Example #1
0
    def metadata(self, req, form):
        """ Display Metadata file upload form """
        argd = wash_urlargd(
            form, {
                'filetype': (str, ""),
                'mode': (str, ""),
                'submit_date': (str, "yyyy-mm-dd"),
                'submit_time': (str, "hh:mm:ss"),
                'email_logs_to': (str, None)
            })
        _ = gettext_set_language(argd['ln'])

        not_authorized = user_authorization(req, argd['ln'])
        if not_authorized:
            return not_authorized
        uid = getUid(req)
        if argd['email_logs_to'] is None:
            argd['email_logs_to'] = get_email(uid)
        body = batchuploader_templates.tmpl_display_menu(argd['ln'],
                                                         ref="metadata")
        body += batchuploader_templates.tmpl_display_web_metaupload_form(
            argd['ln'], argd['filetype'], argd['mode'], argd['submit_date'],
            argd['submit_time'], argd['email_logs_to'])

        title = _("Metadata batch upload")
        return page(title=title,
                    body=body,
                    metaheaderadd=batchuploader_templates.tmpl_styles(),
                    uid=uid,
                    lastupdated=__lastupdated__,
                    req=req,
                    language=argd['ln'],
                    navmenuid="batchuploader")
def index(req,
          c=CFG_SITE_NAME,
          ln=CFG_SITE_LANG,
          order="",
          doctype="",
          deletedId="",
          deletedAction="",
          deletedDoctype=""):
    global uid
    ln = wash_language(ln)

    # load the right message language
    _ = gettext_set_language(ln)

    t = ""
    # get user ID:
    try:
        uid = getUid(req)
        if uid == -1 or CFG_ACCESS_CONTROL_LEVEL_SITE >= 1:
            return page_not_authorized(req,
                                       "../yoursubmissions.py/index",
                                       navmenuid='yoursubmissions')
        u_email = get_email(uid)
    except Error, e:
        return errorMsg(str(e), req, ln=ln)
    def metadata(self, req, form):
        """ Display Metadata file upload form """
        argd = wash_urlargd(form, { 'filetype': (str, ""),
                                    'mode': (str, ""),
                                    'submit_date': (str, "yyyy-mm-dd"),
                                    'submit_time': (str, "hh:mm:ss"),
                                    'email_logs_to': (str, None)})
        _ = gettext_set_language(argd['ln'])

        not_authorized = user_authorization(req, argd['ln'])
        if not_authorized:
            return not_authorized
        uid = getUid(req)
        if argd['email_logs_to'] is None:
            argd['email_logs_to'] = get_email(uid)
        body = batchuploader_templates.tmpl_display_menu(argd['ln'], ref="metadata")
        body += batchuploader_templates.tmpl_display_web_metaupload_form(argd['ln'],
                argd['filetype'], argd['mode'], argd['submit_date'],
                argd['submit_time'], argd['email_logs_to'])

        title = _("Metadata batch upload")
        return page(title = title,
                    body = body,
                    metaheaderadd = batchuploader_templates.tmpl_styles(),
                    uid = uid,
                    lastupdated = __lastupdated__,
                    req = req,
                    language = argd['ln'],
                    navmenuid = "batchuploader")
Example #4
0
def get_new_ticket_RT_info(uid, recId):
    response = {}
    response['resultCode'] = 0
    if BIBCATALOG_SYSTEM is None:
        response['description'] = "<!--No ticket system configured-->"
    elif BIBCATALOG_SYSTEM and uid:
        bibcat_resp = BIBCATALOG_SYSTEM.check_system(uid)
        if bibcat_resp == "":
            # add available owners
            users = []
            users_list = list_registered_users()
            for user_tuple in users_list:
                try:
                    user = {'username': get_user_preferences(user_tuple[0])['bibcatalog_username'],
                        'id': user_tuple[0]}
                except KeyError:
                    continue
                users.append(user)
            response['users'] = users
            # add available queues
            response['queues'] = BIBCATALOG_SYSTEM.get_queues(uid)
            # add user email
            response['email'] = get_email(uid)
            # TODO try catch
            response['ticketTemplates'] = load_ticket_templates(recId)
            response['resultCode'] = 1
        else:
            # put something in the tickets container, for debug
            response['description'] = "Error connecting to RT<!--" + bibcat_resp + "-->"
    return response
Example #5
0
def index(req, c=CFG_SITE_NAME, ln=CFG_SITE_LANG, order="", doctype="", deletedId="", deletedAction="", deletedDoctype=""):
    ln = wash_language(ln)

