def table_view(request):
can_i_edit = has_permission('edit', request.context, request)
can_i_edit = isinstance(can_i_edit, ACLAllowed)
user_id = authenticated_userid(request)
dbsession = DBSession()
card, user = None, None
try:
card = dbsession.query(Cards).filter_by(id=request.matchdict['id']).one()
user = dbsession.query(User).filter_by(id=user_id).one() if can_i_edit else None
result = card.as_json_dict()
except NoResultFound:
result = {'success': False, 'msg': 'Результатов, соответствующих запросу, не найдено'}
if not can_i_edit:
# обнулим координаты перед показом
result['lat'] = 0
result['lon'] = 0
if isinstance(has_permission('admin', request.context, request), ACLAllowed):
is_editable = True
else:
is_editable = card.inserter == user.person_id if user else False
dbsession.close()
return {'data': result, 'editable': is_editable, 'success': True}
def get_profile_actions(profile, request):
profile_url = request.resource_url(profile)
actions = []
same_user = (authenticated_userid(request) == profile.__name__)
if has_permission('administer', profile, request):
actions.append(('Edit', '%sadmin_edit_profile.html' % profile_url))
elif same_user:
actions.append(('Edit', '%sedit_profile.html' % profile_url))
if same_user:
actions.append(('Manage Communities', 'manage_communities.html'))
actions.append(('Manage Tags', 'manage_tags.html'))
if has_permission('administer', profile, request):
actions.append(('Advanced', '%sadvanced.html' % profile_url))
if request.cookies.get('ux2') == 'true':
if same_user:
actions.append(('Deactivate My Account', 'javascript:deactivate()'))
if has_permission('administer', profile, request) and not same_user:
users = find_users(profile)
userid = profile.__name__
user = users.get_by_id(userid)
if user is not None:
is_active = True
else:
is_active = False
if is_active:
actions.append(('Deactivate This User', 'javascript:deactivate()'))
if not is_active:
actions.append(('Reactivate This User', 'javascript:reactivate()'))
return actions
def navbar(context, request):
def nav_item(name, url, icon=None):
from phoenix.utils import root_path
active = root_path(request.current_route_path()) == root_path(url)
return dict(name=name, url=url, active=active, icon=icon)
items = []
if has_permission("edit", request.context, request):
items.append(nav_item("Processes", request.route_path("processes")))
if has_permission("submit", request.context, request):
items.append(nav_item("Wizard", request.route_path("wizard")))
items.append(nav_item("Monitor", request.route_path("monitor")))
subitems = []
if has_permission("edit", request.context, request):
subitems.append(nav_item("Profile", request.route_path("profile", tab="account"), icon="fa fa-user"))
subitems.append(nav_item("Dashboard", request.route_path("dashboard", tab="jobs"), icon="fa fa-dashboard"))
if has_permission("admin", request.context, request):
subitems.append(nav_item("Settings", request.route_path("settings"), icon="fa fa-wrench"))
login = "******" in request.current_route_url()
username = None
try:
user = get_user(request)
if user:
username = user.get("name")
except:
logger.exception("could not get username")
return dict(title="Phoenix", items=items, subitems=subitems, username=username, login=login)
def admin_menu(context, request):
admin_settings = {}
site = find_site(context)
settings = request.registry.settings
syslog_view = get_setting(context, 'syslog_view', None)
admin_settings['syslog_view_enabled'] = syslog_view != None
admin_settings['has_logs'] = not not get_setting(context, 'logs_view', None)
admin_settings['redislog'] = asbool(settings.get('redislog', 'False'))
admin_settings['can_administer'] = has_permission('administer', site, request)
admin_settings['can_email'] = has_permission('email', site, request)
statistics_folder = get_setting(context, 'statistics_folder', None)
if statistics_folder is not None and os.path.exists(statistics_folder):
csv_files = [fn for fn in os.listdir(statistics_folder)
if fn.endswith('.csv')]
admin_settings['statistics_view_enabled'] = not not csv_files
else:
admin_settings['statistics_view_enabled'] = False
admin_settings['quarantine_url'] = ('%s/po_quarantine.html' %
request.application_url)
site = find_site(context)
if 'offices' in site:
admin_settings['offices_url'] = resource_url(site['offices'], request)
else:
admin_settings['offices_url'] = None
admin_settings['has_mailin'] = (
get_setting(context, 'zodbconn.uri.postoffice') and
get_setting(context, 'postoffice.queue'))
return admin_settings
def table_view(request):
can_i_edit = has_permission('edit', request.context, request)
can_i_edit = isinstance(can_i_edit, ACLAllowed)
user_id = authenticated_userid(request)
try:
model = table_by_name(request.matchdict['table'])
except KeyError:
return {'success': False, 'msg': 'Ошибка: отсутствует таблица с указанным именем'}
dbsession = DBSession()
try:
entity = dbsession.query(model).filter_by(id=request.matchdict['id']).one()
user = dbsession.query(User).filter_by(id=user_id).one() if can_i_edit else None
result = {'data': entity.as_json_dict(), 'success': True}
except NoResultFound:
result = {'success': False, 'msg': 'Результатов, соответствующих запросу, не найдено'}
if hasattr(entity, 'inserter'):
if isinstance(has_permission('admin', request.context, request), ACLAllowed):
is_editable = True
else:
is_editable = entity.inserter == user.person_id if user else False
else:
is_editable = True
result['editable'] = is_editable
dbsession.close()
return result
def show_collection(request):
user = get_user(request)
collection_id = request.matchdict['collection_id']
collection = DBSession.query(Collection).get(collection_id)
assets = collection.assets
page_assets, page_screenshots = [], {}
for asset in assets:
derivatives = asset.derivatives
transcode_matches = [d.path for d in derivatives if d.derivative_type == 'transcode.480.mp4']
screenshot_matches = [d.path for d in derivatives if d.derivative_type == 'screenshot.180.gif']
thumbnail_matches = [d.path for d in derivatives if d.derivative_type == 'thumbnail.180.png']
if transcode_matches and screenshot_matches and thumbnail_matches:
transcode = transcode_matches[0]
screenshot = screenshot_matches[0]
thumbnail = thumbnail_matches[0]
page_assets.append(asset)
asset.screenshot = screenshot
asset.thumbnail = thumbnail
grant = DBSession.query(CollectionGrant).filter(CollectionGrant.collection_id==collection_id).filter(CollectionGrant.user_id==user.id).first()
if user.superuser:
admin_collections = DBSession.query(Collection).filter(Collection.active==True).all()
else:
admin_collections = DBSession.query(Collection).join(CollectionGrant).filter(CollectionGrant.user_id==user.id).filter(CollectionGrant.grant_type=='admin').filter(Collection.active==True).all()
admin_collections = [c for c in admin_collections if c.id != collection_id]
return {
'collection' : collection,
'page_assets' : page_assets,
'base_media_url' : Config.BASE_MEDIA_URL,
'user' : user,
'show_admin_link' : has_permission('admin', request.context, request),
'show_asset_checkboxes' : has_permission('admin', request.context, request),
'admin_collections' : admin_collections,
}
def list_collections(request):
user = get_user(request)
if user.superuser:
collections = DBSession.query(Collection, func.count(Asset.id)) \
.outerjoin(Asset) \
.group_by(Collection.id) \
.order_by(Collection.name) \
.filter(Collection.active==True) \
.all()
collections = [(collection, count, True) for collection, count in collections]
else:
collections = DBSession.query(Collection, func.count(Asset.id), func.max(CollectionGrant.grant_type)) \
.outerjoin(Asset) \
.group_by(Collection.id) \
.order_by(Collection.name) \
.join(CollectionGrant) \
.filter(CollectionGrant.user_id==user.id) \
.filter(Collection.active==True) \
.all()
collections = [(collection, count, grant_type=='admin') for collection, count, grant_type in collections]
return {
'collections' : collections,
'user' : user,
'show_add_collection_link' : has_permission('admin', request.context, request),
'is_user_admin' : has_permission('admin', request.context, request),
}
def do_approve(request):
APPROVE_THREDHOLD = 10
user_id = request.matchdict['user_id']
try:
user = models.User.objects.with_id(user_id)
except Exception as e:
return HTTPFound(location=request.route_path('manager.users.approve'))
approver = models.Approver(user=request.user,
ip_address=request.environ.get('REMOTE_ADDR'))
user.approvers.append(approver)
user.save()
if len(user.approvers) >= APPROVE_THREDHOLD \
or has_permission('admin', request.context, request)\
or has_permission('moderator', request.context, request):
user.status = 'activate'
role = user.get_role('anonymous')
user.roles.remove(role)
role = models.Role.objects(name='member').first()
user.roles.append(role)
user.save()
return HTTPFound(location=request.route_path('manager.users.approve'))
def models(self, **kwargs):
"""Models index page"""
request = self.request
models = {}
if isinstance(request.models, list):
for model in request.models:
if has_permission('view', model, request):
key = model.__name__
models[key] = request.fa_url(key, request.format)
else:
for key, obj in request.models.__dict__.iteritems():
if not key.startswith('_'):
