def login(self):
_ = self.request.translate
browser_error = checkBrowser(self.request)
device_error = checkDevice(self.request)
login = ''
if self.request.method == 'POST':
if self.request.POST.get('login') \
and self.request.POST.get('password') \
and self.request.POST.get('login').strip() != '' \
and self.request.POST.get('password').strip() != '':
login = self.request.POST.get('login')
password = self.request.POST.get('password')
user = DBSession.query(User).filter(User.username==login).first()
if ( user is not None
and user.active
and user.validate_password(password, user.password)):
headers = security.remember(self.request, user.id)
self.request.session.flash(_(u"Welcome, ${username}! You are logged in.", mapping={'username':user.username}), 'success')
userLogin = UserLogin(user_id = user.id, ip = self.request.client_addr, user_agent = self.request.user_agent)
DBSession.add(userLogin)
DBSession.flush()
self.request.session['user_login_id'] = userLogin.id
if userhelpers.checkUserPasswordChangeNeed(self.request, user):
return HTTPFound(location='/settings/me/edit/', headers=headers)
return HTTPFound(location='/', headers=headers)
self.request.session.flash(_(u"Login failed."), 'error')
else:
self.request.session.flash(_(u"Login failed. Please provide username and password."), 'error')
return {'login':login, 'browser_error':browser_error, 'device_error':device_error}
def settings_organization_club_edit(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
tmp_club = {
'name':'',
'short_name':'',
'leader_id':'',
'subunit_id':0,
'club_code':'',
}
club_id = self.request.matchdict['club_id']
club = DBSession.query(Club).filter(Club.id==club_id).first()
if club.id:
tmp_club = {
'name':club.name,
'short_name':club.short_name,
'leader_id':club.leader_id,
'subunit_id':club.subunit_id,
'club_code':club.club_code
}
if self.request.method == 'POST':
tmp_club['name'] = self.request.POST.get('name').strip()
tmp_club['short_name'] = self.request.POST.get('short_name').strip()
#tmp_club['leader_id'] = self.request.POST.get('leader_id').strip()
tmp_club['leader_id'] = 0
tmp_club['subunit_id'] = self.request.POST.get('subunit_id').strip()
tmp_club['club_code'] = self.request.POST.get('club_code').strip()
if tmp_club['name']:
club.name = tmp_club['name']
club.short_name = tmp_club['short_name']
club.leader_id = tmp_club['leader_id']
club.subunit_id = tmp_club['subunit_id']
club.club_code = tmp_club['club_code']
DBSession.add(club)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'Club'
userAudit.model_id = club.id
userAudit.action = 'Update'
userAudit.revision = club.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Club saved."), 'success')
return HTTPFound(location='/settings/organization/')
else:
self.request.session.flash(_(u"Please provide club name."), 'error')
subunits = DBSession.query(SubUnit).all()
self.request.bread.append({'url':'/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/settings/organization/', 'text':_('Organization')})
self.request.bread.append({'url':'/settings/organization/club_edit/'+club_id+'/', 'text':_('Edit club')})
return {'club':tmp_club, 'subunits':subunits}
def settings_groups_view(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
group_id = self.request.matchdict['group_id']
group = DBSession.query(Group).filter(Group.id==group_id).first()
if group.id:
# privilege_ids = [privilege.id for privilege in group.privileges]
tmp_group = {
'id':group.id,
'name':group.name,
'leader_id':group.leader_id,
'privileges':group.privileges
}
privileges = DBSession.query(Privilege).all()
self.request.bread.append({'url':'/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/settings/groups/', 'text':_('Groups')})
self.request.bread.append({'url':'/settings/groups/view/'+str(group.id)+'/', 'text':_('View') + ' ' + helpers.decodeString(group.name)})
return {'group':tmp_group, 'privileges':privileges}
else:
return HTTPFound(location='/settings/groups/')
def getPeoplePresenceCounts(dt, club=0, subunit=0, village=0, subcamp=0, village_kitchen=0):
report = DBSession.query(Participant.id)
if club != 0:
report = report.filter(Participant.club_id == club)
if subunit != 0:
report = report.filter(Participant.subunit_id == subunit)
if village != 0:
report = report.filter(Participant.village_id == village)
if subcamp != 0:
report = report.filter(Participant.subcamp_id == subcamp)
if village_kitchen != 0:
village_kitchen = DBSession.query(VillageKitchen).get(village_kitchen)
if village_kitchen != None:
village_ids = []
if len(village_kitchen.villages) > 0:
