autoriser les personnes autres que les tech à valider les RDF

2020-04-24 14:29:29 +02:00
parent 0547979dd2
commit 9693c53ded
6 changed files with 17 additions and 12 deletions
--- a/README.md
+++ b/README.md
@@ -11,8 +11,8 @@ Elle est développée avec les composants open source suivants :

 - [Python](https://www.python.org/downloads/) 3.7
 - [Pyramid web framework](https://trypyramid.com/) 1.10
- [MySQL server](https://mysql.com/) 8.0
- [Apache web server](https://apache.org/)
+- [MySQL server](https://mysql.com/) 5.7 sur Windows Server 2008 R2 Standard
+- [Apache web server](https://apache.org/) 2.4 sur Debian GNU/Linux 9 (stretch) 

 ## Frontend

--- a/mondumas/models/default.py
+++ b/mondumas/models/default.py
@@ -19,6 +19,13 @@ def execute_query(request, query, params):
    mark_changed(request.dbsession)
    transaction.commit()

+def get_userAccess(request, logged_in):
+    member = get_member_by_id(request, logged_in)
+    if member:
+        return member.access 
+    else:
+        return 0 
+    
 def get_codespostaux(request, code):
    query = "SELECT * FROM p_codespostaux WHERE code_postal like :code;"
    results = request.dbsession.execute(query, {'code': code + "%"})
--- a/mondumas/templates/agenda/agenda.pt
+++ b/mondumas/templates/agenda/agenda.pt
@@ -8,7 +8,7 @@
 		<form method="POST" id="frm" class="form-horizontal">
 			<div class="form-group">
 				<div class="col-xs-4">
-					<select class="form-control" id="agenda" name="agenda" onChange="$('#frm').submit()" tal:condition="isCommercial==False">
+					<select class="form-control" id="agenda" name="agenda" onChange="$('#frm').submit()" tal:condition="access > 0">
 						<div tal:repeat="item agendas">
 							<option value="${item.CD_UTI}" tal:attributes="selected agenda==item.CD_UTI and 'selected' or None">${item.NOM}</option>
 						</div>
--- a/mondumas/templates/dossier/rdf_view.pt
+++ b/mondumas/templates/dossier/rdf_view.pt
@@ -358,9 +358,9 @@
                        <span class="glyphicon glyphicon-pencil"></span> Modifier</a>
                    <button class="btn btn-danger" type="submit" name="form.delete" tal:condition="not rapport.signature_svg and date_relu==''">
                        <span class="glyphicon glyphicon-remove"></span> Supprimer</button>
-                    <button class="btn btn-success" type="submit" name="form.validate" tal:condition="(logged_in=='JMP' or logged_in=='CAO') and date_relu==''">
+                    <button class="btn btn-success" type="submit" name="form.validate" tal:condition="access > 0 and date_relu==''">
                        <span class="glyphicon glyphicon-ok"></span> Valider</button>
-                    <div tal:condition="(logged_in=='MD' or logged_in=='CAO') and date_relu!=''">
+                    <div tal:condition="access > 0 and date_relu!=''">
                        <br />
                        <a class="btn btn-default" href="/rdf_rapport/${rapport.no_id}">
                            <span class="glyphicon glyphicon-file"></span> Aperçu PDF</a>
--- a/mondumas/views/agenda.py
+++ b/mondumas/views/agenda.py
@@ -108,12 +108,8 @@ def agenda(request):
    # liste des users avec agenda
    agendas = get_users_agenda(request, '')
    
-    # le user est-il un commercial ?
    member = get_member_by_id(request, logged_in)
-    if member.access == 0:
-        isCommercial = True 
-    else:
-        isCommercial = False 
+    access = member.access 
    agenda = member.agenda
    
    # prendre en compte les paramètres de saisie
@@ -169,7 +165,7 @@ def agenda(request):
        'calendar_events': json.dumps(events),
        'agendas': agendas,
        'agenda': agenda,
-        'isCommercial': isCommercial,
+        'access': access,
        'types_rdv': types_rdv,
        'type_rdv': type_rdv,
        'message': message,
--- a/mondumas/views/dossier.py
+++ b/mondumas/views/dossier.py
@@ -543,6 +543,8 @@ def rdf_list(request):
@view_config(route_name='rdf_view', renderer='../templates/dossier/rdf_view.pt', permission='view')
 def rdf_view(request):
    logged_in = request.authenticated_userid.upper()
+    # lire code accès du user
+    access = get_userAccess(request, logged_in) 
    norapport = request.matchdict['no_id']
    url = request.route_url('rdf_view', no_id=norapport)
    
@@ -610,7 +612,7 @@ def rdf_view(request):
        'page_title': "Rapport no %s du %s" % (norapport, rapport.date_inter.strftime('%d-%m-%Y')),
        'url': url,
        'pt_name': 'rdf_view',
-        'logged_in': logged_in,
+        'access': access,
        'rapport': rapport,
        'nodossier': nodossier,
        'nochantier': rapport.nochantier,