,14 +151,7 @@ class BulletinGenerator(object):
def get_filename(self): def get_filename(self):
"""Build a filename to be proposed to the web client""" """Build a filename to be proposed to the web client"""
sem = sco_formsemestre.get_formsemestre(self.infos["formsemestre_id"]) sem = sco_formsemestre.get_formsemestre(self.infos["formsemestre_id"])
dt = time.strftime("%Y-%m-%d") return scu.bul_filename(sem, self.infos["etud"], "pdf")
filename = "bul-%s-%s-%s.pdf" % (
sem["titre_num"],
dt,
self.infos["etud"]["nom"],
)
filename = scu.unescape_html(filename).replace(" ", "_").replace("&", "")
return filename
def generate(self, format="", stand_alone=True): def generate(self, format="", stand_alone=True):
"""Return bulletin in specified format""" """Return bulletin in specified format"""
@ -262,7 +256,6 @@ def make_formsemestre_bulletinetud(
version="long", # short, long, selectedevals version="long", # short, long, selectedevals
format="pdf", # html, pdf format="pdf", # html, pdf
stand_alone=True, stand_alone=True,
REQUEST=None,
): ):
"""Bulletin de notes """Bulletin de notes
@ -288,7 +281,7 @@ def make_formsemestre_bulletinetud(
PDFLOCK.acquire() PDFLOCK.acquire()
bul_generator = gen_class( bul_generator = gen_class(
infos, infos,
authuser=REQUEST.AUTHENTICATED_USER, authuser=current_user,
version=version, version=version,
filigranne=infos["filigranne"], filigranne=infos["filigranne"],
server_name=request.url_root, server_name=request.url_root,
@ -303,7 +296,7 @@ def make_formsemestre_bulletinetud(
gen_class = bulletin_get_class(bul_class_name) gen_class = bulletin_get_class(bul_class_name)
bul_generator = gen_class( bul_generator = gen_class(
infos, infos,
authuser=REQUEST.AUTHENTICATED_USER, authuser=current_user,
version=version, version=version,
filigranne=infos["filigranne"], filigranne=infos["filigranne"],
server_name=request.url_root, server_name=request.url_root,

View File

@ -47,27 +47,22 @@ from app.scodoc import sco_etud
def make_json_formsemestre_bulletinetud( def make_json_formsemestre_bulletinetud(
formsemestre_id, formsemestre_id: int,
etudid, etudid: int,
REQUEST=None,
xml_with_decisions=False, xml_with_decisions=False,
version="long", version="long",
force_publishing=False, # force publication meme si semestre non publie sur "portail" force_publishing=False, # force publication meme si semestre non publie sur "portail"
): ) -> str:
"""Renvoie bulletin en chaine JSON""" """Renvoie bulletin en chaine JSON"""
d = formsemestre_bulletinetud_published_dict( d = formsemestre_bulletinetud_published_dict(
formsemestre_id, formsemestre_id,
etudid, etudid,
force_publishing=force_publishing, force_publishing=force_publishing,
REQUEST=REQUEST,
xml_with_decisions=xml_with_decisions, xml_with_decisions=xml_with_decisions,
version=version, version=version,
) )
if REQUEST:
REQUEST.RESPONSE.setHeader("content-type", scu.JSON_MIMETYPE)
return json.dumps(d, cls=scu.ScoDocJSONEncoder) return json.dumps(d, cls=scu.ScoDocJSONEncoder)
@ -79,7 +74,6 @@ def formsemestre_bulletinetud_published_dict(
etudid, etudid,
force_publishing=False, force_publishing=False,
xml_nodate=False, xml_nodate=False,
REQUEST=None,
xml_with_decisions=False, # inclue les decisions même si non publiées xml_with_decisions=False, # inclue les decisions même si non publiées
version="long", version="long",
): ):

View File

@ -69,16 +69,13 @@ def make_xml_formsemestre_bulletinetud(
doc=None, # XML document doc=None, # XML document
force_publishing=False, force_publishing=False,
xml_nodate=False, xml_nodate=False,
REQUEST=None,
xml_with_decisions=False, # inclue les decisions même si non publiées xml_with_decisions=False, # inclue les decisions même si non publiées
version="long", version="long",
): ) -> str:
"bulletin au format XML" "bulletin au format XML"
from app.scodoc import sco_bulletins from app.scodoc import sco_bulletins
log("xml_bulletin( formsemestre_id=%s, etudid=%s )" % (formsemestre_id, etudid)) log("xml_bulletin( formsemestre_id=%s, etudid=%s )" % (formsemestre_id, etudid))
if REQUEST:
REQUEST.RESPONSE.setHeader("content-type", scu.XML_MIMETYPE)
sem = sco_formsemestre.get_formsemestre(formsemestre_id) sem = sco_formsemestre.get_formsemestre(formsemestre_id)
if (not sem["bul_hide_xml"]) or force_publishing: if (not sem["bul_hide_xml"]) or force_publishing:

View File

@ -51,6 +51,7 @@ import fcntl
import subprocess import subprocess
import requests import requests
from flask_login import current_user
import app.scodoc.notesdb as ndb import app.scodoc.notesdb as ndb
import app.scodoc.sco_utils as scu import app.scodoc.sco_utils as scu
@ -190,10 +191,8 @@ def _send_db(REQUEST, ano_db_name):
data={ data={
"dept_name": sco_preferences.get_preference("DeptName"), "dept_name": sco_preferences.get_preference("DeptName"),
"serial": _get_scodoc_serial(), "serial": _get_scodoc_serial(),
"sco_user": str(REQUEST.AUTHENTICATED_USER), "sco_user": str(current_user),
"sent_by": sco_users.user_info(str(REQUEST.AUTHENTICATED_USER))[ "sent_by": sco_users.user_info(str(current_user))["nomcomplet"],
"nomcomplet"
],
"sco_version": sco_version.SCOVERSION, "sco_version": sco_version.SCOVERSION,
"sco_fullversion": scu.get_scodoc_version(), "sco_fullversion": scu.get_scodoc_version(),
}, },

