forked from elmau/empresa-libre
Validar usuario
This commit is contained in:
parent
ef076a9085
commit
3ef8807ee9
|
@ -88,10 +88,18 @@ class AppMain(object):
|
||||||
|
|
||||||
|
|
||||||
class AppValues(object):
|
class AppValues(object):
|
||||||
|
TABLES = ('allusuarios', 'usuario', 'usuarioupdate', 'editusuario',
|
||||||
|
'addusuario')
|
||||||
|
|
||||||
def __init__(self, db):
|
def __init__(self, db):
|
||||||
self._db = db
|
self._db = db
|
||||||
|
|
||||||
|
def _valid_user(self, table, user):
|
||||||
|
if table in self.TABLES and not user.es_admin:
|
||||||
|
return False
|
||||||
|
|
||||||
|
return True
|
||||||
|
|
||||||
def on_get(self, req, resp, table):
|
def on_get(self, req, resp, table):
|
||||||
values = req.params
|
values = req.params
|
||||||
session = req.env['beaker.session']
|
session = req.env['beaker.session']
|
||||||
|
@ -109,6 +117,10 @@ class AppValues(object):
|
||||||
req.context['result'] = session['userobj'].es_superusuario \
|
req.context['result'] = session['userobj'].es_superusuario \
|
||||||
or session['userobj'].es_admin
|
or session['userobj'].es_admin
|
||||||
else:
|
else:
|
||||||
|
if not self._valid_user(table, session['userobj']):
|
||||||
|
resp.status = falcon.HTTP_403
|
||||||
|
return
|
||||||
|
|
||||||
req.context['result'] = self._db.get_values(table, values, session)
|
req.context['result'] = self._db.get_values(table, values, session)
|
||||||
resp.status = falcon.HTTP_200
|
resp.status = falcon.HTTP_200
|
||||||
|
|
||||||
|
@ -120,6 +132,10 @@ class AppValues(object):
|
||||||
resp.status = falcon.HTTP_204
|
resp.status = falcon.HTTP_204
|
||||||
return
|
return
|
||||||
|
|
||||||
|
if not self._valid_user(table, session['userobj']):
|
||||||
|
resp.status = falcon.HTTP_403
|
||||||
|
return
|
||||||
|
|
||||||
if self._db.delete(table, values['id']):
|
if self._db.delete(table, values['id']):
|
||||||
resp.status = falcon.HTTP_200
|
resp.status = falcon.HTTP_200
|
||||||
else:
|
else:
|
||||||
|
@ -130,6 +146,11 @@ class AppValues(object):
|
||||||
if file_object is None:
|
if file_object is None:
|
||||||
session = req.env['beaker.session']
|
session = req.env['beaker.session']
|
||||||
values = req.params
|
values = req.params
|
||||||
|
|
||||||
|
if not self._valid_user(table, session['userobj']):
|
||||||
|
resp.status = falcon.HTTP_403
|
||||||
|
return
|
||||||
|
|
||||||
if table == 'correo':
|
if table == 'correo':
|
||||||
req.context['result'] = self._db.validate_email(values)
|
req.context['result'] = self._db.validate_email(values)
|
||||||
elif table == 'sendmail':
|
elif table == 'sendmail':
|
||||||
|
|
|
@ -3889,8 +3889,8 @@ class Facturas(BaseModel):
|
||||||
comprobante['Descuento'] = FORMAT.format(invoice.descuento)
|
comprobante['Descuento'] = FORMAT.format(invoice.descuento)
|
||||||
|
|
||||||
if invoice.tipo_comprobante == 'T':
|
if invoice.tipo_comprobante == 'T':
|
||||||
comprobante['SubTotal'] = '0.0'
|
comprobante['SubTotal'] = '0.00'
|
||||||
comprobante['Total'] = '0.0'
|
comprobante['Total'] = '0.00'
|
||||||
del comprobante['FormaPago']
|
del comprobante['FormaPago']
|
||||||
|
|
||||||
if invoice.tipo_relacion:
|
if invoice.tipo_relacion:
|
||||||
|
|
Loading…
Reference in New Issue