def receivePayment(self): """ """ shop = self.context # Get cart - Note: self.request.get("order") doesn't work! order_uid = self.request.get("QUERY_STRING")[6:] order = IOrderManagement(shop).getOrderByUID(order_uid) # change order state to "payed_not_sent" wftool = getToolByName(self, "portal_workflow") # We need a new security manager here, because this transaction should # usually just be allowed by a Manager except here. old_sm = getSecurityManager() tmp_user = UnrestrictedUser( old_sm.getUser().getId(), '', ['Manager'], '' ) portal = getToolByName(self.context, 'portal_url').getPortalObject() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) wftool.doActionFor(order, "pay_not_sent") ## Reset security manager setSecurityManager(old_sm)
def handle_modified(self, content): fieldmanager = ILanguageIndependentFieldsManager(content) if not fieldmanager.has_independent_fields(): return sm = getSecurityManager() try: # Do we have permission to sync language independent fields? if self.bypass_security_checks(): # Clone the current user and assign a new editor role to # allow edition of all translated objects even if the # current user whould not have permission to do that. tmp_user = UnrestrictedUser(sm.getUser().getId(), '', [ 'Editor', ], '') # Wrap the user in the acquisition context of the portal # and finally switch the user to our new editor acl_users = getToolByName(content, 'acl_users') tmp_user = tmp_user.__of__(acl_users) newSecurityManager(None, tmp_user) # Copy over all language independent fields transmanager = ITranslationManager(content) for translation in self.get_all_translations(content): trans_obj = transmanager.get_translation(translation) if fieldmanager.copy_fields(trans_obj): self.reindex_translation(trans_obj) finally: # Restore the old security manager setSecurityManager(sm)
def handle_modified(self, content): fieldmanager = ILanguageIndependentFieldsManager(content) if not fieldmanager.has_independent_fields(): return sm = getSecurityManager() try: # Do we have permission to sync language independent fields? if self.bypass_security_checks(): # Clone the current user and assign a new editor role to # allow edition of all translated objects even if the # current user whould not have permission to do that. tmp_user = UnrestrictedUser( sm.getUser().getId(), '', ['Editor', ], '') # Wrap the user in the acquisition context of the portal # and finally switch the user to our new editor acl_users = getToolByName(content, 'acl_users') tmp_user = tmp_user.__of__(acl_users) newSecurityManager(None, tmp_user) # Copy over all language independent fields transmanager = ITranslationManager(content) for translation in self.get_all_translations(content): trans_obj = transmanager.get_translation(translation) if fieldmanager.copy_fields(trans_obj): self.reindex_translation(trans_obj) finally: # Restore the old security manager setSecurityManager(sm)
def __call__(self): om = IOrderManagement(self.context) tid = self.request.get('TID','') order = getattr(om.orders,tid,None) log("\n%s\n%s\n%s" % (order, tid, self.request.get('STATUS'))) if order and self.request.get('STATUS') in ['RESERVED','BILLED']: # Set order to payed (Mails will be sent) wftool = getToolByName(self.context, "portal_workflow") # We need a new security manager here, because this transaction # should usually just be allowed by a Manager except here. old_sm = getSecurityManager() tmp_user = UnrestrictedUser( old_sm.getUser().getId(), '', ['Manager'], '' ) portal = getToolByName(self.context, 'portal_url').getPortalObject() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) try: # set to pending (send emails) wftool.doActionFor(order, "submit") # set to payed wftool.doActionFor(order, "pay_not_sent") except Exception, msg: self.status = msg # Reset security manager setSecurityManager(old_sm)
def __call__(self): self.iu = get_import_utility() json_data = self.request.get("BODY", "") if not json_data: return data = json.loads(json_data) # SWITCH to Manager old_sm = getSecurityManager() tmp_user = UnrestrictedUser( old_sm.getUser().getId(), '', ['Manager'], '' ) portal = getToolByName(self.context, 'portal_url').getPortalObject() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) # DO Stuff as Manager self.iu.create_content(data, self.context) # @TODO: Maybe add option to commit after all created # SWITCH Back setSecurityManager(old_sm) return ""
def receivePayment(self): """ """ shop = self.context # Get cart - Note: self.request.get("order") doesn't work! order_uid = self.request.get("QUERY_STRING")[6:] order = IOrderManagement(shop).getOrderByUID(order_uid) # change order state to "payed_not_sent" wftool = getToolByName(self, "portal_workflow") # We need a new security manager here, because this transaction should # usually just be allowed by a Manager except here. old_sm = getSecurityManager() tmp_user = UnrestrictedUser(old_sm.getUser().getId(), '', ['Manager'], '') portal = getToolByName(self.context, 'portal_url').getPortalObject() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) wftool.doActionFor(order, "pay_not_sent") ## Reset security manager setSecurityManager(old_sm)
def wrapper(*args, **kwargs): sm = getSecurityManager() acl_users = getSite().acl_users tmp_user = UnrestrictedUser(sm.getUser().getId(), '', [role], '') tmp_user = tmp_user.__of__(acl_users) newSecurityManager(None, tmp_user) ret = fct(*args, **kwargs) setSecurityManager(sm) return ret
def switchToManager(self): """ assume the security context of a Manager """ old_sm = getSecurityManager() tmp_user = UnrestrictedUser('temp_usr', '', ['Manager'], '') tmp_user = tmp_user.__of__(self.acl_users) newSecurityManager(None, tmp_user) return old_sm
def wrapper(*args, **kwargs): sm = getSecurityManager() acl_users = getSite().acl_users tmp_user = UnrestrictedUser( sm.getUser().getId(), '', [role], '' ) tmp_user = tmp_user.__of__(acl_users) newSecurityManager(None, tmp_user) ret = fct(*args, **kwargs) setSecurityManager(sm) return ret
def _validate_sudo(self, request): sm = getSecurityManager() acl_users = getToolByName(self.context, 'acl_users') tmp_user = UnrestrictedUser(sm.getUser().getId(), '', ['Manager'], '') tmp_user = tmp_user.__of__(acl_users) newSecurityManager(None, tmp_user) role = request.role target = uuidToObject(request.target) target.manage_setLocalRoles(request.userid, [role]) target.reindexObject() setSecurityManager(sm)
def after_creation_processor(self, event): sm = getSecurityManager() role = 'Manager' tmp_user = BaseUnrestrictedUser(sm.getUser().getId(), '', [role], '') portal = api.portal.get() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) try: api.content.transition(obj=self, transition='publish') setSecurityManager(sm) except Exception as e: setSecurityManager(sm) logger.warn( "CLUBHOUSE EVENT ERROR: COULD NOT TRANSITION EVENT: %s" % e)
def _validate_sudo(self, request): sm = getSecurityManager() acl_users = getToolByName(self.context, 'acl_users') tmp_user = UnrestrictedUser( sm.getUser().getId(), '', ['Manager'], '' ) tmp_user = tmp_user.__of__(acl_users) newSecurityManager(None, tmp_user) role = request.role target = uuidToObject(request.target) target.manage_setLocalRoles( request.userid, [role] ) target.reindexObject() setSecurityManager(sm)
def wrapper(*args, **kwargs): context = args[0] if checkPermission("collective.spaces.AddSpace", context): result = fn(*args, **kwargs) else: old_sm = getSecurityManager() tmp_user = UnrestrictedUser(old_sm.getUser().getId(), "", ["Contributor"], "") tmp_user = tmp_user.__of__(getToolByName(context, "acl_users")) try: newSecurityManager(None, tmp_user) result = fn(*args, **kwargs) except: raise finally: setSecurityManager(old_sm) return result
def doAsTmpUserWithRole(self, role, function, *args, **kwargs): """Create a temporary user with role and execute function. Credits: Copied from add-on 'Products.EasyNewsletter'.""" sm = getSecurityManager() portal = api.portal.get() try: try: tmp_user = UnrestrictedUser(sm.getUser().getId(), '', [role], '') tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) return function(*args, **kwargs) except: raise finally: setSecurityManager(sm)
def createUserAccount(self, login, prefix, theLogin, properties): """ create a user account for the given login id and user properties. the user properties should be a dict. """ admin = UnrestrictedUser('manager', '', ['Manager'], '') admin = admin.__of__(self.acl_users) # save current security manager. current_sm = getSecurityManager() try: # execute the following by using manager permission. # ... newSecurityManager(None, admin) # find the user management folder. # create UserAccount in the user management folder. uniqueId = '%s-%s' % (prefix, theLogin) self.getUserFolder().invokeFactory('UserAccount', uniqueId) userAccount = getattr(self.getUserFolder(), uniqueId) userAccount.setUserName(login) if properties: # TODO: ??? need better way to set properties. if properties.has_key('fullname'): userAccount.setTitle(properties['fullname']) userAccount.setFullname(properties['fullname']) if properties.has_key('email'): userAccount.setEmail(properties['email']) if properties.has_key('location'): userAccount.setLocation(properties['location']) # XXX more are comming! should leverage the # portal_memberdata tool else: userAccount.setFullname(theLogin) # reindexing the new user account in membrane_tool. membraneTool = getToolByName(self, 'membrane_tool') membraneTool.indexObject(userAccount) finally: # restore the current security manager. setSecurityManager(current_sm)
def __call__(self): self.iu = get_import_utility() json_data = self.request.get("BODY", "") if not json_data: return data = json.loads(json_data) # SWITCH to Manager old_sm = getSecurityManager() tmp_user = UnrestrictedUser(old_sm.getUser().getId(), '', ['Manager'], '') portal = getToolByName(self.context, 'portal_url').getPortalObject() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) # DO Stuff as Manager self.iu.create_content(data, self.context) # @TODO: Maybe add option to commit after all created # SWITCH Back setSecurityManager(old_sm) return ""
def execute_under_special_role(role, function, *args, **kwargs): """ Blatantly copied for reference, of: http://pydoc.net/Python/Products.EasyNewsletter/2.6.15/Products.EasyNewsletter.content.EasyNewsletter/ #noqa Execute code under special role priviledges. Example how to call:: execute_under_special_role(portal, "Manager", doSomeNormallyNotAllowedStuff, source_folder, target_folder) @param portal: Reference to ISiteRoot obj whose access ctls we are using @param function: Method to be called with special priviledges @param role: User role we are using for the security context when calling \ the priviledged code. For example, use "Manager". @param args: Passed to the function @param kwargs: Passed to the function """ portal = getSite() sm = getSecurityManager() try: try: # Clone the current access control user and assign a new role # for him/her. Note that the username (getId()) is left in # exception tracebacks in error_log # so it is important thing to store tmp_user = UnrestrictedUser( sm.getUser().getId(), '', [role], '') # Act as user of the portal tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) # Call the function return function(*args, **kwargs) except: # If special exception handlers are needed, run them here raise finally: setSecurityManager(sm)
# NALLIMS Extract Script # 07/13/2020 # Paul VanderWeele from AccessControl import getSecurityManager from AccessControl.User import UnrestrictedUser from AccessControl.SecurityManagement import newSecurityManager from bika.lims import api from datetime import datetime portal = api.get_portal() me = UnrestrictedUser(getSecurityManager().getUser().getUserName(), '', ['LabManager'], '') me = me.__of__(portal.acl_users) newSecurityManager(None, me) #Open File file = open("/home/naladmin/NALLIMS_EXPORT.csv", "w", 1) #Write headers file.write("Status;\ Batch;\ Received Date;\ Received Time;\ Client ID;\ Client Name;\ Sample ID;\ Sample Name;\ Sample Type;\ Sample Location;\ Sampler;\ Sampling Date;\ Sampling Time;\
def handle_buy_action(self, action, data): """Buys a cart. """ putils = getToolByName(self.context, "plone_utils") # add order om = IOrderManagement(self.context) new_order = om.addOrder() # Set message to shop owner new_order.setMessage(self.context.request.get("form.message", "")) # process payment result = IPaymentProcessing(new_order).process() # Need error for payment methods for which the customer has to pay at # any case The order process should not go on if the customer is not # able to pay. if result.code == ERROR: om.deleteOrder(new_order.id) putils.addPortalMessage(result.message, type=u"error") ICheckoutManagement( self.context).redirectToNextURL("ERROR_PAYMENT") return "" else: cm = ICartManagement(self.context) # Decrease stock IStockManagement(self.context).removeCart(cm.getCart()) # Delete cart cm.deleteCart() # Set order to pending (Mails will be sent) wftool = getToolByName(self.context, "portal_workflow") wftool.doActionFor(new_order, "submit") putils.addPortalMessage(MESSAGES["ORDER_RECEIVED"]) if result.code == PAYED: # Set order to payed (Mails will be sent) wftool = getToolByName(self.context, "portal_workflow") # We need a new security manager here, because this transaction # should usually just be allowed by a Manager except here. old_sm = getSecurityManager() tmp_user = UnrestrictedUser(old_sm.getUser().getId(), '', ['Manager'], '') portal = getToolByName(self.context, 'portal_url').getPortalObject() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) wftool.doActionFor(new_order, "pay_not_sent") ## Reset security manager setSecurityManager(old_sm) # Redirect customer = \ ICustomerManagement(self.context).getAuthenticatedCustomer() selected_payment_method = \ IPaymentInformationManagement(customer).getSelectedPaymentMethod() if not IAsynchronPaymentMethod.providedBy(selected_payment_method): ICheckoutManagement(self.context).redirectToNextURL("BUYED_ORDER")
def handleApply(self, action): data, errors = self.extractData() if errors: self.status = self.formErrorsMessage return # Do something with valid data here context = self.context current_member_data = api.user.get_current() current_member_id = current_member_data.getUser() club_title = data.get('title', u'') booster_organization = data.get('booster_organization', u'') club_president = data.get('club_president', u'') club_secretary = data.get('club_secretary', u'') club_treasurer = data.get('club_treasurer', u'') club_advisor = data.get('club_advisor', u'') #agreement_file = data.get('agreement_file', None) dedicated_checking = data.get('dedicated_checking', False) review_officers = data.get('review_officers', False) review_revenue = data.get('review_revenue', False) review_officer_one = data.get('review_officer_one', u'') review_officer_two = data.get('review_officer_two', u'') agreement_bool = data.get('agreement_bool', False) #create a temporary security manage sm = getSecurityManager() role = 'Manager' tmp_user = BaseUnrestrictedUser(sm.getUser().getId(), '', [role], '') portal = api.portal.get() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) exception_caught = False try: #create a new club in container proposed_club_obj = api.content.create(container=context, type='booster_club', title=club_title, safe_id=True) #set attributes setattr(proposed_club_obj, 'booster_organization', booster_organization) setattr(proposed_club_obj, 'club_president', club_president) setattr(proposed_club_obj, 'club_secretary', club_secretary) setattr(proposed_club_obj, 'club_treasurer', club_treasurer) setattr(proposed_club_obj, 'club_advisor', club_advisor) #setattr(proposed_club_obj, 'agreement_file', agreement_file) setattr(proposed_club_obj, 'dedicated_checking', dedicated_checking) setattr(proposed_club_obj, 'review_officers', review_officers) setattr(proposed_club_obj, 'review_revenue', review_revenue) setattr(proposed_club_obj, 'review_officer_one', review_officer_one) setattr(proposed_club_obj, 'review_officer_two', review_officer_two) setattr(proposed_club_obj, 'agreement_bool', agreement_bool) #set ownership proposed_club_obj.changeOwnership(current_member_id, recursive=True) api.user.grant_roles(user=current_member_data, obj=proposed_club_obj, roles=[ 'Owner', ]) proposed_club_obj.reindexObject() proposed_club_obj.reindexObjectSecurity() #reset security manager! setSecurityManager(sm) except Exception as e: setSecurityManager(sm) exception_caught = True logger.warn( "BoosterClubProposal: There was an error creating a club proposal for: %s" % current_member_id) logger.warn("BoosterClubProposal: The error was: %s" % e.message) #all done! # Set status on this form page # (this status message is not bind to the session and does not go thru redirects) self.status = "" else: self.status = "Your proposal has been submitted." request = context.REQUEST response = request.response response.redirect(context.absolute_url()) if exception_caught: info_message = "There was a problem with your proposal, please contact the site administrator." else: info_message = "Your proposal for the club, %s, The Executive Board will review the " \ "proposal shortly." % club_title api.portal.show_message(message=info_message, request=request, type='info')
def handleApply(self, actions): """ :param actions: :return: """ context = self.context data, errors = self.extractData() current_member = api.user.get_current() current_member_id = current_member.getId() portal = api.portal.get() events_obj = portal.get('events') date = data.get('date') or None if not date: api.portal.show_message(message="No date selected. Could not reserve the Club House.", request=self.request, type='warn') return date_string = date.strftime('%m-%d-%Y') today = getTodaysDate() today_string = today.strftime('%m-%d-%Y') if date_string == today_string: raise ActionExecutionError(Invalid(_(u"You may not reserve the Clubhouse on the same day as the event."))) logger.info("Datestring is %s" % date_string) date_dt = datetime.combine(date, datetime.min.time()) tz = pytz.timezone('America/Los_Angeles') date_tz_dt = tz.localize(date_dt) fullname = data.get('fullname') or getattr(self, 'member_fullname', 'Unknown Member') hoa_account = data.get('account') or getattr(self, 'management_trust_account', 'Unknown Management Trust Account') address = data.get('address') or getattr(self, 'address', 'Unknown Address') lot = data.get('lot') or getattr(self, 'lot', 'Unknown Lot') division = data.get('division') or getattr(self, 'division', 'Unknown Division') phone = data.get('phone') or 'Unknown Phone' email = data.get('email') or getattr(self, 'member_email', '') member_type = data.get('member_type') or getattr(self, 'member_type', 'Unknown Member Type') accept_rental_agreement = data.get('accept_rental_agreement') initials = data.get('initials') or 'Unknown Initials' sm = getSecurityManager() role = 'Manager' tmp_user = BaseUnrestrictedUser(sm.getUser().getId(), '', [role], '') portal = api.portal.get() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) try: event_id = 'club-house-event-%s' % date_string new_event_obj = createContent('docent.hoa.clubhouse.clubhouse_event', id=event_id, title='Private Event') events_obj._setObject(event_id, new_event_obj) start_date = date_tz_dt + timedelta(hours=10) end_date = date_tz_dt + timedelta(hours=22) event_obj = events_obj.get(event_id, None) setattr(event_obj, 'start', start_date) setattr(event_obj, 'end', end_date) setattr(event_obj, 'renter_id', current_member_id) setattr(event_obj, 'location', 'Clubhouse') setattr(event_obj, 'contact_name', fullname) setattr(event_obj, 'contact_email', email) setattr(event_obj, 'contact_phone', phone) event_obj.reindexObject() setSecurityManager(sm) except Exception as e: setSecurityManager(sm) logger.warn("CLUBHOUSE RENTAL FORM ERROR: COULD NOT SAVE EVENT: %s" % e) #send emails email_contacts = getattr(context, 'email_contacts', []) or [] subject = "The Meadows Clubhouse Rental Request %s" % date_string msg = u"Hi %s,\n\n" % fullname msg += u"Your clubhouse rental is confirmed for %s.\n\n" % date_string msg += u"Your rental period is from 10 am to 10 pm for guests. To get ready for your event, you may enter the clubhouse the day before your event and before 10 am day of the event.\n" msg += u"\n=========================\n\n" msg += u"TO ENSURE YOUR RESERVATION ISN’T CANCELED, PLEASE ENSURE YOU HAVE COMPLETED THE FOLLOWING. (Note: These actions should have been completed during your reservation. If you have completed them, no action is required.)\n\n" msg += u" 1) Ensure you've made your payment: https://www.paydici.com/tmt/pay\n" msg += u" 2) Send the signed paper agreement (http://themeadowsofredmond.org/amenities/clubhouse-rental-agreement.pdf) to our property manager ([email protected])\n\n" msg += u"For your reference, these are details collected during your reservation\n\n" msg += u"Fullname: %s\n" % fullname msg += u"HOA Account: %s\n" % hoa_account msg += u"Address: %s\n" % address msg += u"Div/Lot: %s_%s\n" % (division, lot) msg += u"Phone: %s\n" % phone msg += u"Email: %s\n" % email or "Unknown Email" msg += u"Member Type: %s\n" % member_type msg += u"Rental Data: %s\n" % date_string msg += u"Accept Rental Agreement: %s\n" % accept_rental_agreement msg += u"Initials: %s\n" % initials msg += u"\nWe hope you have a great event.\n" msg += u"\nThe Meadows Board\n" msg += u"[email protected]\n" send_to = email_contacts[:] if email: send_to.append(email) for ec in send_to: try: api.portal.send_email(recipient=ec, subject=subject, body=msg, immediate=True) api.portal.show_message(message="Club House Reserved. Please complete the important steps below.", request=self.request, type='info') except Exception as e: logger.warn("Could Not Send Clubhouse Registration Emails.") api.portal.show_message(message="An error occured, could not send reservation emails. Please confirm your" "reservation with the property manager.", request=self.request, type='warn') return self.request.response.redirect('%s?form_action=thanks&rental_date=%s' % (context.absolute_url(), date_string))
def updateFields(self): super(RentClubHousesForm, self).updateFields() current_member = api.user.get_current() member_fullname = current_member.getProperty('fullname') management_trust_account = current_member.getProperty('management_trust_account') member_email = current_member.getProperty('email') member_id = current_member.getId() member_groups = api.group.get_groups(user=current_member) owner_group = [True for i in member_groups if i.id == 'home_owners'] renter_group = [True for i in member_groups if i.id == 'renters'] member_type = "Unknown" if renter_group: member_type = "Resident" if owner_group: member_type = "Owner" self.member_fullname = member_fullname self.management_trust_account = management_trust_account self.member_email = member_email self.member_id = member_id self.member_type = member_type sm = getSecurityManager() role = 'Manager' tmp_user = BaseUnrestrictedUser(sm.getUser().getId(), '', [role], '') portal = api.portal.get() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) street_number = '' street_address = '' division = '' lot = '' try: catalog = api.portal.get_tool('portal_catalog') query_owner_one = {"portal_type": "hoa_house",} home_brains = catalog.searchResults(query_owner_one) member_homes = [i for i in home_brains if i.owner_one == member_id or i.owner_two == member_id or i.resident_one == member_id or i.resident_two == member_id] if member_homes: if len(member_homes) > 1: api.portal.show_message(message="%s, We show multiple homes for you. Please contact Meadows " "Management." % member_fullname, request=self.request, type='warn') member_home = member_homes[0] street_number = member_home.street_number street_address = member_home.street_address member_home_id = member_home.id division, lot = member_home_id.split('_') self.fields['fullname'].field.default = member_fullname self.fields['account'].field.default = management_trust_account self.fields['address'].field.default = u'%s %s' % (street_number, street_address) self.fields['division'].field.default = division self.fields['lot'].field.default = lot self.fields['email'].field.default = member_email self.fields['member_type'].field.default = member_type else: self.fields['address'].mode = interfaces.INPUT_MODE self.fields['division'].mode = interfaces.INPUT_MODE self.fields['lot'].mode = interfaces.INPUT_MODE self.fields['fullname'].field.default = member_fullname self.fields['account'].field.default = management_trust_account self.fields['email'].field.default = member_email self.fields['member_type'].field.default = member_type setSecurityManager(sm) except Exception as e: setSecurityManager(sm) logger.warn("CLUBHOUSE RENTAL FORM ERROR: %s" % e) self.street_number = street_number self.street_address = street_address self.address = u'%s %s' % (street_number, street_address) self.division = division self.lot = lot self.div_lot = u"%s_%s" % (division, lot)
def handle_buy_action(self, action, data): """Buys a cart. """ putils = getToolByName(self.context, "plone_utils") # add order om = IOrderManagement(self.context) new_order = om.addOrder() # Set message to shop owner new_order.setMessage(self.context.request.get("form.message", "")) # process payment result = IPaymentProcessing(new_order).process() # Need error for payment methods for which the customer has to pay at # any case The order process should not go on if the customer is not # able to pay. if result.code == ERROR: om.deleteOrder(new_order.id) putils.addPortalMessage(result.message, type=u"error") ICheckoutManagement(self.context).redirectToNextURL("ERROR_PAYMENT") return "" else: cm = ICartManagement(self.context) # Decrease stock IStockManagement(self.context).removeCart(cm.getCart()) # Delete cart cm.deleteCart() # Set order to pending (Mails will be sent) wftool = getToolByName(self.context, "portal_workflow") wftool.doActionFor(new_order, "submit") putils.addPortalMessage(MESSAGES["ORDER_RECEIVED"]) if result.code == PAYED: # Set order to payed (Mails will be sent) wftool = getToolByName(self.context, "portal_workflow") # We need a new security manager here, because this transaction # should usually just be allowed by a Manager except here. old_sm = getSecurityManager() tmp_user = UnrestrictedUser( old_sm.getUser().getId(), '', ['Manager'], '' ) portal = getToolByName(self.context, 'portal_url').getPortalObject() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) wftool.doActionFor(new_order, "pay_not_sent") ## Reset security manager setSecurityManager(old_sm) # Redirect customer = \ ICustomerManagement(self.context).getAuthenticatedCustomer() selected_payment_method = \ IPaymentInformationManagement(customer).getSelectedPaymentMethod() if not IAsynchronPaymentMethod.providedBy(selected_payment_method): ICheckoutManagement(self.context).redirectToNextURL("BUYED_ORDER")