View File

@ -30,6 +30,7 @@
""" """
import flask import flask
from flask import url_for, g, request from flask import url_for, g, request
from flask_login import current_user
import app.scodoc.notesdb as ndb import app.scodoc.notesdb as ndb
import app.scodoc.sco_utils as scu import app.scodoc.sco_utils as scu
@ -544,7 +545,7 @@ def module_list(formation_id, REQUEST=None):
% F, % F,
'<ul class="notes_module_list">', '<ul class="notes_module_list">',
] ]
editable = REQUEST.AUTHENTICATED_USER.has_permission(Permission.ScoChangeFormation) editable = current_user.has_permission(Permission.ScoChangeFormation)
for Mod in do_module_list(args={"formation_id": formation_id}): for Mod in do_module_list(args={"formation_id": formation_id}):
H.append('<li class="notes_module_list">%s' % Mod) H.append('<li class="notes_module_list">%s' % Mod)

View File

@ -649,6 +649,12 @@ def make_etud_args(etudid=None, code_nip=None, use_request=True, raise_exc=True)
return args return args
def log_unknown_etud():
"""Log request: cas ou getEtudInfo n'a pas ramene de resultat"""
etud_args = make_etud_args(raise_exc=False)
log(f"unknown student: args={etud_args}")
def get_etud_info(etudid=False, code_nip=False, filled=False) -> list: def get_etud_info(etudid=False, code_nip=False, filled=False) -> list:
"""infos sur un etudiant (API). If not foud, returns empty list. """infos sur un etudiant (API). If not foud, returns empty list.
On peut specifier etudid ou code_nip On peut specifier etudid ou code_nip

View File

@ -32,6 +32,7 @@ import xml.dom.minidom
import flask import flask
from flask import g, url_for, request from flask import g, url_for, request
from flask_login import current_user
import app.scodoc.sco_utils as scu import app.scodoc.sco_utils as scu
@ -247,7 +248,7 @@ def formation_list_table(formation_id=None, args={}, REQUEST=None):
"edit_img", border="0", alt="modifier", title="Modifier titres et code" "edit_img", border="0", alt="modifier", title="Modifier titres et code"
) )
editable = REQUEST.AUTHENTICATED_USER.has_permission(Permission.ScoChangeFormation) editable = current_user.has_permission(Permission.ScoChangeFormation)
# Traduit/ajoute des champs à afficher: # Traduit/ajoute des champs à afficher:
for f in formations: for f in formations:

View File

@ -40,6 +40,7 @@ import time
from flask import url_for, g, request from flask import url_for, g, request
from flask_login import current_user
import app.scodoc.sco_utils as scu import app.scodoc.sco_utils as scu
from app.scodoc import html_sco_header from app.scodoc import html_sco_header
@ -798,7 +799,7 @@ def groups_table(
def tab_absences_html(groups_infos, etat=None, REQUEST=None): def tab_absences_html(groups_infos, etat=None, REQUEST=None):
"""contenu du tab "absences et feuilles diverses" """ """contenu du tab "absences et feuilles diverses" """
authuser = REQUEST.AUTHENTICATED_USER authuser = current_user
H = ['<div class="tab-content">'] H = ['<div class="tab-content">']
if not groups_infos.members: if not groups_infos.members:
return "".join(H) + "<h3>Aucun étudiant !</h3></div>" return "".join(H) + "<h3>Aucun étudiant !</h3></div>"
@ -867,7 +868,7 @@ def tab_photos_html(groups_infos, etat=None, REQUEST=None):
def form_choix_jour_saisie_hebdo(groups_infos, moduleimpl_id=None, REQUEST=None): def form_choix_jour_saisie_hebdo(groups_infos, moduleimpl_id=None, REQUEST=None):
"""Formulaire choix jour semaine pour saisie.""" """Formulaire choix jour semaine pour saisie."""
authuser = REQUEST.AUTHENTICATED_USER authuser = current_user
if not authuser.has_permission(Permission.ScoAbsChange): if not authuser.has_permission(Permission.ScoAbsChange):
return "" return ""
sem = groups_infos.formsemestre sem = groups_infos.formsemestre
@ -908,7 +909,7 @@ def form_choix_jour_saisie_hebdo(groups_infos, moduleimpl_id=None, REQUEST=None)
# Ajout Le Havre # Ajout Le Havre
# Formulaire saisie absences semaine # Formulaire saisie absences semaine
def form_choix_saisie_semaine(groups_infos, REQUEST=None): def form_choix_saisie_semaine(groups_infos, REQUEST=None):
authuser = REQUEST.AUTHENTICATED_USER authuser = current_user
if not authuser.has_permission(Permission.ScoAbsChange): if not authuser.has_permission(Permission.ScoAbsChange):
return "" return ""
# construit l'URL "destination" # construit l'URL "destination"

View File

@ -31,6 +31,7 @@ from operator import itemgetter
import flask import flask
from flask import url_for, g, request from flask import url_for, g, request
from flask_login import current_user
import app.scodoc.notesdb as ndb import app.scodoc.notesdb as ndb
import app.scodoc.sco_utils as scu import app.scodoc.sco_utils as scu
@ -250,7 +251,7 @@ def moduleimpl_inscriptions_stats(formsemestre_id, REQUEST=None):
tous sauf <liste d'au plus 7 noms> tous sauf <liste d'au plus 7 noms>
""" """
authuser = REQUEST.AUTHENTICATED_USER authuser = current_user
sem = sco_formsemestre.get_formsemestre(formsemestre_id) sem = sco_formsemestre.get_formsemestre(formsemestre_id)
inscrits = sco_formsemestre_inscriptions.do_formsemestre_inscription_list( inscrits = sco_formsemestre_inscriptions.do_formsemestre_inscription_list(

View File

@ -64,7 +64,7 @@ def moduleimpl_evaluation_menu(evaluation_id, nbnotes=0, REQUEST=None):
if ( if (
sco_permissions_check.can_edit_notes( sco_permissions_check.can_edit_notes(
REQUEST.AUTHENTICATED_USER, E["moduleimpl_id"], allow_ens=False current_user, E["moduleimpl_id"], allow_ens=False
) )
and nbnotes != 0 and nbnotes != 0
): ):
@ -80,7 +80,7 @@ def moduleimpl_evaluation_menu(evaluation_id, nbnotes=0, REQUEST=None):
"evaluation_id": evaluation_id, "evaluation_id": evaluation_id,
}, },
"enabled": sco_permissions_check.can_edit_notes( "enabled": sco_permissions_check.can_edit_notes(
REQUEST.AUTHENTICATED_USER, E["moduleimpl_id"] current_user, E["moduleimpl_id"]
), ),
}, },
{ {
@ -90,7 +90,7 @@ def moduleimpl_evaluation_menu(evaluation_id, nbnotes=0, REQUEST=None):
"evaluation_id": evaluation_id, "evaluation_id": evaluation_id,
}, },
"enabled": sco_permissions_check.can_edit_notes( "enabled": sco_permissions_check.can_edit_notes(
REQUEST.AUTHENTICATED_USER, E["moduleimpl_id"], allow_ens=False current_user, E["moduleimpl_id"], allow_ens=False
), ),
}, },
{ {
@ -101,7 +101,7 @@ def moduleimpl_evaluation_menu(evaluation_id, nbnotes=0, REQUEST=None):
}, },
"enabled": nbnotes == 0 "enabled": nbnotes == 0
and sco_permissions_check.can_edit_notes( and sco_permissions_check.can_edit_notes(
REQUEST.AUTHENTICATED_USER, E["moduleimpl_id"], allow_ens=False current_user, E["moduleimpl_id"], allow_ens=False
), ),
}, },
{ {
@ -111,7 +111,7 @@ def moduleimpl_evaluation_menu(evaluation_id, nbnotes=0, REQUEST=None):
"evaluation_id": evaluation_id, "evaluation_id": evaluation_id,
}, },
"enabled": sco_permissions_check.can_edit_notes( "enabled": sco_permissions_check.can_edit_notes(
REQUEST.AUTHENTICATED_USER, E["moduleimpl_id"], allow_ens=False current_user, E["moduleimpl_id"], allow_ens=False
), ),
}, },
{ {
@ -129,9 +129,7 @@ def moduleimpl_evaluation_menu(evaluation_id, nbnotes=0, REQUEST=None):
"evaluation_id": evaluation_id, "evaluation_id": evaluation_id,
}, },
"enabled": nbnotes == 0 "enabled": nbnotes == 0
and sco_permissions_check.can_edit_notes( and sco_permissions_check.can_edit_notes(current_user, E["moduleimpl_id"]),
REQUEST.AUTHENTICATED_USER, E["moduleimpl_id"]
),
}, },
{ {
"title": "Absences ce jour", "title": "Absences ce jour",

View File

@ -31,6 +31,7 @@
""" """
from flask import url_for, g from flask import url_for, g
from flask_login import current_user
import app.scodoc.sco_utils as scu import app.scodoc.sco_utils as scu
import app.scodoc.notesdb as ndb import app.scodoc.notesdb as ndb
@ -144,7 +145,7 @@ def _menuScolarite(authuser, sem, etudid):
def ficheEtud(etudid=None, REQUEST=None): def ficheEtud(etudid=None, REQUEST=None):
"fiche d'informations sur un etudiant" "fiche d'informations sur un etudiant"
authuser = REQUEST.AUTHENTICATED_USER authuser = current_user
cnx = ndb.GetDBConnexion() cnx = ndb.GetDBConnexion()
if etudid and REQUEST: if etudid and REQUEST:
# la sidebar est differente s'il y a ou pas un etudid # la sidebar est differente s'il y a ou pas un etudid
@ -491,7 +492,7 @@ def menus_etud(REQUEST=None):
"""Menu etudiant (operations sur l'etudiant)""" """Menu etudiant (operations sur l'etudiant)"""
if "etudid" not in REQUEST.form: if "etudid" not in REQUEST.form:
return "" return ""
authuser = REQUEST.AUTHENTICATED_USER authuser = current_user
etud = sco_etud.get_etud_info(filled=True)[0] etud = sco_etud.get_etud_info(filled=True)[0]

View File

@ -36,6 +36,7 @@ import urllib
import flask import flask
from flask import request from flask import request
from flask_login import current_user
from app.scodoc.sco_exceptions import ScoValueError from app.scodoc.sco_exceptions import ScoValueError
import app.scodoc.sco_utils as scu import app.scodoc.sco_utils as scu
@ -234,7 +235,7 @@ def do_placement(REQUEST):
""" """
Choisi le placement Choisi le placement
""" """
authuser = REQUEST.AUTHENTICATED_USER authuser = current_user
authusername = str(authuser) authusername = str(authuser)
try: try:
evaluation_id = int(REQUEST.form["evaluation_id"]) evaluation_id = int(REQUEST.form["evaluation_id"])

View File

@ -32,6 +32,7 @@ import time
from openpyxl.styles.numbers import FORMAT_NUMBER_00 from openpyxl.styles.numbers import FORMAT_NUMBER_00
from flask import request from flask import request
from flask_login import current_user
import app.scodoc.sco_utils as scu import app.scodoc.sco_utils as scu
from app.scodoc import sco_abs from app.scodoc import sco_abs
@ -321,7 +322,7 @@ def feuille_preparation_jury(formsemestre_id, REQUEST):
sco_version.SCONAME, sco_version.SCONAME,
time.strftime("%d/%m/%Y"), time.strftime("%d/%m/%Y"),
request.url_root, request.url_root,
REQUEST.AUTHENTICATED_USER, current_user,
) )
) )
xls = ws.generate_standalone() xls = ws.generate_standalone()

View File

@ -168,7 +168,7 @@ def do_evaluation_upload_xls(REQUEST):
""" """
Soumission d'un fichier XLS (evaluation_id, notefile) Soumission d'un fichier XLS (evaluation_id, notefile)
""" """
authuser = REQUEST.AUTHENTICATED_USER authuser = current_user
evaluation_id = int(REQUEST.form["evaluation_id"]) evaluation_id = int(REQUEST.form["evaluation_id"])
comment = REQUEST.form["comment"] comment = REQUEST.form["comment"]
E = sco_evaluations.do_evaluation_list({"evaluation_id": evaluation_id})[0] E = sco_evaluations.do_evaluation_list({"evaluation_id": evaluation_id})[0]
@ -711,7 +711,7 @@ def saisie_notes_tableur(evaluation_id, group_ids=[], REQUEST=None):
# #
H.append("""</div><h3>Autres opérations</h3><ul>""") H.append("""</div><h3>Autres opérations</h3><ul>""")
if sco_permissions_check.can_edit_notes( if sco_permissions_check.can_edit_notes(
REQUEST.AUTHENTICATED_USER, E["moduleimpl_id"], allow_ens=False current_user, E["moduleimpl_id"], allow_ens=False
): ):
H.append( H.append(
""" """
@ -1221,7 +1221,7 @@ def _form_saisie_notes(E, M, group_ids, destination="", REQUEST=None):
def save_note(etudid=None, evaluation_id=None, value=None, comment="", REQUEST=None): def save_note(etudid=None, evaluation_id=None, value=None, comment="", REQUEST=None):
"""Enregistre une note (ajax)""" """Enregistre une note (ajax)"""
authuser = REQUEST.AUTHENTICATED_USER authuser = current_user
log( log(
"save_note: evaluation_id=%s etudid=%s uid=%s value=%s" "save_note: evaluation_id=%s etudid=%s uid=%s value=%s"
% (evaluation_id, etudid, authuser, value) % (evaluation_id, etudid, authuser, value)

View File

@ -169,7 +169,7 @@ def external_ue_inscrit_et_note(
) )
# Saisie des notes # Saisie des notes
_, _, _ = sco_saisie_notes._notes_add( _, _, _ = sco_saisie_notes._notes_add(
REQUEST.AUTHENTICATED_USER, current_user,
evaluation_id, evaluation_id,
list(notes_etuds.items()), list(notes_etuds.items()),
do_it=True, do_it=True,

View File

@ -479,7 +479,7 @@ def sanitize_string(s):
return suppress_accents(s.translate(trans)).replace(" ", "_").replace("\t", "_") return suppress_accents(s.translate(trans)).replace(" ", "_").replace("\t", "_")
_BAD_FILENAME_CHARS = str.maketrans("", "", ":/\\") _BAD_FILENAME_CHARS = str.maketrans("", "", ":/\\&")
def make_filename(name): def make_filename(name):
@ -512,6 +512,14 @@ def is_valid_filename(filename):
return VALID_EXP.match(filename) return VALID_EXP.match(filename)
def bul_filename(sem, etud, format):
"""Build a filename for this bulletin"""
dt = time.strftime("%Y-%m-%d")
filename = f"bul-{sem['titre_num']}-{dt}-{etud['nom']}.{format}"
filename = make_filename(filename)
return filename
def sendCSVFile(REQUEST, data, filename): # DEPRECATED ne plus utiliser def sendCSVFile(REQUEST, data, filename): # DEPRECATED ne plus utiliser
"""publication fichier. """publication fichier.
(on ne doit rien avoir émis avant, car ici sont générés les entetes) (on ne doit rien avoir émis avant, car ici sont générés les entetes)
@ -791,35 +799,6 @@ def AnneeScolaire(sco_year=None):
return year return year
def log_unknown_etud(REQUEST=None, format="html"):
"""Log request: cas ou getEtudInfo n'a pas ramene de resultat"""
etudid = REQUEST.form.get("etudid", "?")
code_nip = REQUEST.form.get("code_nip", "?")
code_ine = REQUEST.form.get("code_ine", "?")
log(
"unknown student: etudid=%s code_nip=%s code_ine=%s"
% (etudid, code_nip, code_ine)
)
return _sco_error_response("unknown student", format=format, REQUEST=REQUEST)
# XXX #sco8 à tester ou ré-écrire
def _sco_error_response(msg, format="html", REQUEST=None):
"""Send an error message to the client, in html or xml format."""
REQUEST.RESPONSE.setStatus(404, reason=msg)
if format == "html" or format == "pdf":
raise sco_exceptions.ScoValueError(msg)
elif format == "xml":
REQUEST.RESPONSE.setHeader("content-type", XML_MIMETYPE)
doc = ElementTree.Element("error", msg=msg)
return sco_xml.XML_HEADER + ElementTree.tostring(doc).decode(SCO_ENCODING)
elif format == "json":
REQUEST.RESPONSE.setHeader("content-type", JSON_MIMETYPE)
return "undefined" # XXX voir quoi faire en cas d'erreur json
else:
raise ValueError("ScoErrorResponse: invalid format")
def return_text_if_published(val, REQUEST): def return_text_if_published(val, REQUEST):
"""Pour les méthodes publiées qui ramènent soit du texte (HTML) soit du JSON """Pour les méthodes publiées qui ramènent soit du texte (HTML) soit du JSON
sauf quand elles sont appellées depuis python. sauf quand elles sont appellées depuis python.

