def user(self):
userid = unauthenticated_userid(self)
#print "--- in RequestWithUserAttribute: userid = " + str(userid)
if userid is not None:
# this should return None if the user doesn't exist
# in the database
#return dbsession.query('users').filter(user.user_id == userid)
return C3sStaff.check_user_or_None(userid)
# else: userid == None
return userid # pragma: no cover
def accountants_login(request):
"""
This view lets accountants log in
"""
logged_in = authenticated_userid(request)
#print("authenticated_userid: " + str(logged_in))
log.info("login by %s" % logged_in)
if logged_in is not None: # if user is already authenticated
return HTTPFound( # redirect her to the dashboard
request.route_url('dashboard',
number=0,))
class AccountantLogin(colander.MappingSchema):
"""
colander schema for login form
"""
login = colander.SchemaNode(
colander.String(),
title=_(u"login"),
oid="login",
)
password = colander.SchemaNode(
colander.String(),
validator=colander.Length(min=5, max=100),
widget=deform.widget.PasswordWidget(size=20),
title=_(u"password"),
oid="password",
)
schema = AccountantLogin()
form = deform.Form(
schema,
buttons=[
deform.Button('submit', _(u'Submit')),
deform.Button('reset', _(u'Reset'))
],
#use_ajax=True,
#renderer=zpt_renderer
)
# if the form has been used and SUBMITTED, check contents
if 'submit' in request.POST:
#print("the form was submitted")
controls = request.POST.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
print(e)
request.session.flash(
_(u"Please note: There were errors, "
"please check the form below."),
'message_above_form',
allow_duplicate=False)
return{'form': e.render()}
# get user and check pw...
login = appstruct['login']
password = appstruct['password']
try:
checked = C3sStaff.check_password(login, password)
except AttributeError: # pragma: no cover
checked = False
if checked:
log.info("password check for %s: good!" % login)
headers = remember(request, login)
log.info("logging in %s" % login)
return HTTPFound( # redirect to accountants dashboard
location=route_url( # after successful login
'dashboard',
number=0,
request=request),
headers=headers)
else:
log.info("password check: failed.")
def staff_view(request):
"""
This view lets admins edit staff/cashier personnel:
who may act as cashier etc.?
"""
_staffers = C3sStaff.get_all()
class Cashier(colander.MappingSchema):
login = colander.SchemaNode(
colander.String(),
title='login',
)
password = colander.SchemaNode(
colander.String(),
title='passwort',
)
schema = Cashier()
cashierform = deform.Form(
schema,
buttons=[
deform.Button('new_cashier', 'erstellen')
]
)
if 'action' in request.POST:
print(request.POST['id'])
#try:
_cashier = C3sStaff.get_by_id(int(request.POST['id']))
#except:
# print("exception!")
# return HTTPFound(location=request.route_url('staff'))
#print(request.POST['action'])
if request.POST['action'] == u'delete':
print("will delete staff id %s" % _cashier.id)
C3sStaff.delete_by_id(_cashier.id)
print("deleted staff id %s" % _cashier.id)
return HTTPFound(location=request.route_url('staff'))
elif request.POST['action'] == 'edit':
cashierform.set_appstruct(_cashier)
if 'new_cashier' in request.POST:
print "new cashier!?!"
controls = request.POST.items()
try:
appstruct = cashierform.validate(controls)
print('validated!')
except ValidationFailure, e:
return {
'cashierform': e.render()
}
#try:
# create an appstruct for persistence
cashier = C3sStaff(
login=appstruct['login'],
password=appstruct['password'],
email='',
)
cashier.groups = [Group.get_cashiers_group()]
#print "about to add user"
DBSession.add(cashier)
DBSession.flush()
print "added cashier"
#except InvalidRequestError, e: # pragma: no cover
# print("InvalidRequestError! %s") % e
#except IntegrityError, ie: # pragma: no cover
#print("IntegrityError! %s") % ie
return HTTPFound(
request.route_url('staff')
)