if Document is not None:
try:
if issubclass(obj, Document):
if has_permission('view', obj, request):
models[key] = request.fa_url(key, request.format)
continue
except:
pass
try:
class_mapper(obj)
except:
continue
if not isinstance(obj, type):
continue
if has_permission('view', obj, request):
models[key] = request.fa_url(key, request.format)
if kwargs.get('json'):
return models
return self.render(models=models)
def get_admin_menus(request):
"""
Build the admin menu
"""
menu = Menu()
if has_permission("admin", request.context, request):
href = request.route_path("admin_index")
menu.add_item(u"Configuration", icon="fa fa-cogs", href=href)
documents = DropDown(label=u"Documents")
href = request.route_path("invoices")
documents.add_item(u"Factures", icon="fa fa-file", href=href)
href = request.route_path('expenses')
documents.add_item(u'Notes de frais', icon='fa fa-file-o', href=href)
menu.add(documents)
if has_permission("admin", request.context, request):
treasury = DropDown(label=u"Comptabilité")
href = request.route_path("sage_invoice_export")
treasury.add_item(
u"Export des factures",
icon="fa fa-edit",
href=href
)
href = request.route_path("sage_expense_export")
treasury.add_item(
u"Export des notes de frais",
icon="fa fa-credit-card",
href=href
)
href = request.route_path("admin_treasury_all")
treasury.add_item(
u"Bulletins de salaire",
icon="fa fa-send-o",
href=href
)
menu.add(treasury)
accompagnement = DropDown(label=u"Accompagnement")
href = request.route_path('activities')
accompagnement.add_item(u"Rendez-vous", href=href, icon="fa fa-calendar")
href = request.route_path('workshops')
accompagnement.add_item(u"Ateliers", href=href, icon="fa fa-slideshare")
menu.add(accompagnement)
href = request.route_path('userdatas')
menu.add_item(u"Gestion sociale", href=href, icon="fa fa-users")
href = request.route_path("holidays")
menu.add_item(u"Congés", icon="fa fa-space-shuttle", href=href)
return menu
def dyn_ticket_uwiz_update(params, request):
tid = int(params['ticketid'])
del params['ticketid']
sess = DBSession()
model = ExtModel(Ticket)
ticket = sess.query(Ticket).get(tid)
if ticket is None:
raise KeyError('Invalid ticket ID')
for param in ('tstid', 'toid', 'name', 'descr'):
if param in params:
del params[param]
# TODO: ENTITIES_LIST
if not has_permission('TICKETS_CHANGE_STATE', request.context, request):
if 'ttrid' in params:
del params['ttrid']
if not has_permission('TICKETS_CHANGE_FLAGS', request.context, request):
if 'flags' in params:
del params['flags']
# TODO: USERS_LIST
# TODO: GROUPS_LIST
sess.execute(SetVariable('ticketid', ticket.id))
if 'ttrid' in params:
ttr_id = params['ttrid']
if ttr_id:
ttr_id = int(ttr_id)
trans = sess.query(TicketStateTransition).get(ttr_id)
if trans:
sess.execute(SetVariable('ttrid', trans.id))
trans.apply(ticket)
del params['ttrid']
if 'show_client' in params:
show_cl = params['show_client'].lower()
if show_cl in {'true', '1', 'on'}:
show_cl = True
else:
show_cl = False
del params['show_client']
else:
show_cl = False
sess.execute(SetVariable('show_client', npbool(show_cl)))
if ('comments' in params) and has_permission('TICKETS_COMMENT', request.context, request):
sess.execute(SetVariable('comments', params['comments']))
del params['comments']
else:
sess.execute(SetVariable('comments', None))
model.set_values(ticket, params, request)
sess.flush()
sess.execute(SetVariable('tcid', None))
return {
'success' : True,
'action' : {
'do' : 'close',
'redraw' : []
}
}
def show_forum_view(context, request):
page_title = context.title
api = TemplateAPI(context, request, page_title)
actions = []
if has_permission('create', context, request):
actions.append(('Add Forum Topic', 'add_forum_topic.html'))
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('delete', context, request):
actions.append(('Delete', 'delete.html'))
profiles = find_profiles(context)
karldates = getUtility(IKarlDates)
topic_batch = get_topic_batch(context, request)
topic_entries = topic_batch['entries']
topics = []
for topic in topic_entries:
D = {}
profile = profiles.get(topic.creator)
posted_by = getattr(profile, 'title', None)
date = karldates(topic.created, 'longform')
D['url'] = resource_url(topic, request)
D['title'] = topic.title
D['posted_by'] = posted_by
D['date'] = date
D['number_of_comments'] = len(topic['comments'])
topics.append(D)
# In the intranet side, the backlinks should go to the show_forums
# view (the default)
forums = context.__parent__
backto = {
'href': resource_url(forums, request),
'title': forums.title,
}
# Get a layout
layout_provider = get_layout_provider(context, request)
layout = layout_provider('generic')
ux2_layout = request.layout_manager.layout
ux2_layout.section_style = "none"
return render_to_response(
'templates/show_forum.pt',
dict(api = api,
actions = actions,
title = context.title,
topics = topics,
batch_info = topic_batch,
backto=backto,
old_layout=layout),
request=request,
)
def has_permissions(self, permissions):
""" String or List Allowed """
if isinstance(permissions, list):
for permission in permissions:
if has_permission(permission, self, self.request):
return True
return False
else:
return has_permission(permissions, self, self.request)
def reference_outline_view(context, request):
# Look for moveUp or moveDown in QUERY_STRING, telling us to
# reorder something
status_message = None
subpath = request.params.get('subpath')
backto = {
'href': resource_url(context.__parent__, request),
'title': context.__parent__.title,
}
user_can_edit = False
actions = []
if has_permission('create', context, request):
addables = get_folder_addables(context, request)
if addables is not None:
actions.extend(addables())
if has_permission('edit', context, request):
user_can_edit = True
actions.append(('Edit', 'edit.html'))
if subpath:
direction = request.params['direction']
status_message = move_subpath(context, subpath, direction)
if has_permission('delete', context, request):
actions.append(('Delete', 'delete.html'))
if has_permission('administer', context, request):
actions.append(('Advanced', 'advanced.html'))
page_title = context.title
api = TemplateAPI(context, request, page_title)
# Get a layout
layout_provider = get_layout_provider(context, request)
layout = layout_provider()
# provide client data for rendering current tags in the tagbox
client_json_data = dict(
tagbox=get_tags_client_data(context, request),
)
previous, next = get_previous_next(context, request)
api.status_message = status_message
return render_to_response(
'templates/show_referencemanual.pt',
dict(api=api,
actions=actions,
user_can_edit=user_can_edit,
head_data=convert_to_script(client_json_data),
tree=getTree(context, request, api),
backto=backto,
layout=layout,
previous_entry=previous,
next_entry=next),
request=request,
)
def __init__(self, context, request, page_title=None):
self.settings = dict(get_settings(context))
self.settings.update(self.config_settings)
self.site = site = find_site(context)
self.context = context
self.request = request
self.userid = authenticated_userid(request)
self.app_url = app_url = request.application_url
self.profile_url = app_url + "/profiles/%s" % self.userid
self.here_url = self.context_url = resource_url(context, request)
self.view_url = resource_url(context, request, request.view_name)
self.read_only = not is_normal_mode(request.registry)
self.static_url = get_static_url(request)
self.resource_devel_mode = is_resource_devel_mode()
self.browser_upgrade_url = request.registry.settings.get("browser_upgrade_url", "")
# this data will be provided for the client javascript
self.karl_client_data = {}
# Provide a setting in the INI to fully control the entire URL
# to the static. This is when the proxy runs a different port
# number, or to "pipeline" resources on a different URL path.
full_static_path = self.settings.get("full_static_path", False)
if full_static_path:
if "%d" in full_static_path:
# XXX XXX note self._start_time is needed... and not _start_time
# XXX XXX since this was a trivial bug, there is chance that
# XXX XXX this actually never runs! TODO testing???
full_static_path = full_static_path % self._start_time
self.static_url = full_static_path
self.page_title = page_title
self.system_name = self.title = self.settings.get("title", "KARL")
self.user_is_admin = "group.KarlAdmin" in effective_principals(request)
self.can_administer = has_permission("administer", site, request)
self.can_email = has_permission("email", site, request)
self.admin_url = resource_url(site, request, "admin.html")
date_format = get_user_date_format(context, request)
self.karl_client_data["date_format"] = date_format
# XXX XXX XXX This will never work from peoples formish templates
# XXX XXX XXX (edit_profile and derivates) because, in those form
# XXX XXX XXX controllers, the api is instantiated from __init__,
# XXX XXX XXX where request.form is still unset!!! (From all other
# XXX XXX XXX formcontrollers the api is instantiated from __call__,
# XXX XXX XXX which is why this works. A chicken-and-egg problem, really.
if hasattr(request, "form") and getattr(request.form, "errors", False):
# This is a failed form submission request, specify an error message
self.error_message = u"Please correct the indicated errors."
