Gestion très primaire des utilisateurs

kfet/autocomplete.py

@@ -2,43 +2,66 @@ from django.shortcuts import render
 from django.http import Http404
 from django.db.models import Q
 from gestioncof.models import User, Clipper
+from kfet.models import Account
 
-def account_new(request):
+def account_create(request):
     if "q" not in request.GET:
         raise Http404
     q = request.GET.get("q")
 
     if (len(q) == 0):
-        return render(request, "kfet/account_new_autocomplete.html")
+        return render(request, "kfet/account_create_autocomplete.html")
 
     data = {'q': q}
 
     queries = {}
     search_words = q.split()
 
+    queries['kfet']         = Account.objects
     queries['users_cof']    = User.objects.filter(Q(profile__is_cof = True))
     queries['users_notcof'] = User.objects.filter(Q(profile__is_cof = False))
     queries['clippers']     = Clipper.objects
 
     for word in search_words:
+        queries['kfet'] = queries['kfet'].filter(
+                Q(cofprofile__user__username__icontains = word)
+                | Q(cofprofile__user__first_name__icontains = word)
+                | Q(cofprofile__user__last_name__icontains = word)
+            )
         queries['users_cof'] = queries['users_cof'].filter(
                 Q(username__icontains = word)
                 | Q(first_name__icontains = word)
-                | Q(last_name__icontains = word))
+                | Q(last_name__icontains = word)
+            )
         queries['users_notcof'] = queries['users_notcof'].filter(
                 Q(username__icontains = word)
                 | Q(first_name__icontains = word)
-                | Q(last_name__icontains = word))
+                | Q(last_name__icontains = word)
+            )
         queries['clippers']     = queries['clippers'].filter(
                 Q(username__icontains = word)
-                | Q(fullname__icontains = word))
+                | Q(fullname__icontains = word)
+            )
 
-    queries['users_cof'] = queries['users_cof'].distinct()
+    queries['kfet'] = queries['kfet'].distinct()
-    queries['users_notcof'] = queries['users_notcof'].distinct()
+    print(queries['kfet'])
+
+    usernames = list( \
+        queries['kfet'].values_list('cofprofile__user__username', flat=True))
+
+    queries['kfet'] = [ (account, account.cofprofile.user) \
+                        for account in queries['kfet'] ]
+
+    queries['users_cof']    =  \
+        queries['users_cof'].exclude(username__in=usernames).distinct()
+    queries['users_notcof'] =  \
+        queries['users_notcof'].exclude(username__in=usernames).distinct()
+
+    usernames += list( \
+        queries['users_cof'].values_list('username', flat=True))
+    usernames += list( \
+        queries['users_notcof'].values_list('username', flat=True))
 
-    usernames  = list(queries['users_cof'].values_list('username', flat=True))
-    usernames += list(queries['users_notcof'] \
-                                          .values_list('username', flat=True))
     queries['clippers'] = \
         queries['clippers'].exclude(username__in=usernames).distinct()
 
@@ -49,4 +72,4 @@ def account_new(request):
         options += len(query)
     data['options'] = options
 
-    return render(request, "kfet/account_new_autocomplete.html", data)
+    return render(request, "kfet/account_create_autocomplete.html", data)

kfet/forms.py

@@ -3,18 +3,32 @@ from django.contrib.auth.models import User
 from kfet.models import Account
 from gestioncof.models import CofProfile
 
-class AccountTrigrammeForm(forms.ModelForm):
+class AccountForm(forms.ModelForm):
+
+    # Surcharge pour passer data à Account.save()
+    def save(self, data = {}, *args, **kwargs):
+        obj = super(AccountForm, self).save(commit = False, *args, **kwargs)
+        obj.save(data = data)
+        return obj
+
     class Meta:
         model  = Account
-        fields = ['trigramme']
+        fields = ['trigramme', 'promo', 'nickname']
         widgets = {
             'trigramme': forms.TextInput(attrs={'autocomplete': 'off'}),
         }
 
