def settings_organization_club_edit(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
tmp_club = {
'name':'',
'short_name':'',
'leader_id':'',
'subunit_id':0,
'club_code':'',
}
club_id = self.request.matchdict['club_id']
club = DBSession.query(Club).filter(Club.id==club_id).first()
if club.id:
tmp_club = {
'name':club.name,
'short_name':club.short_name,
'leader_id':club.leader_id,
'subunit_id':club.subunit_id,
'club_code':club.club_code
}
if self.request.method == 'POST':
tmp_club['name'] = self.request.POST.get('name').strip()
tmp_club['short_name'] = self.request.POST.get('short_name').strip()
#tmp_club['leader_id'] = self.request.POST.get('leader_id').strip()
tmp_club['leader_id'] = 0
tmp_club['subunit_id'] = self.request.POST.get('subunit_id').strip()
tmp_club['club_code'] = self.request.POST.get('club_code').strip()
if tmp_club['name']:
club.name = tmp_club['name']
club.short_name = tmp_club['short_name']
club.leader_id = tmp_club['leader_id']
club.subunit_id = tmp_club['subunit_id']
club.club_code = tmp_club['club_code']
DBSession.add(club)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'Club'
userAudit.model_id = club.id
userAudit.action = 'Update'
userAudit.revision = club.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Club saved."), 'success')
return HTTPFound(location='/settings/organization/')
else:
self.request.session.flash(_(u"Please provide club name."), 'error')
subunits = DBSession.query(SubUnit).all()
self.request.bread.append({'url':'/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/settings/organization/', 'text':_('Organization')})
self.request.bread.append({'url':'/settings/organization/club_edit/'+club_id+'/', 'text':_('Edit club')})
return {'club':tmp_club, 'subunits':subunits}
def settings_users_deactivate(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
user_id = self.request.matchdict['user_id']
if user_id != 1:
user = DBSession.query(User).get(user_id)
user.active = 0
user.metadata_modified = datetime.now()
DBSession.add(user)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'User'
userAudit.model_id = user.id
userAudit.action = 'Deactivated'
userAudit.revision = user.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"User deactivated."), 'success')
return HTTPFound(location='/settings/users/')
def security_shifts_new(self):
if self.request.redirect_forbidden:
return HTTPFound(location="/forbidden/")
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location="/settings/me/edit/")
_ = self.request.translate
shift = SecurityShift()
if self.request.method == "POST":
shift.starts = helpers.parseFinnishDateFromString(self.request.POST.get("starts").strip())
shift.ends = helpers.parseFinnishDateFromString(self.request.POST.get("ends").strip())
# shift.leader_id = helpers.decodeString(self.request.POST.get('leader_id').strip())
shift.notes = helpers.decodeString(self.request.POST.get("notes").strip())
if type(shift.starts) is datetime and type(shift.ends) is datetime and shift.starts < shift.ends:
DBSession.add(shift)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = "SecurityShift"
userAudit.model_id = shift.id
userAudit.action = "Create"
userAudit.revision = shift.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Shift created."), "success")
return HTTPFound(location="/security/shifts/view/" + str(shift.id) + "/")
else:
self.request.session.flash(_(u"Error creating shift. Shift ends before it begins."), "error")
self.request.bread.append({"url": "/security/", "text": _("Security")})
self.request.bread.append({"url": "/security/shifts/", "text": _("Shifts")})
self.request.bread.append({"url": "/security/shifts/new/", "text": _("Create")})
return {"shift": shift}
def security_shifts_logitem_delete(self):
if self.request.redirect_forbidden:
return HTTPFound(location="/forbidden/")
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location="/settings/me/edit/")
_ = self.request.translate
logitem_id = self.request.matchdict["logitem_id"]
logitem = DBSession.query(SecurityLogItem).filter(SecurityLogItem.id == logitem_id).first()
if logitem != None:
logitem.deleted = True
DBSession.add(logitem)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = "SecurityLogItem"
userAudit.model_id = logitem.id
userAudit.action = "Deleted"
userAudit.revision = logitem.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Log item deleted."), "success")
return HTTPFound(location="/security/shifts/view/" + str(logitem.shift_id) + "/")
self.request.session.flash(_(u"Error finding logitem to delete."), "Error")
return HTTPFound(location="/security/shifts/view/" + str(logitem.shift_id) + "/")
def settings_new(self):
if self.request.redirect_forbidden:
return HTTPFound(location="/forbidden/")
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location="/settings/me/edit/")
_ = self.request.translate
# TODO: Errors
errors = {}
tmp_setting = {"setting_key": "", "setting_value": ""}
if self.request.method == "POST":
tmp_setting["setting_key"] = self.request.POST.get("setting_key").strip()
tmp_setting["setting_value"] = self.request.POST.get("setting_value")
if tmp_setting["setting_key"] and tmp_setting["setting_key"] != "":
if not self.checkIfSettignKeyExists(tmp_setting["setting_key"]):
setting = Setting(tmp_setting["setting_key"], tmp_setting["setting_value"])
DBSession.add(setting)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = "Setting"
userAudit.model_id = setting.id
userAudit.action = "Create"
userAudit.revision = setting.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Setting created."), "success")
return HTTPFound(location="/settings/list/")
else:
self.request.session.flash(_(u"Setting with same key exists allready."), "error")
else:
self.request.session.flash(_(u"Please provide key."), "error")
self.request.bread.append({"url": "/settings/", "text": _("Settings")})
self.request.bread.append({"url": "/settings/list/", "text": _("List")})
self.request.bread.append({"url": "/settings/new/", "text": _("New")})
return {"setting": tmp_setting}
def settings_organization_village_edit(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
tmp_village = {
'name':'',
'short_name':'',
'leader_id':'',
'subcamp_id':0,
}
village_id = self.request.matchdict['village_id']
village = DBSession.query(Village).filter(Village.id==village_id).first()
subcamps = DBSession.query(Subcamp).all()
if village.id:
tmp_village = {
'name':village.name,
'short_name':village.short_name,
'leader_id':village.leader_id,
'subcamp_id':village.subcamp_id,
}
if self.request.method == 'POST':
tmp_village['name'] = self.request.POST.get('name').strip()
tmp_village['short_name'] = self.request.POST.get('short_name').strip()
#tmp_village['leader_id'] = self.request.POST.get('leader_id').strip()
tmp_village['leader_id'] = 0
tmp_village['subcamp_id'] = self.request.POST.get('subcamp_id').strip()
if tmp_village['name']:
village.name = tmp_village['name']
village.short_name = tmp_village['short_name']
village.leader_id = tmp_village['leader_id']
village.subcamp_id = tmp_village['subcamp_id']
DBSession.add(village)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'Village'
userAudit.model_id = village.id
userAudit.action = 'Update'
userAudit.revision = village.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Village saved."), 'success')
return HTTPFound(location='/settings/organization/')
else:
self.request.session.flash(_(u"Please provide village name."), 'error')
self.request.bread.append({'url':'/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/settings/organization/', 'text':_('Organization')})
self.request.bread.append({'url':'/settings/organization/village_edit/'+village_id+'/', 'text':_('Edit village')})
return {'village':tmp_village, 'subcamps':subcamps}
def settings_edit(self):
if self.request.redirect_forbidden:
return HTTPFound(location="/forbidden/")
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location="/settings/me/edit/")
_ = self.request.translate
# TODO: Errors
errors = {}
tmp_setting = {"setting_key": "", "setting_value": "", "locked_key": False}
setting_id = self.request.matchdict["setting_id"]
setting = DBSession.query(Setting).filter(Setting.id == setting_id).first()
if setting.id:
tmp_setting = {
"setting_key": setting.setting_key,
"setting_value": setting.setting_value,
"locked_key": setting.locked_key,
}
if self.request.method == "POST":
if not setting.locked_key:
tmp_setting["setting_key"] = self.request.POST.get("setting_key").strip()
else:
tmp_setting["setting_key"] = setting.setting_key
tmp_setting["setting_value"] = self.request.POST.get("setting_value")
if tmp_setting["setting_key"] and tmp_setting["setting_key"] != "":
if not self.checkIfSettignKeyExists(tmp_setting["setting_key"], setting.id):
setting.setting_key = tmp_setting["setting_key"]
setting.setting_value = tmp_setting["setting_value"]
DBSession.add(setting)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = "Setting"
userAudit.model_id = setting.id
userAudit.action = "Update"
userAudit.revision = setting.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Setting saved."), "success")
return HTTPFound(location="/settings/list/")
else:
self.request.session.flash(_(u"Setting with same key exists allready."), "error")
else:
self.request.session.flash(_(u"Please provide key."), "error")
self.request.bread.append({"url": "/settings/", "text": _("Settings")})
self.request.bread.append({"url": "/settings/list/", "text": _("List")})
self.request.bread.append(
{"url": "/settings/edit/" + setting_id + "/", "text": _("Edit") + " " + setting.setting_key}
)
return {"setting": tmp_setting}
def settings_organization_subcamp_edit(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
tmp_subcamp = {
'name':'',
'short_name':'',
'leader_id':'',
}
subcamp_id = self.request.matchdict['subcamp_id']
subcamp = DBSession.query(Subcamp).filter(Subcamp.id==subcamp_id).first()
if subcamp.id:
tmp_subcamp = {
'name':subcamp.name,
'short_name':subcamp.short_name,
'leader_id':subcamp.leader_id,
}
if self.request.method == 'POST':
tmp_subcamp['name'] = self.request.POST.get('name').strip()
tmp_subcamp['short_name'] = self.request.POST.get('short_name').strip()
#tmp_subcamp['leader_id'] = self.request.POST.get('leader_id').strip()
tmp_subcamp['leader_id'] = 0
if tmp_subcamp['name']:
subcamp.name = tmp_subcamp['name']
subcamp.short_name = tmp_subcamp['short_name']
subcamp.leader_id = int(tmp_subcamp['leader_id'])
DBSession.add(subcamp)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'Subcamp'
userAudit.model_id = subcamp.id
userAudit.action = 'Update'
userAudit.revision = subcamp.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Subcamp saved."), 'success')
return HTTPFound(location='/settings/organization/')
else:
self.request.session.flash(_(u"Please provide subcamp name."), 'error')
self.request.bread.append({'url':'/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/settings/organization/', 'text':_('Organization')})
self.request.bread.append({'url':'/settings/organization/subcamp_edit/'+subcamp_id+'/', 'text':_('Edit subcamp')})
return {'subcamp':tmp_subcamp}
def settings_organization_village_kitchen_new(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
tmp_village_kitchen = {
'name':'',
'short_name':'',
'leader_id':'',
'subcamp_id':0,
'village_ids':[]
}
subcamps = DBSession.query(Subcamp).all()
villages = DBSession.query(Village).all()
if self.request.method == 'POST':
tmp_village_kitchen['name'] = self.request.POST.get('name').strip()
tmp_village_kitchen['short_name'] = self.request.POST.get('short_name').strip()
#tmp_village_kitchen['leader_id'] = self.request.POST.get('leader_id').strip()
tmp_village_kitchen['leader_id'] = 0
tmp_village_kitchen['subcamp_id'] = self.request.POST.get('subcamp_id').strip()
if tmp_village_kitchen['name']:
village_kitchen = VillageKitchen()
village_kitchen.name = tmp_village_kitchen['name']
village_kitchen.short_name = tmp_village_kitchen['short_name']
village_kitchen.leader_id = tmp_village_kitchen['leader_id']
village_kitchen.subcamp_id = tmp_village_kitchen['subcamp_id']
village_kitchen.villages = DBSession.query(Village).filter(Village.id.in_(self.request.POST.getall('villages'))).all()
DBSession.add(village_kitchen)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'VillageKitchen'
userAudit.model_id = village_kitchen.id
userAudit.action = 'Create'
userAudit.revision = village_kitchen.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Village kitchen created."), 'success')
return HTTPFound(location='/settings/organization/')
else:
self.request.session.flash(_(u"Please provide village_kitchen name."), 'error')
self.request.bread.append({'url':'/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/settings/organization/', 'text':_('Organization')})
self.request.bread.append({'url':'/settings/organization/village_kitchen_new/', 'text':_('New village_kitchen')})
return {'village_kitchen':tmp_village_kitchen, 'subcamps':subcamps, 'villages':villages}
def security_shifts_view(self):
if self.request.redirect_forbidden:
return HTTPFound(location="/forbidden/")
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location="/settings/me/edit/")
_ = self.request.translate
shift_id = self.request.matchdict["shift_id"]
shift = DBSession.query(SecurityShift).filter(SecurityShift.id == shift_id).first()
if self.request.method == "POST":
logitem = SecurityLogItem()
logitem.event_type = self.request.POST.get("event_type")
logitem.shift_id = shift_id
logitem.notified_by = self.request.POST.get("notified_by")
logitem.task = self.request.POST.get("task")
logitem.content = self.request.POST.get("content")
logitem.deleted = False
logitem.people_present = self.request.POST.get("people_present")
logitem.started = helpers.parseFinnishDateFromString(self.request.POST.get("started"), default_now=True)
logitem.ended = helpers.parseFinnishDateFromString(self.request.POST.get("ended"))
DBSession.add(logitem)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = "SecurityLogItem"
userAudit.model_id = logitem.id
userAudit.action = "Create"
userAudit.revision = logitem.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Log item created."), "success")
return HTTPFound(location="/security/shifts/view/" + shift_id + "/")
logitems = (
DBSession.query(SecurityLogItem)
.filter(SecurityLogItem.shift_id == shift_id, SecurityLogItem.deleted == False)
.order_by(SecurityLogItem.started.desc())
.all()
)
self.request.bread.append({"url": "/security/", "text": _("Security")})
self.request.bread.append({"url": "/security/shifts/", "text": _("Shifts")})
self.request.bread.append({"url": "/security/shifts/view/" + shift_id + "/", "text": _("View")})
return {"shift": shift, "logitems": logitems}
def settings_groups_new(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
tmp_group = {
'name':'',
'leader_id':'',
'privileges':'',
}
if self.request.method == 'POST':
tmp_group['name'] = self.request.POST.get('name').strip()
# tmp_group['leader_id'] = self.request.POST.get('leader_id').strip()
if not self.checkIfGroupnameExists(tmp_group['name']):
group = Group(tmp_group['name'])
if security.has_permission("settings_users_modify_permissions", self.request.context, self.request):
privileges_list = ''
if len(self.request.POST.getall('privileges')) > 0:
for privilege in DBSession.query(Privilege).filter(Privilege.id.in_(self.request.POST.getall('privileges'))).all():
privileges_list += '|'+privilege.name + '|'
group.privileges = privileges_list
DBSession.add(group)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'Group'
userAudit.model_id = group.id
userAudit.action = 'Create'
userAudit.revision = group.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Group created."), 'success')
if group.id != '' and group.id != 0:
return HTTPFound(location='/settings/groups/view/'+str(group.id))
else:
self.request.session.flash(_(u"Group with that name allready exists."), 'error')
privileges = DBSession.query(Privilege).all()
self.request.bread.append({'url':'/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/settings/groups/', 'text':_('Groups')})
self.request.bread.append({'url':'/settings/groups/new/', 'text':_('New')})
return {'group':tmp_group, 'privileges':privileges}
def settings_organization_subunit_new(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
tmp_subunit = {
'name':'',
'short_name':'',
'leader_id':'',
'village_id':0,
}
if self.request.method == 'POST':
tmp_subunit['name'] = self.request.POST.get('name').strip()
tmp_subunit['short_name'] = self.request.POST.get('short_name').strip()
#tmp_subunit['leader_id'] = self.request.POST.get('leader_id').strip()
tmp_subunit['leader_id'] = 0
tmp_subunit['village_id'] = self.request.POST.get('village_id').strip()
if tmp_subunit['name']:
subunit = SubUnit()
subunit.name = tmp_subunit['name']
subunit.short_name = tmp_subunit['short_name']
subunit.leader_id = tmp_subunit['leader_id']
subunit.village_id = tmp_subunit['village_id']
DBSession.add(subunit)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'SubUnit'
userAudit.model_id = subunit.id
userAudit.action = 'Create'
userAudit.revision = subunit.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Subunit created."), 'success')
return HTTPFound(location='/settings/organization/')
else:
self.request.session.flash(_(u"Please provide subunit name."), 'error')
villages = DBSession.query(Village).all()
self.request.bread.append({'url':'/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/settings/organization/', 'text':_('Organization')})
self.request.bread.append({'url':'/settings/organization/subunit_new/', 'text':_('New subunit')})
return {'subunit':tmp_subunit, 'villages':villages}
def settings_users_new(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
use_mailer = self.request.registry.settings['leirirekkari.use_mailer']
tmp_user = {
'firstname':'',
'lastname':'',
'email':'',
'title':'',
'login':'',
'language':'',
'groups':'',
'privileges':'',
}
if security.has_permission("settings_users_modify_groups", self.request.context, self.request):
groups = DBSession.query(Group).all()
else:
groups = {}
if security.has_permission("settings_users_modify_permissions", self.request.context, self.request):
