def checkEmail(self): session = Session() users = session.query(User).filter(User.email==self.email) if users.count() > 1: raise interface.Invalid(_("Email already taken!"),"email") if users.count() == 1 and users.first().user_id != get_db_user().user_id: raise interface.Invalid(_("Email already taken!"),"email")
def get_sittings(self): session = Session() logged_in_user = get_db_user() title = get_title_of_user(logged_in_user.user_id) sittings = session.query(bungeni_domain.GroupSitting).join((domain.Assignment, bungeni_domain.GroupSitting.sitting_id == domain.Assignment.sitting_id)) \ .filter(sql.and_(bungeni_domain.GroupSitting.status == 'draft_minutes', domain.Assignment.staff_id == logged_in_user.user_id)).all() for sitting in sittings: if title == "Editor": takes = session.query(domain.Take)\ .filter(sql.and_(domain.Take.editor_id == logged_in_user.user_id, domain.Take.sitting_id == sitting.sitting_id)) \ .order_by(domain.Take.start_date).all() elif title == "Reader": takes = session.query(domain.Take)\ .filter(sql.and_(domain.Take.reader_id == logged_in_user.user_id, domain.Take.sitting_id == sitting.sitting_id)) \ .order_by(domain.Take.start_date).all() elif title == "Reporter": takes = session.query(domain.Take)\ .filter(sql.and_(domain.Take.reporter_id == logged_in_user.user_id, domain.Take.sitting_id == sitting.sitting_id)) \ .order_by(domain.Take.start_date).all() for take in takes: take.start_time = take.start_date - sitting.start_date take.end_time = take.end_date - sitting.start_date sitting.takes = takes sit = session.query(domain.Sitting).get(sitting.sitting_id) sitting.file = sit.media_path sitting.name = sitting.group.short_name + str(sitting.start_date.strftime('%d-%B-%Y %H:%M')) return sittings
def parliament_id(self): """Vocabularies in the forms get the parliament id from the context, this property returns the id of the parliament the currently logged in user is a member of """ user = utils.get_db_user() user_parliament = utils.get_parliament_for_user(user) return user_parliament.group_id
def checkEmail(self): session = Session() users = session.query(User).filter(User.email==self.email) message = _("error_profile_email_taken", "Email already taken!") if users.count() > 1: raise interface.Invalid(message,"email") if users.count() == 1 and users.first().user_id != get_db_user().user_id: raise interface.Invalid(message,"email")
def __init__(self, context): self.context = context user = utils.get_db_user() user_parliament = utils.get_parliament_for_user(user) if user_parliament: self.object_type = user_parliament.type self.oid = user_parliament.group_id else: self.object_type = None self.oid = None
def get_body_css_class(self): # Add custom css classes to the list below parliament_type = "default" user = utils.get_db_user() if user: parliament = utils.get_parliament_for_user(user) if parliament and parliament.parliament_type: parliament_type = parliament.parliament_type classes = ["yui-skin-sam", "section-bungeni-%s" % get_section_name(), "chamber-%s" % parliament_type] return " ".join(classes)
def user_is_context_owner(context): """Test if current user is the context owner e.g. to check if someone manipulating the context object is other than the owner of the object. A delegate is considered to be an owner of the object """ user = model_utils.get_db_user() owner_login = utils.get_owner_login_pi(context) if user.login == owner_login: return True delegations = delegation.get_user_delegations(user.user_id) users = [delegate.login for delegate in delegations] return owner_login in users
def getter(item, formatter): state_title = get_wf_state(item) request = common.get_request() state_title = translate(state_title, domain="bungeni", context=request) # !+MY_LISTING_ROWS(mr, aug-2012) the following is a (exploratory) # mechanism to add a distinction between what rows are owned by the # current user and others. Here it is added only to "status" columns # but a generic "row-level" means to mark such rows as different # from the others may be a useful feature. if IWorkspaceSectionLayer.providedBy(request) and IOwned.providedBy(item): # !+delegation? if item.owner == get_db_user(): state_title = "<b>%s</b> *" % (state_title) return state_title
def user_is_state_creator(context): """Did the current user create current state - based on workflow log? """ is_state_creator = False if IAuditable.providedBy(context): current_user = model_utils.get_db_user() if current_user: for _object_change in reversed(context.changes): if _object_change.action == "workflow": extras = _object_change.extras if extras and (extras.get("destination") == context.status): if _object_change.user.login == current_user.login: is_state_creator = True break return is_state_creator
