\ No newline at end of file
diff --git a/jm2l/views.py b/jm2l/views.py
index 37b48b6..4331a0d 100644
--- a/jm2l/views.py
+++ b/jm2l/views.py
@@ -77,7 +77,7 @@ def JSON_User_Request(request):
UserQuery = request.params.get('searchTerm', u"")
# Don't answer to users that aren't logged
if not request.user:
- raise HTTPForbidden('You have to be logged to hope an answer.')
+ raise HTTPForbidden(u'Vous devez vous identifier pour obtenir une réponse.')
# Check consistancy of parameters
if pageSize.isdigit() and current_page.isdigit():
current_page = int(current_page)
@@ -102,7 +102,7 @@ def JSON_Tiers_Request(request):
TiersQuery = request.params.get('searchTerm', u"")
# Don't answer to users that aren't logged
if not request.user:
- raise HTTPForbidden('You have to be logged to hope an answer.')
+ raise HTTPForbidden(u'Vous devez vous identifier pour obtenir une réponse.')
# Check consistancy of parameters
if pageSize.isdigit() and current_page.isdigit():
current_page = int(current_page)
@@ -203,8 +203,6 @@ def JSON_TimeLine_Request(request):
DicResult["date"] = ListEv
return { 'timeline':DicResult }
-
-
## =-=- Here, We handle HTTP requests - Public Part -=-=
@view_config(route_name='home', renderer="jm2l:templates/NewIndex.mako")
def index_page(request):
@@ -259,6 +257,12 @@ def static_plan(request):
## =-=- Here, We handle HTTP requests - Staff Logged Part -=-=
@view_config(route_name='list_task', renderer='jm2l:templates/Staff/list.mako')
def list_view(request):
+ if request.user is None:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden('Vous devez vous identifier pour obtenir une réponse.')
+ if not request.user.Staff:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden(u'Vous n\'avez pas l\'autorité suffisante pour effectuer cette action.')
DicTask = {}
taskgroup = DBSession.query( TasksArea ).all()
for grp in taskgroup:
@@ -270,6 +274,12 @@ def list_view(request):
@view_config(route_name='handle_task', renderer='jm2l:templates/Staff/tasks.mako')
def tasks(request):
+ if request.user is None:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden('Vous devez vous identifier pour obtenir une réponse.')
+ if not request.user.Staff:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden(u'Vous n\'avez pas l\'autorité suffisante pour effectuer cette action.')
task_id = request.matchdict.get('task_id')
# Convert the pole_id GET parameter to int or 0
try:
@@ -316,6 +326,12 @@ def tasks(request):
@view_config(route_name='handle_pole', renderer='jm2l:templates/Staff/pole.mako')
def tasks_area(request):
+ if request.user is None:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden('Vous devez vous identifier pour obtenir une réponse.')
+ if not request.user.Staff:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden(u'Vous n\'avez pas l\'autorité suffisante pour effectuer cette action.')
pole_id = request.matchdict.get('pole_id')
if pole_id:
Pole = TasksArea.by_id(int(pole_id))
@@ -336,6 +352,12 @@ def tasks_area(request):
@view_config(route_name='action_task')
def action_task(request):
+ if request.user is None:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden('Vous devez vous identifier pour obtenir une réponse.')
+ if not request.user.Staff:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden(u'Vous n\'avez pas l\'autorité suffisante pour effectuer cette action.')
action = request.matchdict.get('action')
task_id = request.matchdict.get('task_id')
Task = Tasks.by_id(int(task_id))
@@ -364,9 +386,14 @@ def action_task_area(request):
DBSession.delete(Pole)
return HTTPFound(location=request.route_url('list_task'))
-
@view_config(route_name='list_salles', renderer='jm2l:templates/Salles/list.mako')
def list_salles(request):
+ if request.user is None:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden('Vous devez vous identifier pour obtenir une réponse.')
+ if not request.user.Staff:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden(u'Vous n\'avez pas l\'autorité suffisante pour effectuer cette action.')
DicSalle = {}
years = DBSession.query( JM2L_Year ).all()
for year in years:
@@ -378,6 +405,12 @@ def list_salles(request):
@view_config(route_name='handle_salle', renderer='jm2l:templates/Salles/salle.mako')
def handle_salle(request):
+ if request.user is None:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden('Vous devez vous identifier pour obtenir une réponse.')
+ if not request.user.Staff:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden(u'Vous n\'avez pas l\'autorité suffisante pour effectuer cette action.')
salle_id = request.matchdict.get('salle_id')
if salle_id:
Salle = Salles.by_id(int(salle_id))
@@ -400,6 +433,12 @@ def handle_salle(request):
@view_config(route_name='handle_salle_phy', renderer='jm2l:templates/Salles/salle_phy.mako')
def handle_salle_phy(request):
+ if request.user is None:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden('Vous devez vous identifier pour obtenir une réponse.')
+ if not request.user.Staff:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden(u'Vous n\'avez pas l\'autorité suffisante pour effectuer cette action.')
salle_id = request.matchdict.get('salle_id')
if salle_id:
Salle = SallePhy.by_id(int(salle_id))
@@ -422,6 +461,12 @@ def handle_salle_phy(request):
@view_config(route_name='action_salle')
def action_salle(request):
+ if request.user is None:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden('Vous devez vous identifier pour obtenir une réponse.')
+ if not request.user.Staff:
+ # Don't answer to users that aren't logged
+ raise HTTPForbidden(u'Vous n\'avez pas l\'autorité suffisante pour effectuer cette action.')
action = request.matchdict.get('action')
salle_id = request.matchdict.get('salle_id')
Salle = Salles.by_id(int(salle_id))
@@ -486,7 +531,7 @@ def exchange(request):
def sejour(request):
if request.user is None:
# Don't answer to users that aren't logged
- raise HTTPForbidden('You have to be logged to hope an answer.')
+ raise HTTPForbidden(u'Vous devez vous identifier pour obtenir une réponse.')
if request.method == 'POST':
print request.POST
return HTTPFound(location='/MesJM2L#Sejour')
@@ -495,7 +540,7 @@ def sejour(request):
def vote_logo(request):
if request.user is None:
# Don't answer to users that aren't logged
- raise HTTPForbidden('You have to be logged to hope an answer.')
+ raise HTTPForbidden(u'Vous devez vous identifier pour obtenir une réponse.')
else:
vote = int(request.matchdict.get('num', -1))
come = request.params.get('come_from')
@@ -508,14 +553,13 @@ def vote_logo(request):
request.session.flash(('warning',u"Votre vote n'a été pris en compte."))
if come:
return HTTPFound(location=come)
- raise HTTPForbidden('You have to be logged to hope an answer.')
-
+ raise HTTPForbidden(u'Vous devez vous identifier pour obtenir une réponse.')
@view_config(route_name='jm2l', renderer="jm2l:templates/jm2l.mako")
def jm2l_page(request):
if request.user is None:
# Don't answer to users that aren't logged
- raise HTTPForbidden('You have to be logged to hope an answer.')
+ raise HTTPForbidden('Vous devez vous identifier pour obtenir une réponse.')
page = int(request.params.get('page', 1))
UserNum = request.params.get('user')
@@ -523,10 +567,13 @@ def jm2l_page(request):
profil = User.by_id(int(UserNum))
if not profil:
raise HTTPNotFound()
+ if not request.user.Staff:
+ raise HTTPForbidden(u'Vous n\'avez pas l\'autorité suffisante pour effectuer cette action.')
else:
profil = request.user
# Build Form
profil_form = ProfilForm(request.POST, profil, meta={'csrf_context': request.session})
+ miam_form = MiamForm(request.POST, profil, meta={'csrf_context': request.session})
if request.method == 'POST' and profil_form.validate():
ToDelete = list()
# First, we remove entries no more present
@@ -556,7 +603,8 @@ def jm2l_page(request):
'DBTiers':Tiers,
'DBTiersOpt':TiersOpt,
'Exchanges':Exchange,
- 'profil_form':profil_form,
+ 'profil_form':profil_form,
+ 'miam_form':miam_form,
'uprofil':profil,
'logged_in':request.authenticated_userid
}
@@ -883,7 +931,7 @@ def edit_event(request):
if intervention=='Conference':
IntervLabel = u'conférence'
# Check intervention
- if not intervention in ['Stand', 'Table ronde', 'Atelier', 'Conference']:
+ if not intervention in ['Stand', 'Table ronde', 'Atelier', 'Conference', 'Concert']:
raise HTTPNotFound(u"Ce type d'évenement n'est pas reconnu")
TheYear = DBSession.query(JM2L_Year)\
.filter(JM2L_Year.year_uid==year)\
@@ -907,7 +955,7 @@ def edit_event(request):
raise HTTPNotFound(u"Cette réference n'existe pas")
if request.user is None or not (request.user.Staff or request.user in TheEvent.intervenants):
- return HTTPForbidden(u"Vous n'êtes pas identifié comme étant un participant à cette intervention.")
+ raise HTTPForbidden(u"Vous n'êtes pas identifié comme étant un participant à cette intervention.")
# Compute some field value from selected event
if TheEvent.start_time in TheYear.AvailableTimeSlots:
start_sel = TheYear.AvailableTimeSlots.index(TheEvent.start_time)
@@ -985,14 +1033,14 @@ def edit_event(request):
if not duration in map(lambda (d,y): d, form.duration.choices):
form.duration.choices.append( (duration,u'Atelier (%dh%.2d)' % (duration/60, duration%60) ) )
SalleDispo = SalleDispo.filter(Salles.place_type=='Ateliers')
- elif intervention=="Table_Ronde":
+ elif intervention=="Table ronde":
form.duration.choices = map( lambda d:(d, u'Table ronde (%dh%.2d)' % (d/60, d%60) ), \
[60, 90, 120, 150] )
if not duration in map(lambda (d,y): d, form.duration.choices):
form.duration.choices.append( (duration,u'Table ronde (%dh%.2d)' % (duration/60, duration%60) ) )
SalleDispo = SalleDispo.filter(Salles.place_type=='Conference')
else:
- return HTTPForbidden(u"Pas encore disponible.")
+ raise HTTPForbidden(u"Pas encore disponible.")
form.salle_uid.choices = [(s.salle_id, s.name) for s in SalleDispo]
form.start_sel.choices = TimeSlots
@@ -1059,7 +1107,7 @@ def edit_tiers(request):
TargetList = list()
if request.user is None:
# Don't answer to users that aren't logged
- raise HTTPForbidden('You have to be logged to hope an answer.')
+ raise HTTPForbidden(u'Vous devez vous identifier pour obtenir une réponse.')
entity_types = DBSession.query(TiersOpt.entity_type).group_by(TiersOpt.entity_type).all()
for entity_type in entity_types:
entity_subtypes = DBSession.query(TiersOpt)\