-class AccountForm(forms.ModelForm):
+class AccountTriForm(AccountForm):
-    class Meta:
+    class Meta(AccountForm.Meta):
-        model  = Account
+        fields = ['trigramme']
-        fields = ['promo', 'nickname']
+
+class AccountNoTriForm(AccountForm):
+    class Meta(AccountForm.Meta):
+        exclude = ['trigramme']
+
+class AccountRestrictForm(AccountForm):
+    class Meta(AccountForm.Meta):
+        fields = ['promo']
 
 class CofForm(forms.ModelForm):
     def clean_is_cof(self):
@@ -27,6 +41,10 @@ class CofForm(forms.ModelForm):
         model  = CofProfile
         fields = ['login_clipper', 'is_cof', 'departement']
 
+class CofRestrictForm(CofForm):
+    class Meta(CofForm.Meta):
+        fields = ['departement']
+
 class UserForm(forms.ModelForm):
     class Meta:
         model  = User
@@ -34,3 +52,7 @@ class UserForm(forms.ModelForm):
         help_texts = {
             'username': ''
         }
+
+class UserRestrictForm(UserForm):
+    class Meta(UserForm.Meta):
+        fields = ['first_name', 'last_name', 'email']

kfet/migrations/0002_auto_20160802_2139.py

@@ -0,0 +1,24 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import models, migrations
+import datetime
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('kfet', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='account',
+            options={'permissions': (('is_team', 'Is part of the team'),)},
+        ),
+        migrations.AlterField(
+            model_name='accountnegative',
+            name='start',
+            field=models.DateTimeField(default=datetime.datetime(2016, 8, 2, 21, 39, 30, 52279)),
+        ),
+    ]

kfet/migrations/0003_auto_20160802_2142.py

@@ -0,0 +1,20 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import models, migrations
+import datetime
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('kfet', '0002_auto_20160802_2139'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='accountnegative',
+            name='start',
+            field=models.DateTimeField(default=datetime.datetime.now),
+        ),
+    ]

kfet/migrations/0004_auto_20160802_2144.py

@@ -0,0 +1,19 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import models, migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('kfet', '0003_auto_20160802_2142'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='accountnegative',
+            name='balance_offset',
+            field=models.DecimalField(decimal_places=2, max_digits=6, default=0),
+        ),
+    ]

kfet/migrations/0005_auto_20160802_2154.py

@@ -0,0 +1,28 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import models, migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('kfet', '0004_auto_20160802_2144'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='GlobalPermissions',
+            fields=[
+                ('id', models.AutoField(serialize=False, primary_key=True, verbose_name='ID', auto_created=True)),
+            ],
+            options={
+                'permissions': (('is_team', 'Is part of the team'),),
+                'managed': False,
+            },
+        ),
+        migrations.AlterModelOptions(
+            name='account',
+            options={},
+        ),
+    ]

kfet/models.py

@@ -1,10 +1,11 @@
 from django.db import models
 from django.core.exceptions import PermissionDenied
-from django.contrib.auth.models import User
+from django.contrib.auth.models import User, AnonymousUser
 from django.core.validators import RegexValidator
 from gestioncof.models import CofProfile
 from django.utils.six.moves import reduce
 import datetime
+import re
 
 def choices_length(choices):
     return reduce(lambda m, choice: max(m, len(choice[0])), choices, 0)
@@ -42,36 +43,36 @@ class Account(models.Model):
         return self.trigramme
 
     @staticmethod
-    def is_free(trigramme):
+    def is_validandfree(trigramme):
+        data = { 'is_valid' : False, 'is_free' : False }
+        pattern = re.compile("^[^a-z]{3}$")
+        data['is_valid'] = pattern.match(trigramme) and True or False
         try:
-            account = Account.objects.filter(trigramme=trigramme).get()
+            account = Account.objects.get(trigramme=trigramme)
-            return False
         except Account.DoesNotExist:
-            return True
+            data['is_free'] = True
+        return data
 
-    # Méthode save() avec auth + 
+    def real_balance(self):
+        if (hasattr(self, 'negative')):
+            return self.balance + self.negative.balance_offset
+        return self.balance
+
+    def read(self, auth_user = AnonymousUser()):
+        user = self.cofprofile.user
+
+    # Surcharge Méthode save() avec gestions de User et CofProfile
     # Args:
-    # - auth_user : request.user
     # - data : datas pour User et CofProfile
     # Action:
     # - Enregistre User, CofProfile à partir de "data"
     # - Enregistre Account
-    # Permissions
+    def save(self, data = {}, *args, **kwargs):
-    # - Edition si request.user:
-    #       - modifie son compte (ne peut pas modifier nickname)
-    #    ou - a la perm kfet.change_account
-    # - Ajout si request.user a la perm kfet.add_account
-    def save_api(self, auth_user, data = None):
         if self.pk:
             # Account update
 