    # load the right message language
    _ = gettext_set_language(ln)

    t=""
    # get user ID:
    try:
        uid = getUid(req)
        if uid == -1 or CFG_ACCESS_CONTROL_LEVEL_SITE >= 1:
            return page_not_authorized(req, "../yourapprovals.py/index",
                                       navmenuid='yourapprovals')
        u_email = get_email(uid)
    except Error, e:
        return errorMsg(str(e), req, ln = ln)
Example #6
0
def index(req,c=CFG_SITE_NAME,ln=CFG_SITE_LANG,order="",doctype="",deletedId="",deletedAction="",deletedDoctype=""):
    global uid
    ln = wash_language(ln)

    # load the right message language
    _ = gettext_set_language(ln)

    t=""
    # get user ID:
    try:
        uid = getUid(req)
        (auth_code, auth_message) = acc_authorize_action(uid, 'submit')
        if auth_code > 0 or CFG_ACCESS_CONTROL_LEVEL_SITE >= 1:
            return page_not_authorized(req, "../yoursubmissions.py/index",
                                       navmenuid='yoursubmissions',
                                       text=auth_message)
        u_email = get_email(uid)
    except Error, e:
        return errorMsg(str(e), req, ln=ln)
    def metadata(self, req, form):
        """ Display Metadata file upload form """
        argd = wash_urlargd(
            form,
            {
                "error": (int, 0),
                "filetype": (str, ""),
                "mode": (str, ""),
                "submit_date": (str, "yyyy-mm-dd"),
                "submit_time": (str, "hh:mm:ss"),
                "email_logs_to": (str, None),
            },
        )
        _ = gettext_set_language(argd["ln"])

        not_authorized = user_authorization(req, argd["ln"])
        if not_authorized:
            return not_authorized
        uid = getUid(req)
        if argd["email_logs_to"] is None:
            argd["email_logs_to"] = get_email(uid)
        body = batchuploader_templates.tmpl_display_menu(argd["ln"], ref="metadata")
        body += batchuploader_templates.tmpl_display_web_metaupload_form(
            argd["ln"],
            argd["error"],
            argd["filetype"],
            argd["mode"],
            argd["submit_date"],
            argd["submit_time"],
            argd["email_logs_to"],
        )

        title = _("Metadata batch upload")
        return page(
            title=title,
            body=body,
            metaheaderadd=batchuploader_templates.tmpl_styles(),
            uid=uid,
            lastupdated=__lastupdated__,
            req=req,
            language=argd["ln"],
            navmenuid="batchuploader",
        )
Example #8
0
def record_locked_by_user_details(recid, uid):
    """ Get the details about the user that has locked a record and the
    time the record has been locked.
    @return: user details and time when record was locked
    @rtype: tuple
    """
    active_uids = uids_with_active_caches(recid)
    try:
        active_uids.remove(uid)
    except ValueError:
        pass

    record_blocked_by_nickname = record_blocked_by_email = locked_since = ""

    if active_uids:
        record_blocked_by_uid = active_uids[0]
        record_blocked_by_nickname = get_user_info(record_blocked_by_uid)[1]
        record_blocked_by_email = get_email(record_blocked_by_uid)
        locked_since = get_record_locked_since(recid, record_blocked_by_uid)

    return record_blocked_by_nickname, record_blocked_by_email, locked_since
Example #9
0
def record_locked_by_user_details(recid, uid):
    """ Get the details about the user that has locked a record and the
    time the record has been locked.
    @return: user details and time when record was locked
    @rtype: tuple
    """
    active_uids = _uids_with_active_caches(recid)
    try:
        active_uids.remove(uid)
    except ValueError:
        pass

    record_blocked_by_nickname = record_blocked_by_email = locked_since = ""

    if active_uids:
        record_blocked_by_uid = active_uids[0]
        record_blocked_by_nickname = get_user_info(record_blocked_by_uid)[1]
        record_blocked_by_email = get_email(record_blocked_by_uid)
        locked_since = get_record_locked_since(recid, record_blocked_by_uid)

