def checkEmail(self):
session = Session()
users = session.query(User).filter(User.email==self.email)
if users.count() > 1:
raise interface.Invalid(_("Email already taken!"),"email")
if users.count() == 1 and users.first().user_id != get_db_user().user_id:
raise interface.Invalid(_("Email already taken!"),"email")
def get_sittings(self):
session = Session()
logged_in_user = get_db_user()
title = get_title_of_user(logged_in_user.user_id)
sittings = session.query(bungeni_domain.GroupSitting).join((domain.Assignment,
bungeni_domain.GroupSitting.sitting_id == domain.Assignment.sitting_id)) \
.filter(sql.and_(bungeni_domain.GroupSitting.status == 'draft_minutes',
domain.Assignment.staff_id == logged_in_user.user_id)).all()
for sitting in sittings:
if title == "Editor":
takes = session.query(domain.Take)\
.filter(sql.and_(domain.Take.editor_id == logged_in_user.user_id,
domain.Take.sitting_id == sitting.sitting_id)) \
.order_by(domain.Take.start_date).all()
elif title == "Reader":
takes = session.query(domain.Take)\
.filter(sql.and_(domain.Take.reader_id == logged_in_user.user_id,
domain.Take.sitting_id == sitting.sitting_id)) \
.order_by(domain.Take.start_date).all()
elif title == "Reporter":
takes = session.query(domain.Take)\
.filter(sql.and_(domain.Take.reporter_id == logged_in_user.user_id,
domain.Take.sitting_id == sitting.sitting_id)) \
.order_by(domain.Take.start_date).all()
for take in takes:
take.start_time = take.start_date - sitting.start_date
take.end_time = take.end_date - sitting.start_date
sitting.takes = takes
sit = session.query(domain.Sitting).get(sitting.sitting_id)
sitting.file = sit.media_path
sitting.name = sitting.group.short_name + str(sitting.start_date.strftime('%d-%B-%Y %H:%M'))
return sittings
def parliament_id(self):
"""Vocabularies in the forms get the parliament id from the context,
this property returns the id of the parliament the currently logged in
user is a member of
"""
user = utils.get_db_user()
user_parliament = utils.get_parliament_for_user(user)
return user_parliament.group_id
def checkEmail(self):
session = Session()
users = session.query(User).filter(User.email==self.email)
message = _("error_profile_email_taken", "Email already taken!")
if users.count() > 1:
raise interface.Invalid(message,"email")
if users.count() == 1 and users.first().user_id != get_db_user().user_id:
raise interface.Invalid(message,"email")
def __init__(self, context):
self.context = context
user = utils.get_db_user()
user_parliament = utils.get_parliament_for_user(user)
if user_parliament:
self.object_type = user_parliament.type
self.oid = user_parliament.group_id
else:
self.object_type = None
self.oid = None
def get_body_css_class(self):
# Add custom css classes to the list below
parliament_type = "default"
user = utils.get_db_user()
if user:
parliament = utils.get_parliament_for_user(user)
if parliament and parliament.parliament_type:
parliament_type = parliament.parliament_type
classes = ["yui-skin-sam", "section-bungeni-%s" % get_section_name(),
"chamber-%s" % parliament_type]
return " ".join(classes)
def user_is_context_owner(context):
"""Test if current user is the context owner e.g. to check if someone
manipulating the context object is other than the owner of the object.
A delegate is considered to be an owner of the object
"""
user = model_utils.get_db_user()
owner_login = utils.get_owner_login_pi(context)
if user.login == owner_login:
return True
delegations = delegation.get_user_delegations(user.user_id)
users = [delegate.login for delegate in delegations]
return owner_login in users
def user_is_context_owner(context):
"""Test if current user is the context owner e.g. to check if someone
manipulating the context object is other than the owner of the object.
