Beispiel #1
0
def password_reset(request):
    email = request.params.get('email')
    try:
        session = DBSession()
        user = DBSession.query(User).filter_by(email=email).one()
        ptoken = DBSession.query(PasswordResetToken).get(user.id)
        if not ptoken:
            ptoken = PasswordResetToken(user_id=user.id)
        token = str(uuid4())
        ptoken.token = token 
        session.add(ptoken)
    except NoResultFound:
        token = None

    if token:
#        settings = request.registry.settings
        mailer = get_mailer(request)
        headers = {"header": u'Password reset',
                   "message": u'Please click on the link bellow to reset your penelope account\'s password.',
                   "link": '%s/change_password?token=%s' % (request.application_url, token),
                   "action": 'Reset password'}
        message = Message(subject=u"Password reset request",
                          recipients=[email],
                          body=u'Password reset',
                          extra_headers={'X-MC-Template': 'general',
                                         'X-MC-MergeVars': json.dumps(headers)})
        mailer.send(message)
    return {'request': request, 'token': token}
 def test_password_set(self):
     email = u'*****@*****.**'
     self.add_user(email)
     session = DBSession()
     self.assertEqual(session.query(User).filter_by(email=email).one().password, None)
     token = self.generate_token(email)['token']
     from por.dashboard.security.views import change_password
     request = Request(method='POST', params={'token': token,
                                              'password': '******',
                                              'password_repeat': 'topsecret'})
     response = change_password(request)
     self.assertEqual(response.headers.get('Location'),'/login_form')
     self.assertNotEqual(session.query(User).filter_by(email=email).one().password, None)
Beispiel #3
0
    def render(self):
        result = {}
        result['main_template'] = get_renderer(
                'por.dashboard:skins/main_template.pt').implementation()
        result['main'] = get_renderer(
                'por.dashboard.forms:templates/master.pt').implementation()

        schema = WizardSchema().clone()
        wizard_fanstatic.need()
        form = WizardForm(schema,
                          formid='wizard',
                          method='POST',
                          buttons=[
                                 SubmitButton(title=u'Submit'),
                                 ResetButton(title=u'Reset'),
                          ])
        form['new_users'].widget = SequenceWidget()
        form['users'].widget = SequenceWidget(min_len=1)

        users = DBSession.query(User).order_by(User.fullname)
        form['users']['user']['usernames'].widget.values = [('', '')] + \
                                      [(str(u.id), u.fullname) for u in users]

        roles = DBSession.query(Role).order_by(Role.name)
        form['users']['user']['role'].widget.values = [('', '')] + \
                                 [(str(role.id), role.name) for role in roles]
        form['new_users']['new_user']['role'].widget.values = [('', '')] + \
                [(str(role.id), role.name) for role in roles]

        form['milestones'].widget = SequenceWidget(min_len=1)
        form['contracts'].title = ''
        form['contracts']['customer_requests'].widget = SequenceWidget(min_len=2)

        controls = self.request.POST.items()
        if controls != []:
            try:
                appstruct = form.validate(controls)
                self.handle_save(form, appstruct)
            except ValidationFailure as e:
                result['form'] = e.render()
                return result

        appstruct = {}
        appstruct['contracts'] ={'customer_requests': []}
        appstruct['contracts']['customer_requests'].append({'ticket': True,
                                                            'title': u'Analisi'})
        appstruct['contracts']['customer_requests'].append({'ticket': True,
                                                            'title': u'Supporto'})
        result['form'] = form.render(appstruct=appstruct)
        return result
 def test_token_store_cleanup(self):
     email = u'*****@*****.**'
     self.add_user(email)
     self.generate_token(email)['token']
     token2 = self.generate_token(email)['token']
     session = DBSession()
     self.assertEqual(len(session.query(PasswordResetToken).join(User).filter(User.email == email).all()),1)
     from por.dashboard.security.views import change_password
     request = Request(method='POST', params={'token': token2,
                                              'password': '******',
                                              'password_repeat': 'topsecret'})
     response = change_password(request)
     self.assertEqual(response.headers.get('Location'),'/login_form')
     self.assertEqual(len(session.query(PasswordResetToken).join(User).filter(User.email == email).all()),0)
Beispiel #5
0
 def test_project_modification_date(self):
     project_name = u'C project'
     session = DBSession()
     project = Project(name=project_name)
     session.add(project)
     transaction.commit()
     project = session.query(Project).filter_by(name=project_name).first()
     old_date = project.modification_date
     project.name = u'A modified project'
     time.sleep(0.1)
     transaction.commit()
     project = session.query(Project).filter_by(name=u'A modified project').first()
     new_date = project.modification_date
     self.assertNotEqual(old_date, new_date)
Beispiel #6
0
def timeentry_crstate_validation_errors(project_id, tickets, request):
    # XXX this check is deactivated for now (see #312)
    return []

