def setPassword(self, password, domains=None, REQUEST=None):
'''Allows the authenticated member to set his/her own password.
'''
if not self.isAnonymousUser():
member = self.getAuthenticatedMember()
rtool = queryUtility(IRegistrationTool)
if rtool is not None:
failMessage = rtool.testPasswordValidity(password)
if failMessage is not None:
raise BadRequest(failMessage)
member.setSecurityProfile(password=password, domains=domains)
else:
raise BadRequest('Not logged in.')
def _checkId(self, id, allow_dup=0):
PortalFolderBase.inheritedAttribute('_checkId')(self, id, allow_dup)
if allow_dup:
return
# FIXME: needed to allow index_html for join code
if id == 'index_html':
return
# Another exception: Must allow "syndication_information" to enable
# Syndication...
if id == 'syndication_information':
return
# IDs starting with '@@' are reserved for views.
if id[:2] == '@@':
raise BadRequest('The id "%s" is invalid because it begins with '
'"@@".' % id)
# This code prevents people other than the portal manager from
# overriding skinned names and tools.
if not getSecurityManager().checkPermission(ManagePortal, self):
ob = aq_inner(self)
while ob is not None:
if ISiteRoot.providedBy(ob):
break
# BBB
if getattr(ob, '_isPortalRoot', False):
warn(
"The '_isPortalRoot' marker attribute for site "
"roots is deprecated and will be removed in "
"CMF 2.3; please mark the root object with "
"'ISiteRoot' instead.",
DeprecationWarning,
stacklevel=2)
break
ob = aq_parent(ob)
if ob is not None:
# If the portal root has a non-contentish object by this name,
# don't allow an override.
if (hasattr(ob, id) and id not in ob.contentIds() and
# Allow root doted prefixed object name overrides
not id.startswith('.')):
raise BadRequest('The id "%s" is reserved.' % id)
# Don't allow ids used by Method Aliases.
ti = self.getTypeInfo()
if ti and ti.queryMethodID(id, context=self):
raise BadRequest('The id "%s" is reserved.' % id)
def setPassword(self, password, domains=None, REQUEST=None):
'''Allows the authenticated member to set his/her own password.
'''
# XXX: this method violates the rules for tools/utilities:
# it depends on a non-utility tool
registration = getToolByName(self, 'portal_registration', None)
if not self.isAnonymousUser():
member = self.getAuthenticatedMember()
if registration:
failMessage = registration.testPasswordValidity(password)
if failMessage is not None:
raise BadRequest(failMessage)
member.setSecurityProfile(password=password, domains=domains)
else:
raise BadRequest('Not logged in.')
def setProperties(self, properties=None, **kw):
'''Allows the authenticated member to set his/her own properties.
Accepts either keyword arguments or a mapping for the "properties"
argument.
'''
mtool = getUtility(IMembershipTool)
if not mtool.isMemberAccessAllowed(self._user.getId()):
raise BadRequest(u'Only own properties can be set.')
if properties is None:
properties = kw
rtool = queryUtility(IRegistrationTool)
if rtool is not None:
failMessage = rtool.testPropertiesValidity(properties, self)
if failMessage is not None:
raise BadRequest(failMessage)
self.setMemberProperties(properties)
def setProperties(self, properties=None, **kw):
'''Allows the authenticated member to set his/her own properties.
Accepts either keyword arguments or a mapping for the "properties"
argument.
'''
# XXX: this method violates the rules for tools/utilities:
# it depends on a non-utility tool
if properties is None:
properties = kw
membership = getToolByName(self, 'portal_membership')
registration = getToolByName(self, 'portal_registration', None)
if not membership.isAnonymousUser():
member = membership.getAuthenticatedMember()
if registration:
failMessage = registration.testPropertiesValidity(properties, member)
if failMessage is not None:
raise BadRequest(failMessage)
member.setMemberProperties(properties)
else:
raise BadRequest('Not logged in.')