A delegate is considered to be an owner of the object
"""
user = model_utils.get_db_user()
owner_login = utils.get_owner_login_pi(context)
if user.login == owner_login:
return True
delegations = delegation.get_user_delegations(user.user_id)
users = [delegate.login for delegate in delegations]
return owner_login in users
def getter(item, formatter):
state_title = get_wf_state(item)
request = common.get_request()
state_title = translate(state_title, domain="bungeni", context=request)
# !+MY_LISTING_ROWS(mr, aug-2012) the following is a (exploratory)
# mechanism to add a distinction between what rows are owned by the
# current user and others. Here it is added only to "status" columns
# but a generic "row-level" means to mark such rows as different
# from the others may be a useful feature.
if IWorkspaceSectionLayer.providedBy(request) and IOwned.providedBy(item):
# !+delegation?
if item.owner == get_db_user():
state_title = "<b>%s</b> *" % (state_title)
return state_title
def getter(item, formatter):
state_title = get_wf_state(item)
request = common.get_request()
state_title = translate(state_title, domain="bungeni", context=request)
# !+MY_LISTING_ROWS(mr, aug-2012) the following is a (exploratory)
# mechanism to add a distinction between what rows are owned by the
# current user and others. Here it is added only to "status" columns
# but a generic "row-level" means to mark such rows as different
# from the others may be a useful feature.
if IWorkspaceSectionLayer.providedBy(request) and IOwned.providedBy(item):
# !+delegation?
if item.owner == get_db_user():
state_title = "<b>%s</b> *" % (state_title)
return state_title
def user_is_state_creator(context):
"""Did the current user create current state - based on workflow log?
"""
is_state_creator = False
if IAuditable.providedBy(context):
current_user = model_utils.get_db_user()
if current_user:
for _object_change in reversed(context.changes):
if _object_change.action == "workflow":
extras = _object_change.extras
if extras and (extras.get("destination") == context.status):
if _object_change.user.login == current_user.login:
is_state_creator = True
break
return is_state_creator
def user_is_state_creator(context):
"""Did the current user create current state - based on workflow log?
"""
is_state_creator = False
if IAuditable.providedBy(context):
current_user = model_utils.get_db_user()
if current_user:
for _object_change in reversed(
domain.get_changes(context.changes, "workflow")):
extras = _object_change.extras
if extras and (extras.get("destination") == context.status):
if _object_change.user.login == current_user.login:
is_state_creator = True
break
return is_state_creator
def user_is_context_owner(context):
"""Test if current user is the context owner e.g. to check if someone
manipulating the context object is other than the owner of the object.
A delegate is considered to be an owner of the object
"""
user = model_utils.get_db_user()
owner_login = utils.get_owner_login_pi(context)
session = Session()
delegations = session.query(domain.User) \
.join((domain.UserDelegation, domain.User.user_id
==domain.UserDelegation.user_id)) \
.filter(domain.UserDelegation.delegation_id == user.user_id) \
.all()
users = [delegate.login for delegate in delegations]
users.append(owner_login)
return user.login in users
def user_is_context_owner(context):
"""Test if current user is the context owner e.g. to check if someone
manipulating the context object is other than the owner of the object.
A delegate is considered to be an owner of the object
"""
user = model_utils.get_db_user()
owner_login = utils.get_owner_login_pi(context)
session = Session()
delegations = session.query(domain.User) \
.join((domain.UserDelegation, domain.User.user_id
==domain.UserDelegation.user_id)) \
.filter(domain.UserDelegation.delegation_id == user.user_id) \
.all()
users = [delegate.login for delegate in delegations]
users.append(owner_login)
return user.login in users
def get_current_parliament(date=None, context=None):
"""Return the parliament for a given date (or the current for no date)
"""
#check logged in user's parliament:
parliament = utils.get_parliament_for_user(utils.get_db_user())
if parliament is None:
if context is not None:
# look for current parliament from context tree
_parent = context
while not interfaces.IParliament.providedBy(_parent):
_parent = _parent.__parent__
if _parent is None:
break
elif interfaces.IParliament.providedBy(_parent):
parliament = _parent
break
#assume unicameral
if parliament is None:
def getFilter(date):
return sql.or_(
sql.between(date,
schema.group.c.start_date, schema.group.c.end_date),
sql.and_(
schema.group.c.start_date<=date,
schema.group.c.end_date==None))
if not date:
date = datetime.date.today()
session = Session()
query = session.query(domain.Parliament).filter(getFilter(date))
try:
parliament = query.one()
except:
##XXX raise(_(u"inconsistent data: none or more than one parliament found for this date"))