    project = DBSession.query(Project).get(project_id)

    customer_requests = ticket_store.get_requests_from_tickets(project, tickets, request=request)

    for ticket_id, cr_id in customer_requests:
        cr = DBSession.query(CustomerRequest).get(cr_id)
        if cr.workflow_state != 'estimated':
            return ['Customer Request is not estimated']

    return []
Beispiel #7
0
def report_index(context, request):
    users = DBSession.query(User).order_by(User.fullname)
    users = filter_users_with_timeentries(users)
    projects = sorted(request.filter_viewables(qry_active_projects()), key=unicodelower)
    customers = sorted(set(p.customer for p in projects), key=unicodelower)

    current_uid = request.authenticated_user.id
    saved_queries = DBSession.query(SavedQuery).filter(SavedQuery.author_id==current_uid)
    return {
            'users': users,
            'customers': customers,
            'projects': projects,
            'saved_queries': saved_queries.all()
            }
Beispiel #8
0
 def unusedEmail(value):
     user = DBSession.query(User.id).filter(User.email == value).first()
     if user:
         return "email '%s' is already associated to another user" % \
                                                                  value
     else:
         return True
    def search(self, limit, author_id, project_id, date_from, date_to, searchtext):
        qry = DBSession.query(TimeEntry)

        qry = qry.filter(TimeEntry.author_id==author_id)

        if project_id is not colander.null:
            qry = qry.filter(TimeEntry.project_id==project_id)

        if date_from is not colander.null:
            qry = qry.filter(TimeEntry.date>=date_from)

        if date_to is not colander.null:
            qry = qry.filter(TimeEntry.date<=date_to)

        if searchtext is not colander.null:
            qry = qry.filter(TimeEntry.description.ilike(u'%{0}%'.format(searchtext)))

        qry = qry.order_by(sa.desc(TimeEntry.date), sa.desc(TimeEntry.start), sa.desc(TimeEntry.creation_date))

        if limit:
            qry = qry.limit(limit)

        qry = self.request.filter_viewables(qry)
        entries_by_date = []
        entries_count = 0
        
        for k, g in itertools.groupby(qry, operator.attrgetter('date')):
            g = list(g)
            entries_by_date.append((k, g))
            entries_count += len(g)

        return entries_by_date, entries_count
Beispiel #10
0
def latest_entries(context, request):
    """
    Returns an HTML fragment with tables of the latest time entries
    """

    qry = DBSession.query(TimeEntry)

    current_user = request.environ.get('repoze.who.identity')['user']
    qry = qry.filter(TimeEntry.author_id==current_user.id)

    qry = qry.order_by(sa.desc(TimeEntry.date), sa.desc(TimeEntry.start), sa.desc(TimeEntry.creation_date))
    time_entries_today = qry.filter(TimeEntry.date==datetime.date.today()).all()
    today_total = timedelta_as_human_str(sum([a.hours for a in time_entries_today], datetime.timedelta()))

    latest_limit = 20
    time_entries_latest = qry.limit(latest_limit)

    return {
            'context': context,
            'request': request,
            'time_entries_today': time_entries_today,
            'today_total': today_total,
            'time_entries_latest': time_entries_latest,
            'time_entries_latest_limit': latest_limit,
            'report_my_from_date': datetime.date.today() - datetime.timedelta(days=6),
            'today': datetime.date.today(),
            }
Beispiel #11
0
def get_user_by_openid(request, openid):
    """
    This method search for user using one of the possible user openids
    """
    session = DBSession()

