diff --git a/app/api/justificatifs.py b/app/api/justificatifs.py index ad77f54c..28063d05 100644 --- a/app/api/justificatifs.py +++ b/app/api/justificatifs.py @@ -374,6 +374,10 @@ def _create_one( errors.append("param 'etat': invalide") etat: scu.EtatJustificatif = scu.EtatJustificatif.get(etat) + if etat != scu.EtatJustificatif.ATTENTE and not current_user.has_permission( + Permission.JustifValidate + ): + errors.append("param 'etat': non autorisé (Permission.JustifValidate)") # cas 2 : date_debut date_debut: str = data.get("date_debut", None) @@ -473,7 +477,10 @@ def justif_edit(justif_id: int): if etat is None: errors.append("param 'etat': invalide") else: - justificatif_unique.etat = etat + if current_user.has_permission(Permission.JustifValidate): + justificatif_unique.etat = etat + else: + errors.append("param 'etat': non autorisé (Permission.JustifValidate)") # Cas 2 : raison raison: str = data.get("raison", False) diff --git a/app/forms/assiduite/ajout_assiduite_etud.py b/app/forms/assiduite/ajout_assiduite_etud.py index 302f7377..5489ac35 100644 --- a/app/forms/assiduite/ajout_assiduite_etud.py +++ b/app/forms/assiduite/ajout_assiduite_etud.py @@ -170,13 +170,7 @@ class AjoutJustificatifEtudForm(AjoutAssiOrJustForm): ) etat = SelectField( "État du justificatif", - choices=[ - ("", "Choisir..."), # Placeholder - (scu.EtatJustificatif.ATTENTE.value, "En attente de validation"), - (scu.EtatJustificatif.NON_VALIDE.value, "Non valide"), - (scu.EtatJustificatif.MODIFIE.value, "Modifié"), - (scu.EtatJustificatif.VALIDE.value, "Valide"), - ], + choices=[], # sera rempli dynamiquement validators=[DataRequired(message="This field is required.")], ) fichiers = MultipleFileField(label="Ajouter des fichiers") diff --git a/app/scodoc/sco_formsemestre_status.py b/app/scodoc/sco_formsemestre_status.py index 8c3ac414..4053e694 100755 --- a/app/scodoc/sco_formsemestre_status.py +++ b/app/scodoc/sco_formsemestre_status.py @@ -1136,7 +1136,9 @@ def formsemestre_status(formsemestre_id=None, check_parcours=True): # --- Lien Traitement Justificatifs: - if current_user.has_permission(Permission.AbsJustifView): + if current_user.has_permission( + Permission.AbsJustifView + ) and current_user.has_permission(Permission.JustifValidate): H.append( f"""