View File

@ -58,6 +58,7 @@ from xml.etree import ElementTree
import flask import flask
from flask import g, request from flask import g, request
from flask import url_for from flask import url_for
from flask_login import current_user
from app.decorators import ( from app.decorators import (
scodoc, scodoc,
@ -124,7 +125,7 @@ def index_html(REQUEST=None):
"""Gestionnaire absences, page principale""" """Gestionnaire absences, page principale"""
# crude portage from 1999 DTML # crude portage from 1999 DTML
sems = sco_formsemestre.do_formsemestre_list() sems = sco_formsemestre.do_formsemestre_list()
authuser = REQUEST.AUTHENTICATED_USER authuser = current_user
H = [ H = [
html_sco_header.sco_header( html_sco_header.sco_header(
@ -1069,7 +1070,9 @@ def AddBilletAbsence(
# check etudid # check etudid
etuds = sco_etud.get_etud_info(etudid=etudid, code_nip=code_nip, filled=True) etuds = sco_etud.get_etud_info(etudid=etudid, code_nip=code_nip, filled=True)
if not etuds: if not etuds:
return scu.log_unknown_etud(REQUEST=REQUEST) sco_etud.log_unknown_etud()
raise ScoValueError("étudiant inconnu")
etud = etuds[0] etud = etuds[0]
# check dates # check dates
begin_date = dateutil.parser.isoparse(begin) # may raises ValueError begin_date = dateutil.parser.isoparse(begin) # may raises ValueError
@ -1224,7 +1227,8 @@ def listeBilletsEtud(etudid=False, REQUEST=None, format="html"):
"""Liste billets pour un etudiant""" """Liste billets pour un etudiant"""
etuds = sco_etud.get_etud_info(filled=True, etudid=etudid) etuds = sco_etud.get_etud_info(filled=True, etudid=etudid)
if not etuds: if not etuds:
return scu.log_unknown_etud(format=format, REQUEST=REQUEST) sco_etud.log_unknown_etud()
raise ScoValueError("étudiant inconnu")
etud = etuds[0] etud = etuds[0]
cnx = ndb.GetDBConnexion() cnx = ndb.GetDBConnexion()