privileges = DBSession.query(Privilege).all()
else:
privileges = {}
if self.request.method == 'POST':
tmp_user['firstname'] = self.request.POST.get('firstname').strip()
tmp_user['lastname'] = self.request.POST.get('lastname').strip()
tmp_user['email'] = self.request.POST.get('email').strip()
tmp_user['login'] = self.request.POST.get('account_login').strip()
tmp_user['language'] = self.request.POST.get('language').strip()
tmp_user['title'] = self.request.POST.get('title').strip()
if tmp_user['login'] and tmp_user['email']:
login = tmp_user['login']
if self.request.POST.get('account_password') != None:
password1 = self.request.POST.get('account_password').strip()
else:
password1 = ''
if self.request.POST.get('account_password_again') != None:
password2 = self.request.POST.get('account_password_again').strip()
else:
password2 = ''
if not self.checkIfUsernameExists(login):
if password1 == '':
password1 = self.nicepass(8,4)
elif len(password1) < 12:
self.request.session.flash(_(u"Passwords too short, must be at least 12 characters long."), 'error')
return {'user':tmp_user, 'groups':groups, 'privileges':privileges, 'use_mailer':use_mailer}
elif not self.checkIfPasswordsMatch(password1, password2):
self.request.session.flash(_(u"Passwords didn't match."), 'error')
return {'user':tmp_user, 'groups':groups, 'privileges':privileges, 'use_mailer':use_mailer}
user = User(login, tmp_user['email'])
user.set_password(password1)
user.active = 1
user.firstname = tmp_user['firstname']
user.lastname = tmp_user['lastname']
user.title = tmp_user['title']
user.language = tmp_user['language']
if security.has_permission("settings_users_modify_groups", self.request.context, self.request):
if len(self.request.POST.getall('groups'))>0:
user.groups = DBSession.query(Group).filter(Group.id.in_(self.request.POST.getall('groups'))).all()
else:
user.groups = []
if security.has_permission("settings_users_modify_permissions", self.request.context, self.request):
privileges_list = ''
if len(self.request.POST.getall('privileges')) > 0:
for privilege in DBSession.query(Privilege).filter(Privilege.id.in_(self.request.POST.getall('privileges'))).all():
privileges_list += '|'+privilege.name + '|'
else:
privileges_list = ''
user.privileges = privileges_list
user.metadata_modified = datetime.now()
if self.request.POST.get('send_login_details') != None and self.request.POST.get('send_login_details').strip() == '1':
user.needs_password_change = 1
elif self.request.POST.get('require_password_change') != None and self.request.POST.get('require_password_change').strip() == '1':
user.needs_password_change = 1
else:
user.needs_password_change = 0
DBSession.add(user)
DBSession.flush()
self.request.session.flash(_(u"User created."), 'success')
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'User'
userAudit.model_id = user.id
userAudit.action = 'Create'
userAudit.revision = user.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
if user.id != '' and user.id != 0:
if self.request.registry.settings['leirirekkari.use_mailer'] == 'true':
if self.request.POST.get('send_login_details') != None and self.request.POST.get('send_login_details').strip() == '1':
mailer = get_mailer(self.request)
setting_site_name = DBSession.query(Setting).filter(Setting.setting_key == 'site_name').first()
setting_mail_sent_from = DBSession.query(Setting).filter(Setting.setting_key == 'mail_sent_from').first()
setting_site_url = DBSession.query(Setting).filter(Setting.setting_key == 'site_url').first()
message_subject = _(u"User account information for") + ' ' + setting_site_name.setting_value
message_body = _(u"Hi\n\nHere are your account details for ${site_name}.\n\nUsername: ${username}\n\nPassword: ${password}\n\nYou can login at ${site_url}\n\nRemember to behave and that all the personal data is classified and should be used and distributed carefully.",
mapping={'site_name':setting_site_name.setting_value, 'username':tmp_user['login'], 'password':password1, 'site_url':setting_site_url.setting_value})
message = Message(subject=message_subject,
sender=setting_mail_sent_from.setting_value,
recipients=[tmp_user['email']],
body=message_body)
mailer.send(message)
return HTTPFound(location='/settings/users/view/'+str(user.id))
else:
self.request.session.flash(_(u"User with that username allready exists. Please choose another one."), 'error')
self.request.bread.append({'url':'/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/settings/users/', 'text':_('Users')})
