class CommunityBaseSchema(validators.Schema): ParentCommunity = validators.IntID() ParentCommunityName = validators.UnicodeString() ProvinceState = validators.IntID(not_empty=True) chained_validators = [validators.RequireIfPredicate(cannot_save_without_parent, ['ParentCommunity'])]
class ExternalCommunityBaseSchema(validators.Schema): AreaName = validators.UnicodeString(max=200, not_empty=True) PrimaryAreaType = validators.String(max=30) SubAreaType = validators.String(max=30) ProvinceState = validators.IntID() ExternalID = validators.String(max=50) AIRSExportType = validators.String(max=20) Parent_ID = validators.IntID() Parent_IDName = validators.UnicodeString() CM_ID = validators.IntID() CM_IDName = validators.UnicodeString()
def autocomplete_parents(self): request = self.request _ = request.translate term_validator = validators.UnicodeString(not_empty=True) try: terms = term_validator.to_python(request.params.get('term')) except validators.Invalid: return [] SystemCode = request.context.external_system.SystemCode retval = [] with request.connmgr.get_connection() as conn: ext_id_validator = validators.IntID() try: ext_id = ext_id_validator.to_python(request.params.get('extid')) except validators.Invalid: ext_id = None cursor = conn.execute('EXEC sp_External_Community_ls_ParentSelector ?, ?, ?', SystemCode, ext_id, terms) cols = ['chkid', 'value', 'label'] in_tmpl = _(' (in %s)') values = (x[:2] + (x[2] + ((in_tmpl % x[3]) if x[3] else ''),) for x in cursor.fetchall()) retval = [dict(zip(cols, x)) for x in values] cursor.close() return retval
def __init__(self, request): validator = validators.IntID(not_empty=True) try: uid = validator.to_python(request.matchdict.get('uid')) except validators.Invalid: raise HTTPNotFound with request.connmgr.get_connection() as conn: cursor = conn.execute('EXEC sp_Users_s ?', uid) self.user = cursor.fetchone() cursor.nextset() self.manage_areas = cursor.fetchall() cursor.nextset() self.manage_external = cursor.fetchall() cursor.close() if self.user is None: raise HTTPNotFound self.__acl__ = [(Deny, 'uid:%d' % self.user.User_ID, ALL_PERMISSIONS), (Allow, 'area:admin', ('edit', 'view')), DENY_ALL]
def __init__(self, request): super(ExternalCommunityRoot, self).__init__(request) validator = validators.IntID(not_empty=True) try: self.EXTID = validator.to_python(request.matchdict.get('EXTID')) except validators.Invalid: raise HTTPNotFound
def json_community(self): request = self.request validator = validators.IntID(not_empty=True) try: cm_id = validator.to_python(request.matchdict.get('cmid')) except validators.Invalid, e: return {'fail': True, 'reason': e.message}
class ManageUserAddUserWrapper(validators.Schema): allow_extra_fields = True filter_extra_fields = True # need to add user validator when constructing manage_areas = validators.ForEach(validators.IntID()) manage_external = validators.ForEach(validators.String(max=30))
def __init__(self, request): cm_id = request.matchdict.get('cmid') if cm_id == 'new': if request.matched_route.name == 'community_delete': raise HTTPNotFound() parents = [('manager', )] self.community = None self.descriptions = {} self.alt_names = [] self.alt_areas = [] else: validator = validators.IntID(not_empty=True) try: cm_id = validator.to_python(cm_id) except validators.Invalid: raise HTTPNotFound() parents = [] with request.connmgr.get_connection() as conn: cursor = conn.execute('EXEC sp_Community_s ?', cm_id) community = self.community = cursor.fetchone() if community is None: raise HTTPNotFound() cursor.nextset() parents = cursor.fetchall() cursor.nextset() self.descriptions = { x.Culture.replace('-', '_'): x for x in cursor.fetchall() } cursor.nextset() self.alt_names = cursor.fetchall() cursor.nextset() self.alt_areas = cursor.fetchall() cursor.close() # and this one parents.append((cm_id, )) self.__acl__ = [(Allow, 'area:' + str(x[0]), 'edit') for x in parents] self.__acl__.append((Allow, 'area:admin', 'edit')) self.__acl__.append(DENY_ALL)
