Ne montre la liste des participants qu'aux personnes autorisées

This commit is contained in:
Tom Hubrecht 2022-04-02 21:24:23 +02:00
parent d98d7da399
commit 6b34c052ea
3 changed files with 199 additions and 146 deletions

View file

@ -254,6 +254,9 @@ class User(AbstractUser):
# Pour les élections restreintes, il faut y être associé
return election.restricted and (self.election == election)
def is_admin(self, election):
return election.created_by == self or self.is_staff
def get_prefix(self):
return self.username.split("__")[0]

View file

@ -3,176 +3,224 @@
{% block custom_js %}
{% if can_delete %}
<script>
_$('.modal-button').forEach(b => {
b.addEventListener('click', () => {
const f = _$('form', _id(b.dataset.target), false);
f.dataset.target = b.dataset.origin;
_$('[name="delete"]', f, false).value = 'non';
});
});
{% if can_delete %}
<script>
_$('.modal-button').forEach(b => {
b.addEventListener('click', () => {
const f = _$('form', _id(b.dataset.target), false);
f.dataset.target = b.dataset.origin;
_$('[name="delete"]', f, false).value = 'non';
});
});
_$('form').forEach(f => {
f.addEventListener('submit', event => {
event.preventDefault();
_$('form').forEach(f => {
f.addEventListener('submit', event => {
event.preventDefault();
if (_$('[name="delete"]', f, false).value == 'oui') {
_get(f.action, r => {
if (r.success && r.action == 'delete') {
{% if election.restricted %}
const r = _id(f.dataset.target);
_$('.modal-button', r, false).remove();
const i = _$('.fas', r, false);
i.classList.remove('fa-check');
i.classList.add('fa-times');
{% else %}
_id(f.dataset.target).remove()
{% endif %}
if (_$('[name="delete"]', f, false).value == 'oui') {
_get(f.action, r => {
if (r.success && r.action == 'delete') {
{% if election.restricted %}
const r = _id(f.dataset.target);
_$('.modal-button', r, false).remove();
const i = _$('.fas', r, false);
i.classList.remove('fa-check');
i.classList.add('fa-times');
{% else %}
_id(f.dataset.target).remove()
{% endif %}
// On ferme le modal
// On ferme le modal
document.documentElement.classList.remove('is-clipped');
_id(f.dataset.modal).classList.remove('is-active');
}
if (r.message) {
_notif(r.message.content, r.message.class);
}
});
} else {
document.documentElement.classList.remove('is-clipped');
_id(f.dataset.modal).classList.remove('is-active');
}
if (r.message) {
_notif(r.message.content, r.message.class);
}
});
} else {
document.documentElement.classList.remove('is-clipped');
_id(f.dataset.modal).classList.remove('is-active');
}
});
});
});
</script>
{% endif %}
</script>
{% endif %}
{% endblock %}
{% block content %}
<div class="level is-mobile">
{# Titre de l'élection #}
<div class="level-left is-flex-shrink-1 mr-3">
<h1 class="title">{{ election.name }}</h1>
</div>
<div class="level is-mobile">
{# Titre de l'élection #}
<div class="level-left is-flex-shrink-1 mr-3">
<h1 class="title">{{ election.name }}</h1>
</div>
<div class="level-right">
<div class="level-item">
<a class="button is-primary" href="{% if from_admin %}{% url 'election.admin' election.pk %}{% else %}{% url 'election.view' election.pk %}{% endif %}">
<span class="icon">
<i class="fas fa-undo-alt"></i>
</span>
<span>{% trans "Retour" %}</span>
</a>
<div class="level-right">
<div class="level-item">
<a class="button is-primary" href="{% if from_admin %}{% url 'election.admin' election.pk %}{% else %}{% url 'election.view' election.pk %}{% endif %}">
<span class="icon">
<i class="fas fa-undo-alt"></i>
</span>
<span>{% trans "Retour" %}</span>
</a>
</div>
</div>
</div>
</div>
<div class="level">
<div class="level-left">
<h3 class="subtitle">{% trans "Liste des votant·e·s" %} ({{ voters|length }})</h3>
<div class="level">