def user_is_state_creator(context): """Did the current user create current state - based on workflow log? """ is_state_creator = False if IAuditable.providedBy(context): current_user = model_utils.get_db_user() if current_user: for _object_change in reversed( domain.get_changes(context.changes, "workflow")): extras = _object_change.extras if extras and (extras.get("destination") == context.status): if _object_change.user.login == current_user.login: is_state_creator = True break return is_state_creator
def user_is_context_owner(context): """Test if current user is the context owner e.g. to check if someone manipulating the context object is other than the owner of the object. A delegate is considered to be an owner of the object """ user = model_utils.get_db_user() owner_login = utils.get_owner_login_pi(context) session = Session() delegations = session.query(domain.User) \ .join((domain.UserDelegation, domain.User.user_id ==domain.UserDelegation.user_id)) \ .filter(domain.UserDelegation.delegation_id == user.user_id) \ .all() users = [delegate.login for delegate in delegations] users.append(owner_login) return user.login in users
def get_current_parliament(date=None, context=None): """Return the parliament for a given date (or the current for no date) """ #check logged in user's parliament: parliament = utils.get_parliament_for_user(utils.get_db_user()) if parliament is None: if context is not None: # look for current parliament from context tree _parent = context while not interfaces.IParliament.providedBy(_parent): _parent = _parent.__parent__ if _parent is None: break elif interfaces.IParliament.providedBy(_parent): parliament = _parent break #assume unicameral if parliament is None: def getFilter(date): return sql.or_( sql.between(date, schema.group.c.start_date, schema.group.c.end_date), sql.and_( schema.group.c.start_date<=date, schema.group.c.end_date==None)) if not date: date = datetime.date.today() session = Session() query = session.query(domain.Parliament).filter(getFilter(date)) try: parliament = query.one() except: ##XXX raise(_(u"inconsistent data: none or more than one parliament found for this date")) # !+DATA(mb, July-2012) this should get the one active parliament # needs some review if there is more than one parliament active e.g. # bicameral legislatures query = session.query(domain.Parliament).filter(schema.group.c.status=="active") try: parliament = query.one() except Exception, e: log.error("Could not find active parliament. Activate a parliament" " in Bungeni admin :: %s", e.__repr__()) raise ValueError("Unable to locate a currently active parliament")
def handle_authorize_app(self, action, data): session = Session() oauth_authorization = domain.OAuthAuthorization() oauth_authorization.user_id = get_db_user().user_id app = session.query(domain.OAuthApplication ).filter(domain.OAuthApplication.identifier == data["client_id"] ).one() oauth_authorization.application_id = app.application_id oauth_authorization.authorization_code = get_key() oauth_authorization.expiry = datetime.now() + timedelta( seconds=capi.oauth_authorization_token_expiry_time) oauth_authorization.active = True session.add(oauth_authorization) redirect_uri = "{0}?code={1}".format( app.redirection_endpoint, oauth_authorization.authorization_code) if data.get("state", None): redirect_uri = "{0}&state={1}".format(redirect_uri, data["state"]) self.request.response.redirect(redirect_uri, trusted=True)
def _query(self, **kw): results = [] session = Session() user = utils.get_db_user() #status = self.item_status_filter(kw) reverse = True if (kw.get("sort_dir", "desc") == "desc") else False query = session.query(domain.Group).join( domain.GroupMembership).filter( expression.and_( domain.GroupMembership.user_id == user.user_id, domain.GroupMembership.active_p == True, #domain.Group.status.in_(status) )) query = self.filter_title(query, domain.Group, kw) query = self.filter_type(query, domain.Group, kw) query = self.filter_status_date(query, domain.Group, kw) query = self.order_query(query, domain.Group, kw, reverse) results = query.all() count = query.count() return (results, count)