# !+DATA(mb, July-2012) this should get the one active parliament
# needs some review if there is more than one parliament active e.g.
# bicameral legislatures
query = session.query(domain.Parliament).filter(schema.group.c.status=="active")
try:
parliament = query.one()
except Exception, e:
log.error("Could not find active parliament. Activate a parliament"
" in Bungeni admin :: %s", e.__repr__())
raise ValueError("Unable to locate a currently active parliament")
def handle_authorize_app(self, action, data):
session = Session()
oauth_authorization = domain.OAuthAuthorization()
oauth_authorization.user_id = get_db_user().user_id
app = session.query(domain.OAuthApplication
).filter(domain.OAuthApplication.identifier ==
data["client_id"]
).one()
oauth_authorization.application_id = app.application_id
oauth_authorization.authorization_code = get_key()
oauth_authorization.expiry = datetime.now() + timedelta(
seconds=capi.oauth_authorization_token_expiry_time)
oauth_authorization.active = True
session.add(oauth_authorization)
redirect_uri = "{0}?code={1}".format(
app.redirection_endpoint, oauth_authorization.authorization_code)
if data.get("state", None):
redirect_uri = "{0}&state={1}".format(redirect_uri, data["state"])
self.request.response.redirect(redirect_uri, trusted=True)
def _query(self, **kw):
results = []
session = Session()
user = utils.get_db_user()
#status = self.item_status_filter(kw)
reverse = True if (kw.get("sort_dir", "desc") == "desc") else False
query = session.query(domain.Group).join(
domain.GroupMembership).filter(
expression.and_(
domain.GroupMembership.user_id == user.user_id,
domain.GroupMembership.active_p == True,
#domain.Group.status.in_(status)
))
query = self.filter_title(query, domain.Group, kw)
query = self.filter_type(query, domain.Group, kw)
query = self.filter_status_date(query, domain.Group, kw)
query = self.order_query(query, domain.Group, kw, reverse)
results = query.all()
count = query.count()
return (results, count)
def _query(self, **kw):
session = Session()
user = utils.get_db_user()
reverse = True if (kw.get("sort_dir", "desc") == "desc") else False
results = []
domain_status = self.item_status_filter(kw)
for domain_class, status in domain_status.iteritems():
query = session.query(domain_class
).filter(domain_class.status.in_(status)
).enable_eagerloads(False
).join(domain.UserSubscription
).filter(domain.UserSubscription.user_id == user.user_id)
query = self.filter_title(query, domain_class, kw)
#filter on status_date
query = self.filter_status_date(query, domain_class, kw)
query = self.order_query(query, domain_class, kw, reverse)
results.extend(query.all())
count = len(results)
if (kw.get("sort_on", None) and kw.get("sort_dir", None)):
results.sort(key=lambda x: getattr(x, str(kw.get("sort_on"))),
reverse=reverse)
return (results, count)
def get_sittings(self):
session = Session()
logged_in_user = get_db_user()
title = get_title_of_user(logged_in_user.user_id)
sittings = session.query(domain.GroupSitting).join((domain.Assignment,
domain.GroupSitting.sitting_id
== domain.Assignment.sitting_id)) \
.filter(sql.and_(domain.GroupSitting.status == 'draft_minutes',
domain.Assignment.staff_id == logged_in_user.user_id)) \
.options( eagerload("hansard"),
eagerload("hansard.media_paths")).all()
for sitting in sittings:
if title == "Editor":
takes = session.query(domain.Take)\
.filter(sql.and_(domain.Take.editor_id == logged_in_user.user_id,
domain.Take.sitting_id == sitting.sitting_id)) \
.order_by(domain.Take.start_date).all()
