forked from ScoDoc/ScoDoc
permissions non fonctionnel
This commit is contained in:
parent
90e292341e
commit
47123aeb1e
@ -7,13 +7,16 @@ from app import models
|
|||||||
from app.api import bp
|
from app.api import bp
|
||||||
from app.api.auth import token_auth
|
from app.api.auth import token_auth
|
||||||
from app.api.errors import error_response
|
from app.api.errors import error_response
|
||||||
|
from app.decorators import permission_required
|
||||||
from app.scodoc.sco_abs import add_absence, add_justif, annule_absence, annule_justif, list_abs_date
|
from app.scodoc.sco_abs import add_absence, add_justif, annule_absence, annule_justif, list_abs_date
|
||||||
from app.scodoc.sco_groups import get_group_members
|
from app.scodoc.sco_groups import get_group_members
|
||||||
|
from app.scodoc.sco_permissions import Permission
|
||||||
|
|
||||||
|
|
||||||
@bp.route("/absences/etudid/<int:etudid>", methods=["GET"])
|
@bp.route("/absences/etudid/<int:etudid>", methods=["GET"])
|
||||||
@bp.route("/absences/nip/<int:nip>", methods=["GET"])
|
@bp.route("/absences/nip/<int:nip>", methods=["GET"])
|
||||||
@bp.route("/absences/ine/<int:ine>", methods=["GET"])
|
@bp.route("/absences/ine/<int:ine>", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def absences(etudid: int = None, nip: int = None, ine: int = None):
|
def absences(etudid: int = None, nip: int = None, ine: int = None):
|
||||||
"""
|
"""
|
||||||
Retourne la liste des absences d'un étudiant donné
|
Retourne la liste des absences d'un étudiant donné
|
||||||
@ -50,6 +53,7 @@ def absences(etudid: int = None, nip: int = None, ine: int = None):
|
|||||||
@bp.route("/absences/etudid/<int:etudid>/abs_just_only", methods=["GET"])
|
@bp.route("/absences/etudid/<int:etudid>/abs_just_only", methods=["GET"])
|
||||||
@bp.route("/absences/nip/<int:nip>/abs_just_only", methods=["GET"])
|
@bp.route("/absences/nip/<int:nip>/abs_just_only", methods=["GET"])
|
||||||
@bp.route("/absences/ine/<int:ine>/abs_just_only", methods=["GET"])
|
@bp.route("/absences/ine/<int:ine>/abs_just_only", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def absences_justify(etudid: int = None, nip: int = None, ine: int = None):
|
def absences_justify(etudid: int = None, nip: int = None, ine: int = None):
|
||||||
"""
|
"""
|
||||||
Retourne la liste des absences justifiées d'un étudiant donné
|
Retourne la liste des absences justifiées d'un étudiant donné
|
||||||
@ -92,6 +96,7 @@ def absences_justify(etudid: int = None, nip: int = None, ine: int = None):
|
|||||||
@bp.route("/absences/abs_signale?ine=<int:ine>&date=<string:date>&matin=<string:matin>&justif=<string:justif>"
|
@bp.route("/absences/abs_signale?ine=<int:ine>&date=<string:date>&matin=<string:matin>&justif=<string:justif>"
|
||||||
"&description=<string:description>&moduleimpl_id=<int:moduleimpl_id>", methods=["POST"])
|
"&description=<string:description>&moduleimpl_id=<int:moduleimpl_id>", methods=["POST"])
|
||||||
@token_auth.login_required
|
@token_auth.login_required
|
||||||
|
@permission_required(Permission.APIAbsChange)
|
||||||
def abs_signale(date: datetime, matin: bool, justif: bool, etudid: int = None, nip: int = None, ine: int = None,
|
def abs_signale(date: datetime, matin: bool, justif: bool, etudid: int = None, nip: int = None, ine: int = None,
|
||||||
description: str = None, moduleimpl_id: int = None):
|
description: str = None, moduleimpl_id: int = None):
|
||||||
"""
|
"""
|
||||||
@ -214,6 +219,7 @@ def abs_signale(date: datetime, matin: bool, justif: bool, etudid: int = None, n
|
|||||||
@bp.route("/absences/abs_annule?nip=<int:nip>&jour=<string:jour>&matin=<string:matin>", methods=["POST"])
|
@bp.route("/absences/abs_annule?nip=<int:nip>&jour=<string:jour>&matin=<string:matin>", methods=["POST"])
|
||||||
@bp.route("/absences/abs_annule?ine=<int:ine>&jour=<string:jour>&matin=<string:matin>", methods=["POST"])
|
@bp.route("/absences/abs_annule?ine=<int:ine>&jour=<string:jour>&matin=<string:matin>", methods=["POST"])
|
||||||
@token_auth.login_required
|
@token_auth.login_required
|
||||||
|
@permission_required(Permission.APIAbsChange)
|
||||||