def _query(self, **kw): session = Session() user = utils.get_db_user() reverse = True if (kw.get("sort_dir", "desc") == "desc") else False results = [] domain_status = self.item_status_filter(kw) for domain_class, status in domain_status.iteritems(): query = session.query(domain_class ).filter(domain_class.status.in_(status) ).enable_eagerloads(False ).join(domain.UserSubscription ).filter(domain.UserSubscription.user_id == user.user_id) query = self.filter_title(query, domain_class, kw) #filter on status_date query = self.filter_status_date(query, domain_class, kw) query = self.order_query(query, domain_class, kw, reverse) results.extend(query.all()) count = len(results) if (kw.get("sort_on", None) and kw.get("sort_dir", None)): results.sort(key=lambda x: getattr(x, str(kw.get("sort_on"))), reverse=reverse) return (results, count)
def get_sittings(self): session = Session() logged_in_user = get_db_user() title = get_title_of_user(logged_in_user.user_id) sittings = session.query(domain.GroupSitting).join((domain.Assignment, domain.GroupSitting.sitting_id == domain.Assignment.sitting_id)) \ .filter(sql.and_(domain.GroupSitting.status == 'draft_minutes', domain.Assignment.staff_id == logged_in_user.user_id)) \ .options( eagerload("hansard"), eagerload("hansard.media_paths")).all() for sitting in sittings: if title == "Editor": takes = session.query(domain.Take)\ .filter(sql.and_(domain.Take.editor_id == logged_in_user.user_id, domain.Take.sitting_id == sitting.sitting_id)) \ .order_by(domain.Take.start_date).all() elif title == "Reader": takes = session.query(domain.Take)\ .filter(sql.and_(domain.Take.reader_id == logged_in_user.user_id, domain.Take.sitting_id == sitting.sitting_id)) \ .order_by(domain.Take.start_date).all() elif title == "Reporter": takes = session.query(domain.Take)\ .filter(sql.and_(domain.Take.reporter_id == logged_in_user.user_id, domain.Take.sitting_id == sitting.sitting_id)) \ .order_by(domain.Take.start_date).all() for take in takes: take.start_time = take.start_date - sitting.start_date take.end_time = take.end_date - sitting.start_date sitting.takes = takes if sitting.hansard.media_paths: sitting.file = sitting.hansard.media_paths.web_optimised_video_path else: sitting.file = "" sitting.name = sitting.group.short_name + str( sitting.start_date.strftime('%d-%B-%Y %H:%M')) return sittings
def get_sittings(self): session = Session() logged_in_user = get_db_user() title = get_title_of_user(logged_in_user.user_id) sittings = session.query(domain.GroupSitting).join((domain.Assignment, domain.GroupSitting.sitting_id == domain.Assignment.sitting_id)) \ .filter(sql.and_(domain.GroupSitting.status == 'draft_minutes', domain.Assignment.staff_id == logged_in_user.user_id)) \ .options( eagerload("hansard"), eagerload("hansard.media_paths")).all() for sitting in sittings: if title == "Editor": takes = session.query(domain.Take)\ .filter(sql.and_(domain.Take.editor_id == logged_in_user.user_id, domain.Take.sitting_id == sitting.sitting_id)) \ .order_by(domain.Take.start_date).all() elif title == "Reader": takes = session.query(domain.Take)\ .filter(sql.and_(domain.Take.reader_id == logged_in_user.user_id, domain.Take.sitting_id == sitting.sitting_id)) \ .order_by(domain.Take.start_date).all() elif title == "Reporter": takes = session.query(domain.Take)\ .filter(sql.and_(domain.Take.reporter_id == logged_in_user.user_id, domain.Take.sitting_id == sitting.sitting_id)) \ .order_by(domain.Take.start_date).all() for take in takes: take.start_time = take.start_date - sitting.start_date take.end_time = take.end_date - sitting.start_date sitting.takes = takes if sitting.hansard.media_paths: sitting.file = sitting.hansard.media_paths.web_optimised_video_path else: sitting.file = "" sitting.name = sitting.group.short_name + str(sitting.start_date.strftime('%d-%B-%Y %H:%M')) return sittings
def is_owner(self): return ((model_utils.get_prm_owner_principal_id(self.context) == model_utils.get_principal_id()) or model_utils.get_db_user() == self.context.owner)
def is_owner(self): return ( (model_utils.get_prm_owner_principal_id(self.context) == model_utils.get_principal_id() ) or model_utils.get_db_user() == self.context.owner )
def __setitem__(self, name, item): session = Session() user = utils.get_db_user() user_parliament = utils.get_parliament_for_user(user) item.parliament_id = user_parliament.parliament_id session.add(item)
def __init__(self, *args, **kwargs): super(ChangePasswordForm, self).__init__(*args, **kwargs) self.session = Session() self.user = get_db_user(self.context)
def checkOldPassword(self): if not get_db_user().checkPassword(self.old_password): raise interface.Invalid(_("Old password incorrect"), 'old_password')
def __init__(self, *args, **kwargs): super(Profile, self).__init__(*args, **kwargs) self.user = get_db_user(self.context) self.context = self.user
def generate_nonce(self, auth_time): data = "{0}:{1}:{2}".format( self.parameters["client_id"], get_db_user().user_id, auth_time) return hmac.new(capi.oauth_hmac_key, data, hashlib.sha1).hexdigest()