-            # Checking permissions
-            user = self.cofprofile.user
-            if not auth_user.has_perm('kfet.change_account') \
-                    and request.user != user:
-                raise PermissionDenied
-
             # Updating User with data
+            user = self.cofprofile.user
             user.first_name = data.get("first_name", user.first_name)
             user.last_name  = data.get("last_name", user.last_name)
             user.email      = data.get("email", user.email)
@@ -81,18 +82,25 @@ class Account(models.Model):
             cof.departement = data.get("departement", cof.departement)
             cof.save()
             # Nickname is not editable by the user
+            """
             if not auth_user.has_perm('kfet.change_account'):
                 account_old = Account.objects.get(pk=self.pk)
                 self.nickname = account_old.nickname
+            """
         else:
             # New account
 
-            # Checking permissions
+            # Checking if user has already an account
-            if not auth_user.has_perm('kfet.add_account'):
+            username = data.get("username")
-                raise PermissionDenied
+            try:
+                user = User.objects.get(username=username)
+                if hasattr(user.profile, "account_kfet"):
+                    trigramme = user.profile.account_kfet.trigramme
+                    raise Account.UserHasAccount(trigramme)
+            except User.DoesNotExist:
+                pass
 
             # Creating or updating User instance
-            username = data.get("username")
             (user, _) = User.objects.get_or_create(username=username)
             if "first_name" in data:
                 user.first_name = data['first_name']
@@ -108,11 +116,8 @@ class Account(models.Model):
             if "departement" in data:
                 cof.departement = data['departement']
             cof.save()
-            # Check if cof is linked to an account
-            if hasattr(cof, 'account_kfet'):
-                raise Account.UserHasAccount(cof.account_kfet.trigramme)
         self.cofprofile = cof
-        self.save()
+        super(Account, self).save(*args, **kwargs)
 
     # Surcharge de delete
     # Pas de suppression possible
@@ -128,8 +133,10 @@ class AccountNegative(models.Model):
     account = models.OneToOneField(
         Account, on_delete = models.PROTECT,
         related_name = "negative")
-    start = models.DateTimeField(default = datetime.datetime.now())
+    start = models.DateTimeField(default = datetime.datetime.now)
-    balance_offset = models.DecimalField(max_digits = 6, decimal_places = 2)
+    balance_offset = models.DecimalField(
+        max_digits = 6, decimal_places = 2,
+        default = 0)
     authorized_overdraft = models.DecimalField(
         max_digits = 6, decimal_places = 2,
         default = 0)
@@ -346,3 +353,10 @@ class Operation(models.Model):
         related_name = "addcosts",
         blank = True, null = True, default = None)
     addcost_amount = models.DecimalField(max_digits = 6, decimal_places = 2)
+
+class GlobalPermissions(models.Model):
+    class Meta:
+        managed = False
+        permissions = (
+            ('is_team', 'Is part of the team'),
+        )

kfet/templates/kfet/account.html

@@ -0,0 +1,17 @@
+{% extends "kfet/base.html" %}
+
+{% block title %}Liste des comptes{% endblock %}
+
+{% block content %}
+
+<ul>
+{% for account in accounts %}
+    <li>
+        <a href="{% url 'kfet.account.read' account.trigramme %}">
+            {{ account }}
+        </a>
+    </li>
+{% endfor %}
+</ul>
+
+{% endblock %}