View File

@ -39,6 +39,7 @@ import time
import calendar import calendar
from flask import request from flask import request
from flask_login import current_user
# MIGRATION EN COURS => MODULE DESACTIVE ! # MIGRATION EN COURS => MODULE DESACTIVE !
@ -81,7 +82,7 @@ def sidebar(REQUEST):
<ul class="insidebar">""" <ul class="insidebar">"""
% params, % params,
] ]
if REQUEST.AUTHENTICATED_USER.has_permission(Permission.ScoEntrepriseChange): if current_user.has_permission(Permission.ScoEntrepriseChange):
H.append( H.append(
"""<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_create" class="sidebar">Nouvelle entreprise</a> </li>""" """<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_create" class="sidebar">Nouvelle entreprise</a> </li>"""
% params % params
@ -106,9 +107,7 @@ def sidebar(REQUEST):
<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_correspondant_list?entreprise_id=%(entreprise_id)s" class="sidebar">Corresp.</a></li>""" <li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_correspondant_list?entreprise_id=%(entreprise_id)s" class="sidebar">Corresp.</a></li>"""
% params % params
) # """ ) # """
if REQUEST.AUTHENTICATED_USER.has_permission( if current_user.has_permission(Permission.ScoEntrepriseChange):
Permission.ScoEntrepriseChange
):
H.append( H.append(
"""<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_correspondant_create?entreprise_id=%(entreprise_id)s" class="sidebar">Nouveau Corresp.</a></li>""" """<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_correspondant_create?entreprise_id=%(entreprise_id)s" class="sidebar">Nouveau Corresp.</a></li>"""
% params % params
@ -117,9 +116,7 @@ def sidebar(REQUEST):
"""<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_contact_list?entreprise_id=%(entreprise_id)s" class="sidebar">Contacts</a></li>""" """<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_contact_list?entreprise_id=%(entreprise_id)s" class="sidebar">Contacts</a></li>"""
% params % params
) )
if REQUEST.AUTHENTICATED_USER.has_permission( if current_user.has_permission(Permission.ScoEntrepriseChange):
Permission.ScoEntrepriseChange
):
H.append( H.append(
"""<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_contact_create?entreprise_id=%(entreprise_id)s" class="sidebar">Nouveau "contact"</a></li>""" """<li class="insidebar"><a href="%(ScoURL)s/Entreprises/entreprise_contact_create?entreprise_id=%(entreprise_id)s" class="sidebar">Nouveau "contact"</a></li>"""
% params % params
@ -128,7 +125,7 @@ def sidebar(REQUEST):
# #
H.append("""<br/><br/>%s""" % scu.icontag("entreprise_side_img")) H.append("""<br/><br/>%s""" % scu.icontag("entreprise_side_img"))
if not REQUEST.AUTHENTICATED_USER.has_permission(Permission.ScoEntrepriseChange): if not current_user.has_permission(Permission.ScoEntrepriseChange):
H.append("""<br/><em>(Lecture seule)</em>""") H.append("""<br/><em>(Lecture seule)</em>""")
H.append("""</div> </div> <!-- end of sidebar -->""") H.append("""</div> </div> <!-- end of sidebar -->""")
return "".join(H) return "".join(H)
@ -303,7 +300,7 @@ def entreprise_contact_list(entreprise_id=None, format="html", REQUEST=None):
H.append(tab.html()) H.append(tab.html())
if REQUEST.AUTHENTICATED_USER.has_permission(Permission.ScoEntrepriseChange): if current_user.has_permission(Permission.ScoEntrepriseChange):
if entreprise_id: if entreprise_id:
H.append( H.append(
"""<p class="entreprise_create"><a class="entreprise_create" href="entreprise_contact_create?entreprise_id=%(entreprise_id)s">nouveau "contact"</a></p> """<p class="entreprise_create"><a class="entreprise_create" href="entreprise_contact_create?entreprise_id=%(entreprise_id)s">nouveau "contact"</a></p>
@ -409,7 +406,7 @@ def entreprise_correspondant_list(
H.append(tab.html()) H.append(tab.html())
if REQUEST.AUTHENTICATED_USER.has_permission(Permission.ScoEntrepriseChange): if current_user.has_permission(Permission.ScoEntrepriseChange):
H.append( H.append(
"""<p class="entreprise_create"><a class="entreprise_create" href="entreprise_correspondant_create?entreprise_id=%(entreprise_id)s">Ajouter un correspondant dans l'entreprise %(nom)s</a></p> """<p class="entreprise_create"><a class="entreprise_create" href="entreprise_correspondant_create?entreprise_id=%(entreprise_id)s">Ajouter un correspondant dans l'entreprise %(nom)s</a></p>
""" """
@ -517,14 +514,12 @@ def entreprise_contact_edit(entreprise_contact_id, REQUEST=None):