def abs_annule(jour: datetime, matin: str, etudid: int = None, nip: int = None, ine: int = None):
|
def abs_annule(jour: datetime, matin: str, etudid: int = None, nip: int = None, ine: int = None):
|
||||||
"""
|
"""
|
||||||
Retourne un html
|
Retourne un html
|
||||||
@ -251,6 +257,7 @@ def abs_annule(jour: datetime, matin: str, etudid: int = None, nip: int = None,
|
|||||||
@bp.route("/absences/abs_annule_justif?nip=<int:nip>&jour=<string:jour>&matin=<string:matin>", methods=["POST"])
|
@bp.route("/absences/abs_annule_justif?nip=<int:nip>&jour=<string:jour>&matin=<string:matin>", methods=["POST"])
|
||||||
@bp.route("/absences/abs_annule_justif?ine=<int:ine>&jour=<string:jour>&matin=<string:matin>", methods=["POST"])
|
@bp.route("/absences/abs_annule_justif?ine=<int:ine>&jour=<string:jour>&matin=<string:matin>", methods=["POST"])
|
||||||
@token_auth.login_required
|
@token_auth.login_required
|
||||||
|
@permission_required(Permission.APIAbsChange)
|
||||||
def abs_annule_justif(jour: datetime, matin: str, etudid: int = None, nip: int = None, ine: int = None):
|
def abs_annule_justif(jour: datetime, matin: str, etudid: int = None, nip: int = None, ine: int = None):
|
||||||
"""
|
"""
|
||||||
Retourne un html
|
Retourne un html
|
||||||
@ -285,6 +292,7 @@ def abs_annule_justif(jour: datetime, matin: str, etudid: int = None, nip: int =
|
|||||||
|
|
||||||
|
|
||||||
@bp.route("/absences/abs_group_etat/?group_id=<int:group_id>&date_debut=date_debut&date_fin=date_fin", methods=["GET"])
|
@bp.route("/absences/abs_group_etat/?group_id=<int:group_id>&date_debut=date_debut&date_fin=date_fin", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def abs_groupe_etat(group_id: int, date_debut, date_fin, with_boursier=True, format="html"):
|
def abs_groupe_etat(group_id: int, date_debut, date_fin, with_boursier=True, format="html"):
|
||||||
"""
|
"""
|
||||||
Retoune la liste des absences d'un ou plusieurs groupes entre deux dates
|
Retoune la liste des absences d'un ou plusieurs groupes entre deux dates
|
||||||
|
@ -5,7 +5,9 @@ from app import models
|
|||||||
from app.api import bp
|
from app.api import bp
|
||||||
from app.api.auth import token_auth
|
from app.api.auth import token_auth
|
||||||
from app.api.errors import error_response
|
from app.api.errors import error_response
|
||||||
|
from app.decorators import permission_required
|
||||||
from app.models import ApcReferentielCompetences
|
from app.models import ApcReferentielCompetences
|
||||||
|
from app.scodoc.sco_permissions import Permission
|
||||||
from app.scodoc.sco_prepajury import feuille_preparation_jury
|
from app.scodoc.sco_prepajury import feuille_preparation_jury
|
||||||
from app.scodoc.sco_pvjury import formsemestre_pvjury
|
from app.scodoc.sco_pvjury import formsemestre_pvjury
|
||||||
from app.scodoc.sco_recapcomplet import formsemestre_recapcomplet
|
from app.scodoc.sco_recapcomplet import formsemestre_recapcomplet
|
||||||
@ -14,7 +16,8 @@ from app.scodoc.sco_saisie_notes import notes_add
|
|||||||
|
|
||||||
|
|
||||||
@bp.route("/departements", methods=["GET"])
|
@bp.route("/departements", methods=["GET"])
|
||||||
#@token_auth.login_required # Commenté le temps des tests
|
@token_auth.login_required # Commenté le temps des tests
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def departements():
|
def departements():
|
||||||
"""
|
"""
|
||||||
Retourne la liste des ids de départements visibles
|
Retourne la liste des ids de départements visibles
|
||||||
@ -33,7 +36,8 @@ def departements():
|
|||||||
@bp.route("/departements/<string:dept>/etudiants/liste", methods=["GET"])
|
@bp.route("/departements/<string:dept>/etudiants/liste", methods=["GET"])
|
||||||
@bp.route("/departements/<string:dept>/etudiants/liste/<int:formsemestre_id>", methods=["GET"])
|
@bp.route("/departements/<string:dept>/etudiants/liste/<int:formsemestre_id>", methods=["GET"])
|
||||||
# @token_auth.login_required
|
# @token_auth.login_required
|
||||||
def liste_etudiants(dept: str, formsemestre_id=None): # XXX TODO A REVOIR
|
@permission_required(Permission.APIView)
|
||||||
|
def liste_etudiants(dept: str, formsemestre_id=None):
|
