def page(dbo, session, username): """ Generates the main mobile web page dbo: Database info """ l = dbo.locale nsa = animal.get_number_animals_on_shelter_now(dbo) osa = nsa > 0 ar = reports.get_available_reports(dbo, False) vacc = medical.get_vaccinations_outstanding(dbo) test = medical.get_tests_outstanding(dbo) med = medical.get_treatments_outstanding(dbo) dia = diary.get_uncompleted_upto_today(dbo, username) hck = person.get_reserves_without_homechecks(dbo) mess = lookups.get_messages(dbo, session.user, session.roles, session.superuser) testresults = lookups.get_test_results(dbo) homelink = jqm_link("mobile", _("Home", l), "home", "ui-btn-right", "b") h = [] h.append(header(l)) logoutlink = jqm_link("mobile_logout", _("Logout", l), "delete", "ui-btn-right", "b") h.append(jqm_page_header("home", _("ASM", l), logoutlink, False)) items = [] if configuration.smdb_locked(dbo): items.append( jqm_listitem( _( "This database is locked and in read-only mode. You cannot add, change or delete records.", l))) if len(mess) > 0: items.append( jqm_listitem_link("#messages", _("Messages", l), "message", len(mess))) if len(ar) > 0 and users.check_permission_bool(session, users.VIEW_REPORT): items.append( jqm_listitem_link("#reports", _("Generate Report", l), "report")) items.append(jqm_list_divider(_("Animal", l))) if osa and users.check_permission_bool(session, users.VIEW_ANIMAL): items.append( jqm_listitem_link("mobile_post?posttype=vsa", _("View Shelter Animals", l), "animal", nsa)) if len(vacc) > 0 and users.check_permission_bool(session, users.CHANGE_VACCINATION): items.append( jqm_listitem_link("#vacc", _("Vaccinate Animal", l), "vaccination", len(vacc))) if len(test) > 0 and users.check_permission_bool(session, users.CHANGE_TEST): items.append( jqm_listitem_link("#test", _("Test Animal", l), "test", len(test))) if len(med) > 0 and users.check_permission_bool(session, users.CHANGE_MEDICAL): items.append( jqm_listitem_link("#med", _("Medicate Animal", l), "medical", len(med))) if osa and users.check_permission_bool(session, users.ADD_LOG): items.append( jqm_listitem_link("#log", _("Add Log to Animal", l), "log", -1, "dialog")) items.append(jqm_list_divider(_("Diary", l))) items.append(jqm_listitem_link("#diaryadd", _("New Task", l), "diary")) if len(dia) > 0 and users.check_permission_bool(session, users.EDIT_MY_DIARY_NOTES): items.append( jqm_listitem_link("#diary", _("Complete Tasks", l), "diary", len(dia))) items.append(jqm_list_divider(_("Person", l))) if len(hck) > 0 and users.check_permission_bool(session, users.CHANGE_PERSON): items.append( jqm_listitem_link("#homecheck", _("Perform Homecheck", l), "person", -1, "dialog")) h.append(jqm_list("\n".join(items))) h.append(jqm_page_footer()) h += page_messages(l, homelink, mess) h += page_message_add(l, homelink, dbo) h += page_reports(l, homelink, ar) h += page_vaccinations(l, homelink, vacc) h += page_tests(l, homelink, test, testresults) h += page_medication(l, homelink, med) h += page_log_add(l, homelink, dbo) h += page_diary_add(l, homelink, dbo) h += page_diary(l, homelink, dia) h += page_homecheck(l, homelink, dbo) h.append("</body></html>") return "\n".join(h)
def web_login(post, session, remoteip, path): """ Performs a login and sets up the user's session. Returns the username on successful login, or: FAIL - problem with user/pass/account/ip DISABLED - The database is disabled WRONGSERVER - The database is not on this server """ database = post["database"] username = post["username"] password = post["password"] mobileapp = post["mobile"] == "true" nologconnection = post["nologconnection"] == "true" if len(username) > 100: username = username[0:100] dbo = db.get_database(database) if dbo.database in ("FAIL", "DISABLED", "WRONGSERVER"): return dbo.database # Connect to the database and authenticate the username and password user = authenticate(dbo, username, password) if user is not None and not authenticate_ip(user, remoteip): al.error( "user %s with ip %s failed ip restriction check '%s'" % (username, remoteip, user.IPRESTRICTION), "users.web_login", dbo) return "FAIL" if user is not None and "DISABLELOGIN" in user and user.DISABLELOGIN == 1: al.error( "user %s with ip %s failed as account has logins disabled" % (username, remoteip), "users.web_login", dbo) return "FAIL" if user is not None: al.info("%s successfully authenticated from %s" % (username, remoteip), "users.web_login", dbo) try: dbo.locked = configuration.smdb_locked(dbo) dbo.timezone = configuration.timezone(dbo) dbo.installpath = path session.locale = configuration.locale(dbo) dbo.locale = session.locale session.dbo = dbo session.user = user.USERNAME session.superuser = user.SUPERUSER session.mobileapp = mobileapp update_session(session) except: al.error("failed setting up session: %s" % str(sys.exc_info()[0]), "users.web_login", dbo, sys.exc_info()) return "FAIL" try: session.securitymap = get_security_map(dbo, user.USERNAME) except: # This is a pre-3002 login where the securitymap is with # the user (the error occurs because there's no role table) al.debug("role table does not exist, using securitymap from user", "users.web_login", dbo) session.securitymap = user.SECURITYMAP try: ur = get_users(dbo, user.USERNAME)[0] session.roles = ur.ROLES session.roleids = ur.ROLEIDS session.siteid = utils.cint(user.SITEID) session.locationfilter = utils.nulltostr(user.LOCATIONFILTER) except: # Users coming from v2 won't have the # IPRestriction or EmailAddress fields necessary for get_users - we can't # help them right now so just give them an empty set of # roles and locationfilter until they login again after the db update session.roles = "" session.roleids = "" session.locationfilter = "" session.siteid = 0 try: # Mark the user logged in if not nologconnection: audit.login(dbo, username, remoteip) # Check to see if any updates need performing on this database if dbupdate.check_for_updates(dbo): dbupdate.perform_updates(dbo) # We did some updates, better reload just in case config/reports/etc changed update_session(session) # Check to see if our views and sequences are out of date and need reloading if dbupdate.check_for_view_seq_changes(dbo): dbupdate.install_db_views(dbo) dbupdate.install_db_sequences(dbo) except: al.error("failed updating database: %s" % str(sys.exc_info()[0]), "users.web_login", dbo, sys.exc_info()) try: al.info("%s logged in" % user.USERNAME, "users.login", dbo) update_user_activity(dbo, user.USERNAME) except: al.error( "failed updating user activity: %s" % str(sys.exc_info()[0]), "users.web_login", dbo, sys.exc_info()) return "FAIL" else: al.error( "database:%s username:%s password:%s failed authentication from %s" % (database, username, password, remoteip), "users.web_login", dbo) return "FAIL" return user.USERNAME
def web_login(post, session, remoteip, path): """ Performs a login and sets up the user's session. Returns the username on successful login, or: FAIL - problem with user/pass/account/ip DISABLED - The database is disabled """ dbo = db.DatabaseInfo() database = post["database"] username = post["username"] password = post["password"] nologconnection = post["nologconnection"] # Do we have multiple databases? if MULTIPLE_DATABASES: if MULTIPLE_DATABASES_TYPE == "smcom": # Is this sheltermanager.com? If so, we need to get the # database connection info (dbo) before we can login. # If a database hasn't been supplied, let's bail out now # since we can't do anything if str(database).strip() == "": return "FAIL" else: dbo = smcom.get_database_info(database) # Bail out if there was a problem with the database if dbo.database == "FAIL" or dbo.database == "DISABLED": return dbo.database else: # Look up the database info from our map dbo = db.get_multiple_database_info(database) if dbo.database == "FAIL": return dbo.database # Connect to the database and authenticate the username and password user = authenticate(dbo, username, password) if user is not None and not authenticate_ip(user, remoteip): al.error( "user %s with ip %s failed ip restriction check '%s'" % (username, remoteip, user["IPRESTRICTION"]), "users.web_login", dbo) return "FAIL" if user is not None: al.info("%s successfully authenticated from %s" % (username, remoteip), "users.web_login", dbo) try: dbo.locked = configuration.smdb_locked(dbo) dbo.timezone = configuration.timezone(dbo) dbo.installpath = path session.locale = configuration.locale(dbo) dbo.locale = session.locale session.dbo = dbo session.user = user["USERNAME"] session.superuser = user["SUPERUSER"] session.passchange = (password == "password") update_session(session) except: al.error("failed setting up session: %s" % str(sys.exc_info()[0]), "users.web_login", dbo, sys.exc_info()) return "FAIL" try: session.securitymap = get_security_map(dbo, user["USERNAME"]) except: # This is a pre-3002 login where the securitymap is with # the user (the error occurs because there's no role table) al.debug("role table does not exist, using securitymap from user", "users.web_login", dbo) session.securitymap = user["SECURITYMAP"] try: ur = get_users(dbo, user["USERNAME"])[0] session.roles = ur["ROLES"] session.roleids = ur["ROLEIDS"] session.locationfilter = utils.nulltostr(user["LOCATIONFILTER"]) except: # Users coming from v2 won't have the # IPRestriction or EmailAddress fields necessary for get_users - we can't # help them right now so just give them an empty set of # roles and locationfilter until they login again after the db update session.roles = "" session.roleids = "" session.locationfilter = "" try: # If it's a sheltermanager.com database, try and update the # last time the user connected to today if smcom.active() and database != "" and nologconnection == "": smcom.set_last_connected(dbo) except: pass try: # Check to see if any updates need performing on this database if dbupdate.check_for_updates(dbo): dbupdate.perform_updates(dbo) # We did some updates, better reload just in case config/reports/etc changed update_session(session) # Check to see if our views and sequences are out of date and need reloading if dbupdate.check_for_view_seq_changes(dbo): dbupdate.install_db_views(dbo) dbupdate.install_db_sequences(dbo) except: al.error("failed updating database: %s" % str(sys.exc_info()[0]), "users.web_login", dbo, sys.exc_info()) try: # Log out any old users that have been hanging around auto_logout(dbo) # Let this user through login(dbo, user["USERNAME"]) except: al.error( "failed updating activeuser table: %s" % str(sys.exc_info()[0]), "users.web_login", dbo, sys.exc_info()) return "FAIL" else: al.error( "database:%s username:%s password:%s failed authentication from %s" % (database, username, password, remoteip), "users.web_login", dbo) return "FAIL" return user["USERNAME"]
def page(dbo, session, username): """ Generates the main mobile web page dbo: Database info """ l = dbo.locale nsa = animal.get_number_animals_on_shelter_now(dbo) osa = nsa > 0 ar = reports.get_available_reports(dbo, False) vacc = medical.get_vaccinations_outstanding(dbo) test = medical.get_tests_outstanding(dbo) med = medical.get_treatments_outstanding(dbo) dia = diary.get_uncompleted_upto_today(dbo, username) hck = person.get_reserves_without_homechecks(dbo) mess = lookups.get_messages(dbo, session.user, session.roles, session.superuser) testresults = lookups.get_test_results(dbo) homelink = jqm_link("mobile", _("Home", l), "home", "ui-btn-right", "b") h = [] h.append(header(l)) logoutlink = jqm_link("mobile_logout", _("Logout", l), "delete", "ui-btn-right", "b") h.append(jqm_page_header("home", _("ASM", l), logoutlink, False)) items = [] if configuration.smdb_locked(dbo): items.append( jqm_listitem( _("This database is locked and in read-only mode. You cannot add, change or delete records.", l) ) ) if len(mess) > 0: items.append(jqm_listitem_link("#messages", _("Messages", l), "message", len(mess))) if len(ar) > 0 and users.check_permission_bool(session, users.VIEW_REPORT): items.append(jqm_listitem_link("#reports", _("Generate Report", l), "report")) items.append(jqm_list_divider(_("Animal", l))) if osa and users.check_permission_bool(session, users.VIEW_ANIMAL): items.append(jqm_listitem_link("mobile_post?posttype=vsa", _("View Shelter Animals", l), "animal", nsa)) if len(vacc) > 0 and users.check_permission_bool(session, users.CHANGE_VACCINATION): items.append(jqm_listitem_link("#vacc", _("Vaccinate Animal", l), "vaccination", len(vacc))) if len(test) > 0 and users.check_permission_bool(session, users.CHANGE_TEST): items.append(jqm_listitem_link("#test", _("Test Animal", l), "test", len(test))) if len(med) > 0 and users.check_permission_bool(session, users.CHANGE_MEDICAL): items.append(jqm_listitem_link("#med", _("Medicate Animal", l), "medical", len(med))) if osa and users.check_permission_bool(session, users.ADD_LOG): items.append(jqm_listitem_link("#log", _("Add Log to Animal", l), "log", -1, "dialog")) items.append(jqm_list_divider(_("Diary", l))) items.append(jqm_listitem_link("#diaryadd", _("New Task", l), "diary")) if len(dia) > 0 and users.check_permission_bool(session, users.EDIT_MY_DIARY_NOTES): items.append(jqm_listitem_link("#diary", _("Complete Tasks", l), "diary", len(dia))) items.append(jqm_list_divider(_("Person", l))) if len(hck) > 0 and users.check_permission_bool(session, users.CHANGE_PERSON): items.append(jqm_listitem_link("#homecheck", _("Perform Homecheck", l), "person", -1, "dialog")) h.append(jqm_list("\n".join(items))) h.append(jqm_page_footer()) h += page_messages(l, homelink, mess) h += page_message_add(l, homelink, dbo) h += page_reports(l, homelink, ar) h += page_vaccinations(l, homelink, vacc) h += page_tests(l, homelink, test, testresults) h += page_medication(l, homelink, med) h += page_log_add(l, homelink, dbo) h += page_diary_add(l, homelink, dbo) h += page_diary(l, homelink, dia) h += page_homecheck(l, homelink, dbo) h.append("</body></html>") return "\n".join(h)
