def post(self, residence):
residence_dn = Residences.get_dn_by_name(self.user, residence)
# Récupération du membre et de la machine
# Note : on cherche la machine seulement sur le membre (member.dn)
members = Member.get_all(self.user, residence_dn)
for member in members:
if member is None:
raise Exception("membre inconnu")
# end if
groups_of_user = Groupes.get_by_user_dn(self.user, residence_dn, member.dn)
if "exemptdecoglobale" not in groups_of_user:
dhcps = Machine.get_dhcps(self.user, member.dn)
machine_membre_tag = "machine_membre" # FIXME move to config
for dhcp_item in dhcps:
if dhcp_item.uid.first() == machine_membre_tag:
dhcp_item.uid.replace(machine_membre_tag, machine_membre_tag + "_disabled")
self.user.ldap_bind.save(dhcp_item)
# end if
# end for
# end if
# end for
# On redirige sur la page d'accueil
redirect("/")
def mac(self, residence, mac):
residence_dn = Residences.get_dn_by_name(self.user, residence)
machine = Machine.get_dhcp_by_mac(self.user, residence_dn, mac)
if machine is None:
return self.error_no_entry()
machine = machine.dn.split(',')
i = 0
member_dn = ""
for sub in machine:
if i >= 3:
if member_dn != "":
member_dn += ","
#end if
member_dn += sub
#end if
i += 1
#end for
member = Member.get_by_dn(self.user, member_dn)
if member is None:
return self.error_no_entry()
#end if
redirect("/show/member/"+ residence +"/" + member.uid.first())
def list(self, id_fase):
identity = request.environ.get('repoze.who.identity')
if identity is not None:
user = identity.get('user')
idi = user.id_usuario
rol_lider = DBSession.query(RolUsuario).filter(RolUsuario.id_usuario==idi).\
filter(Rol.group_name=="lider").filter(Rol.id_rol == RolUsuario.id_rol).all()
if (len(rol_lider) == 0):
listar = DBSession.query(Usperfa).filter(Usperfa.id_fase==id_fase).\
filter(Permiso.permission_name=="ver_linea_base").\
filter(Usperfa.id_permiso==Permiso.id_permiso).\
filter(RolUsuario.id_usuario==idi).all()
if (len(listar) == 0):
flash("No posee los permisos para ver las lineas bases",
'error')
redirect("/configuracion/linea_base/error")
else:
self.id_fase = id_fase
fase = DBSession.query(Fase).get(id_fase)
tmpl_context.widget = list_lineabase
value = list_lineabase_filler.get_value(id_fase=id_fase)
else:
self.id_fase = id_fase
fase = DBSession.query(Fase).get(id_fase)
tmpl_context.widget = list_lineabase
value = list_lineabase_filler.get_value(id_fase=id_fase)
return dict(fase=fase, value=value)
def mac(self, residence, mac):
residence_dn = Residences.get_dn_by_name(self.user, residence)
machine = Machine.get_dhcp_by_mac(self.user, residence_dn, mac)
if machine is None:
return self.error_no_entry()
machine = machine.dn.split(',')
i = 0
member_dn = ""
for sub in machine:
if i >= 3:
if member_dn != "":
member_dn += ","
#end if
member_dn += sub
#end if
i += 1
#end for
member = Member.get_by_dn(self.user, member_dn)
if member is None:
return self.error_no_entry()
#end if
redirect("/show/member/" + residence + "/" + member.uid.first())
def new(self, id_fase, method='', **kw):
identity = request.environ.get('repoze.who.identity')
if identity is not None:
user = identity.get('user')
idi = user.id_usuario
rol_lider = DBSession.query(RolUsuario).filter(RolUsuario.id_usuario==idi).\
filter(Rol.group_name=="lider").filter(Rol.id_rol == RolUsuario.id_rol).all()
if (len(rol_lider) == 0):
crear = DBSession.query(Usperfa).filter(Usperfa.id_fase==id_fase).\
filter(Permiso.permission_name=="crear_linea_base").\
filter(Usperfa.id_permiso==Permiso.id_permiso).\
filter(RolUsuario.id_usuario==idi).all()
if len(crear) == 0:
flash("No posee los permisos para crear linea base", 'error')
redirect("/configuracion/linea_base/error")
else:
ItemsFieldSelect.id_fase = id_fase
new_lineabase_form = NewLineaBaseForm(
DBSession) #new_lineabase_form
tmpl_context.widget = new_lineabase_form
else:
ItemsFieldSelect.id_fase = id_fase
new_lineabase_form = NewLineaBaseForm(
DBSession) #new_lineabase_form
tmpl_context.widget = new_lineabase_form
return dict(value=kw)
def post(self, residence, member_uid):
residence_dn = Residences.get_dn_by_name(self.user, residence)
member = Member.get_by_uid(self.user, residence_dn, member_uid)
if member is None:
raise Exception("invalid member uid")
wifi = WifiModel.get_by_member_dn(self.user, member.dn)
password = Passwords.generate_password_admin()
if wifi is None:
wifi_dn = "cn=wifi," + member.dn
wifi_attr = WifiModel.entry_attr(password)
self.user.ldap_bind.add_entry(wifi_dn, wifi_attr)
else:
wifi.userPassword.replace(wifi.userPassword.first(), password)
self.user.ldap_bind.save(wifi)
#end
# Envoi du mail
from_address = [u'Fédération Aurore', '*****@*****.**']
recipient = [member.cn.first(), member.mail.first()]
subject = u'[' + residence + '] votre mot de passe WiFi'
text = u'Bonjour,\n\nVous venez de vous inscrire au sein d\'une résidence de la fédération Aurore\nUn mot de passe pour utiliser la connexion WiFi de la résidence vous a été assigné.\n\nUtilisateur: ' + member_uid + '\nMot de passe: ' + password + u'\n\nCordialement,\nla fédération Aurore'
SmtpHelper.send_email(from_address, recipient, subject, text)
redirect("/show/member/" + residence + "/" + member_uid)
def index(self):
'''
Redirect user on tequila page in order to log him
'''
u = resolve_relative_url(url(), request.environ)
res = tequila.create_request(u+'/login/auth','tequila.epfl.ch')
redirect('https://tequila.epfl.ch/cgi-bin/tequila/requestauth?request'+res)
def new(self, id_fase, method='', **kw):
"""Metodo que trae el formulario para crear un item nuevo"""
identity = request.environ.get('repoze.who.identity')
if identity is not None:
user = identity.get('user')
idi = user.id_usuario
rol_lider = DBSession.query(RolUsuario).filter(RolUsuario.id_usuario==idi).\
filter(Rol.group_name=="lider").filter(Rol.id_rol == RolUsuario.id_rol).all()
if(len(rol_lider)==0):
crear = DBSession.query(Usperfa).filter(Usperfa.id_fase==id_fase).\
filter(Permiso.permission_name=="crear_item").\
filter(Usperfa.id_permiso==Permiso.id_permiso).\
filter(RolUsuario.id_usuario==idi).all()
if len(crear)==0:
flash("No posee los permisos para crear item en la fase",'error')
redirect("/desarrollo/item/error")
else:
new_item_form.tipo_item.id_fase = id_fase
tmpl_context.widget = new_item_form
else:
new_item_form.tipo_item.id_fase = id_fase
tmpl_context.widget = new_item_form
return dict(id_fase = id_fase, value=kw)
def post(self, residence, member_uid, cotisation_cn, go_redirect=True):
residence_dn = Residences.get_dn_by_name(self.user, residence)
member = Member.get_by_uid(self.user, residence_dn, member_uid)
if member is None:
raise Exception('membre inconnu')
#end if
current_year = CotisationComputes.current_year()
cotisation = Cotisation.get_payment_by_name(self.user, member.dn,
cotisation_cn,
current_year)
if cotisation.has('x-paymentCashed') and cotisation.get(
'x-paymentCashed').first() == 'TRUE':
raise Exception('Impossible de supprimer une cotisation encaissée')
#end if
self.user.ldap_bind.delete_entry_subtree(cotisation.dn)
BrieLogging.get().info("suppression cotisation (" +
cotisation.get('x-amountPaid').first() +
"EUR) pour l'utilisateur " + member.dn +
" par l'admin " + self.user.attrs.dn)
if go_redirect:
redirect("/edit/member/" + residence + "/" + member_uid)
def post(self, residence, member_uid, sn, givenName, mail, phone, comment):
residence_dn = Residences.get_dn_by_name(self.user, residence)
member = Member.get_by_uid(self.user, residence_dn, member_uid)
# FIXME
sn = unicode.encode(sn, 'utf-8')
givenName = unicode.encode(givenName, 'utf-8')
comment = unicode.encode(comment, 'utf-8')
member.sn.replace(member.sn.first(), sn)
member.givenName.replace(member.givenName.first(), givenName)
member.cn.replace(member.cn.first(), givenName + " " + sn)
member.mail.replace(member.mail.first(), mail)
if phone == '':
phone = ' '
#end if
member.mobile.replace(member.mobile.first(), phone)
if comment != "":
member.get("x-comment").replace(
member.get("x-comment").first(), comment)
self.user.ldap_bind.save(member)
redirect("/edit/member/" + residence + "/" + member_uid)
def post(self, residence):
residence_dn = Residences.get_dn_by_name(self.user, residence)
# Récupération du membre et de la machine
# Note : on cherche la machine seulement sur le membre (member.dn)
members = Member.get_all(self.user, residence_dn)
for member in members:
if member is None:
raise Exception('membre inconnu')
