Validar usuario
This commit is contained in:
parent
ef076a9085
commit
3ef8807ee9
|
@ -88,10 +88,18 @@ class AppMain(object):
|
|||
|
||||
|
||||
class AppValues(object):
|
||||
TABLES = ('allusuarios', 'usuario', 'usuarioupdate', 'editusuario',
|
||||
'addusuario')
|
||||
|
||||
def __init__(self, db):
|
||||
self._db = db
|
||||
|
||||
def _valid_user(self, table, user):
|
||||
if table in self.TABLES and not user.es_admin:
|
||||
return False
|
||||
|
||||
return True
|
||||
|
||||
def on_get(self, req, resp, table):
|
||||
values = req.params
|
||||
session = req.env['beaker.session']
|
||||
|
@ -109,6 +117,10 @@ class AppValues(object):
|
|||
req.context['result'] = session['userobj'].es_superusuario \
|
||||
or session['userobj'].es_admin
|
||||
else:
|
||||
if not self._valid_user(table, session['userobj']):
|
||||
resp.status = falcon.HTTP_403
|
||||
return
|
||||
|
||||
req.context['result'] = self._db.get_values(table, values, session)
|
||||
resp.status = falcon.HTTP_200
|
||||
|
||||
|
@ -120,6 +132,10 @@ class AppValues(object):
|
|||
resp.status = falcon.HTTP_204
|
||||
return
|
||||
|
||||
if not self._valid_user(table, session['userobj']):
|
||||
resp.status = falcon.HTTP_403
|
||||
return
|
||||
|
||||
if self._db.delete(table, values['id']):
|
||||
resp.status = falcon.HTTP_200
|
||||
else:
|
||||
|
@ -130,6 +146,11 @@ class AppValues(object):
|
|||
if file_object is None:
|
||||
session = req.env['beaker.session']
|
||||
values = req.params
|
||||
|
||||
if not self._valid_user(table, session['userobj']):
|
||||
resp.status = falcon.HTTP_403
|
||||
return
|
||||
|
||||
if table == 'correo':
|
||||
req.context['result'] = self._db.validate_email(values)
|
||||
elif table == 'sendmail':
|
||||
|
|
|
@ -3889,8 +3889,8 @@ class Facturas(BaseModel):
|
|||
comprobante['Descuento'] = FORMAT.format(invoice.descuento)
|
||||
|
||||
if invoice.tipo_comprobante == 'T':
|
||||
comprobante['SubTotal'] = '0.0'
|
||||
comprobante['Total'] = '0.0'
|
||||
comprobante['SubTotal'] = '0.00'
|
||||
comprobante['Total'] = '0.00'
|
||||
del comprobante['FormaPago']
|
||||
|
||||
if invoice.tipo_relacion:
|
||||
|
|
Loading…
Reference in New Issue