self.site_announcements = getattr(self.site, "site_announcements", [])
profiles = find_profiles(self.site)
profile = profiles is not None and profiles.get(self.userid, None) or None
self.unseen_site_announcements = []
if profile is not None and hasattr(profile, "_seen_announcements") and hasattr(site, "site_announcements"):
for item in site.site_announcements:
if item["hash"] not in profile._seen_announcements:
self.unseen_site_announcements.append(item)
def show_newsitem_view(context, request):
backto = {
'href': resource_url(context.__parent__, request),
'title': context.__parent__.title,
}
actions = []
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('delete', context, request):
actions.append(('Delete', 'delete.html'))
if has_permission('administer', context, request):
actions.append(('Advanced', 'advanced.html'))
page_title = context.title
api = TemplateAPI(context, request, page_title)
previous, next = get_previous_next(context, request)
# provide client data for rendering current tags in the tagbox
client_json_data = dict(
tagbox = get_tags_client_data(context, request),
)
# Display photo
photo = context.get('photo')
if photo is not None:
photo = {
"url": thumb_url(photo, request, PHOTO_DISPLAY_SIZE),
}
# Get a layout
layout_provider = get_layout_provider(context, request)
layout = layout_provider('generic')
ux2_layout = request.layout_manager.layout
ux2_layout.section_style = None
return render_to_response(
'templates/show_newsitem.pt',
dict(api=api,
actions=actions,
attachments=fetch_attachments(context['attachments'], request),
formfields=api.formfields,
head_data=convert_to_script(client_json_data),
backto=backto,
previous=previous,
next=next,
old_layout=layout,
photo=photo),
request=request,
)
def get_profile_actions(profile, request):
actions = []
same_user = (authenticated_userid(request) == profile.__name__)
if has_permission('administer', profile, request):
actions.append(('Edit', 'admin_edit_profile.html'))
elif same_user:
actions.append(('Edit', 'edit_profile.html'))
if same_user:
actions.append(('Manage Communities', 'manage_communities.html'))
actions.append(('Manage Tags', 'manage_tags.html'))
if has_permission('administer', profile, request):
actions.append(('Advanced', 'advanced.html'))
return actions
def GetSaleItems(request):
print "SaleItems requested!"
can_create = False
try:
items = DBSession().query(SaleItem).all()
except DBAPIError:
return Response(conn_err_msg, content_type='text/plain', status_int=500)
print has_permission("create_items", request.context, request)
if (isinstance(has_permission("create_items", request.context, request),ACLAllowed)):
print "Can create new items: true"
can_create = True
return {"items" : items, "can_create": can_create}
def show_community_view(context, request):
assert ICommunity.providedBy(context), str(type(context))
user = authenticated_userid(request)
page_title = 'View Community ' + context.title
api = TemplateAPI(context, request, page_title)
# provide client data for rendering current tags in the tagbox
tagquery = getMultiAdapter((context, request), ITagQuery)
client_json_data = {'tagbox': {'docid': tagquery.docid,
'records': tagquery.tagswithcounts,
},
}
# add tagbox to template
layout = request.layout_manager.layout
# inject tagbox data to panel header data
panel_data = layout.head_data['panel_data']
panel_data['tagbox'] = client_json_data['tagbox']
# Filter the actions based on permission
actions = []
if has_permission(MODERATE, context, request):
actions.append(('Edit', 'edit.html'))
# If user has permission to see this view then has permission to join.
if not(user in context.member_names or user in context.moderator_names):
actions.append(('Join', 'join.html'))
if has_permission(DELETE_COMMUNITY, context, request):
actions.append(('Delete', 'delete.html'))
if has_permission(ADMINISTER, context, request):
actions.append(('Advanced', 'advanced.html'))
recent_items = []
recent_items_batch = get_recent_items_batch(context, request)
for item in recent_items_batch["entries"]:
adapted = getMultiAdapter((item, request), IGridEntryInfo)
recent_items.append(adapted)
feed_url = resource_url(context, request, "atom.xml")
return {'api': api,
'actions': actions,
'recent_items': recent_items,
'batch_info': recent_items_batch,
'head_data': convert_to_script(client_json_data),
'feed_url': feed_url
}
def show_wikipage_view(context, request):
layout = request.layout_manager.layout
is_front_page = (context.__name__ == 'front_page')
if is_front_page:
community = find_interface(context, ICommunity)
layout.page_title = '%s Community Wiki Page' % community.title
backto = False
else:
layout.page_title = context.title
backto = {
'href': resource_url(context.__parent__, request),
'title': context.__parent__.title,
}
actions = []
if has_permission('edit', context, request):
actions.append(('Edit', resource_url(context, request, 'edit.html')))
if has_permission('delete', context, request) and not is_front_page:
actions.append(('Delete', resource_url(context, request, 'delete.html')))
repo = find_repo(context)
show_trash = False
if not find_interface(context, IIntranets):
if repo is not None and has_permission('edit', context, request):
actions.append(('History', resource_url(context, request, 'history.html')))
show_trash = True
if has_permission('administer', context, request):
actions.append(('Advanced', resource_url(context, request, 'advanced.html')))
api = TemplateAPI(context, request, layout.page_title)
client_json_data = dict(
tagbox = get_tags_client_data(context, request),
)
panel_data = layout.head_data['panel_data']
panel_data['tagbox'] = client_json_data['tagbox']
layout.add_portlet('recent_activity')
wiki = find_interface(context, IWiki)
feed_url = resource_url(wiki, request, "atom.xml")
return dict(
api=api,
actions=actions,
head_data=convert_to_script(client_json_data),
feed_url=feed_url,
backto=backto,
is_front_page=is_front_page,
show_trash=show_trash,
lock_info=lock.lock_info_for_view(context, request),
)
def items(self):
if not self._items:
request = self.request
self._items = OrderedDict()
maps = deepcopy(mapping_apps)
is_useradmin = has_permission(P['global_useradmin'], self, request)
is_authadmin = has_permission(P['global_authadmin'], self, request)
if is_useradmin:
maps['auths'] = AuthenticationBackends
if is_authadmin:
maps['users'] = Users
for item in maps:
self._items[item] = maps[item](parent=self, name=item)
return self._items
def users_manager(request):
if not security.has_permission('admin', request.context, request):
raise exc.HTTPForbidden()
session = DBSession()
users = session.query(User).options(joinedload('person')).all()
session.close()
return {
'title': u'Управление пользователями',
'users': users,
'is_auth': security.authenticated_userid(request),
'is_admin': security.has_permission('admin', request.context, request)
}
def get_profile_actions(profile, request):
profile_url = request.resource_url(profile)
actions = []
same_user = (authenticated_userid(request) == profile.__name__)
if has_permission('administer', profile, request):
actions.append(('Edit', '%sadmin_edit_profile.html' % profile_url))
elif same_user:
actions.append(('Edit', '%sedit_profile.html' % profile_url))
if same_user:
actions.append(('Community Alerts and Memberships', 'manage_communities.html'))
actions.append(('Manage Tags', 'manage_tags.html'))
if has_permission('administer', profile, request):
actions.append(('Advanced', '%sadvanced.html' % profile_url))
return actions
def reference_viewall_view(context, request):
backto = {
'href': resource_url(context.__parent__, request),
'title': context.__parent__.title,
}
actions = []
if has_permission('create', context, request):
addables = get_folder_addables(context, request)
if addables is not None:
actions.extend(addables())
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('delete', context, request):
actions.append(('Delete', 'delete.html'))
if has_permission('administer', context, request):
actions.append(('Advanced', 'advanced.html'))
page_title = context.title
api = TemplateAPI(context, request, page_title)
# Get a layout
layout_provider = get_layout_provider(context, request)
old_layout = layout_provider('intranet')
# provide client data for rendering current tags in the tagbox
client_json_data = dict(
tagbox = get_tags_client_data(context, request),
)
previous, next = get_previous_next(context, request, 'view_all.html')
intranet = find_intranet(context)
if intranet is not None:
ux2_layout = request.layout_manager.layout
ux2_layout.section_style = "none"
return render_to_response(
'templates/viewall_referencemanual.pt',
dict(api=api,
actions=actions,
head_data=convert_to_script(client_json_data),
tree=getTree(context, request, api),
backto=backto,
old_layout=old_layout,
previous_entry=previous,
next_entry=next),
request=request,
)
def mode_for(self, name):
"""Calculate mode by checking permission defined in
``self.attribute_permissions`` for attribute ``name`` against model.
If no permissions defined for attribute name, return
``self.attribute_default_mode``
"""
permissions = self.attribute_permissions.get(name)
if not permissions:
permissions = self.attribute_default_permissions
if has_permission(permissions[0], self.model, self.request):
return 'edit'
if has_permission(permissions[1], self.model, self.request):
return 'display'
return 'skip'
def show_page_view(context, request):
backto = {
'href': resource_url(context.__parent__, request),
'title': context.__parent__.title,
}
actions = []
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('delete', context, request):
actions.append(('Delete', 'delete.html'))
if has_permission('administer', context, request):
actions.append(('Advanced', 'advanced.html'))
page_title = context.title
api = TemplateAPI(context, request, page_title)
previous, next = get_previous_next(context, request)
# provide client data for rendering current tags in the tagbox
client_json_data = dict(
tagbox = get_tags_client_data(context, request),
)
# Get a layout
community = find_community(context)
layout_provider = get_layout_provider(context, request)
if community is not None:
layout = layout_provider('community')
else:
layout = layout_provider('generic')
ux2_layout = request.layout_manager.layout
ux2_layout.section_style = "none"
return render_to_response(
'templates/show_page.pt',
dict(api=api,
actions=actions,
attachments=fetch_attachments(context['attachments'], request),
formfields=api.formfields,
head_data=convert_to_script(client_json_data),
backto=backto,
previous_entry=previous,
next_entry=next,
old_layout=layout),
request = request,
)
def show_blogentry_view(context, request):
post_url = resource_url(context, request, "comments", "add_comment.html")
workflow = get_workflow(IBlogEntry, 'security', context)
if workflow is None:
security_states = []
else:
security_states = get_security_states(workflow, context, request)
page_title = context.title
api = TemplateAPI(context, request, page_title)
client_json_data = dict(
tagbox=get_tags_client_data(context, request))
actions = []
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('edit', context, request):
actions.append(('Delete', 'delete.html'))
if has_permission('administer', context, request):
actions.append(('Advanced', 'advanced.html'))
api.is_taggable = True
byline_info = getMultiAdapter((context, request), IBylineInfo)
blog = find_interface(context, IBlog)
backto = {
'href': resource_url(blog, request),
'title': blog.title,
}
comments = get_comment_data(context, context['comments'], api, request)
comment_form = get_comment_form(context, context['comments'], api, request)
return dict(
api=api,
actions=actions,
comments=comments,
attachments=fetch_attachments(
context['attachments'], request),
head_data=convert_to_script(client_json_data),
comment_form=comment_form,
post_url=post_url,
byline_info=byline_info,
backto=backto,
security_states=security_states,
)
def peopledirectory_view(context, request):
# show the first accessible tab
for section_id in context.order:
section = context[section_id]
if has_permission('view', section, request):
return HTTPFound(location=resource_url(section, request))
raise Forbidden("No accessible sections")
def prepare(_next, self):
"""Hook after prepare and set expiration widget to
``self.form``.
