Download as
Browse Code »

Commit 7b46b5228543f33d71581201208c708179b4934c

Authored by Adley
1 parent aa3fa2d6
Exists in master

Correção de permissões, de templates e menssagens

Showing 8 changed files with 66 additions and 56 deletions   Show diff stats
wscacicneo/__init__.py
  Diff comments   View file @7b46b52
... ... @@ -5,6 +5,7 @@ from wscacicneo import config
5 5 from pyramid.authentication import AuthTktAuthenticationPolicy
6 6 from pyramid.authorization import ACLAuthorizationPolicy
7 7 from pyramid.config import Configurator
  8 +from pyramid.httpexceptions import HTTPNotFound
8 9  
9 10  
10 11  
... ... @@ -31,7 +32,6 @@ def main(global_config, **settings):
31 32  
32 33 # Rotas Básicas
33 34 cfg.add_route('home', 'home')
34   - cfg.add_route('error', 'error')
35 35 cfg.add_route('notifications', 'notifications')
36 36 cfg.add_route('orgao', 'orgao/cadastro')
37 37  
... ...
wscacicneo/models.py
  Diff comments   View file @7b46b52
... ... @@ -65,7 +65,7 @@ so = Table('so', Base.metadata,
65 65 mapper(SistemaOperacional, so)
66 66  
67 67 class RootFactory(object):
68   - __acl__ = [ (Allow, Everyone, 'view'),
69   - (Allow, 'Administrador', 'edit') ]
  68 + __acl__ = [ (Allow, Everyone, 'user'),
  69 + (Allow, 'Administrador', 'admin') ]
70 70 def __init__(self, request):
71 71 pass
72 72 \ No newline at end of file
... ...
wscacicneo/templates/editarorgao.pt
  Diff comments   View file @7b46b52
... ... @@ -105,8 +105,8 @@
105 105 type: "PUT",
106 106 url: "${request.route_url('root')}put_orgao",
107 107 data: data,
108   - success: function(){ alert('Cadastro realizado com sucesso') },
109   - error: function(){ alert('Erro ao realizar o cadastro. Todos os campos são obrigatórios') },
  108 + success: function(){ alert('Alteração realizado com sucesso') },
  109 + error: function(){ alert('Erro ao alterar o orgão. Todos os campos são obrigatórios') },
110 110 });
111 111 });
112 112 </script>
... ...
wscacicneo/templates/editaruser.pt
  Diff comments   View file @7b46b52
... ... @@ -59,7 +59,7 @@
59 59 <div class="form-group">
60 60 <label class="col-lg-2 control-label">Senha</label>
61 61 <div class="col-lg-5">
62   - <input type="text" id="senha" value="${senha}" class="form-control" placeholder="Informe novamente sua senha">
  62 + <input type="text" id="senha" class="form-control" placeholder="Informe novamente sua senha">
63 63 </div>
64 64 </div><div class="form-group">
65 65 <label class="col-lg-2 control-label">Confirmar Senha</label>
... ... @@ -114,16 +114,30 @@
114 114 'permissao': permissao,
115 115 'senha': senha
116 116 }
117   - if (data.email.indexOf("gov.br") > -1 == false){
118   - alert('Somente é permitido cadastro de e-mails institucionais');
  117 + var emailCorreto = 0;
  118 + var senhaConfere = 0;
  119 + if (data.email.indexOf("gov.br") > -1 == true){
  120 + emailCorreto = 1;
  121 + }
  122 + if(senha.value == confirmarsenha.value && senha.value != "" ){
  123 + senhaConfere = 1;
  124 + }
  125 + if (emailCorreto == 0 || senhaConfere == 0){
  126 + if(emailCorreto == 0){
  127 + setTimeout(function() {noty({text: 'Erro: O campo "E-Mail" deve ser preenchido por um e-mail institucional',layout:'topRight',type:'error',timeout:5000});}, 100);
  128 + }
  129 + if(senhaConfere == 0){
  130 + setTimeout(function() {noty({text: 'Erro: O campo "Senha" e "Confirmar Senha" estão diferentes ou em branco',layout:'topRight',type:'error',timeout:5000});}, 100);
  131 + }
119 132 }else{
120   - $.ajax({
121   - type: "PUT",
122   - url: "${request.route_url('root')}put_user",
123   - data: data,
124   - success: function(){ alert('sucesso') },
125   - error: function(){ alert('erro') },
126   - });}
  133 + $.ajax({
  134 + type: "PUT",
  135 + url: "${request.route_url('root')}put_user",
  136 + data: data,
  137 + success: function(){ alert('Alteração realizado com sucesso') },
  138 + error: function(){ alert('Erro ao Alterar do usuário. Todos os campos são obrigatórios') },
  139 + });
  140 + }
127 141 });
128 142 </script>
129 143 </metal:content>
... ...
wscacicneo/templates/home.pt
  Diff comments   View file @7b46b52
1 1 <metal:main use-macro="load: master.pt">
2 2 <metal:content fill-slot="conteudo">
3 3 <div>
4   - <p><h3 align="center">Sistema Super-Gerente</h3></p>
  4 + <p><h2 align="center">Sistema Super-Gerente</h2></p>
  5 + <br>
  6 + <p><h3 align="center"><a href="${request.route_url('root')}login"> Faça Login </a></h3></p>
5 7 </div>
6 8 </metal:content>
7 9 </metal:main>
... ...
wscacicneo/templates/list_user.pt
  Diff comments   View file @7b46b52
... ... @@ -24,8 +24,7 @@
24 24 <tr>
25 25 <th>Nome</th>
26 26 <th>Matricula</th>
27   - <th>Cargo</th>
28   - <th>Setor</th>
  27 + <th>E-mail</th>
29 28 <th>Orgão</th>
30 29 <th>Permissão</th>
31 30 <th>Opções</th>
... ... @@ -35,14 +34,12 @@
35 34 <tr tal:repeat="doc user_doc">
36 35 <td>${doc.nome}</td>
37 36 <td>${doc.matricula}</td>
38   - <td>${doc.cargo}</td>
39   - <td>${doc.setor}</td>
  37 + <td>${doc.email}</td>
40 38 <td>${doc.orgao}</td>
41 39 <td>${doc.permissao}</td>
42 40 <td>
43   - <a class="btn btn-xs btn-success"><i class="fa fa-check"></i></a>
44   - <a href="${request.route_url('root')}usuario/editar/${doc.matricula}" class="btn btn-xs btn-warning"><i class="fa fa-pencil"></i></a>
45   - <a href="${request.route_url('root')}usuario/delete/${doc.matricula}" class="btn btn-xs btn-danger"><i class="fa fa-times"></i></a>
  41 + <a href="${request.route_url('root')}usuario/editar/${doc.matricula}" class="btn btn-xs btn-warning" title="Editar"><i class="fa fa-pencil"></i></a>
  42 + <a href="${request.route_url('root')}usuario/delete/${doc.matricula}" class="btn btn-xs btn-danger" title="Apagar"><i class="fa fa-times"></i></a>
46 43 </td>
47 44 </tr>
48 45 </tbody>
... ...
wscacicneo/templates/master.pt
  Diff comments   View file @7b46b52
... ... @@ -96,7 +96,7 @@
96 96  
97 97 <!-- Page heading -->
98 98 <div class="page-head">
99   - <h2 class="pull-left"><i class="fa fa-home"></i> ${request.path}</h2>
  99 + <h2 class="pull-left"><i class="fa fa-home"></i> Você está em: ${request.path}</h2>
100 100  
101 101  
102 102 <div class="clearfix"></div>
... ...
wscacicneo/views.py
  Diff comments   View file @7b46b52
1 1 import requests
2 2 import json
3 3 from pyramid.response import Response
4   -from pyramid.httpexceptions import HTTPFound
  4 +from pyramid.httpexceptions import HTTPFound, HTTPNotFound
5 5 from pyramid.view import view_config
6 6 from sqlalchemy.orm import sessionmaker
7 7 from sqlalchemy import create_engine, MetaData
... ... @@ -50,16 +50,12 @@ def root(request):
50 50 return {'project': 'WSCacicNeo'}
51 51  
52 52 # Views básicas
53   -@view_config(route_name='home', renderer='templates/home.pt')
  53 +@view_config(route_name='home', renderer='templates/home.pt', permission="user")
54 54 def home(request):
55 55 return {'project': 'WSCacicNeo'}
56 56  
57   -@view_config(route_name='error', renderer='templates/error.pt')
58   -def error(request):
59   - return {'project': 'WSCacicNeo'}
60   -
61 57 # Lista de Notificação
62   -@view_config(route_name='list_notify', renderer='templates/list_notify.pt')
  58 +@view_config(route_name='list_notify', renderer='templates/list_notify.pt', permission="admin")
63 59 def list_notify(request):
64 60 notify_obj = Notify(
65 61 orgao = 'deasdsd',
... ... @@ -72,11 +68,11 @@ def list_notify(request):
72 68 return {'doc': doc}
73 69  
74 70  
75   -@view_config(route_name='notify', renderer='templates/notify_coleta.pt')
  71 +@view_config(route_name='notify', renderer='templates/notify_coleta.pt', permission="admin")
76 72 def notify(request):
77 73 return {'project': 'WSCacicNeo'}
78 74  
79   -@view_config(route_name='post_notify')
  75 +@view_config(route_name='post_notify', permission="admin")
80 76 def post_notify(request):
81 77 requests = request.params
82 78 notify_obj = Notify(
... ... @@ -89,11 +85,11 @@ def post_notify(request):
