Auth spéciale

- Le backend d'auth K-Fêt est étendu pour aussi identifier une personne
  dans le cas dans d'un formulaire en récupérant le password contenu
  dans l'input de nom `KFETPASSWORD`
- Le middleware d'auth K-Fêt enregistre l'utilisateur connecté de
  manière normale dans `request.real_user`
- Ajout d'un processeurs de contextes `kfet.context_processors.auth` qui
  qui remplace `user` et `perms` par l'utilisateur connecté de manière
  normale (`request.real_user`) et non celui connecté temporairement
- Modification de la vue de modif d'un compte pour s'adapter à l'auth
- Modification du template de modification d'un compte pour utiliser ce
  moyen d'authentification
- Séparation du JS conservant le côté gauche d'une page à l'écran
- Séparation de l'encart gauche contenant les infos d'un comtpe dans un
  autre template (`left_account`) pour l'utiliser dans `account_read` et `account_update`
- `base_nav` utilise user (qui est donc le vrai utilisateur connecté) au
  lieu de `request.user` qui peut aussi bien être le vrai utilisateur
qu'un utilisateur temporaire
This commit is contained in:
Aurélien Delobelle 2016-08-20 23:31:30 +02:00
parent ac61a6e5c6
commit 8507072c8f
12 changed files with 132 additions and 100 deletions

View file

@ -83,6 +83,7 @@ TEMPLATES = [
'django.core.context_processors.media', 'django.core.context_processors.media',
'django.core.context_processors.static', 'django.core.context_processors.static',
'gestioncof.shared.context_processor', 'gestioncof.shared.context_processor',
'kfet.context_processors.auth',
], ],
}, },
}, },

View file

@ -6,7 +6,8 @@ from kfet.models import Account, GenericTeamToken
class KFetBackend(object): class KFetBackend(object):
def authenticate(self, request): def authenticate(self, request):
password = request.META.get('HTTP_KFETPASSWORD') password = request.POST.get('KFETPASSWORD', '')
password = request.META.get('HTTP_KFETPASSWORD', password)
if not password: if not password:
return None return None

View file

@ -0,0 +1,9 @@
from django.contrib.auth.context_processors import PermWrapper
def auth(request):
if hasattr(request, 'real_user'):
return {
'user': request.real_user,
'perms': PermWrapper(request.real_user),
}
return {}

View file

@ -5,4 +5,5 @@ class KFetAuthenticationMiddleware(object):
kfet_backend = KFetBackend() kfet_backend = KFetBackend()
temp_request_user = kfet_backend.authenticate(request) temp_request_user = kfet_backend.authenticate(request)
if temp_request_user: if temp_request_user:
request.real_user = request.user
request.user = temp_request_user request.user = temp_request_user

View file

@ -4,6 +4,11 @@ nav {
font-family:Oswald; font-family:Oswald;
} }
.navbar-nav > li > .dropdown-menu {
border:0;
border-radius:0;
}
.navbar-fixed-top { .navbar-fixed-top {
border:0; border:0;
} }

View file

@ -0,0 +1,12 @@
$(document).ready(function() {
$(window).scroll(function() {
console.log($(this).scrollTop());
if ($(window).width() >= 768 && $(this).scrollTop() > 72.6) {
$('.col-content-left').css({'position':'fixed', 'top':'50px'});
$('.col-content-right').addClass('col-sm-offset-4 col-md-offset-3');
} else {
$('.col-content-left').css({'position':'relative', 'top':'0'});
$('.col-content-right').removeClass('col-sm-offset-4 col-md-offset-3');
}
});
});

View file

@ -22,49 +22,7 @@
<div class="row"> <div class="row">
<div class="col-sm-4 col-md-3 col-content-left"> <div class="col-sm-4 col-md-3 col-content-left">
<div class="content-left"> <div class="content-left">
<div class="content-left-top {% if account.is_frozen %}frozen-account{% endif %}"> {% include 'kfet/left_account.html' %}
<div class="line trigramme">{{ account.trigramme }}</div>
<div class="line balance">{{ account.balance|ukf:account.is_cof }} UKF</div>
<div class="block">
<div class="line">{{ account.name }}</div>
{% if perms.kfet.is_team %}
<div class="line">{{ account.nickname }}</div>
{% endif %}
<div class="line">
{% if account.email %}
{{ account.email }}
{% else %}
Pas d'email !
{% endif %}
</div>
<div class="line">
{{ account.departement }} {{ account.promo }}
</div>
<div class="line">Statut COF: {{ account.is_cof }}</div>
</div>
<div class="block block-neg">
{% if account.negative.start %}
<div class="line">En négatif depuis {{ account.negative.start }}</div>
{% endif %}
{% if account.negative.balance_offset %}
<div class="line">Solde réel: {{ account.real_balance }} €</div>
{% endif %}
{% if account.negative.authz_overdraft_amount %}
<div class="line">Découvert autorisé: {{ account.negative.authz_overdraft_amount }} €</div>
{% endif %}
{% if account.negative.authz_overdraft_until %}
<div class="line">Découvert autorisé jusqu'à : {{ account.negative.authz_overdraft_until }}</div>
{% endif %}
</div>
</div>
<div class="buttons">
<a class="btn btn-primary btn-lg" href="{% url 'kfet.account.update' account.trigramme %}">
Modifier
</a>
<a class="btn btn-primary btn-lg" disabled>
Recharger par CB
</a>
</div>
</div> </div>
</div> </div>
<div class="col-sm-8 col-md-9 col-content-right"> <div class="col-sm-8 col-md-9 col-content-right">
@ -116,19 +74,4 @@
</div> </div>
</div> </div>
<script type="text/javascript">
$(document).ready(function() {
$(window).scroll(function() {
console.log($(this).scrollTop());
if ($(window).width() >= 768 && $(this).scrollTop() > 72.6) {
$('.col-content-left').css({'position':'fixed', 'top':'50px'});
$('.col-content-right').addClass('col-sm-offset-4 col-md-offset-3');
} else {
$('.col-content-left').css({'position':'relative', 'top':'0'});
$('.col-content-right').removeClass('col-sm-offset-4 col-md-offset-3');
}
});
});
</script>
{% endblock %} {% endblock %}