"""
_next(self)
cfg = ugm_general(self.model)
if cfg.attrs["users_account_expiration"] != "True":
return
mode = "edit"
if not has_permission("manage_expiration", self.model.parent, self.request):
mode = "display"
if self.action_resource == "edit":
attr = cfg.attrs["users_expires_attr"]
unit = int(cfg.attrs["users_expires_unit"])
value = int(self.model.attrs.get(attr, 0))
# if format days, convert to seconds
if unit == 0:
value *= 86400
else:
value = UNSET
expires_widget = factory(
"field:label:expiration", name="active", value=value, props={"label": _("active", "Active")}, mode=mode
)
save_widget = self.form["save"]
self.form.insertbefore(expires_widget, save_widget)
def paste_node(context, request):
session = DBSession()
id, action = request.session['kotti.paste']
item = session.query(Node).get(id)
if item is not None:
if action == 'cut':
if not has_permission('edit', item, request):
raise Forbidden()
item.__parent__.children.remove(item)
context.children.append(item)
del request.session['kotti.paste']
elif action == 'copy':
copy = item.copy()
name = copy.name
if not name: # for root
name = copy.title
name = title_to_name(name, blacklist=context.keys())
copy.name = name
context.children.append(copy)
request.session.flash(_(u'${title} pasted.',
mapping=dict(title=item.title)), 'success')
else:
request.session.flash(_(u'Could not paste node. It does not exist anymore.'), 'error')
if not request.is_xhr:
location = resource_url(context, request)
return HTTPFound(location=location)
def has_perm(self, perm):
return has_permission(perm, self.context, self)
def __call__(self):
context, request = self.context, self.request
api = AdminTemplateAPI(context, request, 'Admin UI: Send Email')
admin_email = get_setting(context, 'admin_email')
system_name = get_setting(context, 'system_name')
profiles = find_profiles(context)
admin = profiles[authenticated_userid(request)]
from_emails = [
('self', '%s <%s>' % (admin.title, admin.email)),
('admin', '%s Administrator <%s>' % (system_name, admin_email)),
]
if 'send_email' in request.params:
mailer = getUtility(IMailDelivery)
group = request.params['to_group']
users = find_users(context)
search = ICatalogSearch(context)
count, docids, resolver = search(interfaces=[IProfile])
n = 0
for docid in docids:
profile = resolver(docid)
if getattr(profile, 'security_state', None) == 'inactive':
continue
userid = profile.__name__
if group and not users.member_of_group(userid, group):
continue
message = Message()
if request.params['from_email'] == 'self':
message['From'] = from_emails[0][1]
message_from = admin.email
else:
message['From'] = from_emails[1][1]
message_from = admin_email
message['To'] = '%s <%s>' % (profile.title, profile.email)
message['Subject'] = request.params['subject']
body = u'<html><body>%s</body></html>' % (
request.params['text'])
message.set_payload(body.encode('UTF-8'), 'UTF-8')
message.set_type('text/html')
mailer.send([profile.email], message)
n += 1
status_message = "Sent message to %d users." % n
if has_permission(ADMINISTER, context, request):
redirect_to = resource_url(
context,
request,
'admin.html',
query=dict(status_message=status_message))
else:
redirect_to = resource_url(
find_communities(context),
request,
'all_communities.html',
query=dict(status_message=status_message))
return HTTPFound(location=redirect_to)
return dict(
api=api,
menu=_menu_macro(),
to_groups=self.to_groups,
from_emails=from_emails,
)
def _callFUT(self, *arg):
from pyramid.security import has_permission
return has_permission(*arg)
def tests_view(request):
run = request.rundb.get_run(request.matchdict["id"])
if run is None:
raise exception_response(404)
results = request.rundb.get_results(run)
run["results_info"] = format_results(results, run)
run_args = [("id", str(run["_id"]), "")]
if run.get("rescheduled_from"):
run_args.append(("rescheduled_from", run["rescheduled_from"], ""))
for name in [
"new_tag",
"new_signature",
"new_options",
"resolved_new",
"new_net",
"base_tag",
"base_signature",
"base_options",
"resolved_base",
"base_net",
"sprt",
"num_games",
"spsa",
"tc",
"threads",
"book",
"book_depth",
"auto_purge",
"priority",
"itp",
"username",
"tests_repo",
"info",
]:
if name not in run["args"]:
continue
value = run["args"][name]
url = ""
if name == "new_tag" and "msg_new" in run["args"]:
value += " (" + run["args"]["msg_new"][:50] + ")"
if name == "base_tag" and "msg_base" in run["args"]:
value += " (" + run["args"]["msg_base"][:50] + ")"
if name == "sprt" and value != "-":
value = "elo0: %.2f alpha: %.2f elo1: %.2f beta: %.2f state: %s (%s)" % (
value["elo0"],
value["alpha"],
value["elo1"],
value["beta"],
value.get("state", "-"),
value.get("elo_model", "BayesElo"),
)
if name == "spsa" and value != "-":
iter_local = value["iter"] + 1 # assume at least one completed,
# and avoid division by zero
A = value["A"]
alpha = value["alpha"]
gamma = value["gamma"]
summary = (
"Iter: %d, A: %d, alpha %0.3f, gamma %0.3f, clipping %s, rounding %s"
% (
iter_local,
A,
alpha,
gamma,
value["clipping"] if "clipping" in value else "old",
value["rounding"]
if "rounding" in value else "deterministic",
))
params = value["params"]
value = [summary]
for p in params:
value.append([
p["name"],
"{:.2f}".format(p["theta"]),
int(p["start"]),
int(p["min"]),
int(p["max"]),
"{:.3f}".format(p["c"] / (iter_local**gamma)),
"{:.3f}".format(p["a"] / (A + iter_local)**alpha),
])
if "tests_repo" in run["args"]:
if name == "new_tag":
url = (run["args"]["tests_repo"] + "/commit/" +
run["args"]["resolved_new"])
elif name == "base_tag":
url = (run["args"]["tests_repo"] + "/commit/" +
run["args"]["resolved_base"])
elif name == "tests_repo":
url = value
if name == "spsa":
run_args.append(("spsa", value, ""))
else:
try:
strval = str(value)
except:
strval = value.encode("ascii", "replace")
if name not in ["new_tag", "base_tag"]:
strval = html.escape(strval)
run_args.append((name, strval, url))
active = 0
cores = 0
for task in run["tasks"]:
if task["active"]:
active += 1
cores += task["worker_info"]["concurrency"]
last_updated = task.get("last_updated", datetime.datetime.min)
task["last_updated"] = last_updated
if run["args"].get("sprt"):
page_title = "SPRT {} vs {}".format(run["args"]["new_tag"],
run["args"]["base_tag"])
elif run["args"].get("spsa"):
page_title = "SPSA {}".format(run["args"]["new_tag"])
else:
page_title = "{} games - {} vs {}".format(run["args"]["num_games"],
run["args"]["new_tag"],
run["args"]["base_tag"])
return {
"run":
run,
"run_args":
run_args,
"page_title":
page_title,
"approver":
has_permission("approve_run", request.context, request),
"chi2":
calculate_residuals(run),
"totals":
"(%s active worker%s with %s core%s)" %
(active, ("s" if active != 1 else ""), cores,
("s" if cores != 1 else "")),
}
def actions(request):
search_action = request.params.get("action", "")
search_user = request.params.get("user", "")
actions_list = []
for action in request.actiondb.get_actions(100, search_action,
search_user):
item = {
"action": action["action"],
"time": action["time"],
"username": action["username"],
}
if action["action"] == "update_stats":
item["user"] = ""
item["description"] = "Update user statistics"
elif action["action"] == "upload_nn":
item["user"] = ""
item["description"] = "Upload " + action["data"]
elif action["action"] == "block_user":
item["description"] = ("blocked" if action["data"]["blocked"] else
"unblocked")
item["user"] = action["data"]["user"]
elif action["action"] == "modify_run":
item["run"] = action["data"]["before"]["args"]["new_tag"]
item["_id"] = action["data"]["before"]["_id"]
item["description"] = []
before = action["data"]["before"]["args"]["priority"]
after = action["data"]["after"]["args"]["priority"]
if before != after:
item["description"].append(
"priority changed from {} to {}".format(before, after))
before = action["data"]["before"]["args"]["num_games"]
after = action["data"]["after"]["args"]["num_games"]
if before != after:
item["description"].append(
"games changed from {} to {}".format(before, after))
before = action["data"]["before"]["args"]["throughput"]
after = action["data"]["after"]["args"]["throughput"]
if before != after:
item["description"].append(
"throughput changed from {} to {}".format(before, after))
before = action["data"]["before"]["args"]["auto_purge"]
after = action["data"]["after"]["args"]["auto_purge"]
if before != after:
item["description"].append(
"auto-purge changed from {} to {}".format(before, after))
item["description"] = "modify: " + ", ".join(item["description"])
else:
item["run"] = action["data"]["args"]["new_tag"]
item["_id"] = action["data"]["_id"]
item["description"] = " ".join(action["action"].split("_"))
if action["action"] == "stop_run":
item["description"] += ": {}".format(action["data"].get(
"stop_reason", "User stop"))
actions_list.append(item)
return {
"actions": actions_list,
"approver": has_permission("approve_run", request.context, request),
}
def get_default_buttons(self):
""" The default buttons content-type hook """
context = self.context
request = self.request
buttons = []
finish_buttons = []
if 'tocopy' in request.session:
finish_buttons.extend([
{
'id': 'copy_finish',
'name': 'form.copy_finish',
'class': 'btn-primary btn-sdi-act',
'value': 'copy_finish',
'text': _('Copy here')
},
{
'id': 'cancel',
'name': 'form.copy_finish_cancel',
'class': 'btn-danger btn-sdi-act',
'value': 'cancel',
'text': _('Cancel')
},
])
if 'tomove' in request.session:
finish_buttons.extend([{
'id': 'move_finish',
'name': 'form.move_finish',
'class': 'btn-primary btn-sdi-act',
'value': 'move_finish',
'text': _('Move here')
}, {
'id': 'cancel',
'name': 'form.move_finish_cancel',
'class': 'btn-danger btn-sdi-act',
'value': 'cancel',
'text': _('Cancel')
}])
if finish_buttons:
buttons.append({'type': 'single', 'buttons': finish_buttons})
if not 'tomove' in request.session and not 'tocopy' in request.session:
can_manage = bool(
has_permission('sdi.manage-contents', context, request))
def delete_enabled_for(folder, resource, request):
"""
This function considers a subobject 'deletable' if the user has
the ``sdi.manage-contents`` permission on ``folder`` or if the
subobject has a ``__sdi_deletable__`` attribute which resolves
to a boolean ``True`` value.