cancelbutton="Annuler", cancelbutton="Annuler",
initvalues=c, initvalues=c,
submitlabel="Modifier les valeurs", submitlabel="Modifier les valeurs",
readonly=not REQUEST.AUTHENTICATED_USER.has_permission( readonly=not current_user.has_permission(Permission.ScoEntrepriseChange),
Permission.ScoEntrepriseChange
),
) )
if tf[0] == 0: if tf[0] == 0:
H.append(tf[1]) H.append(tf[1])
if REQUEST.AUTHENTICATED_USER.has_permission( if current_user.has_permission(
Permission.ScoEntrepriseChange, Permission.ScoEntrepriseChange,
): ):
H.append( H.append(
@ -643,9 +638,7 @@ def entreprise_correspondant_edit(entreprise_corresp_id, REQUEST=None):
cancelbutton="Annuler", cancelbutton="Annuler",
initvalues=c, initvalues=c,
submitlabel="Modifier les valeurs", submitlabel="Modifier les valeurs",
readonly=not REQUEST.AUTHENTICATED_USER.has_permission( readonly=not current_user.has_permission(Permission.ScoEntrepriseChange),
Permission.ScoEntrepriseChange
),
) )
if tf[0] == 0: if tf[0] == 0:
H.append(tf[1]) H.append(tf[1])
@ -752,9 +745,7 @@ def entreprise_contact_create(entreprise_id, REQUEST=None):
), ),
cancelbutton="Annuler", cancelbutton="Annuler",
submitlabel="Ajouter ce contact", submitlabel="Ajouter ce contact",
readonly=not REQUEST.AUTHENTICATED_USER.has_permission( readonly=not current_user.has_permission(Permission.ScoEntrepriseChange),
Permission.ScoEntrepriseChange
),
) )
if tf[0] == 0: if tf[0] == 0:
H.append(tf[1]) H.append(tf[1])
@ -791,7 +782,7 @@ def entreprise_contact_delete(entreprise_contact_id, REQUEST=None):
initvalues=c, initvalues=c,
submitlabel="Confirmer la suppression", submitlabel="Confirmer la suppression",
cancelbutton="Annuler", cancelbutton="Annuler",
readonly=not REQUEST.AUTHENTICATED_USER.has_permission(ScoEntrepriseChange), readonly=not current_user.has_permission(ScoEntrepriseChange),
) )
if tf[0] == 0: if tf[0] == 0:
H.append(tf[1]) H.append(tf[1])
@ -894,9 +885,7 @@ def entreprise_correspondant_create(entreprise_id, REQUEST=None):
), ),
cancelbutton="Annuler", cancelbutton="Annuler",
submitlabel="Ajouter ce correspondant", submitlabel="Ajouter ce correspondant",
readonly=not REQUEST.AUTHENTICATED_USER.has_permission( readonly=not current_user.has_permission(Permission.ScoEntrepriseChange),
Permission.ScoEntrepriseChange
),
) )
if tf[0] == 0: if tf[0] == 0:
H.append(tf[1]) H.append(tf[1])
@ -928,9 +917,7 @@ def entreprise_correspondant_delete(entreprise_corresp_id, REQUEST=None):
initvalues=c, initvalues=c,
submitlabel="Confirmer la suppression", submitlabel="Confirmer la suppression",
cancelbutton="Annuler", cancelbutton="Annuler",
readonly=not REQUEST.AUTHENTICATED_USER.has_permission( readonly=not current_user.has_permission(Permission.ScoEntrepriseChange),
Permission.ScoEntrepriseChange
),
) )
if tf[0] == 0: if tf[0] == 0:
H.append(tf[1]) H.append(tf[1])
@ -984,9 +971,7 @@ def entreprise_delete(entreprise_id, REQUEST=None):
initvalues=E, initvalues=E,
submitlabel="Confirmer la suppression", submitlabel="Confirmer la suppression",
cancelbutton="Annuler", cancelbutton="Annuler",
readonly=not REQUEST.AUTHENTICATED_USER.has_permission( readonly=not current_user.has_permission(Permission.ScoEntrepriseChange),
Permission.ScoEntrepriseChange
),
) )
if tf[0] == 0: if tf[0] == 0:
H.append(tf[1]) H.append(tf[1])
@ -1081,9 +1066,7 @@ def entreprise_create(REQUEST=None):
), ),
cancelbutton="Annuler", cancelbutton="Annuler",
submitlabel="Ajouter cette entreprise", submitlabel="Ajouter cette entreprise",
readonly=not REQUEST.AUTHENTICATED_USER.has_permission( readonly=not current_user.has_permission(Permission.ScoEntrepriseChange),
Permission.ScoEntrepriseChange
),
) )
if tf[0] == 0: if tf[0] == 0:
return "\n".join(H) + tf[1] + entreprise_footer(REQUEST) return "\n".join(H) + tf[1] + entreprise_footer(REQUEST)
@ -1099,7 +1082,7 @@ security.declareProtected(ScoEntrepriseView, "entreprise_edit")
def entreprise_edit(entreprise_id, REQUEST=None, start=1): def entreprise_edit(entreprise_id, REQUEST=None, start=1):
"""Form. edit entreprise""" """Form. edit entreprise"""
authuser = REQUEST.AUTHENTICATED_USER authuser = current_user
readonly = not authuser.has_permission(Permission.ScoEntrepriseChange) readonly = not authuser.has_permission(Permission.ScoEntrepriseChange)
F = sco_entreprises.do_entreprise_list(args={"entreprise_id": entreprise_id})[0] F = sco_entreprises.do_entreprise_list(args={"entreprise_id": entreprise_id})[0]
H = [ H = [