    if not isinstance(openid, basestring):
        return {
                'status:': False,
                'message': u'Openid parameter must be a string!',
                }

    try:
        user = session.query(User).join('openids').filter_by(openid=openid).one()
    except orm_exc.NoResultFound:

        return {
                'status': False,
                'message': u'No user found in db for %s openid' % openid,
                }

    return {
            'status': True,
            'message': u'User found.',
            'email': user.email,
            'login': user.login,
            'openids': [x.openid for x in user.openids],
            }
Beispiel #12
0
def get_user_by_email(request, email):
    """
    This method search for user using his email address
    """
    session = DBSession()
    if not isinstance(email, basestring):
        return {
                'status:': False,
                'message': u'Email parameter must be a string!',
                }
    try:
        user = session.query(User).filter_by(email=email).one()
    except orm_exc.NoResultFound:
        return {
                'status': False,
                'message': u'No user found in db for %s mail address' % email,
                }

    return {
            'status': True,
            'message': u'User found.',
            'email': user.email,
            'login': user.login,
            'openids': [x.openid for x in user.openids]
            }
Beispiel #13
0
def get_project_by_name(request, project_name):
    """
    This method search for project by name
    """
    session = DBSession()

    if not isinstance(project_name, basestring):
        return {
                'status:': False,
                'message': u'Project name parameter must be a string!',
                }

    try:
        project = session.query(Project).filter_by(name=project_name).one()
    except orm_exc.NoResultFound:
        return {
                'status': False,
                'message': u'No project found in db for %s name' % project_name,
                }

    return {
            'status': True,
            'message': u'Project found.',
            'name': project.name,
            'id': project.id,
            'customer': project.customer.name,
            'applications': [x.name for x in project.applications],
            'customer_requests': [(x.id, x.name,) for x in project.customer_requests],
            }
Beispiel #14
0
def get_customer_by_name(request, customer_name):
    """
    This method search for customer by name
    """
    session = DBSession()

    if not isinstance(customer_name, basestring):
        return {
                'status:': False,
                'message': u'Customer name parameter must be a string!',
                }

    try:
        customer = session.query(Customer).filter_by(name=customer_name).one()
    except orm_exc.NoResultFound:
        return {
                'status': False,
                'message': u'No customer found in db for %s name' % customer_name,
                }

    return {
            'status': True,
            'message': u'Customer found.',
            'name': customer.name,
            'projects': [x.name for x in customer.projects],
            }
    def state_contract_change(self):
        new_state = self.request.POST['new_state']
        new_contract = self.request.POST['new_contract']
        invoice_number = self.request.POST['invoice_number']

        te_ids = set(int(s[3:])
                     for s, checkbox_state in self.request.POST.iteritems()
                     if s.startswith('te_') and checkbox_state=='on')

        qry = DBSession.query(TimeEntry).filter(TimeEntry.id.in_(te_ids))

        done_state = set()
        done_contract = set()
        errors = {}

        for te in qry:
            if new_state:
                try:
                    workflow = get_workflow(te, te.__class__.__name__)
                    workflow.transition_to_state(te, self.request, new_state, skip_same=True)
                    done_state.add(te.id)
                    if new_state == 'invoiced' and invoice_number:
                        te.invoice_number = invoice_number
                except WorkflowError as msg:
                    errors[te.id] = msg
            if new_contract:
                done_contract.add(te.id)
                te.contract_id = new_contract

        return done_state, done_contract, errors
Beispiel #16
0
    def add_tickets(self, project, customerrequest, tickets, reporter, notify=False):
        from trac.env import Environment
        from trac.ticket.notification import TicketNotifyEmail
        from trac.ticket.model import Ticket
        from trac.util.text import exception_to_unicode
        from por.models.dashboard import User

        settings = get_current_registry().settings
        tracenvs = settings.get('por.trac.envs')
        request = get_current_request()