for village in village_kitchen.villages:
village_ids.append(village.id)
report = report.filter(Participant.village_id.in_(village_ids))
report = report.filter(Participant.active == True)
report = report.filter(Participant.latest_status_key != 200)
report = report.join(ParticipantPresence).filter(
ParticipantPresence.presence_starts <= dt, ParticipantPresence.presence_ends >= dt
)
participants_count = report.count()
return participants_count
def medical_settings_reasons_new(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
reason = MedicalReason()
if self.request.method == 'POST':
reason.title = self.request.POST.get('title').strip()
reason.description = self.request.POST.get('description').strip()
if reason.title != '':
DBSession.add(reason)
DBSession.flush()
self.request.session.flash(_(u"Reason created."), 'success')
return HTTPFound(location='/medical/settings/')
else:
self.request.session.flash(_(u"Please provide title."), 'error')
self.request.bread.append({'url':'/medical/', 'text':_('Medical')})
self.request.bread.append({'url':'/medical/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/medical/settings/reasons/new/', 'text':_('New reason')})
return {'reason':reason}
def medical_settings_methodofarrivals_edit(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
methodofarrival_id = self.request.matchdict['methodofarrival_id']
methodofarrival = DBSession.query(MedicalMethodOfArrival).filter(MedicalMethodOfArrival.id==methodofarrival_id).first()
if self.request.method == 'POST':
methodofarrival.title = self.request.POST.get('title').strip()
methodofarrival.description = self.request.POST.get('description').strip()
if methodofarrival.title != '':
DBSession.add(methodofarrival)
DBSession.flush()
self.request.session.flash(_(u"MethodOfArrival saved."), 'success')
return HTTPFound(location='/medical/settings/')
else:
self.request.session.flash(_(u"Please provide title."), 'error')
self.request.bread.append({'url':'/medical/', 'text':_('Medical')})
self.request.bread.append({'url':'/medical/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/medical/settings/methodofarrivals/new/', 'text':_('Edit methodofarrival')})
return {'methodofarrival':methodofarrival}
def medical_settings_treatmenttypes_edit(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
treatmenttype_id = self.request.matchdict['treatmenttype_id']
treatmenttype = DBSession.query(MedicalTreatmentType).filter(MedicalTreatmentType.id==treatmenttype_id).first()
if self.request.method == 'POST':
treatmenttype.title = self.request.POST.get('title').strip()
treatmenttype.description = self.request.POST.get('description').strip()
if treatmenttype.title != '':
DBSession.add(treatmenttype)
DBSession.flush()
self.request.session.flash(_(u"Treatmenttype saved."), 'success')
return HTTPFound(location='/medical/settings/')
else:
self.request.session.flash(_(u"Please provide title."), 'error')
self.request.bread.append({'url':'/medical/', 'text':_('Medical')})
self.request.bread.append({'url':'/medical/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/medical/settings/treatmenttypes/new/', 'text':_('Edit treatmenttype')})
return {'treatmenttype':treatmenttype}
def settings_organization_village_edit(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
tmp_village = {
'name':'',
'short_name':'',
'leader_id':'',
'subcamp_id':0,
}
village_id = self.request.matchdict['village_id']
village = DBSession.query(Village).filter(Village.id==village_id).first()
subcamps = DBSession.query(Subcamp).all()
if village.id:
tmp_village = {
'name':village.name,
'short_name':village.short_name,
'leader_id':village.leader_id,
'subcamp_id':village.subcamp_id,
}
if self.request.method == 'POST':
tmp_village['name'] = self.request.POST.get('name').strip()
tmp_village['short_name'] = self.request.POST.get('short_name').strip()
#tmp_village['leader_id'] = self.request.POST.get('leader_id').strip()
tmp_village['leader_id'] = 0
tmp_village['subcamp_id'] = self.request.POST.get('subcamp_id').strip()
if tmp_village['name']:
village.name = tmp_village['name']
village.short_name = tmp_village['short_name']
village.leader_id = tmp_village['leader_id']
village.subcamp_id = tmp_village['subcamp_id']
DBSession.add(village)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'Village'
userAudit.model_id = village.id
userAudit.action = 'Update'
userAudit.revision = village.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Village saved."), 'success')
return HTTPFound(location='/settings/organization/')
else:
self.request.session.flash(_(u"Please provide village name."), 'error')
self.request.bread.append({'url':'/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/settings/organization/', 'text':_('Organization')})
self.request.bread.append({'url':'/settings/organization/village_edit/'+village_id+'/', 'text':_('Edit village')})
return {'village':tmp_village, 'subcamps':subcamps}
def settings_groups_delete(self):
_ = self.request.translate
group_id = self.request.matchdict['group_id']
if group_id != 1:
group = DBSession.query(Group).get(group_id)
DBSession.delete(group)
return HTTPFound(location='/settings/groups/')
def checkIfUsernameExists(self, username, skipId = None):
if username == '':
return True
if skipId != None:
users_count = DBSession.query(User).filter(User.username==username, User.id != skipId).count()
else:
users_count = DBSession.query(User).filter(User.username==username).count()
if users_count > 0:
return True
return False
def checkIfGroupnameExists(self, groupname, skipId = None):
if groupname == '':
return True
if skipId != None:
groups_count = DBSession.query(Group).filter(Group.name==groupname, Group.id != skipId).count()
else:
groups_count = DBSession.query(Group).filter(Group.name==groupname).count()
if groups_count > 0:
return True
return False
def settings_users_deactivate(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
user_id = self.request.matchdict['user_id']
if user_id != 1:
user = DBSession.query(User).get(user_id)
user.active = 0
user.metadata_modified = datetime.now()
DBSession.add(user)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'User'
userAudit.model_id = user.id
userAudit.action = 'Deactivated'
userAudit.revision = user.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"User deactivated."), 'success')
return HTTPFound(location='/settings/users/')
def security_shifts_logitem_delete(self):
if self.request.redirect_forbidden:
return HTTPFound(location="/forbidden/")
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location="/settings/me/edit/")
_ = self.request.translate
logitem_id = self.request.matchdict["logitem_id"]
logitem = DBSession.query(SecurityLogItem).filter(SecurityLogItem.id == logitem_id).first()
if logitem != None:
logitem.deleted = True
DBSession.add(logitem)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = "SecurityLogItem"
userAudit.model_id = logitem.id
userAudit.action = "Deleted"
userAudit.revision = logitem.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Log item deleted."), "success")
return HTTPFound(location="/security/shifts/view/" + str(logitem.shift_id) + "/")
self.request.session.flash(_(u"Error finding logitem to delete."), "Error")
return HTTPFound(location="/security/shifts/view/" + str(logitem.shift_id) + "/")
def checkIfSettignKeyExists(self, setting_key, skipId=None):
if setting_key == "":
return True
if skipId != None:
settings_count = (
DBSession.query(Setting).filter(Setting.setting_key == setting_key, Setting.id != skipId).count()
)
else:
settings_count = DBSession.query(Setting).filter(Setting.setting_key == setting_key).count()
if settings_count > 0:
return True
return False
def feedback_add_box_submit(self):
_ = self.request.translate
if self.request.method == 'POST':
feedback = Feedback()
feedback.title = self.request.POST.get('feedback_title')
feedback.description = self.request.POST.get('feedback_description')
feedback.type = int(self.request.POST.get('feedback_type'))
DBSession.add(feedback)
DBSession.flush()
return {'success':True}
def settings_edit(self):
if self.request.redirect_forbidden:
return HTTPFound(location="/forbidden/")
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location="/settings/me/edit/")
_ = self.request.translate
# TODO: Errors
errors = {}
tmp_setting = {"setting_key": "", "setting_value": "", "locked_key": False}
setting_id = self.request.matchdict["setting_id"]
setting = DBSession.query(Setting).filter(Setting.id == setting_id).first()
if setting.id:
tmp_setting = {
"setting_key": setting.setting_key,
"setting_value": setting.setting_value,
"locked_key": setting.locked_key,
}
if self.request.method == "POST":
if not setting.locked_key:
tmp_setting["setting_key"] = self.request.POST.get("setting_key").strip()
else:
tmp_setting["setting_key"] = setting.setting_key
tmp_setting["setting_value"] = self.request.POST.get("setting_value")
if tmp_setting["setting_key"] and tmp_setting["setting_key"] != "":
if not self.checkIfSettignKeyExists(tmp_setting["setting_key"], setting.id):
setting.setting_key = tmp_setting["setting_key"]
setting.setting_value = tmp_setting["setting_value"]