    return record_blocked_by_nickname, record_blocked_by_email, locked_since
    def documents(self, req, form):
        """ Display document upload form """
        argd = wash_urlargd(form, {
                                    })
        _ = gettext_set_language(argd['ln'])

        not_authorized = user_authorization(req, argd['ln'])
        if not_authorized:
            return not_authorized
        uid = getUid(req)
        email_logs_to = get_email(uid)
        body = batchuploader_templates.tmpl_display_menu(argd['ln'], ref="documents")
        body += batchuploader_templates.tmpl_display_web_docupload_form(argd['ln'], email_logs_to=email_logs_to)

        title = _("Document batch upload")
        return page(title = title,
                    body = body,
                    metaheaderadd = batchuploader_templates.tmpl_styles(),
                    uid = uid,
                    lastupdated = __lastupdated__,
                    req = req,
                    language = argd['ln'],
                    navmenuid = "batchuploader")
    def documents(self, req, form):
        """ Display document upload form """
        argd = wash_urlargd(form, {
                                    })
        _ = gettext_set_language(argd['ln'])

        not_authorized = user_authorization(req, argd['ln'])
        if not_authorized:
            return not_authorized
        uid = getUid(req)
        email_logs_to = get_email(uid)
        body = batchuploader_templates.tmpl_display_menu(argd['ln'], ref="documents")
        body += batchuploader_templates.tmpl_display_web_docupload_form(argd['ln'], email_logs_to=email_logs_to)

        title = _("Document batch upload")
        return page(title = title,
                    body = body,
                    metaheaderadd = batchuploader_templates.tmpl_styles(),
                    uid = uid,
                    lastupdated = __lastupdated__,
                    req = req,
                    language = argd['ln'],
                    navmenuid = "batchuploader")
Example #12
0
def get_new_ticket_RT_info(uid, recId):
    response = {}
    response['resultCode'] = 0
    if BIBCATALOG_SYSTEM is None:
        response['description'] = "<!--No ticket system configured-->"
    elif BIBCATALOG_SYSTEM and uid:
        bibcat_resp = BIBCATALOG_SYSTEM.check_system(uid)
        if bibcat_resp == "":
            # add available owners
            users = []
            users_list = list_registered_users()
            for user_tuple in users_list:
                try:
                    user = {
                        'username':
                        get_user_preferences(
                            user_tuple[0])['bibcatalog_username'],
                        'id':
                        user_tuple[0]
                    }
                except KeyError:
                    continue
                users.append(user)
            response['users'] = users
            # add available queues
            response['queues'] = BIBCATALOG_SYSTEM.get_queues(uid)
            # add user email
            response['email'] = get_email(uid)
            # TODO try catch
            response['ticketTemplates'] = load_ticket_templates(recId)
            response['resultCode'] = 1
        else:
            # put something in the tickets container, for debug
            response[
                'description'] = "Error connecting to RT<!--" + bibcat_resp + "-->"
    return response
def email_notify(alert, records, argstr):
    """Send the notification e-mail for a specific alert."""

    if len(records[0]) == 0:
        total_n_external_records = 0
        for external_collection_results in records[1][0]:
            total_n_external_records += len(external_collection_results[1][0])
        if total_n_external_records == 0:
            return

    msg = ""

    if CFG_WEBALERT_DEBUG_LEVEL > 0:
        msg = "*** THIS MESSAGE WAS SENT IN DEBUG MODE ***\n\n"

    url = CFG_SITE_URL + "/search?" + argstr

    # Extract the pattern, the collection list, the current collection
    # and the sc (split collection) from the formatted query
    query = parse_qs(argstr)
    pattern = query.get('p', [''])[0]
    collection_list = query.get('c', [])
    current_collection = query.get('cc', [''])
    sc = query.get('sc', ['1'])
    collections = calculate_desired_collection_list(collection_list, current_collection, int(sc[0]))

    frequency = alert[3]

    msg += webalert_templates.tmpl_alert_email_body(
        alert[5], url, records, pattern, collections, frequency, alert_use_basket_p(alert))

    email = get_email(alert[0])

    if email == 'guest':
        print "********************************************************************************"
        print "The following alert was not send, because cannot detect user email address:"
        print "   " + repr(argstr)
        print "********************************************************************************"
        return

