예제 #1
0
def permission(user_id):
    menu = 'societe'
    submenu = 'users'
    context = 'permission'
    title_page = 'Parametre - Utilisateurs'

    user = Users.get_by_id(user_id)

    # liste des roles lie a l'utiliasteur en cours
    attrib = UserRole.query(
        UserRole.user_id == user.key
    )
    attrib_list = [role.role_id.get().key.id() for role in attrib]

    # liste des roles lie a l'utiliasteur en cours avec le droit d'edition
    edit = UserRole.query(
        UserRole.user_id == user.key,
        UserRole.edit == True
    )
    edit_list = [role.role_id.get().key.id() for role in edit]

    # liste des roles lie a l'utiliasteur en cours avec le droit de suppression
    delete = UserRole.query(
        UserRole.user_id == user.key,
        UserRole.delete == True
    )
    delete_list = [role.role_id.get().key.id() for role in delete]


    liste_role = []
    data_role = Roles.query(
        Roles.valeur != 'super_admin'
    )

    for role in data_role:
        if not role.parent:
            module = {}
            module['titre'] = role.titre
            module['id'] = role.key.id()
            enfants = Roles.query(
                Roles.parent == role.key
            )
            module['role'] = []
            for enfant in enfants:
                rol = {}
                rol['id'] = enfant.key.id()
                rol['titre'] = enfant.titre
                rol['action'] = enfant.action
                module['role'].append(rol)
            liste_role.append(module)

    # liste des profils de l'application
    list_profil = Profil.query(
        Profil.active == True
    )

    profil_select = None
    if request.args.get('profil') and request.method == 'GET':

        profil_select = int(request.args.get('profil'))
        profil_request = Profil.get_by_id(int(request.args.get('profil')))

        attrib = ProfilRole.query(
            ProfilRole.profil_id == profil_request.key,
        )

        attrib_list = [role.role_id.get().key.id() for role in attrib]

        # liste des roles lie a l'utiliasteur en cours avec le droit d'edition
        edit = ProfilRole.query(
            ProfilRole.profil_id == profil_request.key,
            ProfilRole.edit == True
        )
        edit_list = [role.role_id.get().key.id() for role in edit]

        # liste des roles lie a l'utiliasteur en cours avec le droit de suppression
        delete = ProfilRole.query(
            ProfilRole.profil_id == profil_request.key,
            ProfilRole.delete == True
        )
        delete_list = [role.role_id.get().key.id() for role in delete]


    if request.method == 'POST' and current_user.has_roles([('super_admin', 'user_permission')], ['edit']):

        form_attrib = request.form.getlist('attrib')

        # if not form_attrib and attrib_list:
        #     flash('Les utilisateurs ne doivent pas exister sans permission dans l\'application', 'warning')
        #     return redirect(url_for('user_param.permission', user_id=user_id))
        # elif form_attrib:
        #     user.is_enabled = True
        #     user.put()

        form_edit = request.form.getlist('edit')
        form_delete = request.form.getlist('delete')

        # liste des roles lie au profil et supprimer ce qui ne sont plus attribue
        current_profil_role = UserRole.query(
            UserRole.user_id == user.key
        )
        for current in current_profil_role:
            if current.role_id.get().key.id() not in form_attrib:
                current.key.delete()

        # Insertion des roles et authorisation en provenance du formulaire
        for attrib in form_attrib:

            role_form = Roles.get_by_id(int(attrib))

            profil_role_exist = UserRole.query(
                UserRole.role_id == role_form.key,
                UserRole.user_id == user.key
            ).get()

            if profil_role_exist:
                if attrib in form_edit:
                    profil_role_exist.edit = True
                else:
                    profil_role_exist.edit = False

                if attrib in form_delete:
                    profil_role_exist.delete = True
                else:
                    profil_role_exist.delete = False

                profil_role_exist.put()
            else:
                profil_role_create = UserRole()
                profil_role_create.role_id = role_form.key
                profil_role_create.user_id = user.key
                if attrib in form_edit:
                    profil_role_create.edit = True
                else:
                    profil_role_create.edit = False

                if attrib in form_delete:
                    profil_role_create.delete = True
                else:
                    profil_role_create.delete = False

                profil_role_create.put()

        flash('Enregistement effectue avec succes', 'success')
        return redirect(url_for('user_param.permission', user_id=user_id))

    return render_template('user/permission.html', **locals())
예제 #2
0
def edit(user_id=None):

    if user_id:
        users = Users.get_by_id(user_id)
        form = FormUser(obj=users)
        form.id.data = user_id
        form.profil.data = users.profil_id.id()
    else:
        users = Users()
        form = FormUser()

    form.client.data = 0

    form.profil.choices = [(0, 'Selectionnez un profil')]
    for choice in Profil.query():
        profilRole = ProfilRole.query(
            ProfilRole.profil_id == choice.key).count()
        if profilRole:
            form.profil.choices.append((choice.key.id(), choice.name))

    success = False
    if form.validate_on_submit():

        profil = None
        if form.profil.data:

            profil = Profil.get_by_id(int(form.profil.data))

            if users.profil_id and users.profil_id != profil.key and user_id:
                role_del = ProfilRole.query(
                    ProfilRole.profil_id == users.profil)

                for role_del in role_del:
                    remove_role = UserRole.query(
                        UserRole.role_id == role_del.role_id,
                        UserRole.user_id == users.key).get()

                    remove_role.key.delete()

            users.profil_id = profil.key

        users.name = form.name.data
        users.phone = form.phone.data
        users.email = form.email.data
        users.login = form.login.data

        from random import choice
        from string import digits

        code = list()
        for i in range(5):
            code.append(choice(digits))

        users.pin = int(''.join(code))