kfet/templates/kfet/account_create.html

@@ -0,0 +1,82 @@
+{% extends "kfet/base.html" %}
+{% load static %}
+
+{% block title %}Création d'un nouveau compte{% endblock %}
+
+{% block extra_head %}
+<script src="https://code.jquery.com/jquery-3.1.0.min.js" integrity="sha256-cCueBR6CsyA4/9szpPfrX3s49M9vUU5BgtiJj06wt/s=" crossorigin="anonymous"></script>
+<script src="{% static "autocomplete_light/autocomplete.js" %}" type="text/javascript"></script>
+{% endblock %}
+
+{% block content %}
+<h1>Création d'un nouveau compte</h1>
+
+{% if post %}
+    {% if success %}
+        Nouveau compte créé : {{ trigramme }}
+    {% else %}
+        Echec de la création du compte
+        {{ errors }}
+    {% endif %}
+    <hr>
+{% endif %}
+
+<form action="{% url "kfet.account.create" %}" method="post">
+    {{ account_trigramme_form }}
+    <div id="trigramme_valid"></div>
+    <input type="text" name="q" id="search_autocomplete" spellcheck="false" placeholder="Chercher un utilisateur par nom, prénom ou identifiant clipper">
+    <div id="search_results"></div>
+    <div id="form-placeholder"></div>
+</form>
+<script type="text/javascript">
+    $(document).ready(function() {
+        // Affichage des résultats d'autocomplétion
+        $('input#search_autocomplete').yourlabsAutocomplete({
+            url: '{% url "kfet.account.create.autocomplete" %}',
+            minimumCharacters: 0,
+            id: 'search_autocomplete',
+            choiceSelector: 'li:has(a)',
+            container: $("#search_results"),
+            box: $("#search_results"),
+        });
+
+        // Chargement du formulaire adapté au choix sélectionné
+        $('input#search_autocomplete').bind(
+            'selectChoice',
+            function(e, choice, autocomplete) {
+                autocomplete.hide();
+                link = choice.find('a:first');
+                if (link.length && link.attr('href') != undefined) {
+                    $('#form-placeholder').html("").load(link.attr('href'));
+                }
+            }
+        );
+
+        // Vérification client de la validité
+        // et de ladisponibilité du trigramme choisi
+        old_trigramme = "";
+        $('#id_trigramme').on('input', function() {
+            trigramme = $('#id_trigramme').val();
+            container = '#trigramme_valid';
+
+            pattern = /^[^a-z]{3}$/;
+            if (!(trigramme.match(pattern))) {
+                $(container).text("Non valide");
+            } else {
+                $.ajax({
+                    dataType: "json",
+                    url: "{% url "kfet.account.is_validandfree.ajax" %}",
+                    data: { trigramme: trigramme },
+                }).done(function(data) {
+                    if (data['is_free']) {
+                        $(container).text("OK");
+                    } else {
+                        $(container).text("Déjà pris");
+                    }
+                });
+            }
+        });
+    });
+</script>
+
+{% endblock %}

kfet/templates/kfet/account_create_autocomplete.html

@@ -2,15 +2,21 @@
 
 <ul>
     <li>
-        <a href="{% url "kfet.admin.account.new.empty" %}">
+        <a href="{% url "kfet.account.create.empty" %}">
             Créer un compte
         </a>
     </li>
+    {% if kfet %}
+        <li>Comptes existant</li>
+        {% for account, user in kfet %}
+            <li>{{ account }} [{{ user|highlight_user:q }}]</li>
+        {% endfor %}
+    {% endif %}
     {% if users_cof %}
         <li>Membres du COF</li>
         {% for user in users_cof %}
             <li>
-                <a href="{% url "kfet.admin.account.new.fromuser" user.username %}">
+                <a href="{% url "kfet.account.create.fromuser" user.username %}">
                     {{ user|highlight_user:q }}
                 </a>
             </li>
@@ -20,7 +26,7 @@
         <li>Non-membres du COF</li>
         {% for user in users_notcof %}
             <li>
-                <a href="{% url "kfet.admin.account.new.fromuser" user.username %}">
+                <a href="{% url "kfet.account.create.fromuser" user.username %}">
                     {{ user|highlight_user:q }}
                 </a>
             </li>
@@ -30,7 +36,7 @@
         <li>Utilisateurs clipper</li>
         {% for clipper in clippers %}
             <li>
-                <a href="{% url "kfet.admin.account.new.fromclipper" clipper.username %}">
+                <a href="{% url "kfet.account.create.fromclipper" clipper.username %}">
                     {{ clipper|highlight_clipper:q }}
             </li>
         {% endfor %}

kfet/templates/kfet/account_create_form.html

@@ -0,0 +1,5 @@
+{% csrf_token %}
+{{ user_form.as_p }}
+{{ cof_form.as_p }}
+{{ account_form.as_p }}
+<input type="submit" value="Enregistrer">