||||||
"""
|
"""
|
||||||
Retourne la liste des étudiants d'un département
|
Retourne la liste des étudiants d'un département
|
||||||
|
|
||||||
@ -137,6 +141,7 @@ def liste_etudiants(dept: str, formsemestre_id=None): # XXX TODO A REVOIR
|
|||||||
|
|
||||||
@bp.route("/departements/<string:dept>/semestres_courants", methods=["GET"])
|
@bp.route("/departements/<string:dept>/semestres_courants", methods=["GET"])
|
||||||
# @token_auth.login_required # Commenté le temps des tests
|
# @token_auth.login_required # Commenté le temps des tests
|
||||||
|
# @permission_required(Permission.APIView)
|
||||||
def liste_semestres_courant(dept: str):
|
def liste_semestres_courant(dept: str):
|
||||||
"""
|
"""
|
||||||
Liste des semestres actifs d'un départements donné
|
Liste des semestres actifs d'un départements donné
|
||||||
@ -195,6 +200,7 @@ def liste_semestres_courant(dept: str):
|
|||||||
|
|
||||||
|
|
||||||
@bp.route("/departements/<string:dept>/formations/<int:formation_id>/referentiel_competences", methods=["GET"])
|
@bp.route("/departements/<string:dept>/formations/<int:formation_id>/referentiel_competences", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def referenciel_competences(dept: str, formation_id: int):
|
def referenciel_competences(dept: str, formation_id: int):
|
||||||
"""
|
"""
|
||||||
Retourne le référentiel de compétences
|
Retourne le référentiel de compétences
|
||||||
@ -221,6 +227,7 @@ def referenciel_competences(dept: str, formation_id: int):
|
|||||||
|
|
||||||
|
|
||||||
@bp.route("/departements/<string:dept>/formsemestre/<string:formsemestre_id>/programme", methods=["GET"])
|
@bp.route("/departements/<string:dept>/formsemestre/<string:formsemestre_id>/programme", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def semestre_index(dept: str, formsemestre_id: int):
|
def semestre_index(dept: str, formsemestre_id: int):
|
||||||
"""
|
"""
|
||||||
Retourne la liste des Ues, ressources et SAE d'un semestre
|
Retourne la liste des Ues, ressources et SAE d'un semestre
|
||||||
|
@ -4,11 +4,14 @@ from flask import jsonify
|
|||||||
from app import models
|
from app import models
|
||||||
from app.api import bp
|
from app.api import bp
|
||||||
from app.api.errors import error_response
|
from app.api.errors import error_response
|
||||||
|
from app.decorators import permission_required
|
||||||
from app.scodoc.sco_bulletins_json import make_json_formsemestre_bulletinetud
|
from app.scodoc.sco_bulletins_json import make_json_formsemestre_bulletinetud
|
||||||
from app.scodoc.sco_groups import get_etud_groups
|
from app.scodoc.sco_groups import get_etud_groups
|
||||||
|
from app.scodoc.sco_permissions import Permission
|
||||||
|
|
||||||
|
|
||||||
@bp.route("/etudiants", methods=["GET"])
|
@bp.route("/etudiants", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def etudiants():
|
def etudiants():
|
||||||
"""
|
"""
|
||||||
Retourne la liste de tous les étudiants
|
Retourne la liste de tous les étudiants
|
||||||
@ -49,6 +52,7 @@ def etudiants():
|
|||||||
|
|
||||||
|
|
||||||
@bp.route("/etudiants/courant", methods=["GET"])
|
@bp.route("/etudiants/courant", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def etudiants_courant():
|
def etudiants_courant():
|
||||||
"""
|
"""
|
||||||
Retourne la liste des étudiants courant
|
Retourne la liste des étudiants courant
|
||||||
@ -94,6 +98,7 @@ def etudiants_courant():
|
|||||||
@bp.route("/etudiant/etudid/<int:etudid>", methods=["GET"])
|
@bp.route("/etudiant/etudid/<int:etudid>", methods=["GET"])
|
||||||
@bp.route("/etudiant/nip/<int:nip>", methods=["GET"])
|
@bp.route("/etudiant/nip/<int:nip>", methods=["GET"])
|
||||||
@bp.route("/etudiant/ine/<int:ine>", methods=["GET"])
|
@bp.route("/etudiant/ine/<int:ine>", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def etudiant(etudid: int = None, nip: int = None, ine: int = None):
|
def etudiant(etudid: int = None, nip: int = None, ine: int = None):
|
||||||
"""
|
"""
|
||||||
Retourne les informations de l'étudiant correspondant à l'id passé en paramètres.
|
Retourne les informations de l'étudiant correspondant à l'id passé en paramètres.