#end if
# On ne reconnecte que les membres ayant payé leur cotisation.
if CotisationComputes.is_cotisation_paid(member.dn, self.user,
residence_dn):
dhcps = Machine.get_dhcps(self.user, member.dn)
machine_membre_tag = "machine_membre" # FIXME move to config
machine_membre_disabled = machine_membre_tag + "_disabled" # FIXME move to config
for dhcp_item in dhcps:
if dhcp_item.uid.first() == machine_membre_disabled:
dhcp_item.uid.replace(machine_membre_disabled,
machine_membre_tag)
self.user.ldap_bind.save(dhcp_item)
#end if
#end for
#end if
#end for
# On redirige sur la page d'accueil
redirect("/")
def post(self, residence):
residence_dn = Residences.get_dn_by_name(self.user, residence)
# Récupération du membre et de la machine
# Note : on cherche la machine seulement sur le membre (member.dn)
members = Member.get_all(self.user, residence_dn)
for member in members:
if member is None:
raise Exception('membre inconnu')
#end if
groups_of_user = Groupes.get_by_user_dn(self.user, residence_dn,
member.dn)
if "exemptdecoglobale" not in groups_of_user:
dhcps = Machine.get_dhcps(self.user, member.dn)
machine_membre_tag = "machine_membre" # FIXME move to config
for dhcp_item in dhcps:
if dhcp_item.uid.first() == machine_membre_tag:
dhcp_item.uid.replace(machine_membre_tag,
machine_membre_tag + "_disabled")
self.user.ldap_bind.save(dhcp_item)
#end if
#end for
#end if
#end for
# On redirige sur la page d'accueil
redirect("/")
def post(self, residence, member_uid, cotisation_cn):
residence_dn = Residences.get_dn_by_name(self.user, residence)
member = Member.get_by_uid(self.user, residence_dn, member_uid)
if member is None:
raise Exception('membre inconnu')
#end if
current_year = CotisationComputes.current_year()
cotisation = Cotisation.get_payment_by_name(self.user, member.dn,
cotisation_cn,
current_year)
if cotisation.has('x-paymentCashed') and cotisation.get(
'x-paymentCashed').first() == 'TRUE':
raise Exception('Impossible de gracier une cotisation encaissée')
#end if
old_montant = cotisation.get("x-amountPaid").first()
cotisation.get("x-amountPaid").replace(
cotisation.get("x-amountPaid").first(), 0)
self.user.ldap_bind.save(cotisation)
BrieLogging.get().info("cotisation graciee (" + old_montant +
"EUR) pour l'utilisateur " + member.dn +
" par l'admin " + self.user.attrs.dn)
redirect("/edit/member/" + residence + "/" + member_uid)
def get_user_or_redirect(self):
maybe_user = self.get_user()
if maybe_user is None:
redirect("/auth/login/") # TODO from config
#end if
return maybe_user
def post(self, residence):
residence_dn = Residences.get_dn_by_name(self.user, residence)
# Récupération du membre et de la machine
# Note : on cherche la machine seulement sur le membre (member.dn)
members = Member.get_all(self.user, residence_dn)
for member in members:
if member is None:
raise Exception("membre inconnu")
# end if
# On ne reconnecte que les membres ayant payé leur cotisation.
if CotisationComputes.is_cotisation_paid(member.dn, self.user, residence_dn):
dhcps = Machine.get_dhcps(self.user, member.dn)
machine_membre_tag = "machine_membre" # FIXME move to config
machine_membre_disabled = machine_membre_tag + "_disabled" # FIXME move to config
for dhcp_item in dhcps:
if dhcp_item.uid.first() == machine_membre_disabled:
dhcp_item.uid.replace(machine_membre_disabled, machine_membre_tag)
self.user.ldap_bind.save(dhcp_item)
# end if
# end for
# end if
# end for
# On redirige sur la page d'accueil
redirect("/")
def new(self, id_fase, method='', **kw):
identity = request.environ.get('repoze.who.identity')
if identity is not None:
user = identity.get('user')
idi = user.id_usuario
rol_lider = DBSession.query(RolUsuario).filter(RolUsuario.id_usuario==idi).\
filter(Rol.group_name=="lider").filter(Rol.id_rol == RolUsuario.id_rol).all()
if(len(rol_lider)==0):
crear = DBSession.query(Usperfa).filter(Usperfa.id_fase==id_fase).\
filter(Permiso.permission_name=="crear_linea_base").\
filter(Usperfa.id_permiso==Permiso.id_permiso).\
filter(RolUsuario.id_usuario==idi).all()
if len(crear)==0:
flash("No posee los permisos para crear linea base",'error')
redirect("/configuracion/linea_base/error")
else:
ItemsFieldSelect.id_fase = id_fase
new_lineabase_form = NewLineaBaseForm(DBSession)#new_lineabase_form
tmpl_context.widget = new_lineabase_form
else:
ItemsFieldSelect.id_fase = id_fase
new_lineabase_form = NewLineaBaseForm(DBSession)#new_lineabase_form
tmpl_context.widget = new_lineabase_form
return dict(value=kw)
def https(remainder, params):
"""Ensure that the decorated method is always called with https."""
from tg.controllers import redirect
if request.scheme.lower() == 'https': return
if request.method.upper() == 'GET':
redirect('https' + request.url[len(request.scheme):])
raise HTTPMethodNotAllowed(headers=dict(Allow='GET')).exception
def post(self, residence, member_uid, cotisation_cn):
residence_dn = Residences.get_dn_by_name(self.user, residence)
member = Member.get_by_uid(self.user, residence_dn, member_uid)
if member is None:
raise Exception("membre inconnu")
# end if
current_year = CotisationComputes.current_year()
cotisation = Cotisation.get_payment_by_name(self.user, member.dn, cotisation_cn, current_year)
if cotisation.has("x-paymentCashed") and cotisation.get("x-paymentCashed").first() == "TRUE":
raise Exception("Impossible de gracier une cotisation encaissée")
# end if
old_montant = cotisation.get("x-amountPaid").first()
cotisation.get("x-amountPaid").replace(cotisation.get("x-amountPaid").first(), 0)
self.user.ldap_bind.save(cotisation)
BrieLogging.get().info(
"cotisation graciee ("
+ old_montant
+ "EUR) pour l'utilisateur "
+ member.dn
+ " par l'admin "
+ self.user.attrs.dn
)
redirect("/edit/member/" + residence + "/" + member_uid)
def post(self, residence, member_uid, mac):
residence_dn = Residences.get_dn_by_name(self.user, residence)
# Récupération du membre et de la machine
# Note : on cherche la machine seulement sur le membre (member.dn)
member = Member.get_by_uid(self.user, residence_dn, member_uid)
if member is None:
raise Exception("membre inconnu")
# end if
machine = Machine.get_dhcp_by_mac(self.user, member.dn, mac)
if machine is None:
raise Exception("machine inconnue")
# end if
machine_membre_tag = "machine_membre" # FIXME move to config
machine_membre_disabled = machine_membre_tag + "_disabled" # FIXME move to config
if machine.uid.first() == machine_membre_disabled:
machine.uid.replace(machine_membre_disabled, machine_membre_tag)
self.user.ldap_bind.save(machine)
# end if
BrieLogging.get().info("enable member " + member_uid + " machine " + mac + " by " + self.user.attrs.dn)
# On redirige sur la page d'édition du membre
redirect("/edit/member/" + residence + "/" + member_uid)
def post(self, residence, member_uid):
residence_dn = Residences.get_dn_by_name(self.user, residence)
self.machine.delete.user = self.user
self.room.move.user = self.user
self.cotisation.delete.user = self.user
# Récupération du membre et de la machine
# Note : on cherche la machine seulement sur le membre (member.dn)
member = Member.get_by_uid(self.user, residence_dn, member_uid)
if member is None:
raise Exception("membre inconnu")
# end if
# on vide la chambre du membre
self.room.move.post(residence, member_uid, "", False, False)
# on supprime les machines du membre
for name, mac, dns, disable in Machine.get_machine_tuples_of_member(self.user, member.dn):
self.machine.delete.post(residence, member_uid, name, False)
# end if
# on supprime sa cotisation histoire de laisser une trace dans les logs...
year = CotisationComputes.current_year()
cotisations = Cotisation.cotisations_of_member(self.user, member.dn, year)
for cotisation in cotisations:
self.cotisation.delete.post(residence, member_uid, cotisation.get("cn").first(), False)
# end for
# on supprime le membre
self.user.ldap_bind.delete_entry_subtree(member.dn)
BrieLogging.get().info("suppression du membre " + member_uid + " by " + self.user.attrs.dn)
# On redirige sur la page de la residence
redirect("/rooms/index/" + residence)
def post(self, residence, member_uid, cotisation_cn, go_redirect=True):
residence_dn = Residences.get_dn_by_name(self.user, residence)
member = Member.get_by_uid(self.user, residence_dn, member_uid)
if member is None:
raise Exception("membre inconnu")
# end if
current_year = CotisationComputes.current_year()
cotisation = Cotisation.get_payment_by_name(self.user, member.dn, cotisation_cn, current_year)
if cotisation.has("x-paymentCashed") and cotisation.get("x-paymentCashed").first() == "TRUE":
raise Exception("Impossible de supprimer une cotisation encaissée")
# end if
self.user.ldap_bind.delete_entry_subtree(cotisation.dn)
BrieLogging.get().info(
"suppression cotisation ("
+ cotisation.get("x-amountPaid").first()
+ "EUR) pour l'utilisateur "
+ member.dn
+ " par l'admin "
+ self.user.attrs.dn
)
if go_redirect:
redirect("/edit/member/" + residence + "/" + member_uid)
def list(self, id_fase):
identity = request.environ.get('repoze.who.identity')
if identity is not None:
user = identity.get('user')
idi = user.id_usuario
rol_lider = DBSession.query(RolUsuario).filter(RolUsuario.id_usuario==idi).\
filter(Rol.group_name=="lider").filter(Rol.id_rol == RolUsuario.id_rol).all()
if(len(rol_lider)==0):
listar = DBSession.query(Usperfa).filter(Usperfa.id_fase==id_fase).\
filter(Permiso.permission_name=="ver_linea_base").\
filter(Usperfa.id_permiso==Permiso.id_permiso).\
filter(RolUsuario.id_usuario==idi).all()
if (len(listar)==0):
flash("No posee los permisos para ver las lineas bases",'error')
redirect("/configuracion/linea_base/error")
else:
self.id_fase = id_fase
fase = DBSession.query(Fase).get(id_fase)
tmpl_context.widget = list_lineabase
value = list_lineabase_filler.get_value(id_fase=id_fase)
else:
self.id_fase = id_fase
fase = DBSession.query(Fase).get(id_fase)
tmpl_context.widget = list_lineabase
value = list_lineabase_filler.get_value(id_fase=id_fase)
return dict(fase=fase, value=value)
def edit(self, track_id, **kw):
user = handler.user.get_user_in_session(request)
if track_id is not None:
if not checker.can_edit_track(user, track_id):
flash("You haven't the right to edit any tracks which is not yours", 'error')
raise redirect('/tracks')
widget = form.EditTrack(action=url('/tracks/edit/%s' % track_id)).req()
track = DBSession.query(Track).filter(Track.id == track_id).first()
d = {}
d['name'] = track.name
if track.parameters is None or not 'color' in track.parameters:
cc = constants.default_track_color
else:
cc = track.parameters['color']
d['track_id'] = track_id
d['color'] = cc
if 'pid' in kw:
d['pid'] = kw['pid']
widget.value = d
if request.method == 'GET':
return dict(title='Edit track', page='track', widget=widget, color=cc)
if request.method == 'POST':
try:
widget.validate(kw)
except twc.ValidationError as e:
return dict(title='Edit track', page='track', widget=e.widget, color=cc)
handler.track.edit(track=track, name=kw.get('name', None), color=kw.get('color', None))
raise redirect('/tracks', {'pid': kw.get('pid', None)})
def get_user_or_redirect(self):
maybe_user = self.get_user()
if maybe_user is None:
redirect("/auth/login/") # TODO from config
#end if
return maybe_user
def with_trailing_slash(remainder, params):
"""This decorator allows you to ensure that the URL ends in "/".
The decorator accomplish this by redirecting to the correct URL.
:Usage:
You use this decorator as follows::
class MyController(object):
@with_trailing_slash
@expose()
def sample(self, *args):
return "found sample"
In the above example http://localhost:8080/sample redirects to http://localhost:8080/sample/
In addition, the URL http://localhost:8080/sample/1 redirects to http://localhost:8080/sample/1/
"""
if (request.method == 'GET'
and not(request.path.endswith('/'))
and not(request.response_type)
and len(request.params)==0):
from tg.controllers import redirect
redirect(request.url+'/')
def post(self, residence, member_uid):
residence_dn = Residences.get_dn_by_name(self.user, residence)
member = Member.get_by_uid(self.user, residence_dn, member_uid)
if member is None:
raise Exception("invalid member uid")
wifi = WifiModel.get_by_member_dn(self.user, member.dn)
password = Passwords.generate_password_admin()
if wifi is None:
wifi_dn = "cn=wifi," + member.dn
wifi_attr = WifiModel.entry_attr(password)
self.user.ldap_bind.add_entry(wifi_dn, wifi_attr)
else:
wifi.userPassword.replace(wifi.userPassword.first(), password)
self.user.ldap_bind.save(wifi)
#end
# Envoi du mail
from_address = [u'Fédération Aurore', '*****@*****.**']
recipient = [member.cn.first(), member.mail.first()]
subject = u'['+ residence +'] votre mot de passe WiFi'
text = u'Bonjour,\n\nVous venez de vous inscrire au sein d\'une résidence de la fédération Aurore\nUn mot de passe pour utiliser la connexion WiFi de la résidence vous a été assigné.\n\nUtilisateur: '+ member_uid +'\nMot de passe: '+ password +u'\n\nCordialement,\nla fédération Aurore'
SmtpHelper.send_email(from_address, recipient, subject, text)
redirect("/show/member/" + residence + "/" + member_uid)
def edit(self, *args, **kw):
user = handler.user.get_user_in_session(request)
if request.method == 'GET':
project_id = args[0]
else:
project_id = kw.get('pid')
debug("check permission", 1)
if not checker.check_permission(user=user, project_id=project_id, right_id=constants.right_upload_id) and not checker.is_admin(user=user):
flash('You must have %s permission to edit the project.' % constants.right_upload, 'error')
raise redirect('/tracks/', {'pid': project_id})
#if checker.is_admin(user=user):
#user = DBSession.query(User).join(Project).filter(Project.id == project_id).first()
widget = form.EditProject(action=url('/projects/edit/%s' % project_id)).req()
widget.value = {'pid': project_id}
project = DBSession.query(Project).filter(Project.id == project_id).first()
# prendre les user tracks du meme sequence id
tracks = DBSession.query(Track).join(User.tracks).filter(
and_(User.id == user.id, Track.sequence_id == project.sequence_id,
not_(Track.id.in_([t.id for t in project.tracks])))
).all()
# prendre les sared tracks du meme sequence id
shared_tracks = handler.user.shared_tracks(user.id, constants.rights['download']['id'])
shared_tracks = [t for t in shared_tracks if (t.sequence_id == project.sequence_id and t.id not in [tr.id for tr in project.tracks])]
tracks.extend(shared_tracks)
if request.method == 'GET':
debug("GET", 2)
widget.child.children[1].value = project.name
widget.child.children[2].options = [('', '')] + [(t.id, t.name) for t in tracks] + [(t.id, t.name, {'selected': True}) for t in project.tracks]
return dict(page='tracks', widget=widget, project_id=project_id)
debug("POST", 2)
try:
debug("validate post", 2)
widget.validate(kw)
except twc.ValidationError as e:
debug("error", 2)
w = e.widget
w.child.children[1].value = project.name
w.child.children[2].options = [(t.id, t.name) for t in tracks] + [(t.id, t.name, {'selected': True}) for t in project.tracks]
return dict(page='tracks', widget=w, project_id=project_id)
debug("validation passed")
track_ids = kw.get('tracks', [])
if not track_ids:
track_ids = []
if not isinstance(track_ids, list):
track_ids = [track_ids]
if len(track_ids) > 0 and '' in track_ids:
track_ids.remove('')
# if the project is shared, some track cannot be removed
for t in project.tracks:
if not checker.user_own_track(user.id, track=t) and t.id not in track_ids and t.id in [s.id for s in shared_tracks]:
track_ids.append(t.id)
handler.project.e(project_id=project_id, name=kw.get('name'), track_ids=track_ids)
raise redirect('/tracks/', {'pid': project_id})
def list(self, id_fase):
"""Metodo invocado para listar los items de una fase especificada"""
self.id_fase = id_fase
identity = request.environ.get('repoze.who.identity')
if identity is not None:
user = identity.get('user')
idi = user.id_usuario
fase = DBSession.query(Fase).get(id_fase)
id_proy = fase.id_proyecto
proyecto = DBSession.query(Proyecto).get(id_proy)
rol_lider = DBSession.query(RolUsuario).filter(RolUsuario.id_usuario==idi).\
filter(Rol.group_name=="lider").filter(Rol.id_rol == RolUsuario.id_rol).all()
if(len(rol_lider)==0):
list = DBSession.query(Roperpro).filter(Roperpro.id_proyecto==id_proy).\
filter(Permiso.permission_name=="ver_fase").\
filter(Roperpro.id_permiso==Permiso.id_permiso).\
filter(RolUsuario.id_usuario==idi).\
filter(Roperpro.id_rol==RolUsuario.id_rol).all()
if len(list)==0:
flash("No posee el permiso para ver los items de la fase",'error')
redirect("/desarrollo/item/error")
else:
fase = DBSession.query(Fase).get(id_fase)
tmpl_context.widget = list_item
value = list_item_filler.get_value(id_fase=id_fase)
else:
fase = DBSession.query(Fase).get(id_fase)
tmpl_context.widget = list_item
value = list_item_filler.get_value(id_fase=id_fase)
return dict(fase=fase, proyecto = proyecto, value=value)
def https(remainder, params):
"""Ensure that the decorated method is always called with https."""