This function honors one subobject hook::
``__sdi_deletable__``. If a subobject has an attribute named
``__sdi_deletable__``, it is expected to be either a boolean or
a callable. If ``__sdi_deletable__`` is a boolean, the value
is used verbatim. If ``__sdi_deletable__`` is a callable, the
callable is called with two positional arguments: the subobject
and the request; the result is expected to be a boolean. If a
subobject has an ``__sdi_deletable__`` attribute, and its
resolved value is not ``None``, the delete button will be off
if it's a boolean False. If ``__sdi_deletable__`` does not
exist on a subobject or resolves to ``None``, the delete button
will be turned off if current user does not have the
``sdi.manage-contents`` permission on the ``folder``.
"""
deletable = getattr(resource, '__sdi_deletable__', None)
if deletable is not None:
if callable(deletable):
deletable = deletable(resource, request)
if deletable is None:
deletable = can_manage
deletable = bool(deletable) # cast return/attr value to bool
return deletable
main_buttons = [{
'id': 'rename',
'name': 'form.rename',
'class': 'btn-default btn-sdi-sel',
'enabled_for': delete_enabled_for,
'value': 'rename',
'text': _('Rename')
}, {
'id': 'copy',
'name': 'form.copy',
'class': 'btn-default btn-sdi-sel',
'value': 'copy',
'text': _('Copy')
}, {
'id': 'move',
'name': 'form.move',
'class': 'btn-default btn-sdi-sel',
'enabled_for': delete_enabled_for,
'value': 'move',
'text': _('Move')
}, {
'id': 'duplicate',
'name': 'form.duplicate',
'class': 'btn-default btn-sdi-sel',
'value': 'duplicate',
'text': _('Duplicate')
}]
buttons.append({'type': 'group', 'buttons': main_buttons})
delete_buttons = [
{
'id': 'delete',
'name': 'form.delete',
'class': 'btn-danger btn-sdi-sel',
'enabled_for': delete_enabled_for,
'value': 'delete',
'text': _('Delete')
},
]
buttons.append({'type': 'group', 'buttons': delete_buttons})
return buttons
def tests_view(request):
run = request.rundb.get_run(request.matchdict['id'])
results = request.rundb.get_results(run)
run['results_info'] = format_results(results, run)
run_args = [('id', str(run['_id']), '')]
for name in [
'new_tag', 'new_signature', 'new_options', 'resolved_new',
'base_tag', 'base_signature', 'base_options', 'resolved_base',
'sprt', 'num_games', 'spsa', 'tc', 'threads', 'book', 'book_depth',
'auto_purge', 'priority', 'internal_priority', 'username',
'tests_repo', 'info'
]:
if not name in run['args']:
continue
value = run['args'][name]
url = ''
if name == 'new_tag' and 'msg_new' in run['args']:
value += ' (' + run['args']['msg_new'][:50] + ')'
if name == 'base_tag' and 'msg_base' in run['args']:
value += ' (' + run['args']['msg_base'][:50] + ')'
if name == 'sprt' and value != '-':
value = 'elo0: %.2f alpha: %.2f elo1: %.2f beta: %.2f state: %s' % \
(value['elo0'], value['alpha'], value['elo1'], value['beta'],
value.get('state', '-'))
if name == 'spsa' and value != '-':
iter_local = value[
'iter'] + 1 # assume at least one completed, and avoid division by zero
params = ['param: %s, best: %.2f, start: %.2f, min: %.2f, max: %.2f, c %f, a %f' % \
(p['name'], p['theta'], p['start'], p['min'], p['max'],
p['c'] / (iter_local ** value['gamma']),
p['a'] / (value['A'] + iter_local) ** value['alpha'])
for p in value['params']]
value = 'Iter: %d, A: %d, alpha %f, gamma %f, clipping %s, rounding %s\n%s' \
% (iter_local, value['A'], value['alpha'], value['gamma'],
value['clipping'] if 'clipping' in value else 'old',
value['rounding'] if 'rounding' in value else 'deterministic',
'\n'.join(params))
if 'tests_repo' in run['args']:
if name == 'new_tag':
url = run['args']['tests_repo'] + '/commit/' + run['args'][
'resolved_new']
elif name == 'base_tag':
url = run['args']['tests_repo'] + '/commit/' + run['args'][
'resolved_base']
elif name == 'tests_repo':
url = value
try:
strval = str(value)
except:
strval = value.encode('ascii', 'replace')
run_args.append((name, strval, url))
active = 0
cores = 0
for task in run['tasks']:
if task['active']:
active += 1
cores += task['worker_info']['concurrency']
last_updated = task.get('last_updated', datetime.datetime.min)
task['last_updated'] = last_updated
return {
'run':
run,
'run_args':
run_args,
'chi2':
calculate_residuals(run),
'approver':
has_permission('approve_run', request.context, request),
'totals':
'(%s active worker%s with %s core%s)' %
(active, ('s' if active != 1 else ''), cores,
('s' if cores != 1 else ''))
}
def can_modify_run(request, run):
return run['args']['username'] == authenticated_userid(
request) or has_permission('approve_run', request.context, request)
def show_blogentry_view(context, request):
post_url = resource_url(context, request, "comments", "add_comment.html")
karldates = getUtility(IKarlDates)
profiles = find_profiles(context)
workflow = get_workflow(IBlogEntry, 'security', context)
if workflow is None:
security_states = []
else:
security_states = get_security_states(workflow, context, request)
# Convert blog comments into a digestable form for the template
comments = []
page_title = context.title
api = TemplateAPI(context, request, page_title)
for comment in context['comments'].values():
profile = profiles.get(comment.creator)
author_name = profile.title
author_url = resource_url(profile, request)
newc = {}
newc['id'] = comment.__name__
if has_permission('edit', comment, request):
newc['edit_url'] = resource_url(comment, request, 'edit.html')
else:
newc['edit_url'] = None
if has_permission('delete', comment, request):
newc['delete_url'] = resource_url(comment, request, 'delete.html')
else:
newc['delete_url'] = None
if has_permission('administer', comment, request):
newc['advanced_url'] = resource_url(comment, request,
'advanced.html')
else:
newc['advanced_url'] = None
# Display portrait
photo = profile.get('photo')
if photo is not None:
photo_url = thumb_url(photo, request, PROFILE_THUMB_SIZE)
else:
photo_url = api.static_url + "/images/defaultUser.gif"
newc["portrait_url"] = photo_url
newc['author_url'] = author_url
newc['author_name'] = author_name
newc['date'] = karldates(comment.created, 'longform')
newc['timestamp'] = comment.created
newc['text'] = comment.text
# Fetch the attachments info
newc['attachments'] = fetch_attachments(comment, request)
comments.append(newc)
comments.sort(key=lambda c: c['timestamp'])
client_json_data = dict(tagbox=get_tags_client_data(context, request), )
actions = []
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('edit', context, request):
actions.append(('Delete', 'delete.html'))
if has_permission('administer', context, request):
actions.append(('Advanced', 'advanced.html'))
api.is_taggable = True
byline_info = getMultiAdapter((context, request), IBylineInfo)
blog = find_interface(context, IBlog)
backto = {
'href': resource_url(blog, request),
'title': blog.title,
}
# manually construct formish comment form
controller = AddCommentFormController(context['comments'], request)
form_schema = schemaish.Structure()
form_fields = controller.form_fields()
for fieldname, field in form_fields:
form_schema.add(fieldname, field)
form_action_url = '%sadd_comment.html' % resource_url(
context['comments'], request)
comment_form = Form(form_schema,