DBSession.add(setting)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = "Setting"
userAudit.model_id = setting.id
userAudit.action = "Update"
userAudit.revision = setting.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Setting saved."), "success")
return HTTPFound(location="/settings/list/")
else:
self.request.session.flash(_(u"Setting with same key exists allready."), "error")
else:
self.request.session.flash(_(u"Please provide key."), "error")
self.request.bread.append({"url": "/settings/", "text": _("Settings")})
self.request.bread.append({"url": "/settings/list/", "text": _("List")})
self.request.bread.append(
{"url": "/settings/edit/" + setting_id + "/", "text": _("Edit") + " " + setting.setting_key}
)
return {"setting": tmp_setting}
def medical_settings(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
reasons = DBSession.query(MedicalReason).order_by(MedicalReason.title).all()
treatmenttypes = DBSession.query(MedicalTreatmentType).order_by(MedicalTreatmentType.title).all()
methodsofarrival = DBSession.query(MedicalMethodOfArrival).order_by(MedicalMethodOfArrival.title).all()
self.request.bread.append({'url':'/medical/', 'text':_('Medical')})
self.request.bread.append({'url':'/medical/settings/', 'text':_('Settings')})
return {'reasons':reasons, 'treatmenttypes':treatmenttypes, 'methodsofarrival':methodsofarrival}
def settings_new(self):
if self.request.redirect_forbidden:
return HTTPFound(location="/forbidden/")
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location="/settings/me/edit/")
_ = self.request.translate
# TODO: Errors
errors = {}
tmp_setting = {"setting_key": "", "setting_value": ""}
if self.request.method == "POST":
tmp_setting["setting_key"] = self.request.POST.get("setting_key").strip()
tmp_setting["setting_value"] = self.request.POST.get("setting_value")
if tmp_setting["setting_key"] and tmp_setting["setting_key"] != "":
if not self.checkIfSettignKeyExists(tmp_setting["setting_key"]):
setting = Setting(tmp_setting["setting_key"], tmp_setting["setting_value"])
DBSession.add(setting)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = "Setting"
userAudit.model_id = setting.id
userAudit.action = "Create"
userAudit.revision = setting.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Setting created."), "success")
return HTTPFound(location="/settings/list/")
else:
self.request.session.flash(_(u"Setting with same key exists allready."), "error")
else:
self.request.session.flash(_(u"Please provide key."), "error")
self.request.bread.append({"url": "/settings/", "text": _("Settings")})
self.request.bread.append({"url": "/settings/list/", "text": _("List")})
self.request.bread.append({"url": "/settings/new/", "text": _("New")})
return {"setting": tmp_setting}
def security_shifts_new(self):
if self.request.redirect_forbidden:
return HTTPFound(location="/forbidden/")
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location="/settings/me/edit/")
_ = self.request.translate
shift = SecurityShift()
if self.request.method == "POST":
shift.starts = helpers.parseFinnishDateFromString(self.request.POST.get("starts").strip())
shift.ends = helpers.parseFinnishDateFromString(self.request.POST.get("ends").strip())
# shift.leader_id = helpers.decodeString(self.request.POST.get('leader_id').strip())
shift.notes = helpers.decodeString(self.request.POST.get("notes").strip())
if type(shift.starts) is datetime and type(shift.ends) is datetime and shift.starts < shift.ends:
DBSession.add(shift)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = "SecurityShift"
userAudit.model_id = shift.id
userAudit.action = "Create"
userAudit.revision = shift.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Shift created."), "success")
return HTTPFound(location="/security/shifts/view/" + str(shift.id) + "/")
else:
self.request.session.flash(_(u"Error creating shift. Shift ends before it begins."), "error")
self.request.bread.append({"url": "/security/", "text": _("Security")})
self.request.bread.append({"url": "/security/shifts/", "text": _("Shifts")})
self.request.bread.append({"url": "/security/shifts/new/", "text": _("Create")})
return {"shift": shift}
def medical_card_view(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
card_id = self.request.matchdict['card_id']
medicalCard = DBSession.query(MedicalCard).filter(MedicalCard.id==card_id).first()
participant_id = medicalCard.participant_id
participant = DBSession.query(Participant).filter(Participant.id==participant_id).first()
participant.getParticipantMedicalData()