from tg.controllers import redirect
if request.scheme.lower() == 'https': return
if request.method.upper() == 'GET':
redirect('https' + request.url[len(request.scheme):])
raise HTTPMethodNotAllowed(headers=dict(Allow='GET')).exception
def grace_cotisation(self, group_cn):
group = Groupes.get_by_cn(self.user, self.user.residence_dn, group_cn)
BrieLogging.get().info("start grace du groupe " + group.dn +
" par l'admin " + self.user.attrs.dn)
for user_dn in group.get('uniqueMember').all():
current_year = CotisationComputes.current_year()
cotisations = Cotisation.cotisations_of_member(
self.user, user_dn, current_year)
for cotisation in cotisations:
if cotisation.has('x-paymentCashed') and cotisation.get(
'x-paymentCashed').first() == 'TRUE':
BrieLogging.get().warn(
"impossible de gracier une cotisation encaissee pour l'utilisateur "
+ user_dn + " par l'admin " + self.user.attrs.dn)
else:
old_montant = cotisation.get("x-amountPaid").first()
cotisation.get("x-amountPaid").replace(
cotisation.get("x-amountPaid").first(), 0)
self.user.ldap_bind.save(cotisation)
BrieLogging.get().info("cotisation graciee (" +
old_montant +
"EUR) pour l'utilisateur " +
user_dn + " par l'admin " +
self.user.attrs.dn)
#end if
#end for(cotisation)
#end for(users)
BrieLogging.get().info("fin du grace_bulk_action du groupe " +
group.dn + " par l'admin " + self.user.attrs.dn)
redirect("/administration/")
def post(self, residence, username, password):
anon_user = current.get_anon_user()
residence_dn = Residences.get_dn_by_name(anon_user, residence)
residences = Residences.get_residences(anon_user)
if residence_dn is None:
return dict(
residences = residences,
login = username,
residence = residence,
error = u"erreur de résidence"
)
#end if
success = current.login(residence_dn, username, password)
if success:
redirect("/")
#end if
return dict(
residences = residences,
login = username,
residence = residence,
error = "erreur de connexion"
)
def post(self, residence, member_uid, mac):
residence_dn = Residences.get_dn_by_name(self.user, residence)
# Récupération du membre et de la machine
# Note : on cherche la machine seulement sur le membre (member.dn)
member = Member.get_by_uid(self.user, residence_dn, member_uid)
if member is None:
raise Exception('membre inconnu')
#end if
machine = Machine.get_dhcp_by_mac(self.user, member.dn, mac)
if machine is None:
raise Exception('machine inconnue')
#end if
machine_membre_tag = "machine_membre" # FIXME move to config
machine_membre_disabled = machine_membre_tag + "_disabled" # FIXME move to config
if machine.uid.first() == machine_membre_disabled:
machine.uid.replace(machine_membre_disabled, machine_membre_tag)
self.user.ldap_bind.save(machine)
#end if
BrieLogging.get().info("enable member " + member_uid + " machine " +
mac + " by " + self.user.attrs.dn)
# On redirige sur la page d'édition du membre
redirect("/edit/member/" + residence + "/" + member_uid)
def edit(self, *args, **kw):
th_name = str(args[0])
session["th_name"] = th_name
session.save()
user = handler.user.get_user_in_session(request)
user_lab = session.get("current_lab", None)
mail_path = str(user._email).lower().replace('@', 'AT')
if user_lab is None:
flash(
"Problem detected with your lab in session. Contact your administrator please",
'error')
raise redirect('/trackhubs')
complementary_path = str(
user_lab) + "/" + mail_path + "/" + th_name + "/"
th_path = trackhubs_path() + "/" + complementary_path
genome_path = th_path + "genomes.txt"
if os.path.exists(genome_path):
#get the final path
with open(genome_path, 'r') as gen:
l = gen.readline()
while l != '':
if l.startswith("trackDb"):
trackdb_path = l.split('trackDb')[1].strip()
l = gen.readline()
final_path = th_path + trackdb_path + "trackDb.txt"
with open(final_path, 'r') as final:
l = final.readline()
dic_colors = {}
cpt = 0
while l != '':
if l.startswith("\ttrack"):
track = l.split("\ttrack")[1].strip()
dic_colors[cpt] = track
cpt += 1
elif l.startswith("\tcolor"):
color = l.split("\tcolor")[1].strip()
dic_colors[cpt] = color
cpt += 1
l = final.readline()
t_length = len(dic_colors.keys())
edit_form = build_form_edit_th(t_length)(
action=url('/trackhubs/post_edit')).req()
for k, v in dic_colors.items():
#even --> track
if (k % 2 == 0):
edit_form.child.children[k].value = v
#odd --> color
else:
edit_form.child.children[k].value = v
return dict(page='trackhubs', widget=edit_form, value=kw)
else:
flash(
"Your trackhub is not accessible right now. Hardware problem on /data. Sorry for this inconvenient, retry in a fiew moment please.",
'error')
raise redirect('/trackhubs')
def put(self, id='', **kw):
del kw['sprox_id']
relacion = DBSession.query(Relacion).get(int(id))
relacion.descripcion = kw['descripcion']
relacion.tiporelacion = kw['tiporelacion']
DBSession.merge(relacion)
flash('Relacion modificada')
redirect("/desarrollo/relacion/list")
def put(self, id='', **kw):
del kw['sprox_id']
detalletipoitem = DBSession.query(DetalleTipoItem).get(int(id))
detalletipoitem.nombre_atributo = kw['nombre_atributo']
detalletipoitem.tipo_dato = kw['tipo_dato']
DBSession.merge(detalletipoitem)
flash('Detalle de Tipo de item modificado')