        for trac in project.tracs:
            for t in tickets:
                owner = DBSession.query(User).get(t['owner'])
                ticket = {'summary': t['summary'],
                        'description': t['description'],
                        'customerrequest': customerrequest.id,
                        'reporter': reporter.email,
                        'type': 'task',
                        'priority': 'major',
                        'milestone': 'Backlog',
                        'owner': owner.email,
                        'status': 'new'}
                tracenv = Environment('%s/%s' % (tracenvs, trac.trac_name))
                tracenv.abs_href.base = trac.api_uri
                t = Ticket(tracenv)
                t.populate(ticket)
                t.insert()
                if notify:
                    try:
                        tn = TicketNotifyEmail(tracenv)
                        tn.notify(t, newticket=True)
                    except Exception, e:
                        request.add_message('Failure sending notification on creation '
                        'of a ticket #%s: %s' % (t.id, exception_to_unicode(e)), 'error')
Beispiel #17
0
def create_initial_application_acl(mapper, connection, target):
    if target.application_type == SVN:
        acl_rules = [
            ("internal_developer", "edit"),
            ("internal_developer", "view"),
            ("external_developer", "edit"),
            ("external_developer", "view"),
        ]
    else:
        acl_rules = [
            ("internal_developer", "view"),
            ("external_developer", "view"),
            ("secretary", "view"),
            ("secretary", "edit"),
        ]

    if target.application_type == "trac":
        acl_rules.append(("customer", "view"))

    for role_id, permission_name in acl_rules:
        acl = DBSession.query(ApplicationACL).get((target.id, role_id, permission_name))
        if not acl:
            acl = ApplicationACL(application_id=target.id, role_id=role_id, permission_name=permission_name)
            DBSession.add(acl)
        else:
            # XXX this should not happen.
            pass
Beispiel #18
0
 def test_add_project(self):
     project_name = u'A project'
     session = DBSession()
     project = Project(name=project_name)
     session.add(project)
     transaction.commit()
     self.assertEqual(session.query(Project).filter_by(name=project_name).first().name, 'A project')
Beispiel #19
0
def project_tree(context, request):
    """
    This view is used by the customer-project-request javascript filter.
    """
    all_projects = request.filter_viewables(DBSession.query(Project))

    all_projects = [
            project for project in request.filter_viewables(qry_active_projects())
            if request.has_permission('reports_all_entries_for_project', project)
            ]

    customers = request.filter_viewables(set(p.customer for p in all_projects if p.active))

    return [
            {
                'id': str(c.id),
                'name': c.name,
                'projects': [
                    {
                        'id': str(p.id),
                        'name': p.name,
                        'customer_requests': [
                            {
                                'id': str(cr.id),
                                'name': cr.name,
                                }
                            for cr in p.customer_requests
                            ],
                        }
                    for p in c.projects if p in all_projects
                    ]
                }
            for c in customers
            ]
Beispiel #20
0
 def smartadd_projects(self):
     """
     Returns a json list of project tags
     """
     qry = self.request.filter_viewables(DBSession.query(Project).filter(Project.active))
     projects = sorted((u'%s - %s' % (p.name, p.customer.name) for p in qry), key=unicodelower)
     return projects
Beispiel #21
0
def activate_iteration(context, request):
    docid = request.params.get('docid')
    if not docid:
        return view_iterations(context, request, validation_error=u'Missing document_id')

    #query = gdata.spreadsheet.service.CellQuery()

    #first take project names
    #query['min-col'] = '3'
    #query['max-col'] = '3'
    #query['min-row'] = '5'
    #cr_raw = get_cell_values(request, query)

    session = DBSession()

    #deactivate all CR
    #for cr in session.query(CustomerRequest):
    #    cr.active = False