|
||||||
@ -138,6 +143,7 @@ def etudiant(etudid: int = None, nip: int = None, ine: int = None):
|
|||||||
@bp.route("/etudiant/etudid/<int:etudid>/formsemestres")
|
@bp.route("/etudiant/etudid/<int:etudid>/formsemestres")
|
||||||
@bp.route("/etudiant/nip/<int:nip>/formsemestres")
|
@bp.route("/etudiant/nip/<int:nip>/formsemestres")
|
||||||
@bp.route("/etudiant/ine/<int:ine>/formsemestres")
|
@bp.route("/etudiant/ine/<int:ine>/formsemestres")
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def etudiant_formsemestres(etudid: int = None, nip: int = None, ine: int = None):
|
def etudiant_formsemestres(etudid: int = None, nip: int = None, ine: int = None):
|
||||||
"""
|
"""
|
||||||
Retourne la liste des semestres qu'un étudiant a suivis
|
Retourne la liste des semestres qu'un étudiant a suivis
|
||||||
@ -225,6 +231,7 @@ def etudiant_formsemestres(etudid: int = None, nip: int = None, ine: int = None)
|
|||||||
@bp.route("/etudiant/etudid/<int:etudid>/formsemestre/<int:formsemestre_id>/bulletin", methods=["GET"])
|
@bp.route("/etudiant/etudid/<int:etudid>/formsemestre/<int:formsemestre_id>/bulletin", methods=["GET"])
|
||||||
@bp.route("/etudiant/nip/<int:nip>/formsemestre/<int:formsemestre_id>/bulletin", methods=["GET"])
|
@bp.route("/etudiant/nip/<int:nip>/formsemestre/<int:formsemestre_id>/bulletin", methods=["GET"])
|
||||||
@bp.route("/etudiant/ine/<int:ine>/formsemestre/<int:formsemestre_id>/bulletin", methods=["GET"])
|
@bp.route("/etudiant/ine/<int:ine>/formsemestre/<int:formsemestre_id>/bulletin", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def etudiant_bulletin_semestre(formsemestre_id, etudid: int = None, nip: int = None, ine: int = None):
|
def etudiant_bulletin_semestre(formsemestre_id, etudid: int = None, nip: int = None, ine: int = None):
|
||||||
"""
|
"""
|
||||||
Retourne le bulletin d'un étudiant en fonction de son id et d'un semestre donné
|
Retourne le bulletin d'un étudiant en fonction de son id et d'un semestre donné
|
||||||
@ -252,15 +259,10 @@ def etudiant_bulletin_semestre(formsemestre_id, etudid: int = None, nip: int = N
|
|||||||
# return error_response(501, message="Not implemented")
|
# return error_response(501, message="Not implemented")
|
||||||
|
|
||||||
|
|
||||||
@bp.route(
|
@bp.route("/etudiant/etudid/<int:etudid>/semestre/<int:formsemestre_id>/groups", methods=["GET"])
|
||||||
"/etudiant/etudid/<int:etudid>/semestre/<int:formsemestre_id>/groups", methods=["GET"]
|
@bp.route("/etudiant/nip/<int:nip>/semestre/<int:formsemestre_id>/groups", methods=["GET"])
|
||||||
)
|
@bp.route("/etudiant/ine/<int:ine>/semestre/<int:formsemestre_id>/groups", methods=["GET"])
|
||||||
@bp.route(
|
@permission_required(Permission.APIView)
|
||||||
"/etudiant/nip/<int:nip>/semestre/<int:formsemestre_id>/groups", methods=["GET"]
|
|
||||||
)
|
|
||||||
@bp.route(
|
|
||||||
"/etudiant/ine/<int:ine>/semestre/<int:formsemestre_id>/groups", methods=["GET"]
|
|
||||||
)
|
|
||||||
def etudiant_groups(formsemestre_id: int, etudid: int = None, nip: int = None, ine: int = None):
|
def etudiant_groups(formsemestre_id: int, etudid: int = None, nip: int = None, ine: int = None):
|
||||||
"""
|
"""
|
||||||
Retourne la liste des groupes auxquels appartient l'étudiant dans le semestre indiqué
|
Retourne la liste des groupes auxquels appartient l'étudiant dans le semestre indiqué
|
||||||
|
@ -5,10 +5,13 @@ from app import models
|
|||||||
from app.api import bp
|
from app.api import bp
|
||||||
from app.api.auth import token_auth
|
from app.api.auth import token_auth
|
||||||
from app.api.errors import error_response
|
from app.api.errors import error_response
|
||||||
|
from app.decorators import permission_required
|
||||||
from app.scodoc.sco_evaluation_db import do_evaluation_get_all_notes
|
from app.scodoc.sco_evaluation_db import do_evaluation_get_all_notes
|
||||||
|
from app.scodoc.sco_permissions import Permission
|
||||||
|
|
||||||
|
|
||||||
@bp.route("/evaluations/<int:moduleimpl_id>", methods=["GET"])
|
@bp.route("/evaluations/<int:moduleimpl_id>", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def evaluations(moduleimpl_id: int):
