Exemple #1
0
 def user(self):
     userid = unauthenticated_userid(self)
     #print "--- in RequestWithUserAttribute: userid = " + str(userid)
     if userid is not None:
         # this should return None if the user doesn't exist
         # in the database
         #return dbsession.query('users').filter(user.user_id == userid)
         return C3sStaff.check_user_or_None(userid)
     # else: userid == None
     return userid  # pragma: no cover
def accountants_login(request):
    """
    This view lets accountants log in
    """
    logged_in = authenticated_userid(request)
    #print("authenticated_userid: " + str(logged_in))

    log.info("login by %s" % logged_in)

    if logged_in is not None:  # if user is already authenticated
        return HTTPFound(  # redirect her to the dashboard
            request.route_url('dashboard',
                              number=0,))

    class AccountantLogin(colander.MappingSchema):
        """
        colander schema for login form
        """
        login = colander.SchemaNode(
            colander.String(),
            title=_(u"login"),
            oid="login",
        )
        password = colander.SchemaNode(
            colander.String(),
            validator=colander.Length(min=5, max=100),
            widget=deform.widget.PasswordWidget(size=20),
            title=_(u"password"),
            oid="password",
        )

    schema = AccountantLogin()

    form = deform.Form(
        schema,
        buttons=[
            deform.Button('submit', _(u'Submit')),
            deform.Button('reset', _(u'Reset'))
        ],
        #use_ajax=True,
        #renderer=zpt_renderer
    )

    # if the form has been used and SUBMITTED, check contents
    if 'submit' in request.POST:
        #print("the form was submitted")
        controls = request.POST.items()
        try:
            appstruct = form.validate(controls)
        except ValidationFailure, e:
            print(e)

            request.session.flash(
                _(u"Please note: There were errors, "
                  "please check the form below."),
                'message_above_form',
                allow_duplicate=False)
            return{'form': e.render()}

        # get user and check pw...
        login = appstruct['login']
        password = appstruct['password']

        try:
            checked = C3sStaff.check_password(login, password)
        except AttributeError:  # pragma: no cover
            checked = False
        if checked:
            log.info("password check for %s: good!" % login)
            headers = remember(request, login)
            log.info("logging in %s" % login)
            return HTTPFound(  # redirect to accountants dashboard
                location=route_url(  # after successful login
                    'dashboard',
                    number=0,
                    request=request),
                headers=headers)
        else:
            log.info("password check: failed.")
def staff_view(request):
    """
    This view lets admins edit staff/cashier personnel:
    who may act as cashier etc.?
    """
    _staffers = C3sStaff.get_all()

    class Cashier(colander.MappingSchema):
        login = colander.SchemaNode(
            colander.String(),
            title='login',
        )
        password = colander.SchemaNode(
            colander.String(),
            title='passwort',
        )

    schema = Cashier()

    cashierform = deform.Form(
        schema,
        buttons=[
            deform.Button('new_cashier', 'erstellen')
        ]
    )

    if 'action' in request.POST:
        print(request.POST['id'])
        #try:
        _cashier = C3sStaff.get_by_id(int(request.POST['id']))
        #except:
        #    print("exception!")
        #    return HTTPFound(location=request.route_url('staff'))
        #print(request.POST['action'])
        if request.POST['action'] == u'delete':
            print("will delete staff id %s" % _cashier.id)
            C3sStaff.delete_by_id(_cashier.id)
            print("deleted staff id %s" % _cashier.id)
            return HTTPFound(location=request.route_url('staff'))
        elif request.POST['action'] == 'edit':
            cashierform.set_appstruct(_cashier)

    if 'new_cashier' in request.POST:
        print "new cashier!?!"
        controls = request.POST.items()
        try:
            appstruct = cashierform.validate(controls)
            print('validated!')
        except ValidationFailure, e:
            return {
                'cashierform': e.render()
            }
        #try:
        # create an appstruct for persistence
        cashier = C3sStaff(
            login=appstruct['login'],
            password=appstruct['password'],
            email='',
        )
        cashier.groups = [Group.get_cashiers_group()]
        #print "about to add user"
        DBSession.add(cashier)
        DBSession.flush()
        print "added cashier"
            #except InvalidRequestError, e:  # pragma: no cover
            #    print("InvalidRequestError! %s") % e
            #except IntegrityError, ie:  # pragma: no cover
            #print("IntegrityError! %s") % ie
        return HTTPFound(
            request.route_url('staff')
        )