89 85 return Response(str(results))
90 86  
91 87 # Views de Orgão
92   -@view_config(route_name='orgao', renderer='templates/orgao.pt')
  88 +@view_config(route_name='orgao', renderer='templates/orgao.pt', permission="admin")
93 89 def orgao(request):
94 90 return {'project': 'WSCacicNeo'}
95 91  
96   -@view_config(route_name='listorgao', renderer='templates/list_orgao.pt')
  92 +@view_config(route_name='listorgao', renderer='templates/list_orgao.pt', permission="user")
97 93 def listorgao(request):
98 94 orgao_obj = Orgao(
99 95 nome = 'sahuds',
... ... @@ -108,7 +104,7 @@ def listorgao(request):
108 104 search = orgao_obj.search_list_orgaos()
109 105 return {'orgao_doc': search.results}
110 106  
111   -@view_config(route_name='editorgao', renderer='templates/editarorgao.pt')
  107 +@view_config(route_name='editorgao', renderer='templates/editarorgao.pt', permission="admin")
112 108 def editorgao(request):
113 109 sigla = request.matchdict['sigla']
114 110 orgao_obj = Orgao(
... ... @@ -133,7 +129,7 @@ def editorgao(request):
133 129 'url' : search.results[0].url
134 130 }
135 131  
136   -@view_config(route_name='post_orgao')
  132 +@view_config(route_name='post_orgao', permission="admin")
137 133 def post_orgao(request):
138 134 """
139 135 Post doc órgãos
... ... @@ -156,7 +152,7 @@ def post_orgao(request):
156 152  
157 153 return Response(str(id_doc))
158 154  
159   -@view_config(route_name='put_orgao')
  155 +@view_config(route_name='put_orgao', permission="admin")
160 156 def put_orgao(request):
161 157 """
162 158 Edita um doc apartir do id
... ... @@ -190,7 +186,7 @@ def put_orgao(request):
190 186  
191 187 return Response(edit)
192 188  
193   -@view_config(route_name='delete_orgao')
  189 +@view_config(route_name='delete_orgao', permission="admin")
194 190 def delete_orgao(request):
195 191 """
196 192 Deleta doc apartir do id
... ... @@ -214,7 +210,7 @@ def delete_orgao(request):
214 210 return Response(delete)
215 211  
216 212 # Views de Favoritos
217   -@view_config(route_name='favoritos', renderer='templates/favoritos.pt')
  213 +@view_config(route_name='favoritos', renderer='templates/favoritos.pt', permission="admin")
218 214 def favoritos(request):
219 215 matricula = request.matchdict['matricula']
220 216 user_obj = User(
... ... @@ -245,7 +241,7 @@ def favoritos(request):
245 241 'senha' : search.results[0].senha
246 242 }
247 243  
248   -@view_config(route_name='edit_favoritos')
  244 +@view_config(route_name='edit_favoritos', permission="admin")
249 245 def edit_favoritos(request):
250 246 """
251 247 Editar do Favoritos
... ... @@ -284,7 +280,7 @@ def edit_favoritos(request):
284 280 return Response(edit)
285 281  
286 282 # Reports
287   -@view_config(route_name='create_orgao')
  283 +@view_config(route_name='create_orgao',permission="admin")
288 284 def create_base(request):
289 285 nm_orgao = request.matchdict['nm_orgao']
290 286 coletaManualBase = coleta_manual.ColetaManualBase(nm_orgao)
... ... @@ -308,7 +304,7 @@ def conf_report(request):
308 304 search = orgao_obj.search_list_orgaos()
309 305 return {'orgao_doc': search.results}
310 306  
311   -@view_config(route_name='report_itens', renderer='templates/report.pt')
  307 +@view_config(route_name='report_itens', renderer='templates/report.pt', permission="admin")
312 308 def report_itens(request):
313 309 nm_orgao = request.matchdict['nm_orgao']
314 310 attr = request.matchdict['attr']
... ... @@ -318,11 +314,11 @@ def report_itens(request):
318 314  
319 315 # Users
320 316  
321   -@view_config(route_name='user', renderer='templates/user.pt', permission='edit')
  317 +@view_config(route_name='user', renderer='templates/user.pt', permission='admin')
322 318 def user(request):
323 319 return {'project': 'WSCacicNeo'}
324 320  
325   -@view_config(route_name='post_user')
  321 +@view_config(route_name='post_user', permission="admin")
326 322 def post_user(request):
327 323 """
328 324 Post doc users
... ... @@ -355,7 +351,7 @@ def post_user(request):
355 351 else:
356 352 return {"emailerrado":"emailerrado"}
357 353  
358   -@view_config(route_name='edituser', renderer='templates/editaruser.pt', permission="edit")
  354 +@view_config(route_name='edituser', renderer='templates/editaruser.pt', permission="admin")
359 355 def edituser(request):
360 356 matricula = request.matchdict['matricula']
361 357 user_obj = User(
... ... @@ -382,7 +378,7 @@ def edituser(request):
382 378 'senha' : search.results[0].senha
383 379 }
384 380  
385   -@view_config(route_name='put_user')
  381 +@view_config(route_name='put_user', permission="admin")
386 382 def put_user(request):
387 383 """
388 384 Edita um doc de user apartir do id
... ... @@ -423,7 +419,7 @@ def put_user(request):
423 419 else:
424 420 return { }
425 421  
426   -@view_config(route_name='listuser', renderer='templates/list_user.pt', permission="view")
  422 +@view_config(route_name='listuser', renderer='templates/list_user.pt', permission="admin")
427 423 def listuser(request):
428 424 user_obj = User(
429 425 nome = 'asdasd',
... ... @@ -440,7 +436,7 @@ def listuser(request):
440 436 search = user_obj.search_list_users()
441 437 return {'user_doc': search.results}
442 438  
443   -@view_config(route_name='delete_user')
  439 +@view_config(route_name='delete_user', permission="admin")
444 440 def delete_user(request):
445 441 """
446 442 Deleta doc apartir do id
... ... @@ -465,7 +461,7 @@ def delete_user(request):
465 461 return Response(delete)
466 462  
467 463 # Autenticação
468   -@view_config(route_name='login', renderer='templates/login.pt')
  464 +@view_config(route_name='login', renderer='templates/login.pt', permission="view")
469 465 @forbidden_view_config(renderer='templates/login.pt')
470 466 def login(request):
471 467 user_obj = User(
... ... @@ -482,10 +478,11 @@ def login(request):
482 478 )
483 479 login_url = request.route_url('login')
484 480 referrer = request.url
  481 + message = 'Você não tem permissão para isso. Autentique-se.'
485 482 if referrer == login_url:
486 483 referrer = request.route_url('root') + 'home' # never use the login form itself as came_from
  484 + message = ''
487 485 came_from = request.params.get('came_from', referrer)
488   - message = ''
489 486 email = ''
490 487 senha = ''
491 488 is_visible = 'none'
... ... @@ -498,12 +495,12 @@ def login(request):
498 495 headers = remember(request, email)
499 496 return HTTPFound(location = came_from,
500 497 headers = headers)
501   - is_visible = "block"
502 498 message = 'E-mail ou senha incorretos'
503 499 except:
504   - is_visible = "block"
505 500 message = 'E-mail ou senha incorretos'
506 501  
  502 + if message != '':
  503 + is_visible = "block"
507 504 return dict(
508 505 message = message,
509 506 url = request.application_url + '/login',
... ... @@ -513,14 +510,14 @@ def login(request):
513 510 is_visible = is_visible,
514 511 )
515 512  
516   -@view_config(route_name='logout')
  513 +@view_config(route_name='logout', permission="admin")
517 514 def logout(request):
518 515 headers = forget(request)
519 516 return HTTPFound(location = request.route_url('login'),
520 517 headers = headers)
521 518  
522 519 # Coleta
523   -@view_config(route_name='cadastro_coleta', renderer='templates/cadastro_coleta.pt')
  520 +@view_config(route_name='cadastro_coleta', renderer='templates/cadastro_coleta.pt', permission="admin")
524 521 def cadastro_coleta(request):
525 522 orgao_obj = Orgao(
526 523 nome = 'teste',
... ... @@ -536,7 +533,7 @@ def cadastro_coleta(request):
536 533 return {'orgao_doc': search.results}
537 534  
538 535  
539   -@view_config(route_name='post_coleta_manual')
  536 +@view_config(route_name='post_coleta_manual', permission="admin")
540 537 def post_coleta_manual(request):
541 538 """
542 539 Post doc ColetaManual
... ...