|
def evaluations(moduleimpl_id: int):
|
||||||
"""
|
"""
|
||||||
Retourne la liste des évaluations à partir de l'id d'un moduleimpl
|
Retourne la liste des évaluations à partir de l'id d'un moduleimpl
|
||||||
@ -26,6 +29,7 @@ def evaluations(moduleimpl_id: int):
|
|||||||
|
|
||||||
|
|
||||||
@bp.route("/evaluations/eval_notes/<int:evaluation_id>", methods=["GET"])
|
@bp.route("/evaluations/eval_notes/<int:evaluation_id>", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def evaluation_notes(evaluation_id: int):
|
def evaluation_notes(evaluation_id: int):
|
||||||
"""
|
"""
|
||||||
Retourne la liste des notes à partir de l'id d'une évaluation donnée
|
Retourne la liste des notes à partir de l'id d'une évaluation donnée
|
||||||
@ -47,6 +51,7 @@ def evaluation_notes(evaluation_id: int):
|
|||||||
@bp.route("/evaluations/eval_set_notes?eval_id=<int:eval_id>&nip=<int:nip>¬e=<float:note>", methods=["POST"])
|
@bp.route("/evaluations/eval_set_notes?eval_id=<int:eval_id>&nip=<int:nip>¬e=<float:note>", methods=["POST"])
|
||||||
@bp.route("/evaluations/eval_set_notes?eval_id=<int:eval_id>&ine=<int:ine>¬e=<float:note>", methods=["POST"])
|
@bp.route("/evaluations/eval_set_notes?eval_id=<int:eval_id>&ine=<int:ine>¬e=<float:note>", methods=["POST"])
|
||||||
@token_auth.login_required
|
@token_auth.login_required
|
||||||
|
@permission_required(Permission.APIEditAllNotes)
|
||||||
def evaluation_set_notes(eval_id: int, note: float, etudid: int = None, nip: int = None, ine: int = None):
|
def evaluation_set_notes(eval_id: int, note: float, etudid: int = None, nip: int = None, ine: int = None):
|
||||||
"""
|
"""
|
||||||
Set les notes d'une évaluation pour un étudiant donnée
|
Set les notes d'une évaluation pour un étudiant donnée
|
||||||
|
@ -4,11 +4,14 @@ from flask import jsonify
|
|||||||
from app import models
|
from app import models
|
||||||
from app.api import bp
|
from app.api import bp
|
||||||
from app.api.errors import error_response
|
from app.api.errors import error_response
|
||||||
|
from app.decorators import permission_required
|
||||||
from app.scodoc.sco_formations import formation_export
|
from app.scodoc.sco_formations import formation_export
|
||||||
from app.scodoc.sco_moduleimpl import moduleimpl_list
|
from app.scodoc.sco_moduleimpl import moduleimpl_list
|
||||||
|
from app.scodoc.sco_permissions import Permission
|
||||||
|
|
||||||
|
|
||||||
@bp.route("/formations", methods=["GET"])
|
@bp.route("/formations", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def formations():
|
def formations():
|
||||||
"""
|
"""
|
||||||
Retourne la liste des formations
|
Retourne la liste des formations
|
||||||
@ -23,6 +26,7 @@ def formations():
|
|||||||
|
|
||||||
|
|
||||||
@bp.route("/formations/<int:formation_id>", methods=["GET"])
|
@bp.route("/formations/<int:formation_id>", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def formations_by_id(formation_id: int):
|
def formations_by_id(formation_id: int):
|
||||||
"""
|
"""
|
||||||
Retourne une formation en fonction d'un id donné
|
Retourne une formation en fonction d'un id donné
|
||||||
@ -39,6 +43,7 @@ def formations_by_id(formation_id: int):
|
|||||||
|
|
||||||
|
|
||||||
@bp.route("/formations/formation_export/<int:formation_id>", methods=["GET"])
|
@bp.route("/formations/formation_export/<int:formation_id>", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def formation_export_by_formation_id(formation_id: int, export_ids=False):
|
def formation_export_by_formation_id(formation_id: int, export_ids=False):
|
||||||
"""
|
"""
|
||||||
Retourne la formation, avec UE, matières, modules
|
Retourne la formation, avec UE, matières, modules
|
||||||
@ -55,6 +60,7 @@ def formation_export_by_formation_id(formation_id: int, export_ids=False):
|
|||||||
|
|
||||||
|
|
||||||
@bp.route("/formations/apo/<string:etape_apo>", methods=["GET"])
|
@bp.route("/formations/apo/<string:etape_apo>", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def formsemestre_apo(etape_apo: int):
|
def formsemestre_apo(etape_apo: int):
|
||||||
"""
|
"""
|
||||||
Retourne les informations sur les formsemestres