<div class="level-left">
<h3 class="subtitle">{% trans "Liste des votant·e·s" %} ({{ voters|length }})</h3>
</div>
</div>
</div>
<hr>
<hr>
{# Précisions sur les modalités de vote #}
{% if election.vote_restrictions %}
<div class="message is-warning">
<div class="message-body content">{{ election.vote_restrictions|markdown|safe }}</div>
</div>
{% endif %}
{# Précisions sur les modalités de vote #}
{% if election.vote_restrictions %}
<div class="message is-warning">
<div class="message-body content">{{ election.vote_restrictions|markdown|safe }}</div>
</div>
{% endif %}
<div class="message is-warning">
<div class="message-body">
{% if election.restricted %}
{% trans "Seules les personnes présentes sur cette liste peuvent voter, vous avez dû recevoir un mail avec vos identifiants de connexion." %}
{% else %}
{% trans "Pour voter lors de cette élection, vous devez vous connecter à l'aide du CAS élève, d'autres restrictions peuvent s'appliquer et votre vote pourra être supprimé si vous n'avez pas le droit de vote." %}
{% endif %}
<div class="message is-warning">
<div class="message-body">
{% if election.restricted %}
{% trans "Seules les personnes présentes sur cette liste peuvent voter, vous avez dû recevoir un mail avec vos identifiants de connexion." %}
{% else %}
{% trans "Pour voter lors de cette élection, vous devez vous connecter à l'aide du CAS élève, d'autres restrictions peuvent s'appliquer et votre vote pourra être supprimé si vous n'avez pas le droit de vote." %}
{% endif %}
</div>
</div>
</div>
<div class="columns is-centered">
<div class="column is-narrow">
{% if can_delete %}
{% include "forms/modal-form.html" with modal_id="delete" form=d_form %}
{% endif %}
<table class="table is-striped is-fullwidth">
<thead>
<tr>
<th>{% trans "Nom" %}</th>
<th class="has-text-centered">{% trans "Vote enregistré" %}</th>
{% if can_delete %}
<th class="has-text-centered">{% trans "Supprimer" %}</th>
{% endif %}
<tr>
</thead>
<tbody>
{% if election.restricted %}
{% for v in election.registered_voters.all %}
<tr id="v_{{ forloop.counter }}">
<td>{{ v.full_name }} ({{ v.base_username }})</td>
{% if v in voters %}
<td class="has-text-centered">
<span class="icon">
<i class="fas fa-check"></i>
</span>
</td>
{% if can_delete %}
<td class="has-text-centered">
{% blocktrans with v_name=v.full_name asvar v_delete %}Supprimer le vote de {{ v_name }}{% endblocktrans %}
<a class="tag is-danger modal-button delete-vote" data-target="modal-delete" data-post_url="{% url 'election.delete-vote' election.pk v.pk forloop.counter %}" data-title="{{ v_delete }}" data-origin="v_{{ forloop.counter }}">
<span class="icon">
<i class="fas fa-user-minus"></i>
</span>
</a>
</td>
{% endif %}
{% else %}
<td class="has-text-centered">
<span class="icon">
<i class="fas fa-times"></i>
</span>
</td>
{% if can_delete %}
<td></td>
{% endif %}
{% endif %}
</tr>
{% endfor %}
{% else %}
{% for v in voters %}
<tr id="v_{{ forloop.counter }}">
<td>{{ v.full_name }} ({{ v.base_username }})</td>
<td class="has-text-centered">
<span class="icon">
<i class="fas fa-check"></i>
</span>
</td>
{% if can_delete %}
<td class="has-text-centered">
{% blocktrans with v_name=v.full_name asvar v_delete %}Supprimer le vote de {{ v_name }}{% endblocktrans %}
<a class="tag is-danger modal-button delete-vote" data-target="modal-delete" data-post_url="{% url 'election.delete-vote' election.pk v.pk forloop.counter %}" data-title="{{ v_delete }}" data-origin="v_{{ forloop.counter }}">
<span class="icon">
<i class="fas fa-user-minus"></i>
</span>
</a>
</td>
{% endif %}
</tr>
{% endfor %}
{% if can_vote or is_admin %}
<div class="columns is-centered">
<div class="column is-narrow">
{% if can_delete %}