kfet/templates/kfet/account_new.html

@@ -1,74 +0,0 @@
-{% extends "kfet/base.html" %}
-{% load static %}
-
-{% block title %}Création d'un nouveau compte{% endblock %}
-
-{% block extra_head %}
-    <script src="https://code.jquery.com/jquery-3.1.0.min.js" integrity="sha256-cCueBR6CsyA4/9szpPfrX3s49M9vUU5BgtiJj06wt/s=" crossorigin="anonymous"></script>
-    <script src="{% static "autocomplete_light/autocomplete.js" %}" type="text/javascript"></script>
-{% endblock %}
-
-{% block content %}
-    <h1>Création d'un nouveau compte</h1>
-
-    {% if post %}
-        {% if success %}
-            Nouveau compte créé : {{ trigramme }}
-        {% else %}
-            Echec de la création du compte
-            {{ errors }}
-        {% endif %}
-        <hr>
-    {% endif %}
-
-    <form action="{% url "kfet.admin.account.new" %}" method="post">
-        {{ account_trigramme_form }}
-        <div id="trigramme_valid"></div><br>
-        <input type="text" name="q" id="search_autocomplete" spellcheck="false" placeholder="Chercher un utilisateur par nom, prénom ou identifiant clipper">
-        <div id="search_results"></div>
-        <div id="form-placeholder"></div>
-    </form>
-    <script type="text/javascript">
-        $(document).ready(function() {
-            // Affichage des résultats d'autocomplétion
-            $('input#search_autocomplete').yourlabsAutocomplete({
-                url: '{% url "kfet.admin.account.new.autocomplete" %}',
-                minimumCharacters: 0,
-                id: 'search_autocomplete',
-                choiceSelector: 'li:has(a)',
-                container: $("#search_results"),
-                box: $("#search_results"),
-                // fixPosition: function() {},
-            });
-            // Chargement du formulaire adapté au choix sélectionné
-            $('input#search_autocomplete').bind(
-                'selectChoice',
-                function(e, choice, autocomplete) {
-                    autocomplete.hide();
-                    link = choice.find('a:first');
-                    if (link.length && link.attr('href') != undefined) {
-                        $('#form-placeholder').html("").load(link.attr('href'));
-                            //, function() {
-                            //$('#form-placeholder').toggle().toggle();
-                        //});
-                    }
-                }
-            );
-            // Vérification client de la disponibilité du trigramme choisi
-            old_trigramme = "";
-            $('#id_trigramme').keyup(function() {
-                trigramme = $('#id_trigramme').val();
-                if (trigramme.length == 3 && trigramme != old_trigramme) {
-                    $.ajax({
-                        dataType: "json",
-                        url: "{% url "kfet.admin.account.is_free.ajax" %}",
-                        data: { trigramme: trigramme },
-                    }).done(function(data) {
-                        $('#trigramme_valid').text(data['is_free']);
-                        old_trigramme = trigramme;
-                    });
-                }
-            });
-        });
-    </script>
-{% endblock %}

kfet/templates/kfet/account_new_form.html

@@ -1,5 +0,0 @@
-{% csrf_token %}
-{{ user_form }}
-{{ cof_form }}
-{{ account_form }}
-<input type="submit" value="Enregistrer">

kfet/templates/kfet/account_read.html

@@ -0,0 +1,40 @@
+{% extends "kfet/base.html" %}
+
+{% block title %}
+{% if account.cofprofile.user == request.user %}
+    Mes informations
+{% else %}
+    Informations du compte {{ account.trigramme }}
+{% endif %}
+{% endblock %}
+
+{% block content %}
+
+<p>
+    <a href="{% url 'kfet.account.update' account.trigramme %}">
+        Modifier les informations
+    </a>
+</p>
+
+<p>Prénom: {{ account.cofprofile.user.first_name }}</p>
+<p>Nom: {{ account.cofprofile.user.last_name }}</p>
+{% if perms.kfet.is_team %}
+    <p>Surnom: {{ account.nickname }}</p>
+{% endif %}
+<p>Email: {{ account.cofprofile.user.email }}</p>
+<p>Département: {{ account.cofprofile.departement }}</p>
+<p>Promo: {{ account.promo }}</p>
+<p>Statut COF: {{ account.cofprofile.is_cof }}</p>
+<p>Compte gelé: {{ account.frozen }}</p>
+<p>Solde: {{ account.balance }} €</p>
+{% if account.balance != account.real_balance %}
+    <p>Solde réel: {{ account.real_balance }} €</p>
+{% endif %}
+{% if account.negative.authorized_overdraft %}
+    <p>Découvert autorisé: {{ account.negative.authorized_overdraft }} €</p>
+{% endif %}
+{% if account.negative.start %}
+    <p>En négatif depuis {{ account.negative.start }}</p>
+{% endif %}
+
+{% endblock %}