    if CFG_WEBALERT_DEBUG_LEVEL > 0:
        print "********************************************************************************"
        print msg
        print "********************************************************************************"

    if CFG_WEBALERT_DEBUG_LEVEL < 2:
        send_email(fromaddr=webalert_templates.tmpl_alert_email_from(),
                   toaddr=email,
                   subject=webalert_templates.tmpl_alert_email_title(alert[5]),
                   content=msg,
                   header='',
                   footer='',
                   attempt_times=CFG_WEBALERT_SEND_EMAIL_NUMBER_OF_TRIES,
                   attempt_sleeptime=CFG_WEBALERT_SEND_EMAIL_SLEEPTIME_BETWEEN_TRIES)
    if CFG_WEBALERT_DEBUG_LEVEL == 4:
        send_email(fromaddr=webalert_templates.tmpl_alert_email_from(),
                   toaddr=CFG_SITE_SUPPORT_EMAIL,
                   subject=webalert_templates.tmpl_alert_email_title(alert[5]),
                   content=msg,
                   header='',
                   footer='',
                   attempt_times=CFG_WEBALERT_SEND_EMAIL_NUMBER_OF_TRIES,
                   attempt_sleeptime=CFG_WEBALERT_SEND_EMAIL_SLEEPTIME_BETWEEN_TRIES)
Example #14
0
def authenticate(user, authorization_action, authorization_msg=""):
    """Authenticate the user against the user database.
    Check for its password, if it exists.
    Check for authorization_action access rights.
    Return user name upon authorization success,
    do system exit upon authorization failure.
    """
    # With SSO it's impossible to check for pwd
    if CFG_EXTERNAL_AUTH_USING_SSO or os.path.basename(
            sys.argv[0]) in CFG_VALID_PROCESSES_NO_AUTH_NEEDED:
        return user
    if authorization_msg:
        print authorization_msg
        print "=" * len(authorization_msg)
    if user == "":
        print >> sys.stdout, "\rUsername: "******"\n")
            sys.exit(1)
        except KeyboardInterrupt:
            sys.stderr.write("\n")
            sys.exit(1)
    else:
        print >> sys.stdout, "\rUsername:"******"select id from user where email=%s", (user,), 1) + \
        run_sql("select id from user where nickname=%s", (user,), 1)
    if not res:
        print "Sorry, %s does not exist." % user
        sys.exit(1)
    else:
        uid = res[0][0]
        ok = False
        login_method = get_user_preferences(uid)['login_method']
        if not CFG_EXTERNAL_AUTHENTICATION[login_method]:
            #Local authentication, let's see if we want passwords.
            res = run_sql(
                "select id from user where id=%s "
                "and password=AES_ENCRYPT(email,'')", (uid, ), 1)
            if res:
                ok = True
        if not ok:
            try:
                password_entered = getpass.getpass()
            except EOFError:
                sys.stderr.write("\n")
                sys.exit(1)
            except KeyboardInterrupt:
                sys.stderr.write("\n")
                sys.exit(1)
            if not CFG_EXTERNAL_AUTHENTICATION[login_method]:
                res = run_sql(
                    "select id from user where id=%s "
                    "and password=AES_ENCRYPT(email, %s)",
                    (uid, password_entered), 1)
                if res:
                    ok = True
            else:
                if CFG_EXTERNAL_AUTHENTICATION[login_method].auth_user(
                        get_email(uid), password_entered):
                    ok = True
        if not ok:
            print "Sorry, wrong credentials for %s." % user
            sys.exit(1)
        else:
            ## secondly check authorization for the authorization_action:
            (auth_code,
             auth_message) = acc_authorize_action(uid, authorization_action)
            if auth_code != 0:
                print auth_message
                sys.exit(1)
            return user
Example #15
0
def email_notify(alert, records, argstr):
    """Send the notification e-mail for a specific alert."""
    if CFG_WEBALERT_DEBUG_LEVEL > 2:
        print "+" * 80 + '\n'
    uid = alert[0]
    user_info = collect_user_info(uid)
    frequency = alert[3]
    alert_name = alert[5]
    alert_description = alert[7]
    alert_recipient_email = alert[8] # set only by admin. Bypasses access-right checks.
    filtered_out_recids = [] # only set in debug mode

