def save_password(self):
user_id = self.request.POST.get('user_id')
usr = Users.load(user_id)
self.forbid_if(not usr or usr.enterprise_id != self.enterprise_id)
usr.bind(self.request.POST, False, self.request.GET.get('pfx'))
usr.password = Users.encode_password(usr.password)
usr.save()
return 'True'
def _test_save_password(self, as_root=False):
user_id = self._create_new(as_root)
usr = Users.load(user_id)
orig_pwd = usr.password
R = self.post('/crm/users/save_password',
{'user_id': user_id,
'password': '******'})
R.mustcontain('True')
usr.invalidate_caches()
usr = Users.load(user_id)
self.assertNotEqual(usr.password, orig_pwd)
self._delete_new(user_id)
def _show_prep(self, report_id):
report = Report.load(report_id)
campaigns = products = companies = users = vendors = None
if report.show_campaign_id:
campaigns = util.select_list(Campaign.find_all(self.enterprise_id), 'campaign_id', 'name', True)
if report.show_vendor_id:
vendors = util.select_list(Vendor.find_all(self.enterprise_id), 'vendor_id', 'name', True)
if report.show_company_id:
companies = util.select_list(Company.find_all(self.enterprise_id), 'company_id', 'name', True)
if report.show_user_id:
users = util.select_list(Users.find_all(self.enterprise_id), 'user_id', 'user_id', True)
if report.show_product_id:
products = util.select_list(Product.find_all(self.enterprise_id), 'product_id', 'name', True)
return {
'today' : util.today_date(),
'tomorrow' : util.tomorrow(),
'thirty_ago' : util.today_date() - datetime.timedelta(days=30),
'rpt_end_dt' : self.request.GET.get('rpt_end_dt'),
'rpt_start_dt' : self.request.GET.get('rpt_start_dt'),
'enterprise_id' : self.enterprise_id,
'report' : report,
'campaigns' : campaigns,
'products' : products,
'companies' : companies,
'users' : users,
'vendors' : vendors
}
def _create_new(self, set_enterprise_id=False):
ent = Enterprise.find_by_name('Healthy U Store')
R = self.get('/crm/users/new')
assert R.status_int == 200
R.mustcontain('Edit User')
f = R.forms['frm_users']
self.assertEqual(f['user_id'].value, '')
f.set('username', '*****@*****.**')
f.set('email', '*****@*****.**')
f.set('fname', 'Test')
f.set('lname', 'User')
f.set('password', 'fishsticks')
f.set('confirm', 'fishsticks')
if set_enterprise_id:
f.set('enterprise_id', str(ent.enterprise_id))
R = f.submit('submit')
self.assertEqual(R.status_int, 302)
R = R.follow()
assert R.status_int == 200
f = R.forms['frm_users']
R.mustcontain('Edit User')
user_id = f['user_id'].value
self.assertEqual(f['username'].value, '*****@*****.**')
self.assertEqual(f['email'].value, '*****@*****.**')
usr = Users.load(user_id)
if set_enterprise_id:
assert str(usr.enterprise_id) == str(ent.enterprise_id)
assert usr is not None
assert usr.get_email_info() is not None
return user_id
def show_search(self):
return {
'company_name' : None,
'fname' : None,
'lname' : None,
'email' : None,
'phone' : None,
'customers' : None,
'user_assigned' : None,
'users' : util.select_list(Users.find_all(self.enterprise_id), 'user_id', ['fname', 'lname'], True)
}
def test_quickstart(self):
R = self.get('/crm/company/quickstart')
R.mustcontain('Quickstart')
f = R.forms['frm_quick']
f.set('ent_name', 'Test Enterprise')
f.set('cmp_name', 'Test Company')
f.set('st_domain', 'test.com')
f.set('u_username', '*****@*****.**')
f.set('u_fname', 'Ken')
f.set('u_lname', 'Bedwell')
f.set('u_email', '*****@*****.**')
R = f.submit('submit')
assert R.status_int == 200
f = R.forms['frm_quick']
enterprise_id = f['enterprise_id'].value
Enterprise.full_delete(enterprise_id)
Users.full_delete('*****@*****.**')
self.commit()
def login_crm(self, username=UID, password=PWD):
# this sets the site it.
self.get('/crm')
# this logs us into that site.
self.post('/crm/login', {'username': username,
'password': password})
assert self.site
os.environ['enterprise_id'] = str(self.site.company.enterprise_id)
user = Users.authenticate(username, password)
#user = Users.load(username)
assert user is not None
return user
def _edit_impl(self, user_id=None):
user = priv = None
if user_id:
user = self.request.ctx.user if self.request.ctx.user.user_id == user_id else Users.load(user_id)
priv = user.priv if user.priv else UserPriv()
else:
user = Users()
priv = UserPriv()
return {
'enterprises' : util.select_list(Enterprise.find_all(), 'enterprise_id', 'name', True),
'user_types': Users.get_user_types(),
'vendors' : util.select_list(Vendor.find_all(self.enterprise_id), 'vendor_id', 'name', True),
'timezones' : country_timezones('US'),
'user' : user,
'priv' : priv
}
def _edit_impl(self):
customer_id = self.request.matchdict.get('customer_id')
customer = None
if customer_id:
customer = Customer.load(customer_id)
self.forbid_if(not customer or customer.campaign.company.enterprise_id != self.enterprise_id)
self._add_to_recent(customer)
else:
customer = Customer()
customer.campaign = self.request.ctx.site.company.default_campaign
return {
'customer' : customer,
'users' : util.select_list(Users.find_all(self.enterprise_id), 'user_id', ['fname', 'lname'], True),
'phases' : util.select_list(CustomerPhase.find_all(self.enterprise_id), 'phase_id', 'display_name', True),
'campaigns' : util.select_list(Campaign.find_all(self.enterprise_id), 'campaign_id', 'name')
}
def exclog_tween(request, get_logger=logging.getLogger):
# getLogger injected for testing purposes
try:
return handler(request)
except ignored:
raise
except:
logger = get_logger('exc_logger')
ent = Enterprise.load(request.session['enterprise_id']) if 'enterprise_id' in request.session else None
cust = Customer.load(request.session['customer_id']) if 'customer_id' in request.session else None
user = Users.load(request.session['user_id']) if 'user_id' in request.session else None
if extra_info:
message = dedent("""\n
%(url)s
ENTERPRISE: %(ent)s
CUSTOMER: %(cust)s
USER: %(user)s
SESSION
%(sess)s
ENVIRONMENT
%(env)s
PARAMETERS
%(params)s
""" % dict(url=request.url,
sess=pformat(request.session.items()),
ent ="%s : %s" % (ent.enterprise_id, ent.name) if ent else None,
cust="%s : %s" % (cust.customer_id, cust.email) if cust else None,
user="******" % (user.user_id, user.email) if user else None,
env=pformat(request.environ),
params=pformat(request.params)))
else:
message = request.url
logger.exception(message)
raise
def login(self):
uid = self.request.POST.get('username')
pwd = self.request.POST.get('password')
if uid and pwd:
user = Users.authenticate(uid, pwd)
if user:
log.debug("%s logging in to %s" % (uid, self.request.url))
self.session['user_id'] = user.user_id
self.session['customer_logged_in'] = False
self.session['crm_logged_in'] = True
# If they were on a page and got timed out, send them
# back where they were as a convenience.
if util.get(self.request.POST, 'path'):
if util.get(self.request.POST, 'vars'):
return HTTPFound('%s?%s' % (self.request.POST['path'], self.request.POST['vars']))
else:
return HTTPFound(self.request.POST['path'])
else:
return HTTPFound('/crm/dashboard')
# If the user is an external vendor, send them to the reports
#if user.is_vendor_user():
# log.debug("%s redirecting to vendor user" % uid)
# return HTTPFound('/crm/report/list')
#else:
# # if the user is required to accept terms, then send
# # them to the right place. Terms handling is up to
# # the page.
# if user.enterprise and user.enterprise.terms_required and not user.enterprise.terms_accepted:
# return HTTPFound(user.enterprise.terms_link)
#
# # If the user has been provisioned with a specific
# # place to log in, then send them there.
# if user.login_link:
# return HTTPFound(user.login_link)
# else:
# return HTTPFound('/crm/dashboard')
log.debug("%s failed login in to %s" % (uid, self.request.url))
self.flash('Invalid User or Password')
return {}
def search(self):
ret = {
'company_name' : None,
'fname' : None,
'lname' : None,
'email' : None,
'phone' : None,
'customers' : None,
'user_assigned' : None,
'users' : util.select_list(Users.find_all(self.enterprise_id), 'user_id', ['fname', 'lname'], True)
}
ret['company_name'] = self.request.POST.get('company_name', self.request.GET.get('company_name'))
ret['fname'] = self.request.POST.get('fname', self.request.GET.get('fname'))
ret['lname'] = self.request.POST.get('lname', self.request.GET.get('lname'))
ret['email'] = self.request.POST.get('email', self.request.GET.get('email'))
ret['phone'] = self.request.POST.get('phone', self.request.GET.get('phone'))
ret['user_assigned'] = self.request.POST.get('user_assigned', self.request.GET.get('user_assigned'))
ret['customers'] = Customer.search(self.enterprise_id, ret['company_name'], ret['fname'],
ret['lname'], ret['email'], ret['phone'], ret['user_assigned'])
if 'customers' in ret and len(ret['customers']) == 1:
ret = HTTPFound('/crm/customer/edit/%s' % ret['customers'][0].customer_id)
return ret
def provision(self):
ent = Enterprise()
ent.bind(self.request.POST, True, 'ent')
ent.save()
ent.flush()
comp = Company()
comp.bind(self.request.POST, True, 'cmp')
comp.enterprise_id = ent.enterprise_id
comp.save()
comp.flush()
campaign = Campaign()
campaign.name = comp.name + ' Default'
campaign.company_id = comp.company_id
campaign.save()
campaign.flush()
comp.default_campaign_id = campaign.campaign_id
comp.save()
comp.flush()
user = Users()
user.bind(self.request.POST, True, 'u')
user.password = Users.encode_password('password')
user.enterprise_id = ent.enterprise_id
user.type = 'Admin'
user.save()
user.flush()
site = Site()
site.bind(self.request.POST, True, 'st')
site.company = comp
site.description = comp.name + ' Site'
site.creator = user
#site.template = Template.find_by_name('default')
site.save()
site.flush()
return {
'enterprise' : ent,
'company' : comp,
'campaign' : campaign,
'user' : user,
'site' : site,
'done' : True
}
def list(self):
return {'users' : Users.find_all(self.enterprise_id)}
def save(self):
usr = Users.load(self.request.POST.get('user_id'))
if not usr:
usr = Users()
if 'enterprise_id' not in self.request.POST:
usr.enterprise_id = self.enterprise_id
if not usr.priv:
usr.priv = UserPriv()
usr.priv.bind(self.request.POST, True, 'pv')
usr.priv.save()
usr.priv.flush()
orig_pass = usr.password
bogus_pass = ''.join(['-' for _ in range(usr.password_len)]) if usr.password_len else '-'
usr.bind(self.request.POST)
if usr.password != bogus_pass:
usr.password_len = len(usr.password)
usr.password = Users.encode_password(usr.password)
else:
usr.password = orig_pass
usr.save()
usr.flush()
usr.invalidate_self()
self.request.session.flash('Saved user %s' % usr.user_id)
return HTTPFound('/crm/users/edit/%s' % usr.user_id)
def _delete_new(self, user_id):
Users.full_delete(user_id)
self.commit()
def _remember_user(request):
if 'user_id' in request.session:
request.ctx.user = Users.load(request.session['user_id'])