def activation(self, activation_hash):
"""
Endpoint to expose an activation url, this url
is sent to the user by email, when accessed the user is inserted
and activated
"""
reg = self.appbuilder.sm.find_register_user(activation_hash)
if not reg:
log.error(
c.LOGMSG_ERR_SEC_NO_REGISTER_HASH.format(activation_hash))
flash(as_unicode(self.false_error_message), 'danger')
return redirect(self.appbuilder.get_url_for_index)
if not self.appbuilder.sm.add_user(
username=reg.username,
email=reg.email,
first_name=reg.first_name,
last_name=reg.last_name,
role=self.appbuilder.sm.find_role(
self.appbuilder.sm.auth_user_registration_role),
hashed_password=reg.password):
flash(as_unicode(self.error_message), 'danger')
return redirect(self.appbuilder.get_url_for_index)
else:
self.appbuilder.sm.del_register_user(reg)
return self.render_template(self.activation_template,
username=reg.username,
first_name=reg.first_name,
last_name=reg.last_name,
appbuilder=self.appbuilder)
def to_json(self, data, labels=None):
"""
Will return a dict with Google JSON structure for charts
The Google structure::
{
cols: [{id:<COL_NAME>, label:<LABEL FOR COL>, type: <COL TYPE>}, ...]
rows: [{c: [{v: <COL VALUE}, ...], ... ]
}
:param data:
:param labels: dict with labels to include on Google JSON strcut
:return: dict with Google JSON structure
"""
labels = labels or dict()
json_data = dict()
json_data['cols'] = []
# Create Structure to identify the grouped columns
for group_col in self.group_bys_cols:
label = '' or as_unicode(labels[group_col])
json_data['cols'].append({
'id': group_col,
'label': label,
'type': 'string'
})
# Create Structure to identify the Aggregated columns
for aggr_col in self.aggr_by_cols:
if isinstance(aggr_col, tuple):
label_key = aggr_col[0].__name__ + aggr_col[1]
aggr_col = aggr_col[1]
else:
label_key = aggr_col
label = '' or as_unicode(labels[label_key])
json_data['cols'].append({
'id': aggr_col,
'label': label,
'type': 'number'
})
# Create Structure with the data
json_data['rows'] = []
for item in data:
row = {'c': []}
if not isinstance(item[0], tuple):
row['c'].append({'v': '{0}'.format(item[0])})
else:
for group_col_data in item[0]:
row['c'].append({'v': '{0}'.format(group_col_data)})
for col_data in item[1:]:
if isinstance(col_data, datetime.date):
row['c'].append({'v': '{0}'.format(col_data)})
else:
row['c'].append({'v': col_data})
json_data['rows'].append(row)
return json_data
def login(self):
username = request.environ.get('REMOTE_USER')
if g.user is not None and g.user.is_authenticated():
return redirect(self.appbuilder.get_url_for_index)
if username:
user = self.appbuilder.sm.auth_user_remote_user(username)
if user is None:
flash(as_unicode(self.invalid_login_message), 'warning')
else:
login_user(user)
else:
flash(as_unicode(self.invalid_login_message), 'warning')
return redirect(self.appbuilder.get_url_for_index)
def after_login(resp):
if resp.email is None or resp.email == "":
flash(as_unicode(self.invalid_login_message), 'warning')
return redirect('login')
user = self.appbuilder.sm.auth_user_oid(resp.email)
if user is None:
flash(as_unicode(self.invalid_login_message), 'warning')
return redirect('login')
remember_me = False
if 'remember_me' in session:
remember_me = session['remember_me']
session.pop('remember_me', None)
login_user(user, remember=remember_me)
return redirect(self.appbuilder.get_url_for_index)
def form_oid_post(self, flag=True):
if flag:
self.oid_login_handler(self.form_oid_post, self.appbuilder.sm.oid)
form = LoginForm_oid()
if form.validate_on_submit():
session['remember_me'] = form.remember_me.data
return self.appbuilder.sm.oid.try_login(
form.openid.data, ask_for=['email', 'fullname'])
resp = session.pop('oid_resp', None)
if resp:
self._init_vars()
form = self.form.refresh()
self.form_get(form)
form.username.data = resp.email
first_name, last_name = get_first_last_name(resp.fullname)
form.first_name.data = first_name
form.last_name.data = last_name
form.email.data = resp.email
widgets = self._get_edit_widget(form=form)
#self.update_redirect()
return self.render_template(self.form_template,
title=self.form_title,
widgets=widgets,
form_action='form',
appbuilder=self.appbuilder)
else:
flash(as_unicode(self.error_message), 'warning')
return redirect(self.get_redirect())
def login(self, provider=None, register=None):
log.debug('Provider: {0}'.format(provider))
if g.user is not None and g.user.is_authenticated():
log.debug("Already authenticated {0}".format(g.user))
return redirect(self.appbuilder.get_url_for_index)
if provider is None:
return self.render_template(
self.login_template,
providers=self.appbuilder.sm.oauth_providers,
title=self.title,
appbuilder=self.appbuilder)
else:
log.debug("Going to call authorize for: {0}".format(provider))
try:
if register:
log.debug('Login to Register')
session['register'] = True
return self.appbuilder.sm.oauth_remotes[provider].authorize(
callback=url_for('.oauth_authorized',
provider=provider,
_external=True))
except Exception as e:
log.error("Error on OAuth authorize: {0}".format(e))
flash(as_unicode(self.invalid_login_message), 'warning')
return redirect(self.appbuilder.get_url_for_index)
def oauth_authorized(self, provider):
log.debug("Authorized init")
resp = self.appbuilder.sm.oauth_remotes[provider].authorized_response()
if resp is None:
flash(u'You denied the request to sign in.', 'warning')
return redirect('login')
log.debug('OAUTH Authorized resp: {0}'.format(resp))
# Retrieves specific user info from the provider
try:
self.appbuilder.sm.set_oauth_session(provider, resp)
userinfo = self.appbuilder.sm.oauth_user_info(provider)
log.debug("User info retrieved from {0}: {1}".format(
provider, userinfo))
except Exception as e:
log.error("Error returning OAuth user info: {0}".format(e))
# Is this Authorization to register a new user ?
if session.pop('register', None):
return redirect(
self.appbuilder.sm.registeruseroauthview.get_default_url(
**userinfo))
user = self.appbuilder.sm.auth_user_oauth(userinfo)
if user is None:
flash(as_unicode(self.invalid_login_message), 'warning')
return redirect('login')
else:
login_user(user)
return redirect(self.appbuilder.get_url_for_index)
def _label_columns_json(self):
"""
Prepares dict with labels to be JSON serializable
"""
ret = {}
for key, value in list(self.label_columns.items()):
ret[key] = as_unicode(value.encode('UTF-8'))
return ret
def edit(self, item):
try:
self.session.merge(item)
self.session.commit()
self.message = (as_unicode(self.edit_row_message), 'success')
return True
except IntegrityError as e:
self.message = (as_unicode(self.edit_integrity_error_message),
'warning')
log.warning(LOGMSG_WAR_DBI_EDIT_INTEGRITY.format(str(e)))
self.session.rollback()
return False
except Exception as e:
self.message = (as_unicode(self.general_error_message + ' ' +
str(sys.exc_info()[0])), 'danger')
log.exception(LOGMSG_ERR_DBI_EDIT_GENERIC.format(str(e)))
self.session.rollback()
return False
def action(self, name, pk):
"""
Action method to handle actions from a show view
"""
if self.appbuilder.sm.has_access(name, self.__class__.__name__):
action = self.actions.get(name)
return action.func(self.datamodel.get(pk))
else:
flash(as_unicode(FLAMSG_ERR_SEC_ACCESS_DENIED), "danger")
return redirect('.')
def wraps(self, *args, **kwargs):
permission_str = PERMISSION_PREFIX + f._permission_name
if self.appbuilder.sm.has_access(permission_str,
self.__class__.__name__):
return f(self, *args, **kwargs)
else:
log.warning(
LOGMSG_ERR_SEC_ACCESS_DENIED.format(permission_str,
self.__class__.__name__))
flash(as_unicode(FLAMSG_ERR_SEC_ACCESS_DENIED), "danger")
return redirect('/login/')
def delete_all(self, items):
try:
for item in items:
self._delete_files(item)
self.session.delete(item)
self.session.commit()
self.message = (as_unicode(self.delete_row_message), 'success')
return True
except IntegrityError as e:
self.message = (as_unicode(self.delete_integrity_error_message),
'warning')
log.warning(LOGMSG_WAR_DBI_DEL_INTEGRITY.format(str(e)))
self.session.rollback()
return False
except Exception as e:
self.message = (as_unicode(self.general_error_message + ' ' +
str(sys.exc_info()[0])), 'danger')
log.exception(LOGMSG_ERR_DBI_DEL_GENERIC.format(str(e)))
self.session.rollback()
return False
def login(self):
try:
if g.user is not None:
if g.user.is_authenticated():
return redirect('/')
except:
pass
#logout_user()
form = LoginForm_dbTny()
#print('Realizando Login')
if form.validate_on_submit():
user = form.username.data
password = form.password.data
ambiente = form.ambiente.data
cod_empresa = form.empresa.data
cod_filial = form.filial.data
if not (user and password and ambiente):
flash(as_unicode(self.invalid_login_message), 'warning')
return redirect('/')
auth = self.appbuilder.sm.auth_user_db_tny(user, password,
ambiente, cod_empresa,
cod_filial)
#session['uri'] = getattr(_app_ctx_stack.top,'uri',None)
user = auth[0]
filial = auth[1]
if not user:
flash(as_unicode(self.invalid_login_message), 'warning')
#return redirect(self.appbuilder.get_url_for_login)
if g.user is not None and g.user.is_authenticated():
logout_user()
login_user(user, remember=False, filial=filial)
return redirect(self.appbuilder.get_url_for_index)
return self.render_template(self.login_template,
title=self.title,
form=form,
appbuilder=self.appbuilder)
def add_registration(self,
username,
first_name,
last_name,
email,
password=''):
"""
Add a registration request for the user.
:rtype : RegisterUser
"""
register_user = self.appbuilder.sm.add_register_user(
username, first_name, last_name, email, password)
if register_user:
if self.send_email(register_user):
flash(as_unicode(self.message), 'info')
return register_user
else:
flash(as_unicode(self.error_message), 'danger')
self.appbuilder.sm.del_register_user(register_user)
return None
def action_post(self):
"""
Action method to handle multiple records selected from a list view
"""
name = request.form['action']
pks = request.form.getlist('rowid')
if self.appbuilder.sm.has_access(name, self.__class__.__name__):
action = self.actions.get(name)
items = [self.datamodel.get(pk) for pk in pks]
return action.func(items)
else:
flash(as_unicode(FLAMSG_ERR_SEC_ACCESS_DENIED), "danger")
return redirect('.')
def __call__(self, **kwargs):
""" create dict labels based on form """
""" create dict of form widgets """
""" create dict of possible filters """
""" create list of active filters """
label_columns = {}
form_fields = {}
search_filters = {}
dict_filters = self.filters.get_search_filters()
for col in self.template_args['include_cols']:
label_columns[col] = as_unicode(
self.template_args['form'][col].label.text)
form_fields[col] = self.template_args['form'][col]()
search_filters[col] = [
as_unicode(flt.name) for flt in dict_filters[col]
]
kwargs['label_columns'] = label_columns
kwargs['form_fields'] = form_fields
kwargs['search_filters'] = search_filters
kwargs['active_filters'] = self.filters.get_filters_values_tojson()
return super(SearchWidget, self).__call__(**kwargs)
def dict_to_json(xcol, ycols, labels, value_columns):
"""
Converts a list of dicts from datamodel query results
to google chart json data.
:param xcol:
The name of a string column to be used has X axis on chart
:param ycols:
A list with the names of series cols, that can be used as numeric
:param labels:
A dict with the columns labels.
:param value_columns:
A list of dicts with the values to convert
"""
json_data = dict()
json_data['cols'] = [{'id': xcol,
'label': as_unicode(labels[xcol]),
'type': 'string'}]
for ycol in ycols:
json_data['cols'].append({'id': ycol,
'label': as_unicode(labels[ycol]),
'type': 'number'})
json_data['rows'] = []
for value in value_columns:
row = {'c': []}
if isinstance(value[xcol], datetime.date):
row['c'].append({'v': (str(value[xcol]))})
else:
row['c'].append({'v': (value[xcol])})
for ycol in ycols:
if value[ycol]:
row['c'].append({'v': (value[ycol])})
else:
row['c'].append({'v': 0})
json_data['rows'].append(row)
return json_data
def login(self):
if g.user is not None and g.user.is_authenticated():
return redirect(self.appbuilder.get_url_for_index)
form = LoginForm_db()
if form.validate_on_submit():
user = self.appbuilder.sm.auth_user_ldap(form.username.data,
form.password.data)
if not user:
flash(as_unicode(self.invalid_login_message), 'warning')
return redirect(self.appbuilder.get_url_for_login)
login_user(user, remember=False)
return redirect(self.appbuilder.get_url_for_index)
return self.render_template(self.login_template,
title=self.title,
form=form,
appbuilder=self.appbuilder)
def api(self):
view_name = self.__class__.__name__
api_urls = self._get_api_urls()
modelview_urls = self._get_modelview_urls()
#
# Collects the CRUD permissions
can_show = self.appbuilder.sm.has_access('Visualizar', view_name)
can_edit = self.appbuilder.sm.has_access('Editar', view_name)
can_add = self.appbuilder.sm.has_access('Adicionar', view_name)
can_delete = self.appbuilder.sm.has_access('Excluir', view_name)
#
# Prepares the form with the search fields make it JSON serializable
form_fields = {}
search_filters = {}
dict_filters = self._filters.get_search_filters()
form = self.search_form.refresh()
for col in self.search_columns:
form_fields[col] = form[col]()
search_filters[col] = [
as_unicode(flt.name) for flt in dict_filters[col]
]
ret_json = jsonify(can_show=can_show,
can_add=can_add,
can_edit=can_edit,
can_delete=can_delete,
label_columns=self._label_columns_json(),
list_columns=self.list_columns,
order_columns=self.order_columns,
page_size=self.page_size,
modelview_name=view_name,
api_urls=api_urls,
search_filters=search_filters,
search_fields=form_fields,
modelview_urls=modelview_urls)
response = make_response(ret_json, 200)
response.headers['Content-Type'] = "application/json"
return response
def form_post(self, form):
pk = request.args.get('pk')
self.appbuilder.sm.reset_password(pk, form.password.data)
flash(as_unicode(self.message), 'info')
def form_post(self, form):
self.appbuilder.sm.reset_password(g.user.id, form.password.data)
flash(as_unicode(self.message), 'info')
def get_id(self):
return as_unicode(self.id_usuario)
def form_post(self, form):
form = self.form.refresh(request.form)
item = self.appbuilder.sm.get_user_by_id(g.user.id)
form.populate_obj(item)
self.appbuilder.sm.update_user(item)
flash(as_unicode(self.message), 'info')
def get_filters_values_tojson(self):
return [(flt.column_name, as_unicode(flt.name), value) for flt, value in zip(self.filters, self.values)]