def _get_cmid(self): cm_id = self.request.matchdict.get('cmid') if cm_id != 'new': validator = validators.IntID(not_empty=True) try: cm_id = validator.to_python(cm_id) except validators.Invalid: raise HTTPNotFound() return cm_id
def _get_suggestion_id(self): request = self.request _ = request.translate validator = validators.IntID() try: sjid = validator.to_python(request.params.get('sjid')) except validators.Invalid, e: request.session.flash( _('Invalid Suggestion ID: ') + e.message, 'errorqueue') raise HTTPFound(location=request.route_url('review_suggestions'))
def _get_request_id(self): request = self.request _ = request.translate validator = validators.IntID() try: reqid = validator.to_python(request.params.get('reqid')) except validators.Invalid, e: request.session.flash( _('Invalid Account Request ID: ') + e.message, 'errorqueue') raise HTTPFound(location=request.route_url('users'))
def autocomplete(self): request = self.request if not request.user or not (request.user.Admin or request.user.ManageAreaList): return [] term_validator = validators.UnicodeString(not_empty=True) try: terms = term_validator.to_python(request.params.get('term')) except validators.Invalid: return [] cm_id_validator = validators.IntID() try: cur_parent = cm_id_validator.to_python( request.params.get('parent')) except validators.Invalid: cur_parent = None cur_cm_id = None if request.matched_route.name == 'json_search_areas': try: cur_cm_id = cm_id_validator.to_python( request.params.get('cmid')) except validators.Invalid: pass retval = [] search_areas = request.matched_route.name == 'json_search_areas' with request.connmgr.get_connection() as conn: if search_areas: cursor = conn.execute( 'EXEC sp_Community_ls_SearchAreaSelector ?, ?, ?, ?', request.user.User_ID, cur_cm_id, cur_parent, terms) else: cursor = conn.execute( 'EXEC sp_Community_ls_ParentSelector ?, ?, ?', request.user.User_ID, cur_parent, terms) cols = ['chkid', 'value', 'label'] retval = [dict(zip(cols, x)) for x in cursor.fetchall()] cursor.close() return retval
def json_community(self): request = self.request validator = validators.IntID(not_empty=True) try: cm_id = validator.to_python(request.matchdict.get('cmid')) except validators.Invalid as e: return {'fail': True, 'reason': e.msg} community = None with request.connmgr.get_connection() as conn: community = conn.execute('EXEC sp_Community_s_MoreInfo ?', cm_id).fetchone() _ = request.translate if not community: return {'fail': True, 'reason': _('Community Not Found.')} pcn = xml_to_dict_list(community.ParentCommunityName) if pcn: pcn = pcn[0] community.ParentCommunityName = pcn community.OtherNames = xml_to_dict_list(community.OtherNames) community.ChildCommunities = xml_to_dict_list( community.ChildCommunities) community.SearchCommunities = xml_to_dict_list( community.SearchCommunities) community.Managers = xml_to_dict_list(community.Managers) community_info = render('community_more_details.mak', {'community': community}, request) if community.ParentCommunityName: cm_title = _('%s (in %s)') % ( community.Name, community.ParentCommunityName['Name']) else: cm_title = community.Name return { 'fail': False, 'community_info': community_info, 'community_name': cm_title }
class AltAreasSchema(CommunitySchema): alt_areas = validators.ForEach(validators.IntID(), not_emtpy=True) chained_validators = [validators.ForceRequire('alt_areas')]
def get(self): request = self.request _ = request.translate is_new = not not request.matched_route.name == 'user_new' is_request = not not request.matched_route.name == 'request_account' is_account = not not request.matched_route.name == 'account' if is_new: reqid = self._get_request_id() elif is_account: uid = request.user.User_ID elif not is_request: validator = validators.IntID(not_empty=True) try: uid = validator.to_python(request.matchdict.get('uid')) except validators.Invalid: raise HTTPNotFound() account_request = None user = None cm_name_map = {} manage_areas = [] manage_external = [] external_systems = [] if not is_request: if is_new: with request.connmgr.get_connection() as conn: cursor = conn.execute( 'EXEC sp_Users_AccountRequest_s ?; EXEC sp_External_System_l', reqid) account_request = cursor.fetchone() cursor.nextset() external_systems = cursor.fetchall() cursor.close() else: if is_account: with request.connmgr.get_connection() as conn: cursor = conn.execute('EXEC sp_Users_s ?', uid) user = cursor.fetchone() cursor.nextset() cm_tmp = cursor.fetchall() cursor.nextset() ex_tmp = cursor.fetchall() cursor.close() else: with request.connmgr.get_connection() as conn: cursor = conn.execute('EXEC sp_External_System_l') external_systems = cursor.fetchall() cursor.close() user = request.context.user cm_tmp = request.context.manage_areas ex_tmp = request.context.manage_external manage_areas = [str(x[0]) for x in cm_tmp] manage_external = [str(x[0]) for x in ex_tmp] cm_name_map = {str(x[0]): x[1] for x in cm_tmp} if is_new: if not account_request: request.session.flash(_('Account Request Not Found'), 'errorqueue') return HTTPFound(location=request.route_url('users')) elif not is_request: if not user: return HTTPNotFound() data = request.model_state.data if is_new: data['user'] = account_request if account_request.CanUseRequestedName: data['user.UserName'] = account_request.PreferredUserName elif account_request.CanUseLastPlusInital: data['user.UserName'] = account_request.LastName.lower( ) + account_request.FirstName[0].lower() elif account_request.CanUseDottedJoin: data['user.UserName'] = '******'.join( (account_request.FirstName, account_request.LastName)) elif not is_request: data['user'] = user data['manage_areas'] = manage_areas data['manage_external'] = manage_external if is_new: title_text = _('Add New User') elif is_account: title_text = _('Update Account') elif is_request: title_text = _('Request Account') else: title_text = _('Modify User') return { 'title_text': title_text, 'account_request': account_request, 'cm_name_map': cm_name_map, 'user': user, 'is_admin': not is_request and not is_account, 'is_account': is_account, 'external_systems': external_systems }
def post(self): request = self.request _ = request.translate is_new = not not request.matched_route.name == 'user_new' is_request = not not request.matched_route.name == 'request_account' is_account = not not request.matched_route.name == 'account' reqid = None if is_new: reqid = self._get_request_id() elif is_account: uid = request.user.User_ID elif not is_request: validator = validators.IntID(not_empty=True) try: uid = validator.to_python(request.matchdict.get('uid')) except validators.Invalid: raise HTTPNotFound() if is_new and request.params.get('Reject'): return HTTPFound(location=request.route_url( 'request_reject', _query=[('reqid', reqid)])) extra_validators = {} if is_new: extra_validators['user'] = NewUserValidator() elif is_account: extra_validators['user'] = BaseUserValidator() extra_validators['password'] = PasswordValidator(if_missing=None) elif not is_request: extra_validators['user'] = ManageUsersValidator() extra_validators['password'] = PasswordValidator(if_missing=None) else: extra_validators['user'] = RequestAccessValidator() extra_validators['TomorrowsDate'] = TomorrowsDateValidator if is_request or is_account: schema = UpdateProfileRequestAccessBase(**extra_validators) else: schema = ManageUserAddUserWrapper(**extra_validators) model_state = request.model_state model_state.form.variable_decode = True model_state.schema = schema if model_state.validate(): form_data = model_state.data user = form_data['user'] fields = list(schema.fields['user'].fields.keys()) args = [user.get(x) for x in fields] if not is_request and not is_account: root = ET.Element('ManageAreas') if not user.get('Admin'): for cmid in form_data.get('manage_areas') or []: if cmid: ET.SubElement(root, 'CM_ID').text = str(cmid) fields.append('ManageAreas') args.append(ET.tostring(root)) root = ET.Element('ManageExternal') if not user.get('Admin'): for