|
Retourne les informations sur les formsemestres
|
||||||
@ -75,6 +81,7 @@ def formsemestre_apo(etape_apo: int):
|
|||||||
|
|
||||||
|
|
||||||
@bp.route("/formations/moduleimpl/<int:moduleimpl_id>", methods=["GET"])
|
@bp.route("/formations/moduleimpl/<int:moduleimpl_id>", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def moduleimpls(moduleimpl_id: int):
|
def moduleimpls(moduleimpl_id: int):
|
||||||
"""
|
"""
|
||||||
Retourne la liste des moduleimpl
|
Retourne la liste des moduleimpl
|
||||||
@ -90,8 +97,8 @@ def moduleimpls(moduleimpl_id: int):
|
|||||||
return jsonify(data)
|
return jsonify(data)
|
||||||
|
|
||||||
|
|
||||||
@bp.route(
|
@bp.route("/formations/moduleimpl/<int:moduleimpl_id>/formsemestre/<int:formsemestre_id>", methods=["GET"])
|
||||||
"/formations/moduleimpl/<int:moduleimpl_id>/formsemestre/<int:formsemestre_id>", methods=["GET"])
|
@permission_required(Permission.APIView)
|
||||||
def moduleimpls_sem(moduleimpl_id: int, formsemestre_id: int):
|
def moduleimpls_sem(moduleimpl_id: int, formsemestre_id: int):
|
||||||
"""
|
"""
|
||||||
Retourne la liste des moduleimpl d'un semestre
|
Retourne la liste des moduleimpl d'un semestre
|
||||||
|
@ -4,12 +4,15 @@ from flask import jsonify
|
|||||||
from app import models
|
from app import models
|
||||||
from app.api import bp
|
from app.api import bp
|
||||||
from app.api.errors import error_response
|
from app.api.errors import error_response
|
||||||
|
from app.decorators import permission_required
|
||||||
from app.scodoc.sco_bulletins import formsemestre_bulletinetud_dict
|
from app.scodoc.sco_bulletins import formsemestre_bulletinetud_dict
|
||||||
|
from app.scodoc.sco_permissions import Permission
|
||||||
from app.scodoc.sco_pvjury import formsemestre_pvjury
|
from app.scodoc.sco_pvjury import formsemestre_pvjury
|
||||||
from app.scodoc.sco_recapcomplet import formsemestre_recapcomplet
|
from app.scodoc.sco_recapcomplet import formsemestre_recapcomplet
|
||||||
|
|
||||||
|
|
||||||
@bp.route("/formations/formsemestre/<int:formsemestre_id>", methods=["GET"])
|
@bp.route("/formations/formsemestre/<int:formsemestre_id>", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def formsemestre(formsemestre_id: int):
|
def formsemestre(formsemestre_id: int):
|
||||||
"""
|
"""
|
||||||
Retourne l'information sur le formsemestre correspondant au formsemestre_id
|
Retourne l'information sur le formsemestre correspondant au formsemestre_id
|
||||||
@ -38,6 +41,7 @@ def formsemestre(formsemestre_id: int):
|
|||||||
"/formsemestre/<int:formsemestre_id>/departements/<string:dept>/etudiant/ine/<int:ine>/bulletin",
|
"/formsemestre/<int:formsemestre_id>/departements/<string:dept>/etudiant/ine/<int:ine>/bulletin",
|
||||||
methods=["GET"],
|
methods=["GET"],
|
||||||
)
|
)
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def etudiant_bulletin(formsemestre_id, dept, etudid, format="json", *args, size):
|
def etudiant_bulletin(formsemestre_id, dept, etudid, format="json", *args, size):
|
||||||
"""
|
"""
|
||||||
Retourne le bulletin de note d'un étudiant
|
Retourne le bulletin de note d'un étudiant
|
||||||
@ -63,6 +67,7 @@ def etudiant_bulletin(formsemestre_id, dept, etudid, format="json", *args, size)
|
|||||||
|
|
||||||
|
|
||||||
@bp.route("/formsemestre/<int:formsemestre_id>/bulletins", methods=["GET"])
|
@bp.route("/formsemestre/<int:formsemestre_id>/bulletins", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def bulletins(formsemestre_id: int):
|
def bulletins(formsemestre_id: int):
|
||||||
"""
|
"""
|
||||||
Retourne les bulletins d'un formsemestre donné
|
Retourne les bulletins d'un formsemestre donné
|
||||||
@ -81,6 +86,7 @@ def bulletins(formsemestre_id: int):
|
|||||||
|
|
||||||
|
|
||||||
@bp.route("/formsemestre/<int:formsemestre_id>/jury", methods=["GET"])
|
@bp.route("/formsemestre/<int:formsemestre_id>/jury", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def jury(formsemestre_id: int):
|
def jury(formsemestre_id: int):
|
||||||
"""
|
"""
|
||||||
Retourne le récapitulatif des décisions jury
|
Retourne le récapitulatif des décisions jury
|
||||||
|
@ -36,6 +36,7 @@ from app.api import bp
|
|||||||
from app.api import requested_format
|
from app.api import requested_format
|
||||||
from app.api.auth import token_auth
|
from app.api.auth import token_auth
|
||||||
from app.api.errors import error_response
|
from app.api.errors import error_response
|
||||||
|
from app.decorators import permission_required
|
||||||
from app.models import Departement
|
from app.models import Departement
|
||||||
from app.scodoc.sco_logos import list_logos, find_logo
|
from app.scodoc.sco_logos import list_logos, find_logo
|
||||||
from app.scodoc.sco_permissions import Permission
|
from app.scodoc.sco_permissions import Permission
|
||||||
@ -43,6 +44,7 @@ from app.scodoc.sco_permissions import Permission
|
|||||||
|
|
||||||
@bp.route("/logos", methods=["GET"])
|
@bp.route("/logos", methods=["GET"])
|
||||||
@token_auth.login_required
|
@token_auth.login_required
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def api_get_glob_logos():
|
def api_get_glob_logos():
|
||||||
if not g.current_user.has_permission(Permission.ScoSuperAdmin, None):
|
if not g.current_user.has_permission(Permission.ScoSuperAdmin, None):
|
||||||
return error_response(401, message="accès interdit")
|
return error_response(401, message="accès interdit")
|
||||||
@ -55,6 +57,7 @@ def api_get_glob_logos():
|
|||||||
|
|
||||||
@bp.route("/logos/<string:logoname>", methods=["GET"])
|
@bp.route("/logos/<string:logoname>", methods=["GET"])
|
||||||
@token_auth.login_required
|
@token_auth.login_required
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def api_get_glob_logo(logoname):
|
def api_get_glob_logo(logoname):
|
||||||
if not g.current_user.has_permission(Permission.ScoSuperAdmin, None):
|
if not g.current_user.has_permission(Permission.ScoSuperAdmin, None):
|
||||||
return error_response(401, message="accès interdit")
|
return error_response(401, message="accès interdit")
|
||||||
@ -71,6 +74,7 @@ def api_get_glob_logo(logoname):
|
|||||||
|
|
||||||
@bp.route("/departements/<string:departement>/logos", methods=["GET"])
|
@bp.route("/departements/<string:departement>/logos", methods=["GET"])
|
||||||
@token_auth.login_required
|
@token_auth.login_required
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def api_get_local_logos(departement):
|
def api_get_local_logos(departement):
|
||||||
dept_id = Departement.from_acronym(departement).id
|
dept_id = Departement.from_acronym(departement).id
|
||||||
if not g.current_user.has_permission(Permission.ScoChangePreferences, departement):
|
if not g.current_user.has_permission(Permission.ScoChangePreferences, departement):
|
||||||
@ -81,6 +85,7 @@ def api_get_local_logos(departement):
|
|||||||
|
|
||||||
@bp.route("/departements/<string:departement>/logos/<string:logoname>", methods=["GET"])
|
@bp.route("/departements/<string:departement>/logos/<string:logoname>", methods=["GET"])
|
||||||
@token_auth.login_required
|
@token_auth.login_required
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def api_get_local_logo(departement, logoname):
|
def api_get_local_logo(departement, logoname):
|
||||||
# format = requested_format("jpg", ['png', 'jpg']) XXX ?
|
# format = requested_format("jpg", ['png', 'jpg']) XXX ?
|
||||||
dept_id = Departement.from_acronym(departement).id
|
dept_id = Departement.from_acronym(departement).id
|
||||||
|
@ -5,10 +5,13 @@ from app import models
|
|||||||
from app.api import bp
|
from app.api import bp
|
||||||
from app.api.auth import token_auth
|
from app.api.auth import token_auth
|
||||||
from app.api.errors import error_response
|
from app.api.errors import error_response
|
||||||
|
from app.decorators import permission_required
|
||||||
from app.scodoc.sco_groups import get_group_members, setGroups
|
from app.scodoc.sco_groups import get_group_members, setGroups
|
||||||
|
from app.scodoc.sco_permissions import Permission
|
||||||
|
|
||||||
|
|
||||||
@bp.route("/partitions/<int:formsemestre_id>", methods=["GET"])
|
@bp.route("/partitions/<int:formsemestre_id>", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def partition(formsemestre_id: int):
|
