def accountant_mail(appstruct):
"""
this function returns a message object for the mailer
it consists of a mail body and an attachment attached to it
"""
unencrypted = make_mail_body(appstruct)
#print("accountant_mail: mail body: \n%s") % unencrypted
#print("accountant_mail: type of mail body: %s") % type(unencrypted)
encrypted = encrypt_with_gnupg(unencrypted)
#print("accountant_mail: mail body (enc'd): \n%s") % encrypted
#print("accountant_mail: type of mail body (enc'd): %s") % type(encrypted)
message_recipient = appstruct['message_recipient']
message = Message(subject="[C3S] Yes! a new member",
sender="*****@*****.**",
recipients=[message_recipient],
body=encrypted)
#print("accountant_mail: csv_payload: \n%s") % generate_csv(appstruct)
#print(
# "accountant_mail: type of csv_payload: \n%s"
#) % type(generate_csv(appstruct))
csv_payload_encd = encrypt_with_gnupg(generate_csv(appstruct))
#print("accountant_mail: csv_payload_encd: \n%s") % csv_payload_encd
#print(
# "accountant_mail: type of csv_payload_encd: \n%s"
#) % type(csv_payload_encd)
attachment = Attachment("C3S-SCE-AFM.csv.gpg",
"application/gpg-encryption", csv_payload_encd)
message.attach(attachment)
return message
def accountant_mail(appstruct):
"""
this function returns a message object for the mailer
it consists of a mail body and an attachment attached to it
"""
unencrypted = make_mail_body(appstruct)
#print("accountant_mail: mail body: \n%s") % unencrypted
#print("accountant_mail: type of mail body: %s") % type(unencrypted)
encrypted = encrypt_with_gnupg(unencrypted)
#print("accountant_mail: mail body (enc'd): \n%s") % encrypted
#print("accountant_mail: type of mail body (enc'd): %s") % type(encrypted)
message = Message(
subject="[C3S] Yes! a new member",
sender="*****@*****.**",
recipients=["*****@*****.**"],
body=encrypted
)
#print("accountant_mail: csv_payload: \n%s") % generate_csv(appstruct)
#print(
# "accountant_mail: type of csv_payload: \n%s"
#) % type(generate_csv(appstruct))
csv_payload_encd = encrypt_with_gnupg(generate_csv(appstruct))
#print("accountant_mail: csv_payload_encd: \n%s") % csv_payload_encd
#print(
# "accountant_mail: type of csv_payload_encd: \n%s"
#) % type(csv_payload_encd)
attachment = Attachment(
"C3S-SCE-AFM.csv.gpg", "application/gpg-encryption",
csv_payload_encd)
message.attach(attachment)
return message
def test_encrypt_with_gnupg_import_key(self):
"""
test if encryption produces any result at all
"""
from c3smembership.gnupg_encrypt import encrypt_with_gnupg
result = encrypt_with_gnupg('foo')
# print ("the result: " + str(result))
self.assertTrue('-----BEGIN PGP MESSAGE-----' in str(result))
self.assertTrue('-----END PGP MESSAGE-----' in str(result))
def test_encrypt_with_gnupg_w_umlauts(self):
"""
test if unicode input is acceptable and digested
"""
from c3smembership.gnupg_encrypt import encrypt_with_gnupg
result = encrypt_with_gnupg(u'f**k the umläuts')
# print ("the result: " + str(result))
self.assertTrue('-----BEGIN PGP MESSAGE-----' in str(result))
self.assertTrue('-----END PGP MESSAGE-----' in str(result))
def create_accountant_mail(member, sender, recipients):
"""
Create an email message information the accountant about the new
membership application.
"""
unencrypted = make_mail_body(member)
encrypted = encrypt_with_gnupg(unencrypted)
message = Message(
subject="[C3S] Yes! a new member",
sender=sender,
recipients=recipients,
body=encrypted
)
csv_payload_encd = encrypt_with_gnupg(generate_csv(member))
attachment = Attachment(
"C3S-SCE-AFM.csv.gpg",
"application/gpg-encryption",
csv_payload_encd)
message.attach(attachment)
return message
def staff_view(request):
"""
This view lets admins edit staff/cashier personnel:
who may act as cashier etc.?
"""
_staffers = C3sStaff.get_all()
class Staffer(colander.MappingSchema):
login = colander.SchemaNode(
colander.String(),
title='login',
)
password = colander.SchemaNode(
colander.String(),
title='passwort',
)
schema = Staffer()
stafferform = deform.Form(
schema,
buttons=[
deform.Button('new_staffer', 'save')
]
)
if 'action' in request.POST:
#print(request.POST['id'])
try:
_staffer = C3sStaff.get_by_id(int(request.POST['id']))
except:
# print("exception!")
return HTTPFound(location=request.route_url('staff'))
#print(request.POST['action'])
if request.POST['action'] == u'delete':
#print("will delete staff id %s" % _staffer.id)
C3sStaff.delete_by_id(_staffer.id)
#print("deleted staff id %s" % _staffer.id)
# send mail
encrypted = encrypt_with_gnupg('''hi,
%s was deleted from the backend by %s.