View file

@ -18,17 +18,29 @@
{% block content %} {% block content %}
{% if post and success %} <div class="row">
<p>Informations mises à jour</p> <div class="col-sm-4 col-md-3 col-content-left">
{% elif post and not success %} <div class="content-left">
<p>Echec de la mise à jour des informations</p> {% include 'kfet/left_account.html' %}
{% endif %} </div>
<form action="{% url 'kfet.account.update' account.trigramme %}" method="post"> </div>
{% csrf_token %} <div class="col-sm-8 col-md-9 col-content-right">
{{ user_form.as_p }} {% include "kfet/base_messages.html" %}
{{ cof_form.as_p }} <div class="content-right">
{{ account_form.as_p }} <div class="content-right-block">
<input type="submit" value="Mettre à jour"> <form action="{% url 'kfet.account.update' account.trigramme %}" method="post">
</form> {% csrf_token %}
{{ user_form.as_p }}
{{ cof_form.as_p }}
{{ account_form.as_p }}
{% if perms.kfet.is_team and not perms.kfet.change_account %}
<input type="password" name="KFETPASSWORD">
{% endif %}
<input type="submit" value="Mettre à jour">
</form>
</div>
</div>
</div>
</div>
{% endblock %} {% endblock %}

View file

@ -17,6 +17,7 @@
<script src="https://code.jquery.com/jquery-3.1.0.min.js" integrity="sha256-cCueBR6CsyA4/9szpPfrX3s49M9vUU5BgtiJj06wt/s=" crossorigin="anonymous"></script> <script src="https://code.jquery.com/jquery-3.1.0.min.js" integrity="sha256-cCueBR6CsyA4/9szpPfrX3s49M9vUU5BgtiJj06wt/s=" crossorigin="anonymous"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
<script type="text/javascript" src="{% static 'kfet/js/jquery-confirm.js' %}"></script> <script type="text/javascript" src="{% static 'kfet/js/jquery-confirm.js' %}"></script>
<script type="text/javascript" src="{% static 'kfet/js/kfet.js' %}"></script>
{% block extra_head %}{% endblock %} {% block extra_head %}{% endblock %}

View file

@ -18,10 +18,10 @@
<li><a href="{% url 'kfet.home' %}">Home</a></li> <li><a href="{% url 'kfet.home' %}">Home</a></li>
</ul> </ul>
<ul class="nav navbar-nav navbar-right"> <ul class="nav navbar-nav navbar-right">
{% if request.user.username == 'kfet_genericteam' %} {% if user.username == 'kfet_genericteam' %}
<li class="navbar-text">Équipe standard</li> <li class="navbar-text">Équipe standard</li>
{% endif %} {% endif %}
{% if request.user.profile.account_kfet %} {% if user.profile.account_kfet %}
<li> <li>
<a href="{% url 'kfet.account.read' request.user.profile.account_kfet.trigramme %}">Mes infos</a> <a href="{% url 'kfet.account.read' request.user.profile.account_kfet.trigramme %}">Mes infos</a>
</li> </li>
@ -34,13 +34,13 @@
<li><a href="{% url 'kfet.account' %}">Comptes</a></li> <li><a href="{% url 'kfet.account' %}">Comptes</a></li>
<li><a href="{% url 'kfet.checkout' %}">Caisses</a></li> <li><a href="{% url 'kfet.checkout' %}">Caisses</a></li>
<li><a href="{% url 'kfet.article' %}">Articles</a></li> <li><a href="{% url 'kfet.article' %}">Articles</a></li>
{% if request.user.username != 'kfet_genericteam' %} {% if user.username != 'kfet_genericteam' %}
<li><a href="{% url 'kfet.login.genericteam' %}" target="_blank" id="genericteam">Connexion standard</a></li> <li><a href="{% url 'kfet.login.genericteam' %}" target="_blank" id="genericteam">Connexion standard</a></li>
{% endif %} {% endif %}
</ul> </ul>
</li> </li>
{% endif %} {% endif %}
{% if request.user.is_authenticated %} {% if user.is_authenticated %}
<li><a href="/logout" title="Déconnexion"><span class="glyphicon glyphicon-log-out"></span></a></li> <li><a href="/logout" title="Déconnexion"><span class="glyphicon glyphicon-log-out"></span></a></li>
{% endif %} {% endif %}
</ul> </ul>

View file

@ -0,0 +1,43 @@
{% load kfet_tags %}
<div class="content-left-top {% if account.is_frozen %}frozen-account{% endif %}">
<div class="line trigramme">{{ account.trigramme }}</div>
<div class="line balance">{{ account.balance|ukf:account.is_cof }} UKF</div>
<div class="block">
<div class="line">{{ account.name }}</div>
{% if perms.kfet.is_team %}
<div class="line">{{ account.nickname }}</div>
{% endif %}
<div class="line">
{% if account.email %}
{{ account.email }}
{% else %}
Pas d'email !
{% endif %}
</div>
<div class="line">
{{ account.departement }} {{ account.promo }}
</div>
<div class="line">Statut COF: {{ account.is_cof }}</div>
</div>
<div class="block block-neg">
{% if account.negative.start %}
<div class="line">En négatif depuis {{ account.negative.start }}</div>
{% endif %}
{% if account.negative.balance_offset %}
<div class="line">Solde réel: {{ account.real_balance }} €</div>
{% endif %}
{% if account.negative.authz_overdraft_amount %}
<div class="line">Découvert autorisé: {{ account.negative.authz_overdraft_amount }} €</div>
{% endif %}
{% if account.negative.authz_overdraft_until %}
<div class="line">Découvert autorisé jusqu'à : {{ account.negative.authz_overdraft_until }}</div>
{% endif %}
</div>
</div>
<div class="buttons">
<a class="btn btn-primary btn-lg" href="{% url 'kfet.account.update' account.trigramme %}">
Modifier
</a>
<a class="btn btn-primary btn-lg" disabled>Recharger par CB</a>
</div>

View file

@ -230,11 +230,6 @@ def account_update(request, trigramme):
if request.method == "POST": if request.method == "POST":
# Update attempt # Update attempt
# Checking permissions
if not request.user.has_perm('kfet.change_account') \
and request.user != account.user:
raise PermissionDenied
# Peuplement des forms # Peuplement des forms
if request.user.has_perm('kfet.change_account'): if request.user.has_perm('kfet.change_account'):
account_form = AccountForm(request.POST, instance = account) account_form = AccountForm(request.POST, instance = account)
@ -243,24 +238,33 @@ def account_update(request, trigramme):
cof_form = CofRestrictForm(request.POST, instance=account.cofprofile) cof_form = CofRestrictForm(request.POST, instance=account.cofprofile)
user_form = UserRestrictForm(request.POST, instance=account.user) user_form = UserRestrictForm(request.POST, instance=account.user)
if all((account_form.is_valid(), cof_form.is_valid(), user_form.is_valid())): # Checking permissions
data = {} if (request.user.has_perm('kfet.change_account')
# Fill data for Account.save() or request.user == account.user):
put_cleaned_data_in_dict(data, user_form) # Permissions ok
put_cleaned_data_in_dict(data, cof_form) if all((account_form.is_valid(), cof_form.is_valid(), user_form.is_valid())):
data = {}
# Fill data for Account.save()
put_cleaned_data_in_dict(data, user_form)
put_cleaned_data_in_dict(data, cof_form)
# Updating # Updating
account_form.save(data = data) account_form.save(data = data)
if request.user == account.user: if request.user == account.user:
messages.success(request, \ messages.success(request,
'Vos informations ont été mises à jour') 'Vos informations ont été mises à jour')
else:
messages.success(request,
'Informations du compte %s mises à jour' % account.trigramme)
#return redirect('kfet.account.read', account.trigramme)
else: else:
messages.success(request, \ messages.error(request,
'Informations du compte %s mises à jour' % account.trigramme) 'Informations non mises à jour. Corrigez les erreurs')
return redirect('kfet.account.read', account.trigramme)
else: else:
messages.error(request, \ # Permissions not ok
'Informations non mises à jour. Corrigez les erreurs') if request.user.has_perm('kfet.is_team'):
account_form = AccountForm(request.POST, instance = account)
messages.error(request, 'Permission refusée')
else: else:
# No update attempt # No update attempt
if request.user.has_perm('kfet.is_team'): if request.user.has_perm('kfet.is_team'):
@ -271,11 +275,11 @@ def account_update(request, trigramme):
user_form = UserRestrictForm(instance = account.user) user_form = UserRestrictForm(instance = account.user)
return render(request, "kfet/account_update.html", { return render(request, "kfet/account_update.html", {
'account' : account, 'account' : account,
'account_form' : account_form, 'account_form' : account_form,
'cof_form' : cof_form, 'cof_form' : cof_form,
'user_form' : user_form, 'user_form' : user_form,
}) })
# ----- # -----
# Checkout views # Checkout views