        UserCreate = users.put()

        if form.profil.data:
            all_role = ProfilRole.query(ProfilRole.profil_id == profil.key)

            # insertion de chaque role a l'utilisateur cree
            UserCreate = Users.get_by_id(UserCreate.id())

            for role in all_role:
                UserRoles = UserRole()
                UserRoles.role_id = role.role_id
                UserRoles.user_id = UserCreate.key
                UserRoles.edit = role.edit
                UserRoles.delete = role.delete
                UserRoles.put()

        flash('Enregistement effectue avec succes', 'success')
        success = True

    return render_template('user/edit.html', **locals())
예제 #3
0
def permission(user_id):

    user = Users.get_by_id(user_id)

    # liste des roles lie a l'utiliasteur en cours
    attrib = UserRole.query(UserRole.user_id == user.key)
    attrib_list = [role.role_id.get().key.id() for role in attrib]

    # liste des roles lie a l'utiliasteur en cours avec le droit d'edition
    edit = UserRole.query(UserRole.user_id == user.key, UserRole.edit == True)
    edit_list = [role.role_id.get().key.id() for role in edit]

    # liste des roles lie a l'utiliasteur en cours avec le droit de suppression
    delete = UserRole.query(UserRole.user_id == user.key,
                            UserRole.delete == True)
    delete_list = [role.role_id.get().key.id() for role in delete]

    liste_role = []
    data_role = Roles.query(Roles.valeur != 'super_admin')

    for role in data_role:
        if not role.parent:
            module = {}
            module['titre'] = role.titre
            module['id'] = role.key.id()
            enfants = Roles.query(Roles.parent == role.key)
            module['role'] = []
            for enfant in enfants:
                rol = {}
                rol['id'] = enfant.key.id()
                rol['titre'] = enfant.titre
                rol['action'] = enfant.action
                module['role'].append(rol)
            liste_role.append(module)

    # liste des profils de l'application
    list_profil = Profil.query(Profil.active == True)
    # and current_user.has_roles([('super_admin', 'user_permission')], ['edit'])
    success = False
    if request.method == 'POST':

        form_attrib = request.form.getlist('attrib')

        # if not form_attrib and attrib_list:
        #     flash('Les utilisateurs ne doivent pas exister sans permission dans l\'application', 'warning')
        #     return redirect(url_for('user_param.permission', user_id=user_id))
        # elif form_attrib:
        #     user.is_enabled = True
        #     user.put()

        form_edit = request.form.getlist('edit')
        form_delete = request.form.getlist('delete')

        # liste des roles lie au profil et supprimer ce qui ne sont plus attribue
        current_profil_role = UserRole.query(UserRole.user_id == user.key)
        for current in current_profil_role:
            if current.role_id.get().key.id() not in form_attrib:
                current.key.delete()

        # Insertion des roles et authorisation en provenance du formulaire
        for attrib in form_attrib:

            role_form = Roles.get_by_id(int(attrib))

            profil_role_exist = UserRole.query(
                UserRole.role_id == role_form.key,
                UserRole.user_id == user.key).get()

            if profil_role_exist:
                if attrib in form_edit:
                    profil_role_exist.edit = True
                else:
                    profil_role_exist.edit = False

                if attrib in form_delete:
                    profil_role_exist.delete = True
                else:
                    profil_role_exist.delete = False

                profil_role_exist.put()
            else:
                profil_role_create = UserRole()
                profil_role_create.role_id = role_form.key
                profil_role_create.user_id = user.key
                if attrib in form_edit:
                    profil_role_create.edit = True
                else:
                    profil_role_create.edit = False

                if attrib in form_delete:
                    profil_role_create.delete = True
                else:
                    profil_role_create.delete = False

                profil_role_create.put()

        success = True
        flash('Enregistement effectue avec succes', 'success')

    return render_template('user/permission.html', **locals())
예제 #4
0
def edit(user_id=None):

    if user_id:
        users = Users.get_by_id(user_id)
        form = FormUser(obj=users)
        form.id.data = user_id
        form.profil.data = users.profil_id.id()
    else:
        users = Users()
        form = FormUser()

    form.client.data = 0

    form.profil.choices = [(0, 'Selectionnez un profil')]
    for choice in Profil.query():
        profilRole = ProfilRole.query(ProfilRole.profil_id == choice.key).count()
        if profilRole:
            form.profil.choices.append((choice.key.id(), choice.name))

    success = False
    if form.validate_on_submit():

        profil = None
        if form.profil.data:

            profil = Profil.get_by_id(int(form.profil.data))

            if users.profil_id and users.profil_id != profil.key and user_id:
                role_del = ProfilRole.query(
                    ProfilRole.profil_id == users.profil
                )

                for role_del in role_del:
                    remove_role = UserRole.query(
                        UserRole.role_id == role_del.role_id,
                        UserRole.user_id == users.key
                    ).get()

                    remove_role.key.delete()

            users.profil_id = profil.key

        users.name = form.name.data
        users.phone = form.phone.data
        users.email = form.email.data
        users.login = form.login.data


        from random import choice
        from string import digits

        code = list()
        for i in range(5):
            code.append(choice(digits))

        users.pin = int(''.join(code))

        UserCreate = users.put()


        if form.profil.data:
            all_role = ProfilRole.query(
                    ProfilRole.profil_id == profil.key
            )

            # insertion de chaque role a l'utilisateur cree
            UserCreate = Users.get_by_id(UserCreate.id())

            for role in all_role:
                UserRoles = UserRole()
                UserRoles.role_id = role.role_id
                UserRoles.user_id = UserCreate.key
                UserRoles.edit = role.edit
                UserRoles.delete = role.delete
                UserRoles.put()

        flash('Enregistement effectue avec succes', 'success')
        success = True

    return render_template('user/edit.html', **locals())