def _checkId(self, id, allow_dup=0):
PortalFolderBase.inheritedAttribute('_checkId')(self, id, allow_dup)
if allow_dup:
return
# FIXME: needed to allow index_html for join code
if id == 'index_html':
return
# Another exception: Must allow "syndication_information" to enable
# Syndication...
if id == 'syndication_information':
return
# IDs starting with '@@' are reserved for views.
if id[:2] == '@@':
raise BadRequest('The id "%s" is invalid because it begins with '
'"@@".' % id)
# This code prevents people other than the portal manager from
# overriding skinned names and tools.
if not getSecurityManager().checkPermission(ManagePortal, self):
ob = aq_inner(self)
while ob is not None:
if ISiteRoot.providedBy(ob):
break
ob = aq_parent(ob)
if ob is not None:
# If the portal root has a non-contentish object by this name,
# don't allow an override.
if hasattr(ob, id) and \
id not in ob.contentIds() and \
not id.startswith('.'):
raise BadRequest('The id "%s" is reserved.' % id)
# Don't allow ids used by Method Aliases.
ti = self.getTypeInfo()
if ti and ti.queryMethodID(id, context=self):
raise BadRequest('The id "%s" is reserved.' % id)
def render(self):
"""Render a tile after removing an object from it."""
tile_type = self.request.form.get('tile-type')
tile_id = self.request.form.get('tile-id')
uid = self.request.form.get('uid')
if tile_type and tile_id and uid:
tile = self.context.restrictedTraverse('{0}/{1}'.format(
tile_type, tile_id))
if isinstance(tile, ListTile):
tile.remove_item(uid)
return tile()
else:
raise BadRequest('Invalid parameters')
def _checkId(self, id, allow_dup=0):
PortalFolderBase.inheritedAttribute('_checkId')(self, id, allow_dup)
if allow_dup:
return
# FIXME: needed to allow index_html for join code
if id == 'index_html':
return
# Another exception: Must allow "syndication_information" to enable
# Syndication...
if id == 'syndication_information':
return
# IDs starting with '@@' are reserved for views.
if id[:2] == '@@':
raise BadRequest('The id "%s" is invalid because it begins with '
'"@@".' % id)
def render(self):
"""Render a tile after populating it with an object."""
tile_type = self.request.form.get('tile-type')
tile_id = self.request.form.get('tile-id')
uid = self.request.form.get('uid')
if tile_type and tile_id and uid:
catalog = api.portal.get_tool('portal_catalog')
results = catalog(UID=uid)
if results:
obj = results[0].getObject()
tile = self.context.restrictedTraverse('{0}/{1}'.format(
tile_type, tile_id))
tile.populate_with_object(obj)
# reinstantiate the tile to update its content on AJAX calls
tile = self.context.restrictedTraverse('{0}/{1}'.format(
tile_type, tile_id))
return tile()
else:
raise BadRequest('Invalid parameters')
def manage_addTypeInformation(self, add_meta_type, id=None,
typeinfo_name=None, RESPONSE=None):
"""Create a TypeInformation in self.
"""
# BBB: typeinfo_name is ignored
import Products
if not id:
raise BadRequest('An id is required.')
for mt in Products.meta_types:
if mt['name'] == add_meta_type:
klass = mt['instance']
break
else:
raise ValueError('Meta type %s is not a type class.'
% add_meta_type)
id = str(id)
ob = klass(id)
self._setObject(id, ob)
if RESPONSE is not None:
RESPONSE.redirect('%s/manage_main' % self.absolute_url())
pms = api.portal.get_tool('portal_membership')
pgr = api.portal.get_tool('portal_groups')
registration = api.portal.get_tool('portal_registration')
ORGANIZATIONS = get_organizations()
for row in reader:
row_id = normalizeString(row['username'], self)
# add users if not exist
if row_id not in [ud['userid'] for ud in acl.searchUsers()]:
pms.addMember(row_id, row['password'], ('Member', ), [])
member = pms.getMemberById(row_id)
properties = {'fullname': row['fullname'], 'email': row['email']}
failMessage = registration.testPropertiesValidity(
properties, member)
if failMessage is not None:
raise BadRequest(failMessage)
member.setMemberProperties(properties)
out.append("User '%s' is added" % row_id)
else:
out.append("User %s already exists" % row_id)
# attribute roles
group_title = safe_unicode(row['grouptitle'])
org_id = normalizeString(group_title, self)
for organization in ORGANIZATIONS:
if normalized_org_titles_equals(organization.Title(), group_title):
org_id = organization.id
org_uid = org_id_to_uid(org_id)
plone_groups = []
