Authentification utilisateur standard équipe

- Un utilisateur ayant la perm `kfet.is_team` peut se déconnecter et connecter à la place un utilisateur `kfet_genericteam` ne disposant que de la permission `kfet.is_team` - Backend et vue associée à cette connexion créés
2016-08-20 19:35:45 +02:00 · 2016-08-20 19:35:45 +02:00 · 6ec42edd60
commit 6ec42edd60
parent ddc81540c7
7 changed files with 69 additions and 2 deletions
--- a/kfet/backends.py
+++ b/kfet/backends.py
@ -1,6 +1,8 @@
 import hashlib

-from kfet.models import Account
+from django.contrib.auth.models import User, Permission
+from gestioncof.models import CofProfile
+from kfet.models import Account, GenericTeamToken

 class KFetBackend(object):
    def authenticate(self, request):
@ -16,3 +18,19 @@ class KFetBackend(object):
            return None

        return user
+
+class GenericTeamBackend(object):
+    def authenticate(self, username=None, token=None):
+        valid_token = GenericTeamToken.objects.get(token=token)
+        if username == 'kfet_genericteam' and valid_token:
+            user, created = User.objects.get_or_create(username='kfet_genericteam')
+            perm_is_team = Permission.objects.get(codename='is_team')
+            user.user_permissions.add(perm_is_team)
+            return user
+        return None
+
+    def get_user(self, user_id):
+        try:
+            return User.objects.get(pk=user_id)
+        except User.DoesNotExist:
+            return None
--- a/kfet/migrations/0029_genericteamtoken.py
+++ b/kfet/migrations/0029_genericteamtoken.py
@ -0,0 +1,21 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import models, migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('kfet', '0028_auto_20160820_0146'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='GenericTeamToken',
+            fields=[
+                ('id', models.AutoField(serialize=False, primary_key=True, auto_created=True, verbose_name='ID')),
+                ('token', models.CharField(unique=True, max_length=50)),
+            ],
+        ),
+    ]
--- a/kfet/models.py
+++ b/kfet/models.py
@ -551,3 +551,6 @@ class Settings(models.Model):
            return Settings.setting_inst("CANCEL_DURATION").value_duration
        except Settings.DoesNotExist:
            return timedelta()
+
+class GenericTeamToken(models.Model):
+    token = models.CharField(max_length = 50, unique = True)
--- a/kfet/templates/kfet/base_nav.html
+++ b/kfet/templates/kfet/base_nav.html
@ -18,6 +18,9 @@
        <li><a href="{% url 'kfet.home' %}">Home</a></li>
      </ul>
      <ul class="nav navbar-nav navbar-right">
+        {% if request.user.username == 'kfet_genericteam' %}
+          <li class="navbar-text">Équipe standard</li>
+        {% endif %}
        {% if request.user.profile.account_kfet %}
          <li>
            <a href="{% url 'kfet.account.read' request.user.profile.account_kfet.trigramme %}">Mes infos</a>
@ -31,6 +34,9 @@
              <li><a href="{% url 'kfet.account' %}">Comptes</a></li>
              <li><a href="{% url 'kfet.checkout' %}">Caisses</a></li>
              <li><a href="{% url 'kfet.article' %}">Articles</a></li>
+              {% if request.user.username != 'kfet_genericteam' %}
+                <li><a href="{% url 'kfet.login.genericteam' %}">Connexion standard</a></li>
+              {% endif %}
            </ul>
          </li>
        {% endif %}
--- a/kfet/templates/kfet/login_genericteam.html
+++ b/kfet/templates/kfet/login_genericteam.html
@ -0,0 +1,7 @@
+{% extends 'kfet/base.html' %}
+
+{% block content %}
+
+Connexion utilisateur K-Fêt générique réussie
+
+{% endblock %}
--- a/kfet/urls.py
+++ b/kfet/urls.py
@ -6,6 +6,8 @@ from kfet import autocomplete
 urlpatterns = [
    url(r'^$', views.home,
        name = 'kfet.home'),
+    url(r'^login/genericteam$', views.login_genericteam,
+        name = 'kfet.login.genericteam'),

    # -----
    # Account urls
--- a/kfet/views.py
+++ b/kfet/views.py
@ -5,6 +5,7 @@ from django.views.generic.edit import CreateView, UpdateView, DeleteView
 from django.core.urlresolvers import reverse_lazy
 from django.contrib import messages
 from django.contrib.messages.views import SuccessMessageMixin
+from django.contrib.auth import authenticate, login
 from django.contrib.auth.decorators import login_required, permission_required
 from django.contrib.auth.models import User, Permission
 from django.http import HttpResponse, JsonResponse, Http404
@ -12,9 +13,10 @@ from django.forms import modelformset_factory
 from django.db import IntegrityError, transaction
 from django.db.models import F
 from django.utils import timezone
+from django.utils.crypto import get_random_string
 from gestioncof.models import CofProfile, Clipper
 from kfet.models import (Account, Checkout, Article, Settings, AccountNegative,
-    CheckoutStatement)
+    CheckoutStatement, GenericTeamToken)
 from kfet.forms import *
 from collections import defaultdict
 from channels import Group
@ -25,6 +27,14 @@ from datetime import timedelta
 def home(request):
    return render(request, "kfet/base.html")

+@permission_required('kfet.is_team')
+def login_genericteam(request):
+    token = GenericTeamToken.objects.create(token=get_random_string(50))
+    user = authenticate(username="kfet_genericteam", token=token.token)
+    login(request, user)
+    print(request.user)
+    return render(request, "kfet/login_genericteam.html")
+
 def put_cleaned_data_in_dict(dict, form):
    for field in form.cleaned_data:
        dict[field] = form.cleaned_data[field]