    if not alert_recipient_email:
        # Filter out records that user (who setup the alert) should
        # not see. This does not apply to external records (hosted
        # collections).
        filtered_records = ([], records[1])
        for recid in records[0]:
            (auth_code, auth_msg) = check_user_can_view_record(user_info, recid)
            if auth_code == 0:
                filtered_records[0].append(recid)
            elif CFG_WEBALERT_DEBUG_LEVEL > 2:
                # only keep track of this in DEBUG mode
                filtered_out_recids.append(recid)
    else:
        # If admin has decided to send to some mailing-list, we cannot
        # verify that recipients have access to the records. So keep
        # all of them.
        filtered_records = records

    if len(filtered_records[0]) == 0:
        total_n_external_records = 0
        for external_collection_results in filtered_records[1][0]:
            total_n_external_records += len(external_collection_results[1][0])
        if total_n_external_records == 0:
            return

    msg = ""

    if CFG_WEBALERT_DEBUG_LEVEL > 2 and filtered_out_recids:
        print "-> these records have been filtered out, as user id %s did not have access:\n%s" % \
              (uid, repr(filtered_out_recids))

    if CFG_WEBALERT_DEBUG_LEVEL > 0:
        msg = "*** THIS MESSAGE WAS SENT IN DEBUG MODE ***\n\n"

    url = CFG_SITE_URL + "/search?" + argstr

    # Extract the pattern, the collection list, the current collection
    # and the sc (split collection) from the formatted query
    query = parse_qs(argstr)
    pattern = query.get('p', [''])[0]
    collection_list = query.get('c', [])
    current_collection = query.get('cc', [''])
    sc = query.get('sc', ['1'])
    collections = calculate_desired_collection_list(collection_list, current_collection, int(sc[0]))

    msg += webalert_templates.tmpl_alert_email_body(alert_name,
                                                    alert_description,
                                                    url,
                                                    filtered_records,
                                                    pattern,
                                                    collections,
                                                    frequency,
                                                    alert_use_basket_p(alert))

    email = alert_recipient_email or get_email(uid)

    if email == 'guest':
        print "********************************************************************************"
        print "The following alert was not send, because cannot detect user email address:"
        print "   " + repr(argstr)
        print "********************************************************************************"
        return

    if CFG_WEBALERT_DEBUG_LEVEL > 0:
        print "********************************************************************************"
        print msg
        print "********************************************************************************"

    if CFG_WEBALERT_DEBUG_LEVEL < 2:
        send_email(fromaddr=webalert_templates.tmpl_alert_email_from(),
                   toaddr=email,
                   subject=webalert_templates.tmpl_alert_email_title(alert_name),
                   content=msg,
                   header='',
                   footer='',
                   attempt_times=CFG_WEBALERT_SEND_EMAIL_NUMBER_OF_TRIES,
                   attempt_sleeptime=CFG_WEBALERT_SEND_EMAIL_SLEEPTIME_BETWEEN_TRIES)
    if CFG_WEBALERT_DEBUG_LEVEL == 4:
        send_email(fromaddr=webalert_templates.tmpl_alert_email_from(),
                   toaddr=CFG_SITE_ADMIN_EMAIL,
                   subject=webalert_templates.tmpl_alert_email_title(alert_name),
                   content=msg,
                   header='',
                   footer='',
                   attempt_times=CFG_WEBALERT_SEND_EMAIL_NUMBER_OF_TRIES,
                   attempt_sleeptime=CFG_WEBALERT_SEND_EMAIL_SLEEPTIME_BETWEEN_TRIES)
Example #16
0
def email_notify(alert, records, argstr):
    """Send the notification e-mail for a specific alert."""
    if CFG_WEBALERT_DEBUG_LEVEL > 2:
        print "+" * 80 + '\n'
    uid = alert[0]
    user_info = collect_user_info(uid)
    frequency = alert[3]
    alert_name = alert[5]
    alert_description = alert[7]
    alert_recipient_email = alert[
        8]  # set only by admin. Bypasses access-right checks.
    filtered_out_recids = []  # only set in debug mode