    #activate selected CR
    #cr_ids = set([item for sublist in [a.split(',') for a in cr_raw] for item in sublist])
    #crs = session.query(CustomerRequest).filter(CustomerRequest.id.in_(cr_ids))
    #for cr in crs:
    #    cr.active = True

    gc = session.query(GlobalConfig).get(1)
    gc.active_iteration_url = docid

    return manage_iterations(context,request)
 def test_add_application_with_sa_to_project(self):
     session = DBSession()
     project = Project(name=u'My project 1')
     application = Application(name=u'Trac')
     project.add_application(application)
     session.add(project)
     transaction.commit()
     self.assertEqual(session.query(Project).filter_by(name=u'My project 1').first().applications[0].name, u'Trac')
 def test_add_application_to_project(self):
     session = DBSession()
     project = Project(name=u'My project 2')
     application = Application(name=u'Trac', api_uri='http://simple.api.uri')
     project.add_application(application)
     session.add(project)
     transaction.commit()
     self.assertEqual(session.query(Project).filter_by(name=u'My project 2').first().applications[0].name, u'Trac')
 def test_project_creation_date(self):
     session = DBSession()
     project = Project(name=u'My first project A')
     session.add(project)
     transaction.commit()
     self.assertEqual(session.query(Project)\
                             .filter_by(name=u'My first project A')\
                             .first().creation_date.strftime('%Y%m%d'), datetime.now().strftime('%Y%m%d'))
Beispiel #25
0
def search(request):

    schema = SearchSchema().bind(request=request)
    form = PorInlineForm(
                schema,
                formid='search',
                method='GET',
                buttons=[SearchButton(title=u'Search'),]
            )

    tracs = searchable_tracs(request)
    form['tracs'].widget.values = [('', '')] \
                              + [(t.trac_name, t.project_name) for t in tracs]

    users = DBSession.query(User).order_by(User.fullname)
    form['authors'].widget.values = [('', '')] \
                              + [(a.email, a.fullname) for a in users]

    controls = request.GET.items()
    if not controls:
        return {'form': form.render(),
                'results':[]}
    try:
        appstruct = form.validate(controls)
    except deform.ValidationFailure as e:
        return {'form': e.render(),
                'results':[]}

    params = appstruct.copy()
    if not params['tracs']:
        params['tracs'] = [t.trac_name for t in tracs]

    fs = FullTextSearch(request=request, **params)
    results = fs.get_search_results()
    next_url = None
    previous_url = None
    docs = []

    if results:
        docs = [FullTextSearchObject(**doc) for doc in results]
        records_len = results.result.numFound
        if not fs.page_start + fs.page_size >= records_len: # end of set
            next_query = add_param(request, 'page_start', fs.page_start + fs.page_size)
            next_url = current_route_url(request, _query=next_query)

        if not fs.page_start == 0:
            previous_page = fs.page_start - fs.page_size
            if previous_page < 0:
                previous_page = 0
            previous_query = add_param(request, 'page_start', previous_page)
            previous_url = current_route_url(request, _query=previous_query)

    return {'docs': docs,
            'next': next_url,
            'form': form.render(appstruct=appstruct),
            'previous': previous_url,
            'add_param': add_param,
            'results': results}
Beispiel #26
0
 def ticket_provider(project_id):
     if project_id:
         project = DBSession.query(Project).get(project_id)
         return [
                 t['id']
                 for t in ticket_store.get_tickets_for_project(project=project,
                                                               not_invoiced=True,
                                                               request=self.request)
                 ]
Beispiel #27
0
def save_query(context, request):
    current_uid = request.authenticated_user.id

    query_meta = cgi.parse_qs(request.POST['query_meta'])

    if not 'query_name' in query_meta:
        return Response(u"Please specify a query name.", status=409)

    query_name = query_meta['query_name'][0]

    taken = DBSession.query(SavedQuery).filter(SavedQuery.author_id==current_uid).filter(SavedQuery.query_name==query_name).count()

    submit_type = request.POST['submit_type']

