def edit(user_id=None): if request.args.get('internaute'): title_page = 'Internautes' else: title_page = 'Utilisateurs' if user_id: data = Users.objects.get(id=user_id) if current_user.has_roles([('super_admin', 'user')], ['edit']) and data.id == current_user.id: return redirect(url_for('user.view', user_id=user_id)) form = FormUser(obj=data) form.id.data = str(data.id) # liste des roles lie a l'utiliasteur en cours attrib_list = [role.role_id.id for role in data.roles] # liste des roles lie a l'utiliasteur en cours avec le droit d'edition edit_list = [ role.role_id.id for role in data.roles if role.edit == True ] # liste des roles lie a l'utiliasteur en cours avec le droit de suppression delete_list = [ role.role_id.id for role in data.roles if role.deleted == True ] liste_role = [] data_role = Roles.objects(valeur__ne='super_admin') for role in data_role: if not role.parent: module = {} module['titre'] = role.titre module['id'] = role.id enfants = Roles.objects(parent=role.id) module['role'] = [] for enfant in enfants: rol = {} rol['id'] = enfant.id rol['titre'] = enfant.titre rol['action'] = enfant.action module['role'].append(rol) liste_role.append(module) else: data = Users() form = FormUser() if request.args.get('field_soldier'): form.user.data = 1 else: form.user.data = 2 if form.validate_on_submit( ) and request.method == 'POST' and current_user.has_roles( [('super_admin', 'user')], ['edit']) and current_user.id != data.id: data.first_name = form.first_name.data data.last_name = form.last_name.data if form.email.data != data.email and user_id: flash('L\'adresse email ne peut etre modifier dans cette action.', 'warning') if not user_id: data.email = form.email.data data.user = int(form.user.data) count_user = Users.objects(user__gte=1).count() data.ref = function.reference(count=count_user + 1, caractere=4, user=True, refuser=None) data.fonction = form.fonction.data data.phone = form.phone.data data.note = form.note.data if not user_id: data.activated = False data = data.save() if not user_id: from ..company.models_company import Company info = Company.objects.first() token = generate_confirmation_token(data.email) confirm_url = url_for('user_param.confirm_email', user_id=data.id, token=token, _external=True) html = render_template('template_mail/user/activate.html', **locals()) msg = Message() msg.recipients = [data.email] msg.add_recipient(info.senderNotification) msg.subject = data.full_name( ) + ', veuillez confirmer votre adresse e-mail' msg.sender = (info.senderNotification, '*****@*****.**') msg.html = html mail.send(msg) flash( 'Un mail de confirmation a ete envoye dans l\'adresse email fournit lors de la creation.', 'success') if user_id: form_attrib = request.form.getlist('attrib') form_edit = request.form.getlist('edit') form_delete = request.form.getlist('delete') # Insertion des roles et authorisation en provenance du formulaire for attrib in form_attrib: role_form = Roles.objects.get(id=attrib) profil_role_exist = Users.objects( Q(roles__role_id=role_form.id) & Q(id=data.id)) if profil_role_exist: if attrib in form_edit: profil_role_exist.update_one(set__roles__S__edit=True) else: profil_role_exist.update_one(set__roles__S__edit=False) if attrib in form_delete: profil_role_exist.update_one( set__roles__S__deleted=True) else: profil_role_exist.update_one( set__roles__S__deleted=False) else: profil_role_create = UserRole() profil_role_create.role_id = role_form if attrib in form_edit: profil_role_create.edit = True else: profil_role_create.edit = False if attrib in form_delete: profil_role_create.deleted = True else: profil_role_create.deleted = False data = Users.objects.get(id=user_id) data.roles.append(profil_role_create) data.save() for role in data.roles: if str(role.role_id.id) not in form_attrib: profil_role_exist = Users.objects(id=data.id).update_one( pull__roles__role_id=role.role_id) flash('Enregistement effectue avec succes', 'success') if request.form['nouveau'] == '1': return redirect(url_for('user_param.edit')) else: return redirect(url_for('user_param.view', user_id=data.id)) return render_template('user/edit.html', **locals())
def permission(user_id): menu = 'user' submenu = 'users' context = 'permission' title_page = 'Parametre - Utilisateurs' user = Users.objects.get(id=user_id) # liste des roles lie a l'utiliasteur en cours attrib = UserRole.objects( user_id = user.id ) attrib_list = [role.role_id.id for role in attrib] # liste des roles lie a l'utiliasteur en cours avec le droit d'edition edit = UserRole.objects(Q(user_id=user.id) & Q(edit=True)) edit_list = [role.role_id.id for role in edit] # liste des roles lie a l'utiliasteur en cours avec le droit de suppression delete = UserRole.objects(Q(user_id=user.id) & Q(deleted=True)) delete_list = [role.role_id.id for role in delete] liste_role = [] data_role = Roles.objects( valeur__ne='super_admin' ) for role in data_role: if not role.parent: module = {} module['titre'] = role.titre module['id'] = role.id enfants = Roles.objects( parent = role.id ) module['role'] = [] for enfant in enfants: rol = {} rol['id'] = enfant.id rol['titre'] = enfant.titre rol['action'] = enfant.action module['role'].append(rol) liste_role.append(module) # liste des profils de l'application list_profil = Profil.objects( active=True ) profil_select = None if request.args.get('profil') and request.method == 'GET': profil_select = int(request.args.get('profil')) profil_request = Profil.objects.get(id=request.args.get('profil')) attrib = ProfilRole.objects( profil_id= profil_request.id ) attrib_list = [role.role_id.id for role in attrib] # liste des roles lie a l'utiliasteur en cours avec le droit d'edition edit = ProfilRole.objects(Q(profil_id=profil_request) & Q(edit=True)) edit_list = [role.role_id.id for role in edit] # liste des roles lie a l'utiliasteur en cours avec le droit de suppression delete = ProfilRole.objects(Q(profil_id=profil_request.id) & Q(deleted=True)) delete_list = [role.role_id.id for role in delete] if request.method == 'POST' and current_user.has_roles([('super_admin', 'user_permission')], ['edit']): form_attrib = request.form.getlist('attrib') # if not form_attrib and attrib_list: # flash('Les utilisateurs ne doivent pas exister sans permission dans l\'application', 'warning') # return redirect(url_for('user_param.permission', user_id=user_id)) # elif form_attrib: # user.is_enabled = True # user.put() form_edit = request.form.getlist('edit') form_delete = request.form.getlist('delete') # liste des roles lie au profil et supprimer ce qui ne sont plus attribue current_profil_role = UserRole.objects( user_id = user.id ) for current in current_profil_role: if current.role_id.id not in form_attrib: current.delete() # Insertion des roles et authorisation en provenance du formulaire for attrib in form_attrib: role_form = Roles.objects.get(id=attrib) profil_role_exist = UserRole.objects(Q(role_id=role_form.id) & Q(user_id=user.id)).first() if profil_role_exist: if attrib in form_edit: profil_role_exist.edit = True else: profil_role_exist.edit = False if attrib in form_delete: profil_role_exist.deleted = True else: profil_role_exist.deleted = False profil_role_exist.save() else: profil_role_create = UserRole() profil_role_create.role_id = role_form profil_role_create.user_id = user if attrib in form_edit: profil_role_create.edit = True else: profil_role_create.edit = False if attrib in form_delete: profil_role_create.deleted = True else: profil_role_create.deleted = False profil_role_create.save() flash('Enregistement effectue avec succes', 'success') return redirect(url_for('user_param.permission', user_id=user_id)) return render_template('user/permission.html', **locals())