Skip to content

Commit

Permalink
remove LoginRequiredMixin use and simplify setup() code
Browse files Browse the repository at this point in the history
Since LoginRequiredMiddleware now ensures that the user is authenticated
  • Loading branch information
xavfernandez committed Dec 10, 2024
1 parent 4fdee4c commit c05550a
Show file tree
Hide file tree
Showing 11 changed files with 111 additions and 180 deletions.
89 changes: 38 additions & 51 deletions itou/www/apply/views/process_views.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@
from django.conf import settings
from django.contrib import messages
from django.contrib.auth.decorators import login_required
from django.contrib.auth.mixins import LoginRequiredMixin
from django.core.exceptions import PermissionDenied
from django.db import transaction
from django.db.models import Count, Exists, F, OuterRef, Q
Expand Down Expand Up @@ -375,7 +374,7 @@ def _show_prescriber_answer_form(wizard):
return wizard.job_application.sender_kind == job_applications_enums.SenderKind.PRESCRIBER


class JobApplicationRefuseView(LoginRequiredMixin, NamedUrlSessionWizardView):
class JobApplicationRefuseView(NamedUrlSessionWizardView):
STEP_REASON = "reason"
STEP_JOB_SEEKER_ANSWER = "job-seeker-answer"
STEP_PRESCRIBER_ANSWER = "prescriber-answer"
Expand All @@ -393,11 +392,10 @@ class JobApplicationRefuseView(LoginRequiredMixin, NamedUrlSessionWizardView):
def setup(self, request, *args, **kwargs):
super().setup(request, *args, **kwargs)

if request.user.is_authenticated:
self.job_application = get_object_or_404(
JobApplication.objects.is_active_company_member(request.user).select_related("job_seeker"),
pk=kwargs["job_application_id"],
)
self.job_application = get_object_or_404(
JobApplication.objects.is_active_company_member(request.user).select_related("job_seeker"),
pk=kwargs["job_application_id"],
)

def check_wizard_state(self, *args, **kwargs):
# Redirect to job application details if the state is not refusable
Expand Down Expand Up @@ -652,19 +650,18 @@ def transfer(request, job_application_id):
return HttpResponseRedirect(back_url)


class JobApplicationExternalTransferStep1View(LoginRequiredMixin, EmployerSearchView):
class JobApplicationExternalTransferStep1View(EmployerSearchView):
job_application = None

def setup(self, request, *args, **kwargs):
super().setup(request, *args, **kwargs)

if request.user.is_authenticated:
self.job_application = get_object_or_404(
JobApplication.objects.is_active_company_member(request.user)
.filter(state=job_applications_enums.JobApplicationState.REFUSED)
.select_related("job_seeker", "to_company"),
pk=kwargs["job_application_id"],
)
self.job_application = get_object_or_404(
JobApplication.objects.is_active_company_member(request.user)
.filter(state=job_applications_enums.JobApplicationState.REFUSED)
.select_related("job_seeker", "to_company"),
pk=kwargs["job_application_id"],
)

def dispatch(self, request, *args, **kwargs):
if self.job_application and not request.GET:
Expand All @@ -687,15 +684,14 @@ def get_template_names(self):
]


class JobApplicationExternalTransferStep1CompanyCardView(LoginRequiredMixin, CompanyCardView):
class JobApplicationExternalTransferStep1CompanyCardView(CompanyCardView):
def setup(self, request, job_application_id, company_pk, *args, **kwargs):
super().setup(request, company_pk, *args, **kwargs)

if request.user.is_authenticated:
self.job_application = get_object_or_404(
JobApplication.objects.is_active_company_member(request.user),
id=job_application_id,
)
self.job_application = get_object_or_404(
JobApplication.objects.is_active_company_member(request.user),
id=job_application_id,
)

def get_context_data(self, **kwargs):
data = super().get_context_data(**kwargs)
Expand All @@ -705,15 +701,14 @@ def get_context_data(self, **kwargs):
}


class JobApplicationExternalTransferStep1JobDescriptionCardView(LoginRequiredMixin, JobDescriptionCardView):
class JobApplicationExternalTransferStep1JobDescriptionCardView(JobDescriptionCardView):
def setup(self, request, job_application_id, job_description_id, *args, **kwargs):
super().setup(request, job_description_id, *args, **kwargs)

if request.user.is_authenticated:
self.job_application = get_object_or_404(
JobApplication.objects.is_active_company_member(request.user),
id=job_application_id,
)
self.job_application = get_object_or_404(
JobApplication.objects.is_active_company_member(request.user),
id=job_application_id,
)

def get_context_data(self, **kwargs):
data = super().get_context_data(**kwargs)
Expand All @@ -727,20 +722,19 @@ class ApplicationOverrideMixin:
additionnal_related_models = []

def setup(self, request, *args, **kwargs):
if request.user.is_authenticated:
self.job_application = get_object_or_404(
JobApplication.objects.is_active_company_member(request.user).select_related(
"job_seeker", "to_company", *self.additionnal_related_models
),
pk=kwargs["job_application_id"],
)
kwargs["job_seeker_public_id"] = self.job_application.job_seeker.public_id
self.job_application = get_object_or_404(
JobApplication.objects.is_active_company_member(request.user).select_related(
"job_seeker", "to_company", *self.additionnal_related_models
),
pk=kwargs["job_application_id"],
)
kwargs["job_seeker_public_id"] = self.job_application.job_seeker.public_id
return super().setup(request, *args, **kwargs)


class JobApplicationExternalTransferStep2View(ApplicationOverrideMixin, ApplicationJobsView):
def dispatch(self, request, *args, **kwargs):
if request.user.is_authenticated and self.company in request.organizations:
if self.company in request.organizations:
# This is not an external transfer
url = reverse(
"apply:job_application_internal_transfer",
Expand Down Expand Up @@ -785,7 +779,7 @@ class JobApplicationExternalTransferStep3View(ApplicationOverrideMixin, Applicat
form_class = TransferJobApplicationForm

def dispatch(self, request, *args, **kwargs):
if request.user.is_authenticated and not self.apply_session.exists():
if not self.apply_session.exists():
return HttpResponseRedirect(
reverse(
"apply:job_application_external_transfer_step_2",
Expand Down Expand Up @@ -841,11 +835,7 @@ def get_back_url(self):

class JobApplicationExternalTransferStepEndView(ApplicationEndView):
def setup(self, request, *args, **kwargs):
job_app_qs = JobApplication.objects.all()
if request.user.is_authenticated:
# Only check the user's ownership if he's authenticated
# because if he's not he will be redirected to login so we don't care
job_app_qs = JobApplication.objects.prescriptions_of(request.user, request.current_organization)
job_app_qs = JobApplication.objects.prescriptions_of(request.user, request.current_organization)

job_application = get_object_or_404(job_app_qs, pk=kwargs["job_application_id"])

Expand All @@ -863,20 +853,17 @@ def get_context_data(self, **kwargs):
}


class JobApplicationInternalTranferView(LoginRequiredMixin, TemplateView):
class JobApplicationInternalTranferView(TemplateView):
template_name = "apply/process_internal_transfer.html"

def setup(self, request, *args, **kwargs):
super().setup(request, *args, **kwargs)

if request.user.is_authenticated:
self.job_application = get_object_or_404(
JobApplication.objects.is_active_company_member(request.user).select_related(
"job_seeker", "to_company"
),
pk=kwargs["job_application_id"],
)
self.company = get_object_or_404(Company.objects.with_has_active_members(), pk=kwargs["company_pk"])
self.job_application = get_object_or_404(
JobApplication.objects.is_active_company_member(request.user).select_related("job_seeker", "to_company"),
pk=kwargs["job_application_id"],
)
self.company = get_object_or_404(Company.objects.with_has_active_members(), pk=kwargs["company_pk"])

def get_context_data(self, **kwargs):
return super().get_context_data(**kwargs) | {
Expand Down
91 changes: 32 additions & 59 deletions itou/www/apply/views/submit_views.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@

from dateutil.relativedelta import relativedelta
from django.contrib.auth.decorators import login_required
from django.contrib.auth.mixins import LoginRequiredMixin
from django.core.exceptions import PermissionDenied
from django.core.files.storage import storages
from django.forms import ValidationError
Expand Down Expand Up @@ -81,7 +80,7 @@ def _get_job_seeker_to_apply_for(request):
return job_seeker


class ApplyStepBaseView(LoginRequiredMixin, TemplateView):
class ApplyStepBaseView(TemplateView):
def __init__(self):
super().__init__()
self.company = None
Expand All @@ -100,36 +99,27 @@ def setup(self, request, *args, **kwargs):
)
self.apply_session = SessionNamespace(request.session, f"job_application-{self.company.pk}")
self.hire_process = kwargs.pop("hire_process", False)
self.prescription_process = (
not self.hire_process
and request.user.is_authenticated
and (
request.user.is_prescriber
or (request.user.is_employer and self.company != request.current_organization)
)
self.prescription_process = not self.hire_process and (
request.user.is_prescriber or (request.user.is_employer and self.company != request.current_organization)
)
self.auto_prescription_process = (
not self.hire_process
and request.user.is_authenticated
and request.user.is_employer
and self.company == request.current_organization
not self.hire_process and request.user.is_employer and self.company == request.current_organization
)

super().setup(request, *args, **kwargs)

def dispatch(self, request, *args, **kwargs):
if not self.is_gps:
if request.user.is_authenticated:
if self.hire_process and request.user.kind != UserKind.EMPLOYER:
raise PermissionDenied("Seuls les employeurs sont autorisés à déclarer des embauches")
elif self.hire_process and not self.company.has_member(request.user):
raise PermissionDenied("Vous ne pouvez déclarer une embauche que dans votre structure.")
elif request.user.kind not in [
UserKind.JOB_SEEKER,
UserKind.PRESCRIBER,
UserKind.EMPLOYER,
]:
raise PermissionDenied("Vous n'êtes pas autorisé à déposer de candidature.")
if self.hire_process and request.user.kind != UserKind.EMPLOYER:
raise PermissionDenied("Seuls les employeurs sont autorisés à déclarer des embauches")
elif self.hire_process and not self.company.has_member(request.user):
raise PermissionDenied("Vous ne pouvez déclarer une embauche que dans votre structure.")
elif request.user.kind not in [
UserKind.JOB_SEEKER,
UserKind.PRESCRIBER,
UserKind.EMPLOYER,
]:
raise PermissionDenied("Vous n'êtes pas autorisé à déposer de candidature.")

if not self.company.has_active_members:
raise PermissionDenied(
Expand Down Expand Up @@ -191,9 +181,6 @@ def __init__(self):

def setup(self, request, *args, **kwargs):
super().setup(request, *args, **kwargs)
if not request.user.is_authenticated:
# Do nothing, LoginRequiredMixin will raise in dispatch()
return

self.job_seeker = get_object_or_404(
User.objects.filter(kind=UserKind.JOB_SEEKER), public_id=kwargs["job_seeker_public_id"]
Expand Down Expand Up @@ -352,10 +339,7 @@ def __init__(self):

def setup(self, request, *args, **kwargs):
super().setup(request, *args, **kwargs)

if request.user.is_authenticated:
# Otherwise LoginRequiredMixin will raise in dispatch()
self.previous_applications = self.get_previous_applications_queryset()
self.previous_applications = self.get_previous_applications_queryset()

def get_next_url(self):
if self.hire_process:
Expand Down Expand Up @@ -452,7 +436,7 @@ def get_context_data(self, **kwargs):

class RequireApplySessionMixin:
def dispatch(self, request, *args, **kwargs):
if request.user.is_authenticated and not self.apply_session.exists():
if not self.apply_session.exists():
return HttpResponseRedirect(
reverse(
"apply:application_jobs",
Expand Down Expand Up @@ -495,22 +479,20 @@ def get_next_url(self):
)

def dispatch(self, request, *args, **kwargs):
if request.user.is_authenticated:
# Otherwise LoginRequiredMixin will raise in dispatch()
bypass_eligibility_conditions = [
# Don't perform an eligibility diagnosis is the SIAE doesn't need it,
not self.company.is_subject_to_eligibility_rules,
# Only "authorized prescribers" can perform an eligibility diagnosis.
not (
request.user.is_prescriber
and request.current_organization
and request.current_organization.is_authorized
),
# No need for eligibility diagnosis if the job seeker already have a PASS IAE
self.job_seeker.has_valid_approval,
]
if any(bypass_eligibility_conditions):
return HttpResponseRedirect(self.get_next_url())
bypass_eligibility_conditions = [
# Don't perform an eligibility diagnosis is the SIAE doesn't need it,
not self.company.is_subject_to_eligibility_rules,
# Only "authorized prescribers" can perform an eligibility diagnosis.
not (
request.user.is_prescriber
and request.current_organization
and request.current_organization.is_authorized
),
# No need for eligibility diagnosis if the job seeker already have a PASS IAE
self.job_seeker.has_valid_approval,
]
if any(bypass_eligibility_conditions):
return HttpResponseRedirect(self.get_next_url())

return super().dispatch(request, *args, **kwargs)

Expand Down Expand Up @@ -560,10 +542,6 @@ def __init__(self):

def setup(self, request, *args, **kwargs):
super().setup(request, *args, **kwargs)
if not request.user.is_authenticated:
# Do nothing, LoginRequiredMixin will raise in dispatch()
return

if self.company.kind != CompanyKind.GEIQ:
raise Http404("This form is only for GEIQ")

Expand All @@ -589,7 +567,7 @@ def get_next_url(self):

def dispatch(self, request, *args, **kwargs):
# GEIQ eligibility form during job application process is only available to authorized prescribers
if request.user.is_authenticated and not request.user.is_prescriber_with_authorized_org:
if not request.user.is_prescriber_with_authorized_org:
return HttpResponseRedirect(self.get_next_url())

return super().dispatch(request, *args, **kwargs)
Expand Down Expand Up @@ -652,11 +630,6 @@ def get_form_kwargs(self):

def setup(self, request, *args, **kwargs):
super().setup(request, *args, **kwargs)

if not request.user.is_authenticated:
# Do nothing, LoginRequiredMixin will raise in dispatch()
return

self.form = self.form_class(**self.get_form_kwargs())

def get_next_url(self, job_application):
Expand Down Expand Up @@ -965,7 +938,7 @@ def setup(self, request, *args, **kwargs):
self.exit_url = reverse("home:hp")
self.can_view_personal_information = False

if request.user.is_authenticated and request.user.kind in (
if request.user.kind in (
UserKind.PRESCRIBER,
UserKind.EMPLOYER,
):
Expand Down
Loading

0 comments on commit c05550a

Please sign in to comment.