def partition(formsemestre_id: int):
|
||||||
"""
|
"""
|
||||||
Retourne la liste de toutes les partitions d'un formsemestre
|
Retourne la liste de toutes les partitions d'un formsemestre
|
||||||
@ -31,6 +34,7 @@ def partition(formsemestre_id: int):
|
|||||||
# )
|
# )
|
||||||
@bp.route("/partitions/groups/<int:group_id>", methods=["GET"])
|
@bp.route("/partitions/groups/<int:group_id>", methods=["GET"])
|
||||||
@bp.route("/partitions/groups/<int:group_id>/etat/<string:etat>", methods=["GET"])
|
@bp.route("/partitions/groups/<int:group_id>/etat/<string:etat>", methods=["GET"])
|
||||||
|
@permission_required(Permission.APIView)
|
||||||
def etud_in_group(group_id: int, etat=None):
|
def etud_in_group(group_id: int, etat=None):
|
||||||
"""
|
"""
|
||||||
Retourne la liste des étudiants dans un groupe
|
Retourne la liste des étudiants dans un groupe
|
||||||
@ -61,6 +65,7 @@ def etud_in_group(group_id: int, etat=None):
|
|||||||
"groups_to_create=<int:groups_to_create>&groups_to_delete=<int:groups_to_delete>", methods=["POST"],
|
"groups_to_create=<int:groups_to_create>&groups_to_delete=<int:groups_to_delete>", methods=["POST"],
|
||||||
)
|
)
|
||||||
@token_auth.login_required
|
@token_auth.login_required
|
||||||
|
@permission_required(Permission.APIEtudChangeGroups)
|
||||||
def set_groups(partition_id: int, groups_lists: int, groups_to_delete: int, groups_to_create: int):
|
def set_groups(partition_id: int, groups_lists: int, groups_to_delete: int, groups_to_create: int):
|
||||||
"""
|
"""
|
||||||
Set les groups
|
Set les groups
|
||||||
|
@ -13,11 +13,19 @@ SCODOC_PASSWORD = "admin"
|
|||||||
SCODOC_URL = "http://192.168.1.12:5000"
|
SCODOC_URL = "http://192.168.1.12:5000"
|
||||||
CHECK_CERTIFICATE = bool(int(os.environ.get("CHECK_CERTIFICATE", False)))
|
CHECK_CERTIFICATE = bool(int(os.environ.get("CHECK_CERTIFICATE", False)))
|
||||||
|
|
||||||
# r0 = requests.post(
|
HEADERS = None
|
||||||
# SCODOC_URL + "/ScoDoc/api/tokens", auth=(SCODOC_USER, SCODOC_PASSWORD)
|
|
||||||
# )
|
def get_token():
|
||||||
# token = r0.json()["token"]
|
"""
|
||||||
# HEADERS = {"Authorization": f"Bearer {token}"}
|
Permet de set le token dans le header
|
||||||
|
"""
|
||||||
|
global HEADERS
|
||||||
|
r0 = requests.post(
|
||||||
|
SCODOC_URL + "/ScoDoc/api/tokens", auth=(SCODOC_USER, SCODOC_PASSWORD)
|
||||||
|
)
|
||||||
|
token = r0.json()["token"]
|
||||||
|
HEADERS = {"Authorization": f"Bearer {token}"}
|
||||||
|
|
||||||
|
|
||||||
DEPT = None
|
DEPT = None
|
||||||
FORMSEMESTRE = None
|
FORMSEMESTRE = None
|
||||||
@ -29,10 +37,16 @@ def get_departement():
|
|||||||
"""
|
"""
|
||||||
Permet de tester departements() mais également de set un département dans DEPT pour la suite des tests
|
Permet de tester departements() mais également de set un département dans DEPT pour la suite des tests
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
get_token()
|
||||||
|
|
||||||
|
global HEADERS
|
||||||
|
|
||||||
|
print(HEADERS)
|
||||||
# departements
|
# departements
|
||||||
r = requests.get(
|
r = requests.get(
|
||||||
SCODOC_URL + "/ScoDoc/api/departements",
|
SCODOC_URL + "/ScoDoc/api/departements",
|
||||||
auth=(SCODOC_USER, SCODOC_PASSWORD)
|
headers=HEADERS, verify=CHECK_CERTIFICATE
|
||||||
)
|
)
|
||||||
|
|
||||||
if r.status_code == 200:
|
if r.status_code == 200:
|
||||||
|
@ -48,10 +48,10 @@ _SCO_PERMISSIONS = (
|
|||||||
(1 << 25, "RelationsEntreprisesSend", "Envoyer des offres"),
|
(1 << 25, "RelationsEntreprisesSend", "Envoyer des offres"),
|
||||||
(1 << 26, "RelationsEntreprisesValidate", "Valide les entreprises"),
|
(1 << 26, "RelationsEntreprisesValidate", "Valide les entreprises"),
|
||||||
# Api scodoc9
|
# Api scodoc9
|
||||||
(1 << 27, "APIView", ""),
|
(1 << 27, "APIView", "Voir"),
|
||||||
(1 << 28, "APIEtudChangeGroups", ""),
|
(1 << 28, "APIEtudChangeGroups", "Modifier les groupes"),
|
||||||
(1 << 29, "APIEditAllNotes", ""),
|
(1 << 29, "APIEditAllNotes", "Modifier toutes les notes"),
|
||||||
(1 << 30, "APIAbsChange", ""),
|
(1 << 30, "APIAbsChange", "Saisir des absences"),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user