Skip to content
Snippets Groups Projects
Commit 11e458d3 authored by Martin Mareš's avatar Martin Mareš
Browse files

Přidávání rolí kontroluje přípustnost kombinace role + level

Closes #242.
parent a2cf4e1e
Branches
No related tags found
No related merge requests found
......@@ -549,6 +549,18 @@ class UserRole(Base):
and (self.category is None or cat is None or self.category == cat or (self.category == 'Z' and cat.startswith('Z')))
and (self.seq is None or seq is None or self.seq == seq))
def is_legal(self) -> bool:
# Některé role mají omezení na úroveň hierarchie.
level = self.place.level if self.place else -1
rt = self.role
if not (rt == RoleType.garant and level <= 0
or rt == RoleType.garant_kraj and level == 1
or rt == RoleType.garant_okres and level == 2
or rt == RoleType.garant_skola and level >= 3):
return False
return True
class PaperType(MOEnum):
solution = auto()
......
......@@ -289,6 +289,10 @@ def org_org(id: int):
ok = True
if not new_role.is_legal():
role_errors.append('Tato kombinace role a místa není povolena')
ok = False
elif not g.gatekeeper.can_set_role(new_role):
role_errors.append(f'Roli "{new_role}" nelze přidělit, není podmnožinou žádné vaší role')
ok = False
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment