Beispiel #1
0
 def checkEmail(self):
     session = Session()
     users = session.query(User).filter(User.email==self.email)
     if users.count() > 1:
         raise interface.Invalid(_("Email already taken!"),"email")
     if users.count() == 1 and users.first().user_id != get_db_user().user_id:
         raise interface.Invalid(_("Email already taken!"),"email")
Beispiel #2
0
 def get_sittings(self):
     session = Session()
     logged_in_user = get_db_user()
     title = get_title_of_user(logged_in_user.user_id)
     
     sittings = session.query(bungeni_domain.GroupSitting).join((domain.Assignment, 
                                 bungeni_domain.GroupSitting.sitting_id == domain.Assignment.sitting_id)) \
             .filter(sql.and_(bungeni_domain.GroupSitting.status == 'draft_minutes',
                     domain.Assignment.staff_id == logged_in_user.user_id)).all()
     for sitting in sittings:
         if title == "Editor":
             takes = session.query(domain.Take)\
                 .filter(sql.and_(domain.Take.editor_id == logged_in_user.user_id,
                 domain.Take.sitting_id == sitting.sitting_id)) \
                 .order_by(domain.Take.start_date).all()
         elif title == "Reader":
             takes = session.query(domain.Take)\
                 .filter(sql.and_(domain.Take.reader_id == logged_in_user.user_id,
                 domain.Take.sitting_id == sitting.sitting_id)) \
                 .order_by(domain.Take.start_date).all()
         elif title == "Reporter":
             takes = session.query(domain.Take)\
                 .filter(sql.and_(domain.Take.reporter_id == logged_in_user.user_id,
                 domain.Take.sitting_id == sitting.sitting_id)) \
                 .order_by(domain.Take.start_date).all()
         for take in takes:
             take.start_time = take.start_date - sitting.start_date
             take.end_time = take.end_date - sitting.start_date
         sitting.takes = takes
         sit = session.query(domain.Sitting).get(sitting.sitting_id)
         sitting.file = sit.media_path
         sitting.name = sitting.group.short_name + str(sitting.start_date.strftime('%d-%B-%Y %H:%M'))
     return sittings
Beispiel #3
0
 def parliament_id(self):
     """Vocabularies in the forms get the parliament id from the context,
     this property returns the id of the parliament the currently logged in
     user is a member of
     """
     user = utils.get_db_user()
     user_parliament = utils.get_parliament_for_user(user)
     return user_parliament.group_id
Beispiel #4
0
 def checkEmail(self):
     session = Session()
     users = session.query(User).filter(User.email==self.email)
     message = _("error_profile_email_taken", "Email already taken!")
     if users.count() > 1:
         raise interface.Invalid(message,"email")
     if users.count() == 1 and users.first().user_id != get_db_user().user_id:
         raise interface.Invalid(message,"email")
Beispiel #5
0
 def __init__(self, context):
     self.context = context
     user = utils.get_db_user()
     user_parliament = utils.get_parliament_for_user(user)
     if user_parliament:
         self.object_type = user_parliament.type
         self.oid = user_parliament.group_id
     else:
         self.object_type = None
         self.oid = None
Beispiel #6
0
 def get_body_css_class(self):
     # Add custom css classes to the list below
     parliament_type = "default"
     user = utils.get_db_user()
     if user:
         parliament = utils.get_parliament_for_user(user)
         if parliament and parliament.parliament_type:
             parliament_type = parliament.parliament_type
     classes = ["yui-skin-sam", "section-bungeni-%s" % get_section_name(),
                "chamber-%s" % parliament_type]
     return " ".join(classes)
Beispiel #7
0
def user_is_context_owner(context):
    """Test if current user is the context owner e.g. to check if someone 
        manipulating the context object is other than the owner of the object.
        
        A delegate is considered to be an owner of the object
    """
    user = model_utils.get_db_user()
    owner_login = utils.get_owner_login_pi(context)
    if user.login == owner_login:
        return True
    delegations = delegation.get_user_delegations(user.user_id)
    users = [delegate.login for delegate in delegations]
    return owner_login in users
def user_is_context_owner(context):
    """Test if current user is the context owner e.g. to check if someone 
        manipulating the context object is other than the owner of the object.
        
        A delegate is considered to be an owner of the object
    """
    user = model_utils.get_db_user()
    owner_login = utils.get_owner_login_pi(context)
    if user.login == owner_login:
        return True
    delegations = delegation.get_user_delegations(user.user_id)
    users = [delegate.login for delegate in delegations]
    return owner_login in users
Beispiel #9
0
 def getter(item, formatter):
     state_title = get_wf_state(item)
     request = common.get_request()
     state_title = translate(state_title, domain="bungeni", context=request)
     # !+MY_LISTING_ROWS(mr, aug-2012) the following is a (exploratory) 
     # mechanism to add a distinction between what rows are owned by the 
     # current user and others. Here it is added only to "status" columns
     # but a generic "row-level" means to mark such rows as different 
     # from the others may be a useful feature.
     if IWorkspaceSectionLayer.providedBy(request) and IOwned.providedBy(item):
         # !+delegation?
         if item.owner == get_db_user():
             state_title = "<b>%s</b> *" % (state_title)
     return state_title
Beispiel #10
0
 def getter(item, formatter):
     state_title = get_wf_state(item)
     request = common.get_request()
     state_title = translate(state_title, domain="bungeni", context=request)
     # !+MY_LISTING_ROWS(mr, aug-2012) the following is a (exploratory)
     # mechanism to add a distinction between what rows are owned by the
     # current user and others. Here it is added only to "status" columns
     # but a generic "row-level" means to mark such rows as different
     # from the others may be a useful feature.
     if IWorkspaceSectionLayer.providedBy(request) and IOwned.providedBy(item):
         # !+delegation?
         if item.owner == get_db_user():
             state_title = "<b>%s</b> *" % (state_title)
     return state_title
def user_is_state_creator(context):
    """Did the current user create current state - based on workflow log?
    """
    is_state_creator = False
    if IAuditable.providedBy(context):
        current_user = model_utils.get_db_user()
        if current_user:
            for _object_change in reversed(context.changes):
                if _object_change.action == "workflow":
                    extras = _object_change.extras
                    if extras and (extras.get("destination") == context.status):
                        if _object_change.user.login == current_user.login:
                            is_state_creator = True
                    break
    return is_state_creator
Beispiel #12
0
def user_is_state_creator(context):
    """Did the current user create current state - based on workflow log?
    """
    is_state_creator = False
    if IAuditable.providedBy(context):
        current_user = model_utils.get_db_user()
        if current_user:
            for _object_change in reversed(
                    domain.get_changes(context.changes, "workflow")):
                extras = _object_change.extras
                if extras and (extras.get("destination") == context.status):
                    if _object_change.user.login == current_user.login:
                        is_state_creator = True
                break
    return is_state_creator
Beispiel #13
0
def user_is_context_owner(context):
    """Test if current user is the context owner e.g. to check if someone 
        manipulating the context object is other than the owner of the object.
        
        A delegate is considered to be an owner of the object
    """
    user = model_utils.get_db_user()
    owner_login = utils.get_owner_login_pi(context)
    session = Session()
    delegations = session.query(domain.User) \
                    .join((domain.UserDelegation, domain.User.user_id
                                        ==domain.UserDelegation.user_id)) \
                    .filter(domain.UserDelegation.delegation_id == user.user_id) \
                    .all()
    users = [delegate.login for delegate in delegations]
    users.append(owner_login)
    return user.login in users
def user_is_context_owner(context):
    """Test if current user is the context owner e.g. to check if someone 
        manipulating the context object is other than the owner of the object.
        
        A delegate is considered to be an owner of the object
    """
    user = model_utils.get_db_user()
    owner_login = utils.get_owner_login_pi(context)
    session = Session()
    delegations = session.query(domain.User) \
                    .join((domain.UserDelegation, domain.User.user_id
                                        ==domain.UserDelegation.user_id)) \
                    .filter(domain.UserDelegation.delegation_id == user.user_id) \
                    .all()
    users = [delegate.login for delegate in delegations]
    users.append(owner_login) 
    return user.login in users
def get_current_parliament(date=None, context=None):
    """Return the parliament for a given date (or the current for no date)
    """
    #check logged in user's parliament:
    parliament = utils.get_parliament_for_user(utils.get_db_user())
    if parliament is None:
        if context is not None:
            # look for current parliament from context tree
            _parent = context
            while not interfaces.IParliament.providedBy(_parent):
                _parent = _parent.__parent__
                if _parent is None:
                    break
                elif interfaces.IParliament.providedBy(_parent):
                    parliament = _parent
                    break
    #assume unicameral
    if parliament is None:
        def getFilter(date):
            return sql.or_(
                sql.between(date, 
                    schema.group.c.start_date, schema.group.c.end_date),
                sql.and_(
                    schema.group.c.start_date<=date, 
                    schema.group.c.end_date==None))
        if not date:
            date = datetime.date.today()
        session = Session()
        query = session.query(domain.Parliament).filter(getFilter(date))
        try:
            parliament = query.one()
        except:
            ##XXX raise(_(u"inconsistent data: none or more than one parliament found for this date"))
            # !+DATA(mb, July-2012) this should get the one active parliament
            # needs some review if there is more than one parliament active e.g.
            # bicameral legislatures
            query = session.query(domain.Parliament).filter(schema.group.c.status=="active")
            try:
                parliament = query.one()
            except Exception, e:
                log.error("Could not find active parliament. Activate a parliament"
                    " in Bungeni admin :: %s", e.__repr__())
                raise ValueError("Unable to locate a currently active parliament")
Beispiel #16
0
 def handle_authorize_app(self, action, data):
     session = Session()
     oauth_authorization = domain.OAuthAuthorization()
     oauth_authorization.user_id = get_db_user().user_id
     app = session.query(domain.OAuthApplication
         ).filter(domain.OAuthApplication.identifier ==
             data["client_id"]
         ).one()
     oauth_authorization.application_id = app.application_id
     oauth_authorization.authorization_code = get_key()
     oauth_authorization.expiry = datetime.now() + timedelta(
         seconds=capi.oauth_authorization_token_expiry_time)
     oauth_authorization.active = True
     session.add(oauth_authorization)
     redirect_uri = "{0}?code={1}".format(
         app.redirection_endpoint, oauth_authorization.authorization_code)
     if data.get("state", None):
         redirect_uri = "{0}&state={1}".format(redirect_uri,  data["state"])
     self.request.response.redirect(redirect_uri, trusted=True)
Beispiel #17
0
 def _query(self, **kw):
     results = []
     session = Session()
     user = utils.get_db_user()
     #status = self.item_status_filter(kw)
     reverse = True if (kw.get("sort_dir", "desc") == "desc") else False
     query = session.query(domain.Group).join(
         domain.GroupMembership).filter(
         expression.and_(
                 domain.GroupMembership.user_id == user.user_id,
                 domain.GroupMembership.active_p == True,
                 #domain.Group.status.in_(status)
                 ))
     query = self.filter_title(query, domain.Group, kw)
     query = self.filter_type(query, domain.Group, kw)
     query = self.filter_status_date(query, domain.Group, kw)
     query = self.order_query(query, domain.Group, kw, reverse)
     results = query.all()
     count = query.count()
     return (results, count)
Beispiel #18
0
 def _query(self, **kw):
     session = Session()
     user = utils.get_db_user()
     reverse = True if (kw.get("sort_dir", "desc") == "desc") else False
     results = []
     domain_status = self.item_status_filter(kw)
     for domain_class, status in domain_status.iteritems():
         query = session.query(domain_class
             ).filter(domain_class.status.in_(status)
             ).enable_eagerloads(False
             ).join(domain.UserSubscription
             ).filter(domain.UserSubscription.user_id == user.user_id)
         query = self.filter_title(query, domain_class, kw)
         #filter on status_date
         query = self.filter_status_date(query, domain_class, kw)
         query = self.order_query(query, domain_class, kw, reverse)
         results.extend(query.all())
     count = len(results)
     if (kw.get("sort_on", None) and kw.get("sort_dir", None)):
         results.sort(key=lambda x: getattr(x, str(kw.get("sort_on"))),
                      reverse=reverse)
     return (results, count)
Beispiel #19
0
    def get_sittings(self):
        session = Session()
        logged_in_user = get_db_user()
        title = get_title_of_user(logged_in_user.user_id)