    if not alert_recipient_email:
        # Filter out records that user (who setup the alert) should
        # not see. This does not apply to external records (hosted
        # collections).
        filtered_records = ([], records[1])
        for recid in records[0]:
            (auth_code,
             auth_msg) = check_user_can_view_record(user_info, recid)
            if auth_code == 0:
                filtered_records[0].append(recid)
            elif CFG_WEBALERT_DEBUG_LEVEL > 2:
                # only keep track of this in DEBUG mode
                filtered_out_recids.append(recid)
    else:
        # If admin has decided to send to some mailing-list, we cannot
        # verify that recipients have access to the records. So keep
        # all of them.
        filtered_records = records

    if len(filtered_records[0]) == 0:
        total_n_external_records = 0
        for external_collection_results in filtered_records[1][0]:
            total_n_external_records += len(external_collection_results[1][0])
        if total_n_external_records == 0:
            return

    msg = ""

    if CFG_WEBALERT_DEBUG_LEVEL > 2 and filtered_out_recids:
        print "-> these records have been filtered out, as user id %s did not have access:\n%s" % \
              (uid, repr(filtered_out_recids))

    if CFG_WEBALERT_DEBUG_LEVEL > 0:
        msg = "*** THIS MESSAGE WAS SENT IN DEBUG MODE ***\n\n"

    url = CFG_SITE_URL + "/search?" + argstr

    # Extract the pattern, the collection list, the current collection
    # and the sc (split collection) from the formatted query
    query = parse_qs(argstr)
    pattern = query.get('p', [''])[0]
    collection_list = query.get('c', [])
    current_collection = query.get('cc', [''])
    sc = query.get('sc', ['1'])
    collections = calculate_desired_collection_list(collection_list,
                                                    current_collection,
                                                    int(sc[0]))

    msg += webalert_templates.tmpl_alert_email_body(alert_name,
                                                    alert_description, url,
                                                    filtered_records, pattern,
                                                    collections, frequency,
                                                    alert_use_basket_p(alert))

    email = alert_recipient_email or get_email(uid)

    if email == 'guest':
        print "********************************************************************************"
        print "The following alert was not send, because cannot detect user email address:"
        print "   " + repr(argstr)
        print "********************************************************************************"
        return

    if CFG_WEBALERT_DEBUG_LEVEL > 0:
        print "********************************************************************************"
        print msg
        print "********************************************************************************"

    if CFG_WEBALERT_DEBUG_LEVEL < 2:
        send_email(
            fromaddr=webalert_templates.tmpl_alert_email_from(),
            toaddr=email,
            subject=webalert_templates.tmpl_alert_email_title(alert_name),
            content=msg,
            header='',
            footer='',
            attempt_times=CFG_WEBALERT_SEND_EMAIL_NUMBER_OF_TRIES,
            attempt_sleeptime=CFG_WEBALERT_SEND_EMAIL_SLEEPTIME_BETWEEN_TRIES)
    if CFG_WEBALERT_DEBUG_LEVEL == 4:
        send_email(
            fromaddr=webalert_templates.tmpl_alert_email_from(),
            toaddr=CFG_SITE_ADMIN_EMAIL,
            subject=webalert_templates.tmpl_alert_email_title(alert_name),
            content=msg,
            header='',
            footer='',
            attempt_times=CFG_WEBALERT_SEND_EMAIL_NUMBER_OF_TRIES,
            attempt_sleeptime=CFG_WEBALERT_SEND_EMAIL_SLEEPTIME_BETWEEN_TRIES)
Example #17
0
def email_notify(alert, records, argstr):
    """Send the notification e-mail for a specific alert."""

    if len(records[0]) == 0:
        total_n_external_records = 0
        for external_collection_results in records[1][0]:
            total_n_external_records += len(external_collection_results[1][0])
        if total_n_external_records == 0:
            return

    msg = ""

    if CFG_WEBALERT_DEBUG_LEVEL > 0:
        msg = "*** THIS MESSAGE WAS SENT IN DEBUG MODE ***\n\n"

    url = CFG_SITE_URL + "/search?" + argstr

    # Extract the pattern, the collection list, the current collection
    # and the sc (split collection) from the formatted query
    query = parse_qs(argstr)
    pattern = query.get('p', [''])[0]
    collection_list = query.get('c', [])
    current_collection = query.get('cc', [''])
    sc = query.get('sc', ['1'])
    collections = calculate_desired_collection_list(collection_list,
                                                    current_collection,
                                                    int(sc[0]))

