def update_description(group, description): if not get_access(group).get("admin"): raise webnotes.PermissionError group = webnotes.bean("Website Group", group) group.doc.group_description = description group.save(ignore_permissions=True)
def get_post_list_html(group, view, limit_start=0, limit_length=20): access = get_access(group) if isinstance(view, basestring): view = get_views()[view] view = webnotes._dict(view) # verify permission for paging if webnotes.local.form_dict.cmd == "get_post_list_html": if not access.get("read"): return webnotes.PermissionError if view.name == "feed": order_by = "p.creation desc" else: now = get_datetime_str(now_datetime()) order_by = """(p.upvotes + post_reply_count - (timestampdiff(hour, p.creation, \"{}\") / 2)) desc, p.creation desc""".format(now) posts = webnotes.conn.sql("""select p.*, pr.user_image, pr.first_name, pr.last_name, (select count(pc.name) from `tabPost` pc where pc.parent_post=p.name) as post_reply_count from `tabPost` p, `tabProfile` pr where p.website_group = %s and pr.name = p.owner and ifnull(p.parent_post, '')='' order by {order_by} limit %s, %s""".format(order_by=order_by), (group, int(limit_start), int(limit_length)), as_dict=True) context = {"posts": posts, "limit_start": limit_start, "view": view} return webnotes.get_template("templates/includes/post_list.html").render(context)
def save_post(post, content, picture=None, picture_name=None, title=None, assigned_to=None, status=None, event_datetime=None): post = webnotes.bean("Post", post) access = get_access(post.doc.website_group) if not access.get("write"): raise webnotes.PermissionError # TODO improve error message if webnotes.session.user != post.doc.owner: for fieldname in ("title", "content"): if post.doc.fields.get(fieldname) != locals().get(fieldname): webnotes.throw("You cannot change: {}".format(fieldname.title())) if picture and picture_name: webnotes.throw("You cannot change: Picture") post.doc.fields.update({ "title": (title or "").title(), "content": content, "assigned_to": assigned_to, "status": status, "event_datetime": event_datetime }) post.ignore_permissions = True post.save() if picture_name and picture: process_picture(post, picture_name, picture) return post.doc.parent_post or post.doc.name
def get_post_list_html(group, view, limit_start=0, limit_length=20): access = get_access(group) if isinstance(view, basestring): view = get_views()[view] view = webnotes._dict(view) # verify permission for paging if webnotes.local.form_dict.cmd == "get_post_list_html": if not access.get("read"): return webnotes.PermissionError if view.name=="upcoming": condition = "and p.event_datetime >= %s" order_by = "p.event_datetime asc" else: condition = "and p.event_datetime < %s" order_by = "p.event_datetime desc" # should show based on time upto precision of hour # because the current hour should also be in upcoming now = now_datetime().replace(minute=0, second=0, microsecond=0) posts = webnotes.conn.sql("""select p.*, pr.user_image, pr.first_name, pr.last_name, (select count(pc.name) from `tabPost` pc where pc.parent_post=p.name) as post_reply_count from `tabPost` p, `tabProfile` pr where p.website_group = %s and pr.name = p.owner and ifnull(p.parent_post, '')='' and p.is_event=1 {condition} order by {order_by} limit %s, %s""".format(condition=condition, order_by=order_by), (group, now, int(limit_start), int(limit_length)), as_dict=True) context = {"posts": posts, "limit_start": limit_start, "view": view} return webnotes.get_template("templates/includes/post_list.html").render(context)
def get_settings_context(group_context): if not get_access(group_context.group.name).get("admin"): raise webnotes.PermissionError return { "profiles": webnotes.conn.sql("""select p.*, wsp.`read`, wsp.`write`, wsp.`admin` from `tabProfile` p, `tabWebsite Sitemap Permission` wsp where wsp.website_sitemap=%s and wsp.profile=p.name""", (group_context.group.name,), as_dict=True) }
def has_access(group, view): access = get_access(group) if view=="settings": return access.get("admin") elif view in ("add", "edit"): return access.get("write") else: return access.get("read")
def add_website_group(group, new_group, public_read, public_write, group_type="Forum"): if not get_access(group).get("admin"): raise webnotes.PermissionError parent_website_sitemap = webnotes.conn.get_value("Website Sitemap", {"ref_doctype": "Website Group", "docname": group}) webnotes.bean({ "doctype": "Website Group", "group_name": group + "-" + new_group, "group_title": new_group, "parent_website_sitemap": parent_website_sitemap, "group_type": group_type, "public_read": int(public_read), "public_write": int(public_write) }).insert(ignore_permissions=True)
def set_vote(ref_doctype, ref_name): website_group = webnotes.conn.get_value(ref_doctype, ref_name, "website_group") if not get_access(website_group).get("read"): raise webnotes.PermissionError try: user_vote = webnotes.bean({ "doctype": "User Vote", "ref_doctype": ref_doctype, "ref_name": ref_name }) user_vote.ignore_permissions = True user_vote.insert() return "ok" except webnotes.DuplicateEntryError: return "duplicate"
def update_permission(sitemap_page, profile, perm, value): if not get_access(sitemap_page).get("admin"): raise webnotes.PermissionError permission = webnotes.bean("Website Sitemap Permission", {"website_sitemap": sitemap_page, "profile": profile}) permission.doc.fields[perm] = int(value) permission.save(ignore_permissions=True) # send email if perm=="admin" and int(value): group_title = webnotes.conn.get_value("Website Sitemap", sitemap_page, "page_title") subject = "You have been made Administrator of Group " + group_title send(recipients=[profile], subject= subject, add_unsubscribe_link=False, message="""<h3>Group Notification<h3>\ <p>%s</p>\ <p style="color: #888">This is just for your information.</p>""" % subject)
def add_sitemap_permission(sitemap_page, profile): if not get_access(sitemap_page).get("admin"): raise webnotes.PermissionError permission = webnotes.bean({ "doctype": "Website Sitemap Permission", "website_sitemap": sitemap_page, "profile": profile, "read": 1 }) permission.insert(ignore_permissions=True) profile = permission.doc.fields profile.update(webnotes.conn.get_value("Profile", profile.profile, ["name", "first_name", "last_name", "user_image", "fb_location", "fb_hometown"], as_dict=True)) return webnotes.get_template("templates/includes/sitemap_permission.html").render({ "profile": profile })
def add_post(group, content, picture, picture_name, title=None, parent_post=None, assigned_to=None, status=None, event_datetime=None): access = get_access(group) if not access.get("write"): raise webnotes.PermissionError if parent_post: if webnotes.conn.get_value("Post", parent_post, "parent_post"): webnotes.throw("Cannot reply to a reply") group = webnotes.doc("Website Group", group) post = webnotes.bean({ "doctype":"Post", "title": (title or "").title(), "content": content, "website_group": group.name, "parent_post": parent_post or None }) if not parent_post: if group.group_type == "Tasks": post.doc.is_task = 1 post.doc.assigned_to = assigned_to elif group.group_type == "Events": post.doc.is_event = 1 post.doc.event_datetime = event_datetime post.ignore_permissions = True post.insert() if picture_name and picture: process_picture(post, picture_name, picture) # send email if parent_post: post.run_method("send_email_on_reply") return post.doc.parent_post or post.doc.name
def get_context(context): bean = webnotes.bean(context.ref_doctype, context.docname) group, view = guess_group_view(bean, context) try: if not has_access(group, view): raise webnotes.PermissionError group_context = get_group_context(group, view, bean) group_context["access"] = get_access(group) group_context.update(context) return render_blocks(group_context) except webnotes.DoesNotExistError: return { "content": '<div class="alert alert-danger full-page">' 'The page you are looking for does not exist.</div>' } except webnotes.PermissionError: return { "content": '<div class="alert alert-danger full-page">' 'You are not permitted to view this page.</div>' }