    if submit_type == 'submit_edit':
        if taken:
            return Response(u"Name already in use: '%s'." % query_name, status=409)
        sq_id = query_meta['sq_id'][0]
        qry = DBSession.query(SavedQuery)
        qry = qry.filter(SavedQuery.author_id==current_uid)
        qry = qry.filter(SavedQuery.id==sq_id)
        sq = qry.one()
        sq.query_name = query_name
        return Response(u"The query has been renamed as '%s'." % query_name)
    elif submit_type == 'submit_delete':
        sq_id = query_meta['sq_id'][0]
        qry = DBSession.query(SavedQuery)
        qry = qry.filter(SavedQuery.author_id==current_uid)
        qry = qry.filter(SavedQuery.id==sq_id)
        sq = qry.one()
        DBSession.delete(sq)
        return Response(u"The saved query has been deleted.")
    elif submit_type == 'submit_add':
        if taken:
            return Response(u"Name already in use: '%s'." % query_name, status=409)
        # add
        sq = SavedQuery(query_name=query_name,
                        report_name=query_meta['report_name'][0],
                        query_string=request.POST['query_string'],
                        author_id = current_uid)
        DBSession.add(sq)
        return Response(u"The query has been saved as '%s'." % query_name)
Beispiel #28
0
    def smartadd_tickets(self):
        """
        Returns a json list of ticket tags
        """
        qry = self.request.filter_viewables(DBSession.query(Project).filter(Project.active))
        projects = dict(('%s - %s' % (p.name, p.customer.name), p.id) for p in qry)
        text = self.request.params['text']

        parser = SmartAddParser(text,
                                projects=projects,
                                request=self.request)

        if parser.TAG_TICK in parser.unparsed:
            ticket_search = parser.unparsed.split(parser.TAG_TICK)[-1]
        else:
            ticket_search = ''


        if ticket_search.isdigit():
            # ^= is startswith (http://trac.edgewall.org/wiki/TracQuery)
            query = ['id^=%s' % ticket_search]
        elif ticket_search:
            query = ['summary~=%s' % ticket_search]
        else:
            query = None

        if parser.project_id:
            project = DBSession.query(Project).get(parser.project_id)
            tickets = ticket_store.get_tickets_for_project(
                            project=project,
                            request=self.request,
                            query=query,
                            not_invoiced=True,
                            limit=15)
        else:
            tickets = []

        return [
            "%(id)s %(summary)s" % ticket
            for ticket in tickets
            if ticket['resolution'] not in ('invalid', 'duplicate')
            ]
def report_te_detail(context, request):
    ids = map(int, request.params['ids'].split(','))
    qry = DBSession.query(TimeEntry).filter(TimeEntry.id.in_(ids)).order_by(TimeEntry.id)
    projects = set(te.project for te in qry)
    for project in projects:
        if not request.has_permission('reports_all_entries_for_project', project):
            return HTTPForbidden()
    return {
            'time_entries': qry.all(),
            'ticket_url': ticket_url,
            }
Beispiel #30
0
    def smartadd_submit(self):
        """
        Receives a line of smart-add and performs validation/insertion.
        """
        projects = dict(
                ('%s - %s' % (p.name, p.customer.name), p.id)
                for p in self.request.filter_viewables(DBSession.query(Project).filter(Project.active))
                )

        def ticket_provider(project_id):
            if project_id:
                project = DBSession.query(Project).get(project_id)
                return [
                        t['id']
                        for t in ticket_store.get_tickets_for_project(project=project,
                                                                      not_invoiced=True,
                                                                      request=self.request)
                        ]

        parser = SmartAddParser(unicode(self.request.body, 'utf8', 'ignore'),
                                projects=projects,
                                available_tickets=ticket_provider,
                                request=self.request)

        errors = parser.validation_errors()
        if errors:
            # XXX register appropriate exception handler
            return Response(' - '.join(errors), status_int=400)

        pte = parser.parsed_time_entry
        parsed_tickets = pte['tickets']
        ticket_summaries = []

        entry_durations = list(time_chunks(pte['hours'], len(parsed_tickets)))

        for parsed_ticket, duration in zip(parsed_tickets, entry_durations):
            date = pte.get('date') or datetime.date.today()

            te = TimeEntry(date = date,
                           start = pte['start'],
                           end = pte['start'],
                           description = pte['description'],
                           ticket = parsed_ticket,
                           project_id = pte['project_id'],
                           hours = duration,
                           )
            te.request = self.request #bind for user calculation
            DBSession.add(te)
            # retrieve ticket descriptions (another trip to the store..)
            ticket_summaries.append(
                    '#%s (%s)' % (te.ticket, ticket_store.get_ticket(self.request, te.project_id, te.ticket)[3]['summary'])
                )

        return Response(u'Added to ticket(s) %s' % ', '.join(ticket_summaries))