View File

@ -406,7 +406,7 @@ sco_publish(
def index_html(REQUEST=None): def index_html(REQUEST=None):
"Page accueil formations" "Page accueil formations"
editable = REQUEST.AUTHENTICATED_USER.has_permission(Permission.ScoChangeFormation) editable = current_user.has_permission(Permission.ScoChangeFormation)
H = [ H = [
html_sco_header.sco_header(page_title="Programmes formations"), html_sco_header.sco_header(page_title="Programmes formations"),
@ -2010,8 +2010,7 @@ def formsemestre_validation_etud(
"Enregistre choix jury pour un étudiant" "Enregistre choix jury pour un étudiant"
if not sco_permissions_check.can_validate_sem(formsemestre_id): if not sco_permissions_check.can_validate_sem(formsemestre_id):
return scu.confirm_dialog( return scu.confirm_dialog(
message="<p>Opération non autorisée pour %s</h2>" message="<p>Opération non autorisée pour %s</h2>" % current_user,
% REQUEST.AUTHENTICATED_USER,
dest_url=scu.ScoURL(), dest_url=scu.ScoURL(),
) )
@ -2043,8 +2042,7 @@ def formsemestre_validation_etud_manu(
"Enregistre choix jury pour un étudiant" "Enregistre choix jury pour un étudiant"
if not sco_permissions_check.can_validate_sem(formsemestre_id): if not sco_permissions_check.can_validate_sem(formsemestre_id):
return scu.confirm_dialog( return scu.confirm_dialog(
message="<p>Opération non autorisée pour %s</h2>" message="<p>Opération non autorisée pour %s</h2>" % current_user,
% REQUEST.AUTHENTICATED_USER,
dest_url=scu.ScoURL(), dest_url=scu.ScoURL(),
) )
@ -2069,8 +2067,7 @@ def formsemestre_validate_previous_ue(formsemestre_id, etudid=None, REQUEST=None
"Form. saisie UE validée hors ScoDoc" "Form. saisie UE validée hors ScoDoc"
if not sco_permissions_check.can_validate_sem(formsemestre_id): if not sco_permissions_check.can_validate_sem(formsemestre_id):
return scu.confirm_dialog( return scu.confirm_dialog(
message="<p>Opération non autorisée pour %s</h2>" message="<p>Opération non autorisée pour %s</h2>" % current_user,
% REQUEST.AUTHENTICATED_USER,
dest_url=scu.ScoURL(), dest_url=scu.ScoURL(),
) )
return sco_formsemestre_validation.formsemestre_validate_previous_ue( return sco_formsemestre_validation.formsemestre_validate_previous_ue(
@ -2094,8 +2091,7 @@ def formsemestre_ext_edit_ue_validations(formsemestre_id, etudid=None, REQUEST=N
"Form. edition UE semestre extérieur" "Form. edition UE semestre extérieur"
if not sco_permissions_check.can_validate_sem(formsemestre_id): if not sco_permissions_check.can_validate_sem(formsemestre_id):
return scu.confirm_dialog( return scu.confirm_dialog(
message="<p>Opération non autorisée pour %s</h2>" message="<p>Opération non autorisée pour %s</h2>" % current_user,
% REQUEST.AUTHENTICATED_USER,
dest_url=scu.ScoURL(), dest_url=scu.ScoURL(),
) )
return sco_formsemestre_exterieurs.formsemestre_ext_edit_ue_validations( return sco_formsemestre_exterieurs.formsemestre_ext_edit_ue_validations(
@ -2118,8 +2114,7 @@ def etud_ue_suppress_validation(etudid, formsemestre_id, ue_id, REQUEST=None):
"""Suppress a validation (ue_id, etudid) and redirect to formsemestre""" """Suppress a validation (ue_id, etudid) and redirect to formsemestre"""
if not sco_permissions_check.can_validate_sem(formsemestre_id): if not sco_permissions_check.can_validate_sem(formsemestre_id):
return scu.confirm_dialog( return scu.confirm_dialog(
message="<p>Opération non autorisée pour %s</h2>" message="<p>Opération non autorisée pour %s</h2>" % current_user,
% REQUEST.AUTHENTICATED_USER,
dest_url=scu.ScoURL(), dest_url=scu.ScoURL(),
) )
return sco_formsemestre_validation.etud_ue_suppress_validation( return sco_formsemestre_validation.etud_ue_suppress_validation(
@ -2135,8 +2130,7 @@ def formsemestre_validation_auto(formsemestre_id, REQUEST):
"Formulaire saisie automatisee des decisions d'un semestre" "Formulaire saisie automatisee des decisions d'un semestre"
if not sco_permissions_check.can_validate_sem(formsemestre_id): if not sco_permissions_check.can_validate_sem(formsemestre_id):
return scu.confirm_dialog( return scu.confirm_dialog(
message="<p>Opération non autorisée pour %s</h2>" message="<p>Opération non autorisée pour %s</h2>" % current_user,
% REQUEST.AUTHENTICATED_USER,
dest_url=scu.ScoURL(), dest_url=scu.ScoURL(),
) )
@ -2153,8 +2147,7 @@ def do_formsemestre_validation_auto(formsemestre_id, REQUEST):
"Formulaire saisie automatisee des decisions d'un semestre" "Formulaire saisie automatisee des decisions d'un semestre"
if not sco_permissions_check.can_validate_sem(formsemestre_id): if not sco_permissions_check.can_validate_sem(formsemestre_id):
return scu.confirm_dialog( return scu.confirm_dialog(
message="<p>Opération non autorisée pour %s</h2>" message="<p>Opération non autorisée pour %s</h2>" % current_user,
% REQUEST.AUTHENTICATED_USER,
dest_url=scu.ScoURL(), dest_url=scu.ScoURL(),
) )
@ -2173,8 +2166,7 @@ def formsemestre_validation_suppress_etud(
"""Suppression des decisions de jury pour un etudiant.""" """Suppression des decisions de jury pour un etudiant."""
if not sco_permissions_check.can_validate_sem(formsemestre_id): if not sco_permissions_check.can_validate_sem(formsemestre_id):
return scu.confirm_dialog( return scu.confirm_dialog(
message="<p>Opération non autorisée pour %s</h2>" message="<p>Opération non autorisée pour %s</h2>" % current_user,
% REQUEST.AUTHENTICATED_USER,
dest_url=scu.ScoURL(), dest_url=scu.ScoURL(),
) )
if not dialog_confirmed: if not dialog_confirmed:
@ -2510,7 +2502,7 @@ def check_form_integrity(formation_id, fix=False, REQUEST=None):
log("check_form_integrity: formation_id=%s\ninconsistencies:" % formation_id) log("check_form_integrity: formation_id=%s\ninconsistencies:" % formation_id)
log(txt) log(txt)
# Notify by e-mail # Notify by e-mail
sendAlarm("Notes: formation incoherente !", txt) send_scodoc_alarm("Notes: formation incoherente !", txt)
else: else:
txth = "OK" txth = "OK"
log("ok") log("ok")

View File

@ -1967,7 +1967,7 @@ def import_generate_admission_sample(REQUEST, formsemestre_id):
@scodoc7func @scodoc7func
def form_students_import_infos_admissions(REQUEST, formsemestre_id=None): def form_students_import_infos_admissions(REQUEST, formsemestre_id=None):
"formulaire import xls" "formulaire import xls"
authuser = REQUEST.AUTHENTICATED_USER authuser = current_user
F = html_sco_header.sco_footer() F = html_sco_header.sco_footer()
if not authuser.has_permission(Permission.ScoEtudInscrit): if not authuser.has_permission(Permission.ScoEtudInscrit):
# autorise juste l'export # autorise juste l'export

View File

@ -546,7 +546,7 @@ def import_users_form(REQUEST=None):
if tf[0] == 0: if tf[0] == 0:
return "\n".join(H) + tf[1] + "</li></ol>" + help + F return "\n".join(H) + tf[1] + "</li></ol>" + help + F
elif tf[0] == -1: elif tf[0] == -1:
return flask.redirect(back_url) return flask.redirect(url_for("scolar.index_html", docodc_dept=g.scodoc_dept))
else: else:
# IMPORT # IMPORT
ok, diag, nb_created = sco_import_users.import_excel_file(tf[2]["xlsfile"]) ok, diag, nb_created = sco_import_users.import_excel_file(tf[2]["xlsfile"])
@ -654,8 +654,8 @@ def change_password(user_name, password, password2, REQUEST):
if not can_handle_passwd(u): if not can_handle_passwd(u):
# access denied # access denied
log( log(
"change_password: access denied (authuser=%s, user_name=%s, ip=%s)" "change_password: access denied (authuser=%s, user_name=%s)"
% (REQUEST.AUTHENTICATED_USER, user_name, REQUEST.REMOTE_ADDR) % (current_user, user_name)
) )
raise AccessDenied("vous n'avez pas la permission de changer ce mot de passe") raise AccessDenied("vous n'avez pas la permission de changer ce mot de passe")
H = [] H = []