Esempio n. 1
0
def edit(user_id=None):

    if request.args.get('internaute'):
        title_page = 'Internautes'
    else:
        title_page = 'Utilisateurs'

    if user_id:

        data = Users.objects.get(id=user_id)

        if current_user.has_roles([('super_admin', 'user')],
                                  ['edit']) and data.id == current_user.id:
            return redirect(url_for('user.view', user_id=user_id))

        form = FormUser(obj=data)
        form.id.data = str(data.id)

        # liste des roles lie a l'utiliasteur en cours
        attrib_list = [role.role_id.id for role in data.roles]

        # liste des roles lie a l'utiliasteur en cours avec le droit d'edition
        edit_list = [
            role.role_id.id for role in data.roles if role.edit == True
        ]

        # liste des roles lie a l'utiliasteur en cours avec le droit de suppression
        delete_list = [
            role.role_id.id for role in data.roles if role.deleted == True
        ]

        liste_role = []
        data_role = Roles.objects(valeur__ne='super_admin')

        for role in data_role:
            if not role.parent:
                module = {}
                module['titre'] = role.titre
                module['id'] = role.id
                enfants = Roles.objects(parent=role.id)
                module['role'] = []
                for enfant in enfants:
                    rol = {}
                    rol['id'] = enfant.id
                    rol['titre'] = enfant.titre
                    rol['action'] = enfant.action
                    module['role'].append(rol)
                liste_role.append(module)

    else:
        data = Users()
        form = FormUser()
        if request.args.get('field_soldier'):
            form.user.data = 1
        else:
            form.user.data = 2

    if form.validate_on_submit(
    ) and request.method == 'POST' and current_user.has_roles(
        [('super_admin', 'user')], ['edit']) and current_user.id != data.id:

        data.first_name = form.first_name.data
        data.last_name = form.last_name.data

        if form.email.data != data.email and user_id:
            flash('L\'adresse email ne peut etre modifier dans cette action.',
                  'warning')

        if not user_id:
            data.email = form.email.data
            data.user = int(form.user.data)
            count_user = Users.objects(user__gte=1).count()
            data.ref = function.reference(count=count_user + 1,
                                          caractere=4,
                                          user=True,
                                          refuser=None)

        data.fonction = form.fonction.data
        data.phone = form.phone.data
        data.note = form.note.data

        if not user_id:
            data.activated = False

        data = data.save()

        if not user_id:

            from ..company.models_company import Company

            info = Company.objects.first()

            token = generate_confirmation_token(data.email)
            confirm_url = url_for('user_param.confirm_email',
                                  user_id=data.id,
                                  token=token,
                                  _external=True)
            html = render_template('template_mail/user/activate.html',
                                   **locals())

            msg = Message()
            msg.recipients = [data.email]
            msg.add_recipient(info.senderNotification)
            msg.subject = data.full_name(
            ) + ', veuillez confirmer votre adresse e-mail'
            msg.sender = (info.senderNotification, '*****@*****.**')

            msg.html = html
            mail.send(msg)

            flash(
                'Un mail de confirmation a ete envoye dans l\'adresse email fournit lors de la creation.',
                'success')

        if user_id:
            form_attrib = request.form.getlist('attrib')

            form_edit = request.form.getlist('edit')
            form_delete = request.form.getlist('delete')

            # Insertion des roles et authorisation en provenance du formulaire
            for attrib in form_attrib:

                role_form = Roles.objects.get(id=attrib)
                profil_role_exist = Users.objects(
                    Q(roles__role_id=role_form.id) & Q(id=data.id))

                if profil_role_exist:
                    if attrib in form_edit:
                        profil_role_exist.update_one(set__roles__S__edit=True)
                    else:
                        profil_role_exist.update_one(set__roles__S__edit=False)

                    if attrib in form_delete:
                        profil_role_exist.update_one(
                            set__roles__S__deleted=True)
                    else:
                        profil_role_exist.update_one(
                            set__roles__S__deleted=False)
                else:
                    profil_role_create = UserRole()
                    profil_role_create.role_id = role_form
                    if attrib in form_edit:
                        profil_role_create.edit = True
                    else:
                        profil_role_create.edit = False

                    if attrib in form_delete:
                        profil_role_create.deleted = True
                    else:
                        profil_role_create.deleted = False

                    data = Users.objects.get(id=user_id)
                    data.roles.append(profil_role_create)
                    data.save()

            for role in data.roles:
                if str(role.role_id.id) not in form_attrib:
                    profil_role_exist = Users.objects(id=data.id).update_one(
                        pull__roles__role_id=role.role_id)

        flash('Enregistement effectue avec succes', 'success')

        if request.form['nouveau'] == '1':
            return redirect(url_for('user_param.edit'))
        else:

            return redirect(url_for('user_param.view', user_id=data.id))

    return render_template('user/edit.html', **locals())
Esempio n. 2
0
def edit(data_id=None):

    if data_id:
        data = Users.objects.get(id=data_id)
        form = FormUser(obj=data)
        form.id.data = data_id

        if request.method == 'GET':
            if data.categorie:
                form.categorie.data = []
                for cat in data.categorie:
                    form.categorie.data.append(str(cat.id))

            if data.appareil:
                form.appareil.data = []
                for cat in data.appareil:
                    form.appareil.data.append(str(cat.id))

    else:
        data = Users()
        form = FormUser()

    compte = Comptes.objects().get(id=session.get('compte_id'))

    form.categorie.choices = [('', 'Aucune categorie')]

    categorie = Categories.objects(Q(type_cat=1) & Q(compte=compte))
    for choice in categorie:
        form.categorie.choices.append((str(choice.id), choice.name))

    form.appareil.choices = [('', 'Tous les magasins')]

    appareil = PointDeVente.objects(compte=compte)
    for choice in appareil:
        form.appareil.choices.append((str(choice.id), choice.name))

    if data.admin_compte and request.method == 'POST':
        del form.categorie
        del form.appareil

    if form.validate_on_submit():

        data.first_name = form.first_name.data
        data.last_name = form.last_name.data
        data.email = form.email.data
        data.phone = form.phone.data

        data.compte = compte

        new = False
        if not data.id:
            data.activated = False
            data.pin = "0000"
            new = True

        data.appareil = []
        if form.appareil and form.appareil.data:
            magasin = PointDeVente.objects().get(id=form.appareil.data)
            data.appareil.appent(magasin)

        data.categorie = []
        if form.categorie and form.categorie.data:
            categorie = Categories.objects().get(id=form.categorie.data)
            data.categorie.appent(categorie)

        data.save()

        if new:

            token = generate_confirmation_token(data.email)
            confirm_url = url_for('home_user.confirm_email',
                                  user_id=data.id,
                                  token=token,
                                  _external=True)

            # Design de l'email a faire
            html = render_template('template_mail/user/activate.html',
                                   **locals())

            msg = Message()
            msg.recipients = [data.email]
            msg.subject = data.full_name(
            ) + ', veuillez confirmer votre adresse e-mail'
            msg.sender = (data.email, '*****@*****.**')

            msg.html = html

        flash('Enregistrement avec succes.', 'success')
        return redirect(url_for('user.index'))

    list_roles = global_role

    return render_template('user/edit.html', **locals())