def web_login(post, session, remoteip, path): """ Performs a login and sets up the user's session. Returns the username on successful login, or: FAIL - problem with user/pass/account/ip DISABLED - The database is disabled WRONGSERVER - The database is not on this server """ dbo = db.DatabaseInfo() database = post["database"] username = post["username"] password = post["password"] mobileapp = post["mobile"] == "true" nologconnection = post["nologconnection"] if len(username) > 100: username = username[0:100] # Do we have multiple databases? if MULTIPLE_DATABASES: if MULTIPLE_DATABASES_TYPE == "smcom": # Is this sheltermanager.com? If so, we need to get the # database connection info (dbo) before we can login. # If a database hasn't been supplied, let's bail out now # since we can't do anything if str(database).strip() == "": return "FAIL" else: dbo = smcom.get_database_info(database) # Bail out if there was a problem with the database if dbo.database in ("FAIL", "DISABLED", "WRONGSERVER"): return dbo.database else: # Look up the database info from our map dbo = db.get_multiple_database_info(database) if dbo.database == "FAIL": return dbo.database # Connect to the database and authenticate the username and password user = authenticate(dbo, username, password) if user is not None and not authenticate_ip(user, remoteip): al.error("user %s with ip %s failed ip restriction check '%s'" % (username, remoteip, user["IPRESTRICTION"]), "users.web_login", dbo) return "FAIL" if user is not None: al.info("%s successfully authenticated from %s" % (username, remoteip), "users.web_login", dbo) try: dbo.locked = configuration.smdb_locked(dbo) dbo.timezone = configuration.timezone(dbo) dbo.installpath = path session.locale = configuration.locale(dbo) dbo.locale = session.locale session.dbo = dbo session.user = user["USERNAME"] session.superuser = user["SUPERUSER"] session.passchange = (password == "password") session.mobileapp = mobileapp update_session(session) except: al.error("failed setting up session: %s" % str(sys.exc_info()[0]), "users.web_login", dbo, sys.exc_info()) return "FAIL" try: session.securitymap = get_security_map(dbo, user["USERNAME"]) except: # This is a pre-3002 login where the securitymap is with # the user (the error occurs because there's no role table) al.debug("role table does not exist, using securitymap from user", "users.web_login", dbo) session.securitymap = user["SECURITYMAP"] try: ur = get_users(dbo, user["USERNAME"])[0] session.roles = ur["ROLES"] session.roleids = ur["ROLEIDS"] session.siteid = utils.cint(user["SITEID"]) session.locationfilter = utils.nulltostr(user["LOCATIONFILTER"]) except: # Users coming from v2 won't have the # IPRestriction or EmailAddress fields necessary for get_users - we can't # help them right now so just give them an empty set of # roles and locationfilter until they login again after the db update session.roles = "" session.roleids = "" session.locationfilter = "" session.siteid = 0 try: # If it's a sheltermanager.com database, try and update the # last time the user connected to today if smcom.active() and database != "" and nologconnection == "": smcom.set_last_connected(dbo) except: pass try: # Mark the user logged in audit.login(dbo, username) # Check to see if any updates need performing on this database if dbupdate.check_for_updates(dbo): dbupdate.perform_updates(dbo) # We did some updates, better reload just in case config/reports/etc changed update_session(session) # Check to see if our views and sequences are out of date and need reloading if dbupdate.check_for_view_seq_changes(dbo): dbupdate.install_db_views(dbo) dbupdate.install_db_sequences(dbo) except: al.error("failed updating database: %s" % str(sys.exc_info()[0]), "users.web_login", dbo, sys.exc_info()) try: al.info("%s logged in" % user["USERNAME"], "users.login", dbo) update_user_activity(dbo, user["USERNAME"]) except: al.error("failed updating user activity: %s" % str(sys.exc_info()[0]), "users.web_login", dbo, sys.exc_info()) return "FAIL" else: al.error("database:%s username:%s password:%s failed authentication from %s" % (database, username, password, remoteip), "users.web_login", dbo) return "FAIL" return user["USERNAME"]