medicalCardEvents = DBSession.query(MedicalCardEvent).filter(MedicalCardEvent.card_id==card_id).order_by(MedicalCardEvent.event_time).all()
medicalParticipantAdditional = DBSession.query(MedicalParticipantAdditional).filter(MedicalParticipantAdditional.participant_id==participant_id).first()
reasons = DBSession.query(MedicalReason).order_by(MedicalReason.title).all()
treatmenttypes = DBSession.query(MedicalTreatmentType).order_by(MedicalTreatmentType.title).all()
methodsofarrival = DBSession.query(MedicalMethodOfArrival).order_by(MedicalMethodOfArrival.title).all()
participant_cards = DBSession.query(MedicalCard).filter(MedicalCard.participant_id==participant_id).all()
self.request.bread.append({'url':'/medical/', 'text':_('Medical')})
self.request.bread.append({'url':'/medical/card/view/'+str(card_id)+'/', 'text':_('View card')})
return {'medicalCard':medicalCard, 'participant':participant, 'medicalParticipantAdditional':medicalParticipantAdditional, 'medicalCardEvents':medicalCardEvents, 'reasons':reasons, 'treatmenttypes':treatmenttypes, 'methodsofarrival':methodsofarrival, 'participant_cards':participant_cards}
def getPeoplePresenceCountsByAgegroup(dt, club=0, subunit=0, village=0, subcamp=0):
agegroups = {0: 0, 1: 0, 2: 0, 3: 0, 4: 0, 5: 0, 6: 0, 7: 0}
report = DBSession.query(Participant.age_group, func.count(Participant.age_group))
if club != 0:
report = report.filter(Participant.club_id == club)
if subunit != 0:
report = report.filter(Participant.subunit_id == subunit)
if village != 0:
report = report.filter(Participant.village_id == village)
if subcamp != 0:
report = report.filter(Participant.subcamp_id == subcamp)
report = report.filter(Participant.active == True)
report = report.filter(Participant.latest_status_key != 200)
report = report.join(ParticipantPresence).filter(
ParticipantPresence.presence_starts <= dt, ParticipantPresence.presence_ends >= dt
)
report = report.group_by(Participant.age_group)
participants_count = report.all()
for count in participants_count:
agegroups[count[0]] = count[1]
return agegroups
def getUserLastLoginData(self):
return (
DBSession.query(UserLogin)
.filter(UserLogin.user_id == self.id)
.order_by(UserLogin.login_time.desc())
.first()
)
def security_participant_search(self):
_ = self.request.translate
participants = []
search_string = ""
if self.request.method == "POST":
search_string = self.request.POST.get("searchstr").strip()
if search_string == "":
self.request.session.flash(_(u"Empty search, please provide search string."), "error")
else:
participants = (
DBSession.query(Participant)
.filter(
or_(
Participant.firstname.like("%" + search_string + "%"),
Participant.lastname.like("%" + search_string + "%"),
Participant.nickname.like("%" + search_string + "%"),
Participant.member_no.like("%" + search_string + "%"),
)
)
.all()
)
self.request.bread.append({"url": "/security/", "text": _("Security")})
self.request.bread.append({"url": "/security/participant/search/", "text": _("Search")})
return {"participants": participants, "search_string": search_string}
def json_search_participant(self):
_ = self.request.translate
if self.request.method == 'POST':
search_string = self.request.POST.get('searchstr').strip()
if search_string == '':
self.request.session.flash(_(u"Empty search, please provide search string."), 'error')
else:
participants = DBSession.query(Participant).filter(
or_(
Participant.firstname.like('%'+search_string+'%'),
Participant.lastname.like('%'+search_string+'%'),
Participant.nickname.like('%'+search_string+'%'),
Participant.member_no.like('%'+search_string+'%')
)).all()
participants_tmp = []
for participant in participants:
participant_tmp = {
'id':participant.id,
'firstname':helpers.decodeString(participant.firstname),
'lastname':helpers.decodeString(participant.lastname),
}
participants_tmp.append(participant_tmp)
return json.dumps(participants_tmp)
return {}
def getParticipantMedicalData(self):
request = get_current_request()
if security.has_permission('office_participant_view_medical', request.context, request) or security.has_permission('medical_view', request.context, request):
self.medical_data = DBSession.query(ParticipantMedical).filter(ParticipantMedical.participant_id==self.id).options(joinedload('*')).first()
if self.medical_data == None:
self.medical_data = ParticipantMedical()
medical_data_searched = True
def base_configure(global_config, **settings):
for key, value in conf_defaults.items():
settings.setdefault(key, value)
_resolve_dotted(settings)
engine = engine_from_config(settings, 'sqlalchemy.')
