def update_permission(group, user, perm, value):
pathname = get_pathname(group)
if not get_access(pathname).get("admin"):
raise frappe.PermissionError
permission = frappe.get_doc("Website Route Permission", {
"website_route": pathname,
"user": user
})
permission.set(perm, int(value))
permission.save(ignore_permissions=True)
# send email
if perm == "admin" and int(value):
group_title = frappe.db.get_value("Website Route", pathname,
"page_title")
subject = "You have been made Administrator of Group " + group_title
send(recipients=[user],
subject=subject,
add_unsubscribe_link=False,
message="""<h3>Group Notification<h3>\
<p>%s</p>\
<p style="color: #888">This is just for your information.</p>""" % subject)
def update_description(group, description):
if not get_access(get_pathname(group)).get("admin"):
raise frappe.PermissionError
group = frappe.get_doc("Website Group", group)
group.group_description = description
group.save(ignore_permissions=True)
def add_post(group,
content,
picture,
picture_name,
title=None,
parent_post=None,
assigned_to=None,
status=None,
event_datetime=None):
access = get_access(get_pathname(group))
if not access.get("write"):
raise frappe.PermissionError
if parent_post:
if frappe.db.get_value("Post", parent_post, "parent_post"):
frappe.throw(_("Cannot reply to a reply"))
group = frappe.get_doc("Website Group", group)
post = frappe.get_doc({
"doctype": "Post",
"title": (title or "").title(),
"content": content,
"website_group": group.name,
"parent_post": parent_post or None
})
if not parent_post:
if group.group_type == "Tasks":
post.is_task = 1
post.assigned_to = assigned_to
elif group.group_type == "Events":
post.is_event = 1
post.event_datetime = event_datetime
post.ignore_permissions = True
post.insert()
if picture_name and picture:
process_picture(post, picture_name, picture)
# send email
if parent_post:
post.run_method("send_email_on_reply")
return post.parent_post or post.name
def add_website_group(group,
new_group,
public_read,
public_write,
group_type="Forum"):
if not get_access(get_pathname(group)).get("admin"):
raise frappe.PermissionError
parent_website_route = frappe.db.get_value("Website Route", {
"ref_doctype": "Website Group",
"docname": group
})
frappe.get_doc({
"doctype": "Website Group",
"group_name": group + "-" + new_group,
"group_title": new_group,
"parent_website_route": parent_website_route,
"group_type": group_type,
"public_read": int(public_read),
"public_write": int(public_write)
}).insert(ignore_permissions=True)
def save_post(post,
content,
picture=None,
picture_name=None,
title=None,
assigned_to=None,
status=None,
event_datetime=None):
post = frappe.get_doc("Post", post)
access = get_access(get_pathname(post.website_group))
if not access.get("write"):
raise frappe.PermissionError
# TODO improve error message
if frappe.session.user != post.owner:
for fieldname in ("title", "content"):
if post.get(fieldname) != locals().get(fieldname):
frappe.throw(_("Cannot change {0}").format(fieldname))
if picture and picture_name:
frappe.throw(_("Cannot change picture"))
post.update({
"title": (title or "").title(),
"content": content,
"assigned_to": assigned_to,
"status": status,
"event_datetime": event_datetime
})
post.ignore_permissions = True
post.save()
if picture_name and picture:
process_picture(post, picture_name, picture)
return post.parent_post or post.name
def add_sitemap_permission(group, user):
pathname = get_pathname(group)
if not get_access(pathname).get("admin"):
raise frappe.PermissionError
permission = frappe.get_doc({
"doctype": "Website Route Permission",
"website_route": pathname,
"user": user,
"read": 1
})
permission.insert(ignore_permissions=True)
user = permission.as_dict()
user.update(
frappe.db.get_value(
"User",
user.user,
["name", "first_name", "last_name", "user_image", "location"],
as_dict=True))
return frappe.get_template(
"templates/includes/sitemap_permission.html").render({"user": user})
def suggest_user(term, group):
pathname = get_pathname(group)
if not get_access(pathname).get("admin"):
raise frappe.PermissionError
users = frappe.db.sql("""select pr.name, pr.first_name, pr.last_name,
pr.user_image, pr.location
from `tabUser` pr
where (pr.first_name like %(term)s or pr.last_name like %(term)s)
and pr.user_type = "Website User"
and pr.user_image is not null and pr.enabled=1
and not exists(select wsp.name from `tabWebsite Route Permission` wsp
where wsp.website_route=%(group)s and wsp.user=pr.name)""", {
"term": "%{}%".format(term),
"group": pathname
},
as_dict=True)
template = frappe.get_template("templates/includes/user_display.html")
return [{
"value": "{} {}".format(pr.first_name or "", pr.last_name or ""),
"user_html": template.render({"user": pr}),
"user": pr.name
} for pr in users]