    frequency = alert[3]

    msg += webalert_templates.tmpl_alert_email_body(alert[5], url, records,
                                                    pattern, collections,
                                                    frequency,
                                                    alert_use_basket_p(alert))

    email = get_email(alert[0])

    if email == 'guest':
        print "********************************************************************************"
        print "The following alert was not send, because cannot detect user email address:"
        print "   " + repr(argstr)
        print "********************************************************************************"
        return

    if CFG_WEBALERT_DEBUG_LEVEL > 0:
        print "********************************************************************************"
        print msg
        print "********************************************************************************"

    if CFG_WEBALERT_DEBUG_LEVEL < 2:
        send_email(
            fromaddr=webalert_templates.tmpl_alert_email_from(),
            toaddr=email,
            subject=webalert_templates.tmpl_alert_email_title(alert[5]),
            content=msg,
            header='',
            footer='',
            attempt_times=CFG_WEBALERT_SEND_EMAIL_NUMBER_OF_TRIES,
            attempt_sleeptime=CFG_WEBALERT_SEND_EMAIL_SLEEPTIME_BETWEEN_TRIES)
    if CFG_WEBALERT_DEBUG_LEVEL == 4:
        send_email(
            fromaddr=webalert_templates.tmpl_alert_email_from(),
            toaddr=CFG_SITE_SUPPORT_EMAIL,
            subject=webalert_templates.tmpl_alert_email_title(alert[5]),
            content=msg,
            header='',
            footer='',
            attempt_times=CFG_WEBALERT_SEND_EMAIL_NUMBER_OF_TRIES,
            attempt_sleeptime=CFG_WEBALERT_SEND_EMAIL_SLEEPTIME_BETWEEN_TRIES)
Example #18
0
def authenticate(user, authorization_action, authorization_msg=""):
    """Authenticate the user against the user database.
    Check for its password, if it exists.
    Check for authorization_action access rights.
    Return user name upon authorization success,
    do system exit upon authorization failure.
    """
    # With SSO it's impossible to check for pwd
    if CFG_EXTERNAL_AUTH_USING_SSO or os.path.basename(sys.argv[0]) in CFG_VALID_PROCESSES_NO_AUTH_NEEDED:
        return user
    if authorization_msg:
        print authorization_msg
        print "=" * len(authorization_msg)
    if user == "":
        print >> sys.stdout, "\rUsername: "******"\n")
            sys.exit(1)
        except KeyboardInterrupt:
            sys.stderr.write("\n")
            sys.exit(1)
    else:
        print >> sys.stdout, "\rUsername:"******"select id from user where email=%s", (user,), 1) + run_sql(
        "select id from user where nickname=%s", (user,), 1
    )
    if not res:
        print "Sorry, %s does not exist." % user
        sys.exit(1)
    else:
        uid = res[0][0]
        ok = False
        login_method = get_user_preferences(uid)["login_method"]
        if not CFG_EXTERNAL_AUTHENTICATION[login_method]:
            # Local authentication, let's see if we want passwords.
            res = run_sql("select id from user where id=%s " "and password=AES_ENCRYPT(email,'')", (uid,), 1)
            if res:
                ok = True
        if not ok:
            try:
                password_entered = getpass.getpass()
            except EOFError:
                sys.stderr.write("\n")
                sys.exit(1)
            except KeyboardInterrupt:
                sys.stderr.write("\n")
                sys.exit(1)
            if not CFG_EXTERNAL_AUTHENTICATION[login_method]:
                res = run_sql(
                    "select id from user where id=%s " "and password=AES_ENCRYPT(email, %s)", (uid, password_entered), 1
                )
                if res:
                    ok = True
            else:
                if CFG_EXTERNAL_AUTHENTICATION[login_method].auth_user(get_email(uid), password_entered):
                    ok = True
        if not ok:
            print "Sorry, wrong credentials for %s." % user
            sys.exit(1)
        else:
            ## secondly check authorization for the authorization_action:
            (auth_code, auth_message) = acc_authorize_action(uid, authorization_action)
            if auth_code != 0:
                print auth_message
                sys.exit(1)
            return user
    def tmpl_user_list(self, ln=CFG_SITE_LANG): #TP: cele..
        """
        Generates a list of available collections statistics.
        """
        assignedUsers = list()
        out = ""