kfet/templates/kfet/account_update.html

@@ -0,0 +1,26 @@
+ {% extends "kfet/base.html" %}
+
+{% block title %}
+{% if account.cofprofile.user == request.user %}
+    Edition de mes informations
+{% else %}
+    Edition des informations du compte {{ account.trigramme }}
+{% endif %}
+{% endblock %}
+
+{% block content %}
+
+{% if post and success %}
+    <p>Informations mises à jour</p>
+{% elif post and not success %}
+    <p>Echec de la mise à jour des informations</p>
+{% endif %}
+<form submit="{% url 'kfet.account.update' account.trigramme %}" method="post">
+    {% csrf_token %}
+    {{ user_form.as_p }}
+    {{ cof_form.as_p }}
+    {{ account_form.as_p }}
+    <input type="submit" value="Mettre à jour">
+</form>
+
+{% endblock %}

kfet/templates/kfet/base.html

@@ -14,10 +14,10 @@
 <body>
     <nav>
         <ul>
-            <li><a href="{% url "kfet.views.home" %}">Home</a></li>
+            <li><a href="{% url "kfet.home" %}">Home</a></li>
             {% if perms.kfet.add_account %}
                 <li>
-                    <a href={% url "kfet.admin.account.new" %}>Créer un compte</a>
+                    <a href={% url "kfet.account.create" %}>Créer un compte</a>
                 </li>
             {% endif %}
         </ul>

kfet/urls.py

@@ -3,19 +3,35 @@ from kfet import views
 from kfet import autocomplete
 
 urlpatterns = [
-    url(r'^$', views.home),
+    url(r'^$', views.home,
-    # Administration
+        name = 'kfet.home'),
-    url(r'^admin/account/new$', views.account_new,
+
-        name = 'kfet.admin.account.new'),
+    # -----
-    url(r'^admin/account/new/user/(?P<username>.+)$', views.account_new_ajax,
+    # Account views
-        name = 'kfet.admin.account.new.fromuser'),
+    # -----
-    url(r'^admin/account/new/clipper/(?P<login_clipper>.+)$', views.account_new_ajax,
+
-        name = 'kfet.admin.account.new.fromclipper'),
+    # General
-    url(r'^admin/account/new/empty$', views.account_new_ajax,
+    url(r'^account/$', views.account),
-        name = 'kfet.admin.account.new.empty'),
+    url(r'^account/is_validandfree$', views.account_is_validandfree_ajax,
-    url(r'^admin/account/is_free$', views.account_is_free_ajax,
+        name = 'kfet.account.is_validandfree.ajax'),
-        name = 'kfet.admin.account.is_free.ajax'),
+
-    # Autocomplete - Nouveau compte
+    # Account - Create
-    url(r'^autocomplete/account_new$', autocomplete.account_new,
+    url(r'^account/new$', views.account_create,
-        name = 'kfet.admin.account.new.autocomplete'),
+        name = 'kfet.account.create'),
+    url(r'^account/new/user/(?P<username>.+)$', views.account_create_ajax,
+        name = 'kfet.account.create.fromuser'),
+    url(r'^account/new/clipper/(?P<login_clipper>.+)$', views.account_create_ajax,
+        name = 'kfet.account.create.fromclipper'),
+    url(r'^account/new/empty$', views.account_create_ajax,
+        name = 'kfet.account.create.empty'),
+    url(r'^autocomplete/account_new$', autocomplete.account_create,
+        name = 'kfet.account.create.autocomplete'),
+
+    # Account - Read
+    url(r'^account/(?P<trigramme>.{3})$', views.account_read,
+        name = 'kfet.account.read'),
+
+    # Account - Update
+    url(r'^account/(?P<trigramme>.{3})/edit$', views.account_update,
+        name = 'kfet.account.update')
 ]

kfet/views.py

@@ -6,7 +6,7 @@ from django.http import HttpResponse, Http404
 import json
 from gestioncof.models import CofProfile, Clipper
 from kfet.models import Account
-from kfet.forms import AccountTrigrammeForm, AccountForm, CofForm, UserForm
+from kfet.forms import *
 