elif title == "Reader":
takes = session.query(domain.Take)\
.filter(sql.and_(domain.Take.reader_id == logged_in_user.user_id,
domain.Take.sitting_id == sitting.sitting_id)) \
.order_by(domain.Take.start_date).all()
elif title == "Reporter":
takes = session.query(domain.Take)\
.filter(sql.and_(domain.Take.reporter_id == logged_in_user.user_id,
domain.Take.sitting_id == sitting.sitting_id)) \
.order_by(domain.Take.start_date).all()
for take in takes:
take.start_time = take.start_date - sitting.start_date
take.end_time = take.end_date - sitting.start_date
sitting.takes = takes
if sitting.hansard.media_paths:
sitting.file = sitting.hansard.media_paths.web_optimised_video_path
else:
sitting.file = ""
sitting.name = sitting.group.short_name + str(
sitting.start_date.strftime('%d-%B-%Y %H:%M'))
return sittings
def get_sittings(self):
session = Session()
logged_in_user = get_db_user()
title = get_title_of_user(logged_in_user.user_id)
sittings = session.query(domain.GroupSitting).join((domain.Assignment,
domain.GroupSitting.sitting_id
== domain.Assignment.sitting_id)) \
.filter(sql.and_(domain.GroupSitting.status == 'draft_minutes',
domain.Assignment.staff_id == logged_in_user.user_id)) \
.options( eagerload("hansard"),
eagerload("hansard.media_paths")).all()
for sitting in sittings:
if title == "Editor":
takes = session.query(domain.Take)\
.filter(sql.and_(domain.Take.editor_id == logged_in_user.user_id,
domain.Take.sitting_id == sitting.sitting_id)) \
.order_by(domain.Take.start_date).all()
elif title == "Reader":
takes = session.query(domain.Take)\
.filter(sql.and_(domain.Take.reader_id == logged_in_user.user_id,
domain.Take.sitting_id == sitting.sitting_id)) \
.order_by(domain.Take.start_date).all()
elif title == "Reporter":
takes = session.query(domain.Take)\
.filter(sql.and_(domain.Take.reporter_id == logged_in_user.user_id,
domain.Take.sitting_id == sitting.sitting_id)) \
.order_by(domain.Take.start_date).all()
for take in takes:
take.start_time = take.start_date - sitting.start_date
take.end_time = take.end_date - sitting.start_date
sitting.takes = takes
if sitting.hansard.media_paths:
sitting.file = sitting.hansard.media_paths.web_optimised_video_path
else:
sitting.file = ""
sitting.name = sitting.group.short_name + str(sitting.start_date.strftime('%d-%B-%Y %H:%M'))
return sittings
def is_owner(self):
return ((model_utils.get_prm_owner_principal_id(self.context)
== model_utils.get_principal_id())
or model_utils.get_db_user() == self.context.owner)
def is_owner(self):
return (
(model_utils.get_prm_owner_principal_id(self.context) ==
model_utils.get_principal_id()
) or model_utils.get_db_user() == self.context.owner
)
def __setitem__(self, name, item):
session = Session()
user = utils.get_db_user()
user_parliament = utils.get_parliament_for_user(user)
item.parliament_id = user_parliament.parliament_id
session.add(item)
def __init__(self, *args, **kwargs):
super(ChangePasswordForm, self).__init__(*args, **kwargs)
self.session = Session()
self.user = get_db_user(self.context)
def checkOldPassword(self):
if not get_db_user().checkPassword(self.old_password):
raise interface.Invalid(_("Old password incorrect"),
'old_password')
def __init__(self, *args, **kwargs):
super(Profile, self).__init__(*args, **kwargs)
self.user = get_db_user(self.context)
self.context = self.user
def generate_nonce(self, auth_time):
data = "{0}:{1}:{2}".format(
self.parameters["client_id"], get_db_user().user_id, auth_time)
return hmac.new(capi.oauth_hmac_key, data, hashlib.sha1).hexdigest()