        sittings = session.query(domain.GroupSitting).join((domain.Assignment,
                                    domain.GroupSitting.sitting_id
                                             == domain.Assignment.sitting_id)) \
                .filter(sql.and_(domain.GroupSitting.status == 'draft_minutes',
                        domain.Assignment.staff_id == logged_in_user.user_id)) \
                .options( eagerload("hansard"),
                            eagerload("hansard.media_paths")).all()
        for sitting in sittings:
            if title == "Editor":
                takes = session.query(domain.Take)\
                    .filter(sql.and_(domain.Take.editor_id == logged_in_user.user_id,
                    domain.Take.sitting_id == sitting.sitting_id)) \
                    .order_by(domain.Take.start_date).all()
            elif title == "Reader":
                takes = session.query(domain.Take)\
                    .filter(sql.and_(domain.Take.reader_id == logged_in_user.user_id,
                    domain.Take.sitting_id == sitting.sitting_id)) \
                    .order_by(domain.Take.start_date).all()
            elif title == "Reporter":
                takes = session.query(domain.Take)\
                    .filter(sql.and_(domain.Take.reporter_id == logged_in_user.user_id,
                    domain.Take.sitting_id == sitting.sitting_id)) \
                    .order_by(domain.Take.start_date).all()
            for take in takes:
                take.start_time = take.start_date - sitting.start_date
                take.end_time = take.end_date - sitting.start_date
            sitting.takes = takes
            if sitting.hansard.media_paths:
                sitting.file = sitting.hansard.media_paths.web_optimised_video_path
            else:
                sitting.file = ""
            sitting.name = sitting.group.short_name + str(
                sitting.start_date.strftime('%d-%B-%Y %H:%M'))
        return sittings
Beispiel #20
0
 def get_sittings(self):
     session = Session()
     logged_in_user = get_db_user()
     title = get_title_of_user(logged_in_user.user_id)
     
     sittings = session.query(domain.GroupSitting).join((domain.Assignment, 
                                 domain.GroupSitting.sitting_id 
                                          == domain.Assignment.sitting_id)) \
             .filter(sql.and_(domain.GroupSitting.status == 'draft_minutes',
                     domain.Assignment.staff_id == logged_in_user.user_id)) \
             .options( eagerload("hansard"),
                         eagerload("hansard.media_paths")).all()
     for sitting in sittings:
         if title == "Editor":
             takes = session.query(domain.Take)\
                 .filter(sql.and_(domain.Take.editor_id == logged_in_user.user_id,
                 domain.Take.sitting_id == sitting.sitting_id)) \
                 .order_by(domain.Take.start_date).all()
         elif title == "Reader":
             takes = session.query(domain.Take)\
                 .filter(sql.and_(domain.Take.reader_id == logged_in_user.user_id,
                 domain.Take.sitting_id == sitting.sitting_id)) \
                 .order_by(domain.Take.start_date).all()
         elif title == "Reporter":
             takes = session.query(domain.Take)\
                 .filter(sql.and_(domain.Take.reporter_id == logged_in_user.user_id,
                 domain.Take.sitting_id == sitting.sitting_id)) \
                 .order_by(domain.Take.start_date).all()
         for take in takes:
             take.start_time = take.start_date - sitting.start_date
             take.end_time = take.end_date - sitting.start_date
         sitting.takes = takes
         if sitting.hansard.media_paths:
             sitting.file = sitting.hansard.media_paths.web_optimised_video_path
         else:
             sitting.file = ""
         sitting.name = sitting.group.short_name + str(sitting.start_date.strftime('%d-%B-%Y %H:%M'))
     return sittings
Beispiel #21
0
 def is_owner(self):
     return ((model_utils.get_prm_owner_principal_id(self.context)
              == model_utils.get_principal_id())
             or model_utils.get_db_user() == self.context.owner)
 def is_owner(self):
     return (
         (model_utils.get_prm_owner_principal_id(self.context) ==
             model_utils.get_principal_id()
         ) or model_utils.get_db_user() == self.context.owner
     )
Beispiel #23
0
 def __setitem__(self, name, item):
     session = Session()
     user = utils.get_db_user()
     user_parliament = utils.get_parliament_for_user(user)
     item.parliament_id = user_parliament.parliament_id
     session.add(item)
Beispiel #24
0
 def __init__(self, *args, **kwargs):
     super(ChangePasswordForm, self).__init__(*args, **kwargs)
     self.session = Session()
     self.user = get_db_user(self.context)
Beispiel #25
0
 def checkOldPassword(self):
     if not get_db_user().checkPassword(self.old_password):
         raise interface.Invalid(_("Old password incorrect"),
                                   'old_password')
Beispiel #26
0
 def __init__(self, *args, **kwargs):
     super(Profile, self).__init__(*args, **kwargs)
     self.user = get_db_user(self.context)
     self.context = self.user
Beispiel #27
0
 def generate_nonce(self, auth_time):
     data = "{0}:{1}:{2}".format(
         self.parameters["client_id"], get_db_user().user_id, auth_time)
     return hmac.new(capi.oauth_hmac_key, data, hashlib.sha1).hexdigest()