best,
your membership tool''' % (_staffer.login,
request.authenticated_userid))
message = Message(
subject='[C3S Yes] staff was deleted.',
sender='*****@*****.**',
recipients=[
request.registry.settings['c3smembership.mailaddr']],
body=encrypted
)
mailer = get_mailer(request)
mailer.send(message)
return HTTPFound(location=request.route_url('staff'))
elif request.POST['action'] == 'edit':
appstruct = {
'login': _staffer.login,
'password': '******',
}
stafferform.set_appstruct(appstruct)
if 'new_staffer' in request.POST:
#print "new staffer!"
controls = request.POST.items()
try:
appstruct = stafferform.validate(controls)
#print('validated!')
except ValidationFailure, e:
return {
'stafferform': e.render()
}
# XXX login must be unique!
existing = C3sStaff.get_by_login(appstruct['login'])
if existing is not None:
#print "that staffer exists!"
if u'_UNCHANGED_' in appstruct['password']:
pass
else:
existing.password = appstruct['password']
existing.last_password_change = datetime.now()
encrypted = encrypt_with_gnupg('''hi,
the password of %s was changed by %s.
best,
your membership tool''' % (existing.login,
request.authenticated_userid))
message = Message(
subject='[C3S Yes] staff password changed.',
sender='*****@*****.**',
recipients=[
request.registry.settings['c3smembership.mailaddr']],
body=encrypted
)
else: # create new entry
staffer = C3sStaff(
login=appstruct['login'],
password=appstruct['password'],
email=u'',
)
staffer.groups = [Group.get_staffers_group()]
#print "about to add user"
DBSession.add(staffer)
DBSession.flush()
print "added staffer"
# send mail
encrypted = encrypt_with_gnupg('''hi,
%s was added to the backend by %s.
best,
your membership tool''' % (staffer.login,
request.authenticated_userid))
message = Message(
subject='[C3S Yes] staff was added.',
sender='*****@*****.**',
recipients=[
request.registry.settings['c3smembership.mailaddr']],
body=encrypted
)
mailer = get_mailer(request)
mailer.send(message)
return HTTPFound(
request.route_url('staff')
)
def staff_view(request):
"""
This view lets admins edit staff personnel.
- edit/change password
- delete
"""
_staffers = Staff.get_all()
class Staffer(colander.MappingSchema):
"""
Staff login schema
"""
login = colander.SchemaNode(
colander.String(),
title='login',
)
password = colander.SchemaNode(
colander.String(),
title='passwort',
)
schema = Staffer()
stafferform = deform.Form(
schema,
buttons=[
deform.Button('new_staffer', 'save')
]
)
if 'action' in request.POST:
try:
_staffer = Staff.get_by_id(int(request.POST['id']))
except (KeyError, ValueError):
return HTTPFound(location=request.route_url('staff'))
if request.POST['action'] == u'delete':
Staff.delete_by_id(_staffer.id)
encrypted = encrypt_with_gnupg('''hi,
%s was deleted from the backend by %s.
best,
your membership tool''' % (_staffer.login,
authenticated_userid(request)))
message = Message(
subject='[C3S Yes] staff was deleted.',
sender=request.registry.settings[
'c3smembership.notification_sender'],
recipients=[request.registry.settings[
'c3smembership.status_receiver']],
body=encrypted
)
mailer = get_mailer(request)
mailer.send(message)
return HTTPFound(location=request.route_url('staff'))
elif request.POST['action'] == 'edit':
appstruct = {
'login': _staffer.login,
'password': '******',
}
stafferform.set_appstruct(appstruct)
if 'new_staffer' in request.POST:
controls = request.POST.items()
try:
appstruct = stafferform.validate(controls)
except ValidationFailure, error:
return {
'stafferform': error.render()
}
existing = Staff.get_by_login(appstruct['login'])
if existing is not None:
if u'_UNCHANGED_' in appstruct['password']:
pass
else:
existing.password = appstruct['password']
existing.last_password_change = datetime.now()
encrypted = encrypt_with_gnupg('''hi,
the password of %s was changed by %s.
best,
your membership tool''' % (existing.login,
authenticated_userid(request)))
message = Message(
subject='[C3S Yes] staff password changed.',
sender=request.registry.settings[
'c3smembership.notification_sender'],
recipients=[request.registry.settings[
'c3smembership.status_receiver']],
body=encrypted
)
else: # create new entry
staffer = Staff(
login=appstruct['login'],
password=appstruct['password'],
email=u'',
)
staffer.groups = [Group.get_staffers_group()]
# pylint: disable=no-member
DBSession.add(staffer)
DBSession.flush()
encrypted = encrypt_with_gnupg('''hi,
%s was added to the backend by %s.
best,
your membership tool''' % (staffer.login,
authenticated_userid(request)))
message = Message(
subject='[C3S Yes] staff was added.',
sender=request.registry.settings[
'c3smembership.notification_sender'],
recipients=[request.registry.settings[
'c3smembership.status_receiver']],
body=encrypted
)
mailer = get_mailer(request)
mailer.send(message)
return HTTPFound(
request.route_url('staff')
)