 @login_required
 def home(request):
@@ -17,11 +17,18 @@ def put_cleaned_data_in_dict(dict, form):
         dict[field] = form.cleaned_data[field]
 
 @login_required
-@permission_required('kfet.add_account')
+@permission_required('account.is_team')
-def account_new(request):
+def account(request):
+    accounts = Account.objects.all()
+    return render(request, "kfet/account.html", { 'accounts' : accounts })
+
+@login_required
+@permission_required('account.is_team')
+def account_create(request):
+
     # A envoyer au template
     data_template = {
-        'account_trigramme_form': AccountTrigrammeForm(),
+        'account_trigramme_form': AccountTriForm(),
         'post'      : False,
         'success'   : False,
         'trigramme' : '',
@@ -33,18 +40,23 @@ def account_new(request):
         # Pour indiquer la tentative d'enregistrement au template
         data_template['post'] = True
 
+        # Checking permission
+        if not request.user.has_perm('kfet.add_account'):
+            raise PermissionDenied
+
         # Peuplement des forms
         username = request.POST.get('username')
         try:
-            user = User.objects.filter(username=username).get()
+            user     = User.objects.get(username=username)
             (cof, _) = CofProfile.objects.get_or_create(user=user)
             user_form = UserForm(request.POST, instance=user)
             cof_form  = CofForm(request.POST, instance=cof)
         except User.DoesNotExist:
             user_form = UserForm(request.POST)
             cof_form  = CofForm(request.POST)
-        trigramme_form = AccountTrigrammeForm(request.POST)
+        trigramme_form = AccountTriForm(request.POST)
-        account_form   = AccountForm(request.POST)
+        account_form   = AccountNoTriForm(request.POST)
+
         # Ajout des erreurs pour le template
         data_template['errors']['user_form'] = user_form.errors
         data_template['errors']['cof_form']  = cof_form.errors
@@ -53,18 +65,15 @@ def account_new(request):
 
         if all((user_form.is_valid(), cof_form.is_valid(),
                 trigramme_form.is_valid(), account_form.is_valid())):
-            print(user_form.cleaned_data)
             data = {}
-            # Fill data
+            # Fill data for Account.save()
             put_cleaned_data_in_dict(data, user_form)
             put_cleaned_data_in_dict(data, cof_form)
 
-            account = Account()
-            account.trigramme = trigramme_form.cleaned_data['trigramme']
-            account.promo     = account_form.cleaned_data['promo']
-            account.nickname  = account_form.cleaned_data['nickname']
             try:
-                account.save_api(auth_user = request.user, data = data)
+                account = trigramme_form.save(data = data)
+                account_form = AccountNoTriForm(request.POST, instance=account)
+                account_form.save()
                 data_template['success']   = True
                 data_template['trigramme'] = account.trigramme
             except Account.UserHasAccount as e:
@@ -73,14 +82,16 @@ def account_new(request):
             except PermissionDenied:
                 print("perm")
 
-    return render(request, "kfet/account_new.html", data_template)
+    return render(request, "kfet/account_create.html", data_template)
 
-def account_new_set_readonly_fields(user_form, cof_form):
+def account_form_set_readonly_fields(user_form, cof_form):
     user_form.fields['username'].widget.attrs['readonly'] = True
     cof_form.fields['login_clipper'].widget.attrs['readonly'] = True
     cof_form.fields['is_cof'].widget.attrs['disabled'] = True
 