code in form_data.get('manage_external') or []: if code: ET.SubElement(root, 'SystemCode').text = str(code) fields.append('ManageExternalSystems') args.append(ET.tostring(root)) log.debug('args: %s', args) if is_new: fields.append('Request_ID') args.append(reqid) if not is_request: fields.append('MODIFIED_BY') args.append(request.user.UserName) password = None if not is_request: if is_new: password = security.MakeRandomPassword() else: password = model_state.value('password.Password') if password: salt = security.MakeSalt() hash = security.Crypt(salt, password) hash_args = [security.DEFAULT_REPEAT, salt, hash] else: hash_args = [None, None, None] fields.extend( ['PasswordHashRepeat', 'PasswordHashSalt', 'PasswordHash']) args.extend(hash_args) user_id_sql = '' if is_new: user_id_sql = '@User_ID OUTPUT,' elif not is_request: fields.append('User_ID') args.append(uid) if is_request: sql = ''' DECLARE @RT int, @ErrMsg nvarchar(500), @Request_ID int %s EXEC @RT = sp_Users_AccountRequest_i @Request_ID OUTPUT, %s, @ErrMsg=@ErrMsg OUTPUT SELECT @RT AS [Return], @ErrMsg AS ErrMsg, @Request_ID AS Request_ID ''' else: sql = ''' DECLARE @RT int, @ErrMsg nvarchar(500), @User_ID int SET @ErrMsg = NULL EXEC @RT = sp_Users_u %s %s, @ErrMsg=@ErrMsg OUTPUT SELECT @RT AS [Return], @ErrMsg AS ErrMsg, @User_ID AS [User_ID] ''' sql = sql % (user_id_sql, ','.join('@%s=?' % x for x in fields)) with request.connmgr.get_connection() as conn: result = conn.execute(sql, args).fetchone() if not result.Return: if is_new: # force to language of request? gettext = get_translate_fn(request, user['Culture']) subject = gettext( 'Your CIOC Community Manager Site Account') welcome_message = gettext(welcome_email_template) % { 'FirstName': user['FirstName'], 'UserName': user['UserName'], 'Password': password, 'url': request.route_url('login') } email.email('*****@*****.**', user['Email'], subject, welcome_message) request.session.flash(_('User Successfully Added')) return HTTPFound( location=request.route_url('user', uid=result.User_ID)) elif is_request: subject = 'CIOC Community Manager Account Request' tmpl_args = { 'url': request.route_url('user_new', _query=[('reqid', result.Request_ID) ]) } tmpl_args.update(user) request_message = request_email_template % tmpl_args email.email('*****@*****.**', '*****@*****.**', subject, request_message) return HTTPFound( location=request.route_url('request_account_thanks')) if is_account: request.session.flash(_('Account successfully updated')) else: request.session.flash(_('User successfully modified')) return HTTPFound(location=request.current_route_url()) model_state.add_error_for( '*', _('Could not add user: '******'manage_areas') or [] else: data = model_state.data decoded = variable_decode(request.POST) data['manage_areas'] = manage_areas = decoded.get( 'manage_areas') or [] if is_account: manage_areas = request.user.ManageAreaList or [] log.debug('errors: %s', model_state.form.errors) account_request = user = None cm_name_map = {} if not is_request: with request.connmgr.get_connection() as conn: if is_new: account_request = conn.execute( 'EXEC sp_Users_AccountRequest_s ?', reqid).fetchone() else: if is_account: user = conn.execute('EXEC sp_Users_s ?', uid).fetchone() else: user = request.context.user cm_name_map = { str(x[0]): x[1] for x in conn.execute( 'EXEC sp_Community_ls_Names ?', ','.join( str(x) for x in manage_areas)).fetchall() } if is_new: if not account_request: request.session.flash(_('Account Request Not Found'), 'errorqueue') return HTTPFound(location=request.route_url('users')) elif not is_request: if not user: raise HTTPNotFound() if is_new: title_text = _('Add New User') elif is_request: title_text = _('Request Account') elif is_account: title_text = _('Update Account') else: title_text = _('Modify User') return { 'title_text': title_text, 'account_request': account_request, 'user': user, 'cm_name_map': cm_name_map, 'is_admin': not is_request and not is_account, 'is_account': is_account }