        #TP: nakreslim oddil pro kazdeho strukturatora
        for supervisor in cfg_supervisors_groups:
          out += """<h3>Supervisor %s (#%s)</h3><ul class="supervisor_usersOverview">""" % (get_email(supervisor),supervisor)
          assignedUsers.append(supervisor)

          #TP: nakreslim linky a hlavni info pro kazdeho uzivatele
          for user in cfg_supervisors_groups[int(supervisor)]:
            assignedUsers.append(user)
#            &timespan=last+month&s_date=01%2F29%2F2013+00%3A00&f_date=01%2F29%2F2013+09%3A28&format=flot&ids=cardStructured&cols0=UID&col_value0=tomas&action_gen=Generate
            out += """<li><a class="uNameLink" href="%(site_url)s/supervisors/customevent?ln=%(ln)s&timespan=last+month&format=flot&ids=cardStructured&cols0=UID&col_value0=%(user)s&action_gen=Generate">%(email)s</a>"""  \
                        % {'site_url': CFG_SITE_URL, 'email': get_email(user), 'ln': CFG_SITE_LANG, 'user': user}
            actionInfo = acc_find_possible_actions_user(user, 22)
            collInfo = ""
            for aInfo in actionInfo:
              temp = aInfo[2].split()
              if len(temp[0]) == 4:
                for coll in temp:
                  p_total = "980__a:%s" % coll
                  res_total = search_pattern(p=p_total)
                  p_done = "980__a:%s and (950__s:%s or 950__s:2)" % (coll, "p*")
                  res_done = search_pattern_parenthesised(p=p_done)
                  p_check = "980__a:%s and (950__s:na* or 950__s:3)" % (coll)
                  res_check = search_pattern_parenthesised(p=p_check)

                  collLink_main = """<a href="%(site_url)s/search?cc=%(coll)s&ln=%(ln)s&jrec=1&so=a">%(coll)s</a>
                        """ % {'coll': coll, 'site_url': CFG_SITE_URL, 'ln': CFG_SITE_LANG }

                  strProgress = ""

                  if len(res_done)+len(res_check) != 0:
                    if len(res_done) == len(res_total):
                      strProgress = """<span class="supervisor_prog_done">completed</span>: %i""" % (len(res_total))
                    else:
                      collLink_done = """<span class="supervisor_prog_started">in progress</span>:&nbsp;<a href="%(site_url)s/search?cc=%(coll)s&ln=%(ln)s&&p=950__s:2+or+950__s:p*&jrec=1&so=a">%(res_done)i</a>
                              """ % {'coll': coll, 'site_url': CFG_SITE_URL, 'ln': CFG_SITE_LANG, 'res_done': len(res_done) }
                      strProgress = "%s / %i" % (collLink_done, len(res_total))
                      if len(res_check) > 0:
                        collLink_check = """<span class="supervisor_prog_review"><a href="%(site_url)s/search?cc=%(coll)s&ln=%(ln)s&p=950__s:3+or+950__s:na*&jrec=1&so=a">%(res_check)i</span></a>
                              """ % {'coll': coll, 'site_url': CFG_SITE_URL, 'ln': CFG_SITE_LANG, 'res_check': len(res_check) }
                        if len(res_done)>0:
                          strProgress = "%s+ %s / %i" % (collLink_done, collLink_check, len(res_total))
                        else:
                          strProgress = "%s / %i" % (collLink_check, len(res_total))
                  else:
                    strProgress = """<span class="supervisor_prog_notStarted">waiting</span>: %s""" % len(res_total)
  

                  collInfo += """ %s <small class="nbdoccollz">(%s)</small>""" % (collLink_main, strProgress)

            if collInfo != "":
              out += """<span class="supervisor_usercolls">""" + collInfo + """</span>"""
            out += """</li>"""
          out += """</ul>"""

        #TP: nakreslim seznam neprirazenych uzivatelu
        out += """<h3>Unassigned users</h3><p>You may want to consider attaching one of the unassigned users to an supervisor. If so, please contact your administrator.</p><ul>"""
        for user in list_registered_users():
          str_user_info = get_user_info(user[0])
          if user[0] not in assignedUsers:
            out += """<li>%s</li>"""  \
                        % (get_email(user[0]))
        out += """</ul>"""

        return out