-def account_new_ajax(request, username=None, login_clipper=None):
+@login_required
+@permission_required('kfet.is_team')
+def account_create_ajax(request, username=None, login_clipper=None):
     user = None
     if login_clipper:
         # à partir d'un clipper
@@ -88,7 +99,7 @@ def account_new_ajax(request, username=None, login_clipper=None):
         clipper = get_object_or_404(Clipper, username = login_clipper)
         try:
             # Vérification que clipper ne soit pas déjà dans User
-            user = User.objects.filter(username=login_clipper).get()
+            user = User.objects.get(username=login_clipper)
             # Ici, on nous a menti, le user existe déjà
             username = user.username
             login_clipper = None
@@ -117,7 +128,7 @@ def account_new_ajax(request, username=None, login_clipper=None):
             account_form = AccountForm()
 
             # Protection (read-only) des champs username et login_clipper
-            account_new_set_readonly_fields(user_form, cof_form)
+            account_form_set_readonly_fields(user_form, cof_form)
     if username:
         # le user existe déjà
         user = get_object_or_404(User, username=username)
@@ -127,24 +138,94 @@ def account_new_ajax(request, username=None, login_clipper=None):
         user_form = UserForm(instance = user)
         cof_form  = CofForm(instance = cof)
         # AccountForm
-        account_form = AccountForm()
+        account_form = AccountNoTriForm()
         # Protection (read-only) des champs username et login_clipper
-        account_new_set_readonly_fields(user_form, cof_form)
+        account_form_set_readonly_fields(user_form, cof_form)
     elif not login_clipper:
         # connaît pas du tout, faut tout remplir
         user_form    = UserForm()
         cof_form     = CofForm()
-        account_form = AccountForm()
+        account_form = AccountNoTriForm()
 
-    return render(request, "kfet/account_new_form.html", {
+    return render(request, "kfet/account_create_form.html", {
             'account_form' : account_form,
             'cof_form'     : cof_form,
             'user_form'    : user_form,
             })
 
-def account_is_free_ajax(request):
+@login_required
+@permission_required('kfet.is_team')
+def account_is_validandfree_ajax(request):
     if not request.GET.get("trigramme"):
         raise Http404
     trigramme = request.GET.get("trigramme")
-    data = { 'is_free': Account.is_free(trigramme) }
+    data = Account.is_validandfree(trigramme)
     return HttpResponse(json.dumps(data), content_type = 'application/json')
+
+@login_required
+def account_read(request, trigramme):
+    try:
+        account = Account.objects.get(trigramme=trigramme)
+    except Account.DoesNotExist:
+        raise Http404
+
+    # Checking permissions
+    if not request.user.has_perm('kfet.is_team') \
+            and request.user != account.cofprofile.user:
+        raise PermissionDenied
+
+    return render(request, "kfet/account_read.html", { 'account' : account })
+
+@login_required
+def account_update(request, trigramme):
+    try:
+        account = Account.objects.get(trigramme=trigramme)
+    except Account.DoesNotExist:
+        raise Http404
+
+    # Checking permissions
+    if not request.user.has_perm('kfet.change_account') \
+            and request.user != account.cofprofile.user:
+        raise PermissionDenied
+
+    # Pour le template
+    post = False
+    success = False
+
+    if request.method == "POST":
+        # Update attempt
+        post = True
+
+        if request.user.has_perm('kfet.change_account'):
+            account_form = AccountForm(request.POST, instance = account)
+        else:
+            account_form = AccountRestrictForm(instance = account)
+        cof_form  = CofRestrictForm(request.POST, instance=account.cofprofile)
+        user_form = UserRestrictForm(request.POST, instance=account.cofprofile.user)
+
+        if all((account_form.is_valid(), cof_form.is_valid(), user_form.is_valid())):
+            data = {}
+            # Fill data for Account.save()
+            put_cleaned_data_in_dict(data, user_form)
+            put_cleaned_data_in_dict(data, cof_form)
+
+            # Updating
+            account_form.save(data = data)
+            success = True
+    else:
+        # No update attempt
+        if request.user.has_perm('kfet.change_account'):
+            account_form = AccountForm(instance = account)
+        else:
+            account_form = AccountRestrictForm(instance = account)
+        cof_form  = CofRestrictForm(instance = account.cofprofile)
+        user_form = UserRestrictForm(instance = account.cofprofile.user)
+
+    return render(request, "kfet/account_update.html", {
+            'account'      : account,
+            'account_form' : account_form,
+            'cof_form'     : cof_form,
+            'user_form'    : user_form,
+            'post'         : post,
+            'success'      : success,
+            })