DBSession.configure(bind=engine)
authentication_policy = AuthTktAuthenticationPolicy(settings['leirirekkari.secret'], callback=groupfinder)
authorization_policy = ACLAuthorizationPolicy()
config = Configurator(settings=settings, root_factory=Root)
config.set_request_property(get_user, 'user', reify=True)
config.set_authentication_policy(authentication_policy)
config.set_authorization_policy(authorization_policy)
config.set_default_permission('view')
# config.add_static_view('static', 'static', cache_max_age=3600)
config.add_static_view(name=settings['leirirekkari.static_name'], path=settings['leirirekkari.static_path'], cache_max_age=3600)
config.add_forbidden_view(forbidden)
config.add_notfound_view(notfound, append_slash=True)
config.add_translation_dirs('leirirekkari:locale/')
config.set_locale_negotiator(leirirekkari_locale_negotiator)
config.add_subscriber('leirirekkari.subscribers.add_localizer', 'pyramid.events.NewRequest')
config.add_subscriber('leirirekkari.subscribers.add_renderer_globals', 'pyramid.events.BeforeRender')
config.add_subscriber('leirirekkari.subscribers.breadcrumb_subscriber', 'pyramid.events.NewRequest')
config.include('pyramid_mailer')
session_factory = settings['leirirekkari.session_factory'][0](**settings)
config.set_session_factory(session_factory)
# Include modules listed in 'leirirekkari.base_includes':
for module in settings['leirirekkari.base_includes']:
config.include(module)
config.commit()
config.scan()
return config
def security_shifts_view(self):
if self.request.redirect_forbidden:
return HTTPFound(location="/forbidden/")
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location="/settings/me/edit/")
_ = self.request.translate
shift_id = self.request.matchdict["shift_id"]
shift = DBSession.query(SecurityShift).filter(SecurityShift.id == shift_id).first()
if self.request.method == "POST":
logitem = SecurityLogItem()
logitem.event_type = self.request.POST.get("event_type")
logitem.shift_id = shift_id
logitem.notified_by = self.request.POST.get("notified_by")
logitem.task = self.request.POST.get("task")
logitem.content = self.request.POST.get("content")
logitem.deleted = False
logitem.people_present = self.request.POST.get("people_present")
logitem.started = helpers.parseFinnishDateFromString(self.request.POST.get("started"), default_now=True)
logitem.ended = helpers.parseFinnishDateFromString(self.request.POST.get("ended"))
DBSession.add(logitem)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = "SecurityLogItem"
userAudit.model_id = logitem.id
userAudit.action = "Create"
userAudit.revision = logitem.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Log item created."), "success")
return HTTPFound(location="/security/shifts/view/" + shift_id + "/")
logitems = (
DBSession.query(SecurityLogItem)
.filter(SecurityLogItem.shift_id == shift_id, SecurityLogItem.deleted == False)
.order_by(SecurityLogItem.started.desc())
.all()
)
self.request.bread.append({"url": "/security/", "text": _("Security")})
self.request.bread.append({"url": "/security/shifts/", "text": _("Shifts")})
self.request.bread.append({"url": "/security/shifts/view/" + shift_id + "/", "text": _("View")})
return {"shift": shift, "logitems": logitems}
def security_participant_view(self):
_ = self.request.translate
participant_id = self.request.matchdict["participant_id"]
participant = DBSession.query(Participant).get(participant_id)
if (
self.request.method == "POST"
and self.request.POST.get("participant_new_status_id") != None
and self.request.POST.get("participant_new_status_id").isdigit()
):
participantStatus = ParticipantStatus()
participantStatus.participant_id = participant.id
participantStatus.status_id = int(self.request.POST.get("participant_new_status_id"))
description = self.request.POST.get("participant_new_status_description")
if description != None and description.strip() != "":
participantStatus.description = description
expected_next_change = self.request.POST.get("participant_new_status_expected_next_change")
if expected_next_change != None and expected_next_change.strip() != "":
participantStatus.expected_next_change = helpers.parseFinnishDateFromString(
expected_next_change.strip()
)
DBSession.add(participantStatus)