add_default_action=False,
name='save',
action_url=form_action_url)
form_defaults = controller.form_defaults()
comment_form.defaults = form_defaults
request.form_defaults = form_defaults
form_actions = [
FormAction('submit', 'submit'),
FormAction('cancel', 'cancel', validate=False)
]
for action in form_actions:
comment_form.add_action(action.name, action.title)
widgets = controller.form_widgets(form_fields)
for name, widget in widgets.items():
comment_form[name].widget = widget
# this is for enable imagedrawer for adding blog comments
api.karl_client_data['text'] = dict(enable_imagedrawer_upload=True, )
# ux2
layout = request.layout_manager.layout
panel_data = layout.head_data['panel_data']
panel_data['tinymce'] = api.karl_client_data['text']
panel_data['tagbox'] = client_json_data['tagbox']
# add portlets to template
layout.add_portlet('blog_archive')
# editor width and height for comments textarea
layout.tinymce_height = 250
layout.tinymce_width = 700
return dict(
api=api,
actions=actions,
comments=comments,
attachments=fetch_attachments(context['attachments'],
request), # deprecated ux1
head_data=convert_to_script(client_json_data),
comment_form=comment_form,
post_url=post_url,
byline_info=byline_info,
backto=backto,
security_states=security_states,
)
def has_permission(self, permission):
return has_permission(permission, self.context, self.request)
def show_blog_view(context, request):
# add portlets to template
layout = request.layout_manager.layout
layout.add_portlet('blog_archive')
if 'year' in request.GET and 'month' in request.GET:
year = int(request.GET['year'])
month = int(request.GET['month'])
def filter_func(name, item):
created = item.created
return created.year == year and created.month == month
dt = datetime.date(year, month, 1).strftime('%B %Y')
page_title = 'Blog: %s' % dt
else:
filter_func = None
page_title = 'Blog'
api = TemplateAPI(context, request, page_title)
actions = []
if has_permission('create', context, request):
actions.append(('Add Blog Entry',
request.resource_url(context, 'add_blogentry.html')), )
batch = get_container_batch(context,
request,
filter_func=filter_func,
interfaces=[IBlogEntry],
sort_index='creation_date',
reverse=True)
# Unpack into data for the template
entries = []
profiles = find_profiles(context)
karldates = getUtility(IKarlDates)
fmt0 = '<a href="%s#addcomment">Add a Comment</a>'
fmt1 = '<a href="%s#comments">1 Comment</a>'
fmt2 = '<a href="%s#comments">%i Comments</a>'
for entry in batch['entries']:
profile = profiles[entry.creator]
byline_info = getMultiAdapter((entry, request), IBylineInfo)
entry_url = resource_url(entry, request)
# Get information about comments on this entry to display in
# the last line of the entry
comment_count = len(entry['comments'])
if comment_count == 0:
comments_blurb = fmt0 % entry_url
elif comment_count == 1:
comments_blurb = fmt1 % entry_url
else:
comments_blurb = fmt2 % (entry_url, comment_count)
info = {
'title': entry.title,
'href': resource_url(entry, request),
'description': entry.description,
'creator_title': profile.title,
'creator_href': entry_url,
'long_date': karldates(entry.created, 'longform'),
'byline_info': byline_info,
'comments_blurb': comments_blurb,
}
entries.append(info)
feed_url = "%satom.xml" % resource_url(context, request)
workflow = get_workflow(IBlogEntry, 'security', context)
if workflow is None:
security_states = []
else:
security_states = get_security_states(workflow, None, request)
system_email_domain = get_setting(context, "system_email_domain")
community = find_community(context)
mailin_addr = '%s@%s' % (community.__name__, system_email_domain)
return dict(
api=api,
actions=actions,
entries=entries,
system_email_domain=system_email_domain, # Deprecated UX1
feed_url=feed_url,
batch_info=batch,
security_states=security_states,
mailin_addr=mailin_addr, # UX2
)
def deferred_financial_year_widget(node, kw):
request = kw['request']
if has_permission('manage', request.context, request):
return deform.widget.TextInputWidget(mask='9999')
else:
return deform.widget.HiddenWidget()
def __init__(self, context, request, page_title=None):
self.settings = get_settings() or {}
self.site = site = find_site(context)
self.context = context
self.request = request
self.userid = authenticated_userid(request)
self.app_url = app_url = request.application_url
self.profile_url = app_url + '/profiles/%s' % self.userid
self.here_url = self.context_url = resource_url(context, request)
self.view_url = resource_url(context, request, request.view_name)
self.js_devel_mode = self.settings.get('js_devel_mode', None)
self.read_only = self.settings.get('read_only', False)
self.static_url = '%s/static/%s' % (
app_url, request.registry.settings.get('static_rev'))
# this data will be provided for the client javascript
self.karl_client_data = {}
# Provide a setting in the INI to fully control the entire URL
# to the static. This is when the proxy runs a different port
# number, or to "pipeline" resources on a different URL path.
full_static_path = self.settings.get('full_static_path', False)
if full_static_path:
if '%d' in full_static_path:
# XXX XXX note self._start_time is needed... and not _start_time
# XXX XXX since this was a trivial bug, there is chance that
# XXX XXX this actually never runs! TODO testing???
full_static_path = full_static_path % self._start_time
self.static_url = full_static_path
self.page_title = page_title
self.system_name = self.settings.get('system_name', 'KARL')
self.user_is_admin = 'group.KarlAdmin' in effective_principals(request)
self.can_administer = has_permission('administer', site, request)
self.can_email = has_permission('email', site, request)
self.admin_url = resource_url(site, request, 'admin.html')
self.site_announcement = getattr(site, 'site_announcement', '')
date_format = get_user_date_format(context, request)
self.karl_client_data['date_format'] = date_format
# XXX XXX XXX This will never work from peoples formish templates
# XXX XXX XXX (edit_profile and derivates) because, in those form
# XXX XXX XXX controllers, the api is instantiated from __init__,
# XXX XXX XXX where request.form is still unset!!! (From all other
# XXX XXX XXX formcontrollers the api is instantiated from __call__,
# XXX XXX XXX which is why this works. A chicken-and-egg problem, really.
if hasattr(request, 'form') and getattr(request.form, 'errors', False):
# This is a failed form submission request, specify an error message
self.error_message = u'Please correct the indicated errors.'
if self.settings:
self.kaltura_info = dict(
enabled=self.settings.get('kaltura_enabled', False)
in ('true', 'True'),
partner_id=self.settings.get('kaltura_partner_id', ''),
sub_partner_id=self.settings.get('kaltura_sub_partner_id', ''),
admin_secret=self.settings.get('kaltura_admin_secret', ''),
user_secret=self.settings.get('kaltura_user_secret', ''),
kcw_uiconf_id=self.settings.get('kaltura_kcw_uiconf_id',
'1000741'),
player_uiconf_id=self.settings.get('kaltura_player_uiconf_id',
''),
player_cache_st=self.settings.get('kaltura_player_cache_st',
''),
local_user=self.userid,
)
if not self.settings.get('kaltura_client_session',
False) in ('true', 'True'):
