class CommunityBaseSchema(validators.Schema):
ParentCommunity = validators.IntID()
ParentCommunityName = validators.UnicodeString()
ProvinceState = validators.IntID(not_empty=True)
chained_validators = [validators.RequireIfPredicate(cannot_save_without_parent, ['ParentCommunity'])]
class ExternalCommunityBaseSchema(validators.Schema):
AreaName = validators.UnicodeString(max=200, not_empty=True)
PrimaryAreaType = validators.String(max=30)
SubAreaType = validators.String(max=30)
ProvinceState = validators.IntID()
ExternalID = validators.String(max=50)
AIRSExportType = validators.String(max=20)
Parent_ID = validators.IntID()
Parent_IDName = validators.UnicodeString()
CM_ID = validators.IntID()
CM_IDName = validators.UnicodeString()
def autocomplete_parents(self):
request = self.request
_ = request.translate
term_validator = validators.UnicodeString(not_empty=True)
try:
terms = term_validator.to_python(request.params.get('term'))
except validators.Invalid:
return []
SystemCode = request.context.external_system.SystemCode
retval = []
with request.connmgr.get_connection() as conn:
ext_id_validator = validators.IntID()
try:
ext_id = ext_id_validator.to_python(request.params.get('extid'))
except validators.Invalid:
ext_id = None
cursor = conn.execute('EXEC sp_External_Community_ls_ParentSelector ?, ?, ?', SystemCode, ext_id, terms)
cols = ['chkid', 'value', 'label']
in_tmpl = _(' (in %s)')
values = (x[:2] + (x[2] + ((in_tmpl % x[3]) if x[3] else ''),) for x in cursor.fetchall())
retval = [dict(zip(cols, x)) for x in values]
cursor.close()
return retval
def __init__(self, request):
validator = validators.IntID(not_empty=True)
try:
uid = validator.to_python(request.matchdict.get('uid'))
except validators.Invalid:
raise HTTPNotFound
with request.connmgr.get_connection() as conn:
cursor = conn.execute('EXEC sp_Users_s ?', uid)
self.user = cursor.fetchone()
cursor.nextset()
self.manage_areas = cursor.fetchall()
cursor.nextset()
self.manage_external = cursor.fetchall()
cursor.close()
if self.user is None:
raise HTTPNotFound
self.__acl__ = [(Deny, 'uid:%d' % self.user.User_ID, ALL_PERMISSIONS),
(Allow, 'area:admin', ('edit', 'view')), DENY_ALL]
def __init__(self, request):
super(ExternalCommunityRoot, self).__init__(request)
validator = validators.IntID(not_empty=True)
try:
self.EXTID = validator.to_python(request.matchdict.get('EXTID'))
except validators.Invalid:
raise HTTPNotFound
def json_community(self):
request = self.request
validator = validators.IntID(not_empty=True)
try:
cm_id = validator.to_python(request.matchdict.get('cmid'))
except validators.Invalid, e:
return {'fail': True, 'reason': e.message}
class ManageUserAddUserWrapper(validators.Schema):
allow_extra_fields = True
filter_extra_fields = True
# need to add user validator when constructing
manage_areas = validators.ForEach(validators.IntID())
manage_external = validators.ForEach(validators.String(max=30))
def __init__(self, request):
cm_id = request.matchdict.get('cmid')
if cm_id == 'new':
if request.matched_route.name == 'community_delete':
raise HTTPNotFound()
parents = [('manager', )]
self.community = None
self.descriptions = {}
self.alt_names = []
self.alt_areas = []
else:
validator = validators.IntID(not_empty=True)
try:
cm_id = validator.to_python(cm_id)
except validators.Invalid:
raise HTTPNotFound()
parents = []
with request.connmgr.get_connection() as conn:
cursor = conn.execute('EXEC sp_Community_s ?', cm_id)
community = self.community = cursor.fetchone()
if community is None:
raise HTTPNotFound()
cursor.nextset()
parents = cursor.fetchall()
cursor.nextset()
self.descriptions = {
x.Culture.replace('-', '_'): x
for x in cursor.fetchall()
}
cursor.nextset()
self.alt_names = cursor.fetchall()
cursor.nextset()
self.alt_areas = cursor.fetchall()
cursor.close()
# and this one
parents.append((cm_id, ))
self.__acl__ = [(Allow, 'area:' + str(x[0]), 'edit') for x in parents]
self.__acl__.append((Allow, 'area:admin', 'edit'))
self.__acl__.append(DENY_ALL)
def _get_