DBSession.flush()
participant.latest_status_key = int(self.request.POST.get("participant_new_status_id"))
DBSession.add(participant)
DBSession.flush()
self.request.session.flash(_(u"Added new status for participant."), "success")
return HTTPFound(location="/security/participant/view/" + str(participant.id) + "/")
participant.getParticipantAddressData()
participant.getParticipantPhoneData()
participant.getParticipantLanguageData()
participant.getParticipantPresenceData()
participant.getParticipantNextOfKinData()
participant.getParticipantMetaData()
self.request.bread.append({"url": "/security/", "text": _("Security")})
self.request.bread.append({"url": "/security/participant/search/", "text": _("Search")})
self.request.bread.append(
{
"url": "/security/participant/view/" + participant_id + "/",
"text": _("Participant")
+ " "
+ helpers.decodeString(participant.firstname)
+ " "
+ helpers.decodeString(participant.lastname),
}
)
return {"participant": participant}
def settings_groups_new(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
tmp_group = {
'name':'',
'leader_id':'',
'privileges':'',
}
if self.request.method == 'POST':
tmp_group['name'] = self.request.POST.get('name').strip()
# tmp_group['leader_id'] = self.request.POST.get('leader_id').strip()
if not self.checkIfGroupnameExists(tmp_group['name']):
group = Group(tmp_group['name'])
if security.has_permission("settings_users_modify_permissions", self.request.context, self.request):
privileges_list = ''
if len(self.request.POST.getall('privileges')) > 0:
for privilege in DBSession.query(Privilege).filter(Privilege.id.in_(self.request.POST.getall('privileges'))).all():
privileges_list += '|'+privilege.name + '|'
group.privileges = privileges_list
DBSession.add(group)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'Group'
userAudit.model_id = group.id
userAudit.action = 'Create'
userAudit.revision = group.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Group created."), 'success')
if group.id != '' and group.id != 0:
return HTTPFound(location='/settings/groups/view/'+str(group.id))
else:
self.request.session.flash(_(u"Group with that name allready exists."), 'error')
privileges = DBSession.query(Privilege).all()
self.request.bread.append({'url':'/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/settings/groups/', 'text':_('Groups')})
self.request.bread.append({'url':'/settings/groups/new/', 'text':_('New')})
return {'group':tmp_group, 'privileges':privileges}
def settings_organization_subcamp_edit(self):
if self.request.redirect_forbidden:
return HTTPFound(location='/forbidden/')
elif userhelpers.checkUserPasswordChangeNeed(self.request):
return HTTPFound(location='/settings/me/edit/')
_ = self.request.translate
tmp_subcamp = {
'name':'',
'short_name':'',
'leader_id':'',
}
subcamp_id = self.request.matchdict['subcamp_id']
subcamp = DBSession.query(Subcamp).filter(Subcamp.id==subcamp_id).first()
if subcamp.id:
tmp_subcamp = {
'name':subcamp.name,
'short_name':subcamp.short_name,
'leader_id':subcamp.leader_id,
}
if self.request.method == 'POST':
tmp_subcamp['name'] = self.request.POST.get('name').strip()
tmp_subcamp['short_name'] = self.request.POST.get('short_name').strip()
#tmp_subcamp['leader_id'] = self.request.POST.get('leader_id').strip()
tmp_subcamp['leader_id'] = 0
if tmp_subcamp['name']:
subcamp.name = tmp_subcamp['name']
subcamp.short_name = tmp_subcamp['short_name']
subcamp.leader_id = int(tmp_subcamp['leader_id'])
DBSession.add(subcamp)
DBSession.flush()
userAudit = UserAudit(self.request.user.id)
userAudit.model = 'Subcamp'
userAudit.model_id = subcamp.id
userAudit.action = 'Update'
userAudit.revision = subcamp.metadata_revision
DBSession.add(userAudit)
DBSession.flush()
self.request.session.flash(_(u"Subcamp saved."), 'success')
return HTTPFound(location='/settings/organization/')
else:
self.request.session.flash(_(u"Please provide subcamp name."), 'error')
self.request.bread.append({'url':'/settings/', 'text':_('Settings')})
self.request.bread.append({'url':'/settings/organization/', 'text':_('Organization')})
self.request.bread.append({'url':'/settings/organization/subcamp_edit/'+subcamp_id+'/', 'text':_('Edit subcamp')})
return {'subcamp':tmp_subcamp}