# Secrets will not be sent to client, instead session is handled on the server.
self.kaltura_info[
'session_url'] = app_url + '/' + 'kaltura_create_session.json'
else:
self.kaltura_info = dict(enabled=False, )
# propagate the head data to the client
d = self.karl_client_data['kaltura'] = dict(self.kaltura_info)
# remove secrets if needed
if 'session_url' in d:
# server side session management, do not send secrets to client
del d['user_secret']
del d['admin_secret']
def user(request):
userid = authenticated_userid(request)
if not userid:
request.session.flash("Please login")
return HTTPFound(location=request.route_url("login"))
user_name = request.matchdict.get("username", userid)
profile = user_name == userid
if not profile and not has_permission("approve_run", request.context,
request):
request.session.flash("You cannot inspect users", "error")
return HTTPFound(location=request.route_url("tests"))
user_data = request.userdb.get_user(user_name)
if "user" in request.POST:
if profile:
new_password = request.params.get("password")
new_password_verify = request.params.get("password2", "")
new_email = request.params.get("email")
if len(new_password) > 0:
if new_password == new_password_verify:
strong_password, password_err = password_strength(
new_password, user_name, user_data["email"],
(new_email if len(new_email) > 0 else None))
if strong_password:
user_data["password"] = new_password
request.session.flash("Success! Password updated")
else:
request.session.flash(
"Error! Weak password: "******"error")
return HTTPFound(location=request.route_url("tests"))
else:
request.session.flash(
"Error! Matching verify password required", "error")
return HTTPFound(location=request.route_url("tests"))
if len(new_email) > 0 and user_data["email"] != new_email:
if "@" not in new_email:
request.session.flash("Error! Valid email required",
"error")
return HTTPFound(location=request.route_url("tests"))
else:
user_data["email"] = new_email
request.session.flash("Success! Email updated")
else:
user_data["blocked"] = "blocked" in request.POST
request.userdb.last_pending_time = 0
request.actiondb.block_user(
authenticated_userid(request),
{
"user": user_name,
"blocked": user_data["blocked"]
},
)
request.session.flash(
("Blocked" if user_data["blocked"] else "Unblocked") +
" user " + user_name)
request.userdb.save_user(user_data)
return HTTPFound(location=request.route_url("tests"))
userc = request.userdb.user_cache.find_one({"username": user_name})
hours = int(userc["cpu_hours"]) if userc is not None else 0
return {
"user": user_data,
"limit": request.userdb.get_machine_limit(user_name),
"hours": hours,
"profile": profile,
}
def canEdit(self):
return has_permission('edit', self, self.request)
def __sd_hidden__(self, context, request):
# Don't show this item in folder contents view unless the viewer
# has permission to add services in the SDI
return not has_permission('sdi.add-services', context, request)
def _secure(context, request):
if not has_permission(permission, context, request):
raise HTTPForbidden('no permission')
else:
return view(context, request)
def reference_outline_view(context, request):
# Look for moveUp or moveDown in QUERY_STRING, telling us to
# reorder something
status_message = None
subpath = request.params.get('subpath')
backto = {
'href': resource_url(context.__parent__, request),
'title': context.__parent__.title,
}
user_can_edit = False
actions = []
if has_permission('create', context, request):
addables = get_folder_addables(context, request)
if addables is not None:
actions.extend(addables())
if has_permission('edit', context, request):
user_can_edit = True
actions.append(('Edit', 'edit.html'))
if subpath:
direction = request.params['direction']
status_message = move_subpath(context, subpath, direction)
if has_permission('delete', context, request):
actions.append(('Delete', 'delete.html'))
if has_permission('administer', context, request):
actions.append(('Advanced', 'advanced.html'))
page_title = context.title
api = TemplateAPI(context, request, page_title)
# Get a layout
layout_provider = get_layout_provider(context, request)
old_layout = layout_provider('intranet')
# provide client data for rendering current tags in the tagbox
client_json_data = dict(
tagbox = get_tags_client_data(context, request),
)
previous, next = get_previous_next(context, request)
intranet = find_intranet(context)
if intranet is not None:
ux2_layout = request.layout_manager.layout
ux2_layout.section_style = "none"
api.status_message = status_message
return render_to_response(
'templates/show_referencemanual.pt',
dict(api=api,
actions=actions,
user_can_edit=user_can_edit,
head_data=convert_to_script(client_json_data),
tree=getTree(context, request, api),
backto=backto,
old_layout=old_layout,
previous_entry=previous,
next_entry=next),
request=request,
)
def can_modify_run(request, run):
return run["args"]["username"] == authenticated_userid(
request) or has_permission("approve_run", request.context, request)
def default_view(self):
can_i_edit = has_permission("edit", self.context, self.request)
return dict(page_title="Site View", can_i_edit=can_i_edit)
def show_members_view(context, request):
"""Default view of community members (with/without pictures)."""
page_title = 'Community Members'
api = TemplateAPI(context, request, page_title)
# Filter the actions based on permission in the **community**
community = find_interface(context, ICommunity)
actions = _get_manage_actions(community, request)
# Did we get the "show pictures" flag?
list_view = request.view_name == 'list_view.html'
pictures_href = request.resource_url(context)
list_href = request.resource_url(context, 'list_view.html')
submenu = [
{
'label': 'Show Pictures',
'href': pictures_href,
'make_link': list_view
},
{
'label': 'Hide Pictures',
'href': list_href,
'make_link': not (list_view)
},
]
profiles = find_profiles(context)
member_batch = _member_profile_batch(context, request)
member_entries = member_batch['entries']
moderator_names = community.moderator_names
member_info = []
for i in range(len(member_entries)):
derived = {}
entry = member_entries[i]
derived['title'] = entry.title
derived['href'] = resource_url(entry, request)
derived['position'] = entry.position
derived['organization'] = entry.organization
derived['phone'] = entry.phone
derived['department'] = entry.department
derived['email'] = entry.email
derived['city'] = entry.location
photo = entry.get('photo')
if photo is not None:
derived['photo_url'] = thumb_url(photo, request,
PROFILE_THUMB_SIZE)
else:
derived['photo_url'] = api.static_url + "/images/defaultUser.gif"
derived['is_moderator'] = entry.__name__ in moderator_names
# Chameleon's tal:repeat and repeat variable support for
# things like index is pretty iffy. Fix the entry info to
# supply the CSS class information.
derived['css_class'] = 'photoProfile'
if derived['is_moderator']:
derived['css_class'] += ' moderator'
member_info.append(derived)
moderator_info = []
profiles = find_profiles(context)
for moderator_name in moderator_names:
if moderator_name in profiles:
derived = {}
profile = profiles[moderator_name]
if not has_permission('view', profile, request):
continue
derived['title'] = profile.title
derived['href'] = resource_url(profile, request)
moderator_info.append(derived)
renderer_data = dict(api=api,
actions=actions,
submenu=submenu,
moderators=moderator_info,
members=member_info,
batch_info=member_batch,
hide_pictures=list_view)
if not list_view:
renderer_data['rows'] = profile_photo_rows(member_batch['entries'],
request, api)
return renderer_data
class CustomFolderView(object):
_past_events = None
past_events_url = None
future_events_url = None
def __init__(self, context, request):
self.context = context
self.request = request
searchterm = request.params.get('searchterm', None)
if searchterm == '':
searchterm = None
self.searchterm = searchterm
year = request.params.get('year', None)
if year == 'all':
year = None
self.year = year
month = request.params.get('month', None)
if month == 'all':
month = None
self.month = month
def __call__(self):
""" Folder contents for the INetworkEvents marker"""
context = self.context
request = self.request
page_title = context.title
api = TemplateAPI(context, request, page_title)
# Data for the filter bar, get the list of possible years and months
this_year = datetime.datetime.now().year
fb_years = [str(i) for i in range(2007, this_year+1)]
fb_months = [('1', 'January'), ('2', 'February'), ('3', 'March'),
('4', 'April'), ('5', 'May'), ('6', 'June'),
('7', 'July'), ('8', 'August'), ('9', 'September'),
('10', 'October'), ('11', 'November'), ('12', 'December')]
# Flatten the search results into ZPT data
try:
batch = self._get_batch()
except ParseError, e:
api.set_error_message('Error: %s' % e)
batch = {'entries': (), 'batching_required': False}
entries = []
for entry in batch["entries"]:
info = {}
info['url'] = resource_url(entry, request)
info['title'] = entry.title
info['date'] = self._get_date(entry)
entries.append(info)
# Actions and backlink
actions = []
if has_permission('create', context, request):
addables = get_folder_addables(context, request)
if addables is not None:
actions.extend(addables())
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('delete', context.__parent__, request):
actions.append(('Delete', 'delete.html'))
if has_permission('administer', context, request):
# admins see an Advanced action that puts markers on a folder.
actions.append(('Advanced', 'advanced.html'))
back_target, extra_path = get_user_home(context, request)
backto = {
'href': resource_url(back_target, request, *extra_path),
'title': getattr(back_target, "title", "Home")
}
client_json_data = dict(
tagbox = get_tags_client_data(context, request),
)
# Get a layout
layout_provider = get_layout_provider(context, request)
layout = layout_provider('community')
intranet = find_intranet(self.context)
intranets = find_intranets(self.context)
community = find_community(self.context)
if intranet is not None or community == intranets:
ux2_layout = self.request.layout_manager.layout
ux2_layout.section_style = "none"
return dict(
api=api,
actions=actions,
head_data=convert_to_script(client_json_data),
backto=backto,
old_layout=layout,
entries=entries,
fb_years=fb_years,
fb_months=fb_months,
searchterm=self.searchterm,
selected_year=self.year,
selected_month=self.month,
batch_info=batch,
past_events_url=self.past_events_url,
future_events_url=self.future_events_url,
)
def _do_route(self, action_name, method_name, params, metadata, trans_id,
request):
""" Performs routing, i.e. calls decorated methods/functions """
if params is None:
params = list()
settings = self.get_method(action_name, method_name)
permission = settings.get('permission', None)
ret = {
"type": "rpc",
"tid": trans_id,
"action": action_name,
"method": method_name,
"result": None
}
callback = settings['callback']
append_request = settings.get('request_as_last_param', False)
permission_ok = True
context = request.root
prepend = []
if settings['class']:
instance = settings['class'](request)
prepend.append(instance)
context = instance
elif append_request:
params.append(request)
if settings['metadata']:
prepend.append(metadata)
params = prepend + params
if permission is not None:
permission_ok = has_permission(permission, context, request)
try:
if not permission_ok:
raise AccessDeniedException("Access denied")
ret["result"] = callback(*params)
except Exception as exc:
ret["type"] = "exception"