self.request.bread.append({'url':'/settings/users/new/', 'text':_('New')})
return {'user':tmp_user, 'groups':groups, 'privileges':privileges, 'use_mailer':use_mailer}
def settings_me_edit(self):
_ = self.request.translate
tmp_user = {
'id':0,
'firstname':'',
'lastname':'',
'email':'',
'title':'',
'login':'',
'language':'',
'groups':'',
}
user = self.request.user
if user.id:
tmp_user = {
'id':user.id,
'firstname':user.firstname,
'lastname':user.lastname,
'email':user.email,
'title':user.title,
'language':user.language,
}
if self.request.method == 'POST':
tmp_user['firstname'] = self.request.POST.get('firstname').strip()
tmp_user['lastname'] = self.request.POST.get('lastname').strip()
tmp_user['email'] = self.request.POST.get('email').strip()
tmp_user['language'] = self.request.POST.get('language').strip()
tmp_user['title'] = self.request.POST.get('title').strip()
if tmp_user['email']:
if self.request.POST.get('account_password') != None:
password1 = self.request.POST.get('account_password').strip()
else:
password1 = ''
if self.request.POST.get('account_password_again') != None:
password2 = self.request.POST.get('account_password_again').strip()
else:
password2 = ''
if password1 != '' and len(password1) < 12:
self.request.session.flash(_(u"Passwords too short, must be at least 12 characters long."), 'error')
return {'user':tmp_user}
elif password1 != '' and not self.checkIfPasswordsMatch(password1, password2):
self.request.session.flash(_(u"Passwords didn't match."), 'error')
return {'user':tmp_user}
elif password1 != '':
user.set_password(password1)
user.needs_password_change = 0
self.request.session.flash(_(u"Password changed."), 'success')
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'User'
userAudit.model_id = user.id
userAudit.action = 'Password update'
userAudit.revision = user.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
user.firstname = tmp_user['firstname']
user.lastname = tmp_user['lastname']
user.title = tmp_user['title']
user.language = tmp_user['language']
DBSession.add(user)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'User'
userAudit.model_id = user.id
userAudit.action = 'Update'
userAudit.revision = user.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
if user.id != '' and user.id != 0:
self.request.session.flash(_(u"User saved."), 'success')
return HTTPFound(location='/settings/me/')
else:
return HTTPFound(location='/settings/me/edit/')
else:
self.request.session.flash(_(u"Please provide email address."), 'error')
self.request.bread.append({'url':'/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/settings/me/', 'text':_('Me')})
self.request.bread.append({'url':'/settings/me/edit/', 'text':_('Edit')})
return {'user':tmp_user}
def settings_groups_edit(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
tmp_group = {
'id':'',
'name':'',
'leader_id':'',
'privileges':'',
}
group_id = self.request.matchdict['group_id']
group = DBSession.query(Group).filter(Group.id==group_id).first()
if group.id:
if group.id == 1:
return HTTPFound(location='/settings/groups/')
# privilege_ids = [privilege.id for privilege in group.privileges]
tmp_group = {
'id':group.id,
'name':group.name,
'leader_id':group.leader_id,
'privileges':group.privileges
}
if self.request.method == 'POST':
tmp_group['name'] = self.request.POST.get('name').strip()
if not self.checkIfGroupnameExists(tmp_group['name'], tmp_group['id']):
group.name = tmp_group['name']
if security.has_permission("settings_users_modify_permissions", self.request.context, self.request):
privileges_list = ''
if len(self.request.POST.getall('privileges'))> 0:
for privilege in DBSession.query(Privilege).filter(Privilege.id.in_(self.request.POST.getall('privileges'))).all():
privileges_list += '|'+privilege.name + '|'
group.privileges = privileges_list
DBSession.add(group)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'Group'
userAudit.model_id = group.id
userAudit.action = 'Update'
userAudit.revision = group.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Group saved."), 'success')
return HTTPFound(location='/settings/groups/view/'+str(group.id))
else:
self.request.session.flash(_(u"Group with that name allready exists."), 'error')
privileges = DBSession.query(Privilege).all()
self.request.bread.append({'url':'/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/settings/groups/', 'text':_('Groups')})
self.request.bread.append({'url':'/settings/groups/edit/'+str(group.id)+'/', 'text':_('Edit') + ' ' + helpers.decodeString(group.name)})
return {'group':tmp_group, 'privileges':privileges}