{% include "forms/modal-form.html" with modal_id="delete" form=d_form %}
{% endif %}
</table>
</div>
</div>
<table class="table is-striped is-fullwidth">
<thead>
<tr>
<th>{% trans "Nom" %}</th>
<th class="has-text-centered">{% trans "Vote enregistré" %}</th>
{% if can_delete %}
<th class="has-text-centered">{% trans "Supprimer" %}</th>
{% endif %}
</tr>
</thead>
<tbody>
{% if election.restricted %}
{% for v in election.registered_voters.all %}
<tr id="v_{{ forloop.counter }}">
<td>{{ v.full_name }} ({{ v.base_username }})</td>
{% if v in voters %}
<td class="has-text-centered">
<span class="icon">
<i class="fas fa-check"></i>
</span>
</td>
{% if can_delete %}
<td class="has-text-centered">
{% blocktrans with v_name=v.full_name asvar v_delete %}Supprimer le vote de {{ v_name }}{% endblocktrans %}
<a class="tag is-danger modal-button delete-vote" data-target="modal-delete" data-post_url="{% url 'election.delete-vote' election.pk v.pk forloop.counter %}" data-title="{{ v_delete }}" data-origin="v_{{ forloop.counter }}">
<span class="icon">
<i class="fas fa-user-minus"></i>
</span>
</a>
</td>
{% endif %}
{% else %}
<td class="has-text-centered">
<span class="icon">
<i class="fas fa-times"></i>
</span>
</td>
{% if can_delete %}
<td></td>
{% endif %}
{% endif %}
</tr>
{% endfor %}
{% else %}
{% for v in voters %}
<tr id="v_{{ forloop.counter }}">
<td>{{ v.full_name }} ({{ v.base_username }})</td>
<td class="has-text-centered">
<span class="icon">
<i class="fas fa-check"></i>
</span>
</td>
{% if can_delete %}
<td class="has-text-centered">
{% blocktrans with v_name=v.full_name asvar v_delete %}Supprimer le vote de {{ v_name }}{% endblocktrans %}
<a class="tag is-danger modal-button delete-vote" data-target="modal-delete" data-post_url="{% url 'election.delete-vote' election.pk v.pk forloop.counter %}" data-title="{{ v_delete }}" data-origin="v_{{ forloop.counter }}">
<span class="icon">
<i class="fas fa-user-minus"></i>
</span>
</a>
</td>
{% endif %}
</tr>
{% endfor %}
{% endif %}
</tbody>
</table>
</div>
</div>
{% else %}
<div class="notification is-danger is-light has-text-centered">
<b>{% trans "Pour voir la liste des votant·e·s vous devez être connecté·e." %}</b>
{% if election.restricted %}
<br>
<span class="icon">
<i class="fas fa-info-circle"></i>
</span>
<i>{% trans "La connexion doit s'effectuer via les identifiants reçus par mail." %}</i>
{% endif %}
</div>
<div class="columns is-centered">
<div class="column is-half">
<div class="tile is-ancestor">
<div class="tile is-parent">
{% if election.restricted %}
<a class="tile is-child notification is-primary" href="{% url 'auth.election' election.pk %}?next={% url 'election.voters' election.pk %}">
<div class="subtitle has-text-centered mb-2">
<span class="icon-text">
<span class="icon has-text-white">
<i class="fas fa-unlock"></i>
</span>
<span class="ml-3">{% trans "Connexion par identifiants" %}</span>
</span>
</div>
</a>
{% else %}
<a class="tile is-child notification is-primary" href="{% url 'authens:login.cas' %}?next={% url 'election.voters' election.pk %}">
<div class="subtitle has-text-centered mb-2">
<span class="icon-text">
<span class="icon has-text-white">
<i class="fas fa-school"></i>
</span>
<span class="ml-3">{% trans "Connexion via CAS" %}</span>
</span>
</div>
</a>
{% endif %}
</div>
</div>
</div>
</div>
{% endif %}
{% endblock %}

View file

@ -445,6 +445,8 @@ class ElectionVotersView(NotArchivedMixin, DetailView):
voters = list(election.voters.all())
if user.is_authenticated:
context["can_vote"] = user.can_vote(self.request, context["election"])
context["is_admin"] = user.is_admin(election)
can_delete = (
election.created_by == user
and election.end_date < timezone.now()