# Let a user defined view for specific exception prevent returning
# a server error.
exception_view = render_view_to_response(exc, request)
if exception_view is not None:
ret["result"] = exception_view
return ret
# Log Error
LOG.error("%s: %s", str(exc.__class__.__name__), exc)
LOG.info(traceback.format_exc())
if self.expose_exceptions:
ret["result"] = {
'error': True,
'message': str(exc),
'exception_class': str(exc.__class__),
'stacktrace': traceback.format_exc()
}
else:
message = 'Error executing {}.{}'.format(
action_name, method_name)
ret["result"] = {'error': True, 'message': message}
if self.debug_mode:
# if pyramid_debugtoolbar is enabled, generate an interactive page
# and include the url to access it in the ext direct Exception response text
from pyramid_debugtoolbar.tbtools import get_traceback
from pyramid_debugtoolbar.utils import EXC_ROUTE_NAME
import sys
exc_history = request.exc_history
if exc_history is not None:
tb = get_traceback(info=sys.exc_info(),
skip=1,
show_hidden_frames=False,
ignore_system_exceptions=True)
for frame in tb.frames:
exc_history.frames[frame.id] = frame
exc_history.tracebacks[tb.id] = tb
qs = {'token': exc_history.token, 'tb': str(tb.id)}
exc_url = request.route_url(EXC_ROUTE_NAME, _query=qs)
ret['message'] = 'Exception: traceback url: {}'.format(
exc_url)
return ret
mgr = ILetterManager(context)
letter_info = mgr.get_info(request)
view_cookie = request.cookies.get(_VIEW_COOKIE)
classes = []
for name, title, description, urlname in _VIEWS:
classes.append({'name': name,
'title': title,
'description': description,
'href': urlname,
'url': request.resource_url(context, urlname),
'selected': name == view_cookie,
})
actions = []
if has_permission('create', context, request):
actions.append(('Add Community', 'add_community.html'))
system_name = get_setting(context, 'system_name', 'KARL')
page_title = '%s%s Communities' % (prefix, system_name)
my_communities = get_my_communities(context, request)
preferred_communities = get_preferred_communities(context, request)
return {'communities': communities,
'batch_info': batch_info,
'letters': letter_info,
'community_tabs': classes,
'actions': actions,
'my_communities': my_communities,
'preferred_communities': preferred_communities,
def _has_permission(name):
return has_permission(name, RootFactory, event["request"])
def deferred_prefix_widget(node, kw):
request = kw['request']
if has_permission('manage', request.context, request):
return deform.widget.TextInputWidget()
else:
return deform.widget.HiddenWidget()
def show_profile_view(context, request):
"""Show a profile with actions if the current user"""
layout = request.layout_manager.layout
layout.page_title = "Profile: %s" % context.title
api = TemplateAPI(context, request, layout.page_title)
# Create display values from model object
profile = {}
for name in [name for name in context.__dict__.keys()
if not name.startswith("_")]:
profile_value = getattr(context, name)
if profile_value is not None:
# Don't produce u'None'
profile[name] = unicode(profile_value)
else:
profile[name] = None
if 'fax' not in profile:
profile['fax'] = '' # BBB
# 'websites' is a property, so the loop above misses it
profile["websites"] = context.websites
# ditto for 'title'
profile["title"] = context.title
if profile.has_key("languages"):
profile["languages"] = context.languages
if profile.has_key("department"):
profile["department"] = context.department
if profile.get("last_login_time"):
stamp = context.last_login_time.strftime('%Y-%m-%dT%H:%M:%SZ')
profile["last_login_time"] = stamp
if profile.has_key("country"):
# translate from country code to country name
country_code = profile["country"]
country = countries.as_dict.get(country_code, u'')
profile["country"] = country
# Display portrait
photo = context.get('photo')
display_photo = {}
if photo is not None:
display_photo["url"] = thumb_url(photo, request, PROFILE_THUMB_SIZE)
else:
display_photo["url"] = api.static_url + "/images/defaultUser.gif"
profile["photo"] = display_photo
# provide client data for rendering current tags in the tagbox
client_json_data = dict(
tagbox = get_tags_client_data(context, request),
)
# Get communities this user is a member of, along with moderator info
#
communities = {}
communities_folder = find_communities(context)
user_info = find_users(context).get_by_id(context.__name__)
if user_info is not None:
for group in user_info["groups"]:
if group.startswith("group.community:"):
unused, community_name, role = group.split(":")
if (communities.has_key(community_name) and
role != "moderators"):
continue
community = communities_folder.get(community_name, None)
if community is None:
continue
if has_permission('view', community, request):
communities[community_name] = {
"title": community.title,
"moderator": role == "moderators",
"url": resource_url(community, request),
}
communities = communities.values()
communities.sort(key=lambda x:x["title"])
preferred_communities = []
my_communities = None
name = context.__name__
# is this the current user's profile?
if authenticated_userid(request) == name:
preferred_communities = get_preferred_communities(communities_folder,
request)
my_communities = get_my_communities(communities_folder, request)
tagger = find_tags(context)
if tagger is None:
tags = ()
else:
tags = []
names = tagger.getTags(users=[context.__name__])
for name, count in sorted(tagger.getFrequency(names,
user=context.__name__),
key=lambda x: x[1],
reverse=True,
)[:10]:
tags.append({'name': name, 'count': count})
# List recently added content
num, docids, resolver = ICatalogSearch(context)(
sort_index='creation_date', reverse=True,
interfaces=[IContent], limit=5, creator=context.__name__,
allowed={'query': effective_principals(request), 'operator': 'or'},
)
recent_items = []
for docid in docids:
item = resolver(docid)
if item is None:
continue
adapted = getMultiAdapter((item, request), IGridEntryInfo)
recent_items.append(adapted)
recent_url = request.resource_url(context, 'recent_content.html')
layout.add_portlet('my_tags', context, tags)
layout.add_portlet('my_communities', my_communities,
preferred_communities, communities)
panel_data = layout.head_data['panel_data']
panel_data['tagbox'] = client_json_data['tagbox']
return dict(api=api,
profile=profile,
actions=get_profile_actions(context, request),
photo=photo,
head_data=convert_to_script(client_json_data),
communities=communities,
my_communities=my_communities,
preferred_communities=preferred_communities,
tags=tags,
recent_items=recent_items,
recent_url=recent_url)
def permitted(context, request):
return has_permission(permission, context, request)
def tile_render_tween(request):
response = handler(request)
if response.content_type == 'text/html':
if isinstance(response, WSGIHTTPException):
# the body of a WSGIHTTPException needs to be "prepared"
response.prepare(request.environ)
serializer = getHTMLSerializer(response.app_iter)
tree = serializer.tree
head_node = tree.getroot().find('head')
for tile_node in TILE_XPATH(serializer.tree):
# determine tile path
tile_path = tile_node.attrib.get('path')
tile_type = tile_node.attrib.get('type')
if tile_path and tile_type:
if tile_path == '/':
path = '/tile:' + tile_type
else:
path = '/'.join((tile_path, 'tile:' + tile_type))
elif tile_path:
path = tile_path
elif tile_type:
path = request.resource_path(request.context,
'tile:' + tile_type)
else:
# XXX how can we show a useful line number?
raise Exception('Tile must have a path or type')
# fetch tile contents
subrequest = Request.blank(path)
subrequest.registry = registry
tile_data = dict(tile_node.attrib)
tile_data['innerHTML'] = (tile_node.text or '') + ''.join([
html.tostring(child) for child in tile_node.iterchildren()
])
if tile_path:
edit_url = request.route_path(MANAGE_ROUTE_NAME,
'edit_tile',
traverse=tile_path)
else:
edit_url = request.mgmt_path(request.context, 'edit_tile')
edit_url += '?' + urlencode(tile_data)
del tile_data['type']
subrequest.tile_data = tile_data
tile_response = handler(subrequest)
tile_tree = getHTMLSerializer(tile_response.app_iter).tree
tile_root = tile_tree.getroot()
tile_body = tile_root.find('body')
# add edit link
if has_permission('Edit tile', subrequest.context, request):
edit_link = builder.E.a('', href=edit_url)
edit_link.append(etree.Entity('#9997'))
tile_body.append(edit_link)
# insert tile content
tile_head = tile_root.find('head')
if tile_head is not None:
for child in tile_head:
head_node.append(child)
if tile_tree is not None:
replace_content_with_children(tile_node, tile_body)
response.app_iter = [serializer.serialize()]
return response
def get_admin_menus(request):
"""
Build the admin menu
"""
menu = Menu()
if has_permission("admin", request.context, request):
href = request.route_path("admin_index")
menu.add_item(u"Configuration", icon="fa fa-cogs", href=href)
documents = DropDown(label=u"Documents")
href = request.route_path("invoices")
documents.add_item(u"Factures", icon="fa fa-file", href=href)
href = request.route_path('expenses')
documents.add_item(u'Notes de frais', icon='fa fa-file-o', href=href)
menu.add(documents)
if has_permission("admin", request.context, request):
treasury = DropDown(label=u"Comptabilité")
href = request.route_path("sage_invoice_export")
treasury.add_item(u"Export des factures", icon="fa fa-edit", href=href)
href = request.route_path("sage_expense_export")
treasury.add_item(u"Export des notes de frais",
icon="fa fa-credit-card",
href=href)
href = request.route_path("admin_treasury_all")
treasury.add_item(u"Bulletins de salaire",
icon="fa fa-send-o",
href=href)
menu.add(treasury)
accompagnement = DropDown(label=u"Accompagnement")
href = request.route_path('activities')
accompagnement.add_item(u"Rendez-vous", href=href, icon="fa fa-calendar")
href = request.route_path('workshops')
accompagnement.add_item(u"Ateliers", href=href, icon="fa fa-slideshare")
href = request.route_path('competences')
accompagnement.add_item(u"Compétences", href=href, icon="fa fa-star")
menu.add(accompagnement)
gestion_sociale = DropDown(label=u"Gestion sociale")
href = request.route_path('userdatas')
gestion_sociale.add_item(u"Consulter", href=href, icon="fa fa-users")
href = request.route_path('statistics')
gestion_sociale.add_item(
u"Statistiques",
href=href,
icon="fa fa-line-chart",
)
menu.add(gestion_sociale)
href = request.route_path("holidays")
menu.add_item(u"Congés", icon="fa fa-space-shuttle", href=href)
return menu