redirect("/desarrollo/detalle_tipo_item/list")
def put(self, id='', **kw):
del kw['sprox_id']
detalletipoitem = DBSession.query(DetalleTipoItem).get(int(id))
detalletipoitem.nombre_atributo = kw['nombre_atributo']
detalletipoitem.tipo_dato = kw['tipo_dato']
DBSession.merge(detalletipoitem)
flash('Detalle de Tipo de item modificado')
redirect("/desarrollo/detalle_tipo_item/list")
def put(self, _method='', id=0, **kw):
del kw['sprox_id']
tipoitem = DBSession.query(TipoItem).get(int(id))
tipoitem.nombre_tipoitem = kw['nombre_tipoitem']
tipoitem.descripcion = kw['descripcion']
DBSession.merge(tipoitem)
flash('Tipo de Item modificado')
redirect("/desarrollo/tipo_item/list")
def put(self, id='', **kw):
del kw['sprox_id']
relacion = DBSession.query(Relacion).get(int(id))
relacion.descripcion = kw['descripcion']
relacion.tiporelacion = kw['tiporelacion']
DBSession.merge(relacion)
flash('Relacion modificada')
redirect("/desarrollo/relacion/list")
def post(self, residence, prenom, nom, mail, phone, go_redirect=True):
member_uid = Translations.to_uid(prenom, nom)
if phone == '':
phone = ' '
#end if
residence_dn = Residences.get_dn_by_name(self.user, residence)
# On modifie silencieusement le nom de la machine si il existe déjà
def try_name(name, number):
actual_name = name
if number > 0:
actual_name = name + str(number)
#end if
member = Member.get_by_uid(self.user, residence_dn, actual_name)
if member is not None:
return try_name(name, number + 1)
else:
return actual_name
#end if
#endif
def year_directory_exists(year):
search = self.user.ldap_bind.search(
ldap_config.username_base_dn + residence_dn,
"(ou=" + str(year) + ")")
if len(search) == 0:
BrieLogging.get().info("Year " + str(year) +
" directory does not exist. Creating.")
directory_attrs = {
"objectClass": ["top", "organizationalUnit"],
"ou": str(year).encode("utf-8")
}
directory_dn = "ou=" + str(
year) + "," + ldap_config.username_base_dn + residence_dn
self.user.ldap_bind.add_entry(directory_dn, directory_attrs)
member_uid = try_name(member_uid, 0)
member = Member.entry_attr(member_uid, prenom, nom, mail, phone, -1)
year = CotisationComputes.registration_current_year()
member_dn = "uid=" + member_uid + ",ou=" + str(
year) + "," + ldap_config.username_base_dn + residence_dn
year_directory_exists(year)
self.user.ldap_bind.add_entry(member_dn, member)
#preview = member, room
#index_result["preview"] = preview
if go_redirect:
redirect("/edit/member/" + residence + "/" + member_uid)
else:
return member_uid
def post(self, residence, member_uid, room_uid, first_machine_name,
first_machine_mac, next_end, extra_name, group_cn):
member = Member.get_by_uid(self.user, self.user.residence_dn,
member_uid)
if member is None:
raise Exception("Invalid member uid")
self.member_edit_controller.add.user = self.user
self.member_edit_controller.machine.add.user = self.user
self.member_edit_controller.room.move.user = self.user
self.member_edit_controller.cotisation.add.user = self.user
if room_uid != "":
self.member_edit_controller.room.move.post(residence,
member_uid,
room_uid,
erase=True,
go_redirect=False)
try:
if first_machine_mac != "":
self.member_edit_controller.machine.add.post(
residence,
member_uid,
first_machine_name,
first_machine_mac,
go_redirect=False)
if next_end != "":
self.member_edit_controller.cotisation.add.post(
residence,
member_uid,
next_end,
extra_name,
go_redirect=False)
# On ne permet pas a des simples aides membres d'ajouter a des groupes
groupsPredefinis = [
groups_enum.responsablereseau, groups_enum.admin,
groups_enum.membreca, groups_enum.tresorier,
groups_enum.respsalleinfo, groups_enum.exemptdecoglobale
]
if group_cn != "" and group_cn in groupsPredefinis and groups_enum.responsablereseau not in self.user.groups.list(
):
group_cn = ""
#end if
if group_cn != "":
self.administration_controller.groups.add_member.post(
group_cn, member.dn, go_redirect=False)
#end if
except:
redirect("/registration/error/" + member_uid)
#end try
redirect("/registration")
def delete(self, circle_id, *args, **kw):
user = handler.user.get_user_in_session(request)
if not checker.user_own_circle(user.id, circle_id):
flash('you have no right to delete this circle: you are not the creator of it')
raise redirect('/circles')
circle = DBSession.query(Circle).filter(Circle.id == circle_id).first()
DBSession.delete(circle)
DBSession.flush()
raise redirect('/circles/')
def post_delete(self, *args, **kw):
for id in args:
group = DBSession.query(Group).filter(Group.id == id).first()
if group.name == gl.group_admins:
flash('Cannot delete admin group')
redirect('/groups')
if group.name == gl.group_users:
flash('Cannot delete users group')
redirect('/groups')
return CrudRestController.post_delete(self, *args, **kw)
def post_delete(self, *args, **kw):
for id in args:
permission = DBSession.query(Permission).filter(Permission.id == id).first()
if permission.name == gl.perm_admin:
flash('Cannot delete admin permission')
redirect('/permissions')
if permission.name == gl.perm_user:
flash('Cannot delete read permission')
redirect('/permissions')
return CrudRestController.post_delete(self, *args, **kw)
def out(self):
'''
Logout the user.
'''
environ = request.environ
authentication_plugins = environ['repoze.who.plugins']
identifier = authentication_plugins['ticket']
cookiename = identifier.cookie_name
response.delete_cookie(cookiename)
redirect('/')
def delete_user(self, id, user_id):
user = handler.user.get_user_in_session(request)
if not checker.user_own_circle(user.id, id):
flash('you have no rights to delete users from this circle: you are not the creator of it')
raise redirect('/circles')
circle = DBSession.query(Circle).filter(Circle.id == id).first()
to_delete = DBSession.query(User).filter(User.id == user_id).first()
circle.users.remove(to_delete)
DBSession.flush()
raise redirect('/circles/edit/%s' % id)
def post_delete(self, *args, **kw):
for id in args :
permission = DBSession.query(Permission).filter(Permission.id == id).first()
if permission.id == constants.permission_admin_name:
flash('Cannot delete admin permission', 'error')
redirect('/permissions')
if permission.name == constants.permissions_read_name:
flash('Cannot delete read permission', 'error')
redirect('/permissions')
return CrudRestController.post_delete(self, *args, **kw)
def post_delete(self, *args, **kw):
for id in args:
permission = DBSession.query(Permission).filter(
Permission.id == id).first()
if permission.name == gl.perm_admin:
flash('Cannot delete admin permission')
redirect('/permissions')
if permission.name == gl.perm_user:
flash('Cannot delete read permission')
redirect('/permissions')
return CrudRestController.post_delete(self, *args, **kw)
def index(self, came_from='/'):
'''
Redirect user on tequila page in order to log him
'''
if tg.config.get('authentication.disable').lower() in ['t', 'true']:
print constants.admin_user_email()
environ = request.environ
authentication_plugins = environ['repoze.who.plugins']
identifier = authentication_plugins['ticket']
secret = identifier.secret
cookiename = identifier.cookie_name
remote_addr = environ['REMOTE_ADDR']
user = DBSession.query(User).filter(
User.email == constants.admin_user_email()).first()
admins = tg.config.get('admin.mails')
group_admins = DBSession.query(Group).filter(
Group.id == constants.group_admins_id).first()
if user.email in admins:
user not in group_admins.users and group_admins.users.append(
user)
else:
user in group_admins.users and group_admins.users.remove(user)
DBSession.flush()
userdata = "%s|%s" % (user.id, user in group_admins.users)
ticket = auth_tkt.AuthTicket(secret,
user.email,
remote_addr,
tokens=token,
user_data=userdata,
time=None,
cookie_name=cookiename,
secure=True)
val = ticket.cookie_value()
# set it in the cookies
response.set_cookie(cookiename,
value=val,
max_age=None,
path='/',
domain=None,
secure=False,
httponly=False,
comment=None,
expires=None,
overwrite=False)
raise redirect(came_from)
u = resolve_relative_url(url(), request.environ)
res = tequila.create_request(u + '/login/auth', 'tequila.epfl.ch')
raise redirect(
'https://tequila.epfl.ch/cgi-bin/tequila/requestauth?request' +
res)
def delete_member(self, group_cn, user_dn):
groups_of_user = Groupes.get_by_user_dn(self.user, self.user.residence_dn, user_dn)
if group_cn in groups_of_user:
target_group = Groupes.get_by_cn(self.user, self.user.residence_dn, group_cn)
attr = Groupes.unique_member_attr(user_dn)
self.user.ldap_bind.delete_attr(target_group.dn, attr)
#end if
redirect("/administration/")
def post(self, residence, member_uid, payment_cn, year):
residence_dn = Residences.get_dn_by_name(self.user, residence)
member = Member.get_by_uid(self.user, residence_dn, member_uid)
cotisation_dn = "cn=" + payment_cn + ",cn=" + str(year) + ",cn=cotisations," + member.dn
cashed_attr = Cotisation.cashed_payment_attr()
cotisation = self.user.ldap_bind.search_dn(cotisation_dn)
cotisation.add("x-paymentCashed", "TRUE")
self.user.ldap_bind.save(cotisation)
redirect("/treasury/")
def post_delete(self, *args, **kw):
for id in args:
permission = DBSession.query(Permission).filter(
Permission.id == id).first()
if permission.id == constants.permission_admin_name:
flash('Cannot delete admin permission', 'error')
redirect('/permissions')
if permission.name == constants.permissions_read_name:
flash('Cannot delete read permission', 'error')
redirect('/permissions')
return CrudRestController.post_delete(self, *args, **kw)
def post(self, residence, member_uid, payment_cn, year):
residence_dn = Residences.get_dn_by_name(self.user, residence)
member = Member.get_by_uid(self.user, residence_dn, member_uid)
cotisation_dn = "cn=" + payment_cn + ",cn=" + str(
year) + ",cn=cotisations," + member.dn
cashed_attr = Cotisation.cashed_payment_attr()
cotisation = self.user.ldap_bind.search_dn(cotisation_dn)
cotisation.add("x-paymentCashed", "TRUE")
self.user.ldap_bind.save(cotisation)
redirect("/treasury/")
