Miroir du site de l'AE UTBM https://ae.utbm.fr
Go to file
2016-06-21 11:52:45 +02:00
accounting Add CanCreateMixin, and add amount in journals 2016-06-20 15:47:26 +02:00
club Add CanCreateMixin, and add amount in journals 2016-06-20 15:47:26 +02:00
core Add CanCreateMixin, and add amount in journals 2016-06-20 15:47:26 +02:00
counter Almost finish the counter views, still need the plateaux 2016-06-02 14:55:12 +02:00
doc Small orhtograph fix 2016-06-21 11:52:45 +02:00
sith Update report, again 2016-06-20 00:01:26 +02:00
subscription Some refactoring between accounting and counter 2016-05-31 13:00:52 +02:00
.gitignore Some refactoring between accounting and counter 2016-05-31 13:00:52 +02:00
.gitlab-ci.yml Remove setup step from CI, it was not needed 2016-04-20 03:33:03 +02:00
CONTRIBUTING.md jumplines 2016-03-07 13:36:06 +01:00
Doxyfile Finish the report 2016-06-21 00:47:11 +02:00
LICENSE Add license 2016-06-21 00:42:33 +02:00
manage.py First commit: basic users 2015-11-18 09:44:06 +01:00
README.md Some refactoring between accounting and counter 2016-05-31 13:00:52 +02:00
requirements.txt Update requirements.txt 2016-03-10 13:53:40 +01:00

Sith AE

Get started

To start working on the project, just run the following commands:

git clone https://ae-dev.utbm.fr/ae/Sith.git
cd Sith
virtualenv --clear --python=python3 env
source env_sith/bin/activate
pip install -r requirements.txt
./manage.py setup

To start the simple development server, just run python3 manage.py runserver

Generating documentation

There is a Doxyfile at the root of the project, meaning that if you have Doxygen, you can run doxygen Doxyfile to generate a complete HTML documentation that will be available in the ./doc/html/ folder.

Dependencies:

See requirements.txt

The development is done with sqlite, but it is advised to set a more robust DBMS for production (Postgresql for example)

Misc about development

Controlling the rights

When you need to protect an object, there are three levels:

  • Editing the object properties
  • Editing the object various values
  • Viewing the object

Now you have many solutions in your model:

  • You can define a is_owned_by(self, user), a can_be_edited_by(self, user), and/or a can_be_viewed_by(self, user) method, each returning True is the user passed can edit/view the object, False otherwise.
    This allows you to make complex request when the group solution is not powerful enough.
    It's useful too when you want to define class-wide permissions, e.g. the club members, that are viewable only for Subscribers.
  • You can add an owner_group field, as a ForeignKey to Group. Second is an edit_groups field, as a ManyToMany to Group, and third is a view_groups, same as for edit.

Finally, when building a class based view, which is highly advised, you just have to inherit it from CanEditPropMixin, CanEditMixin, or CanViewMixin, which are located in core.views. Your view will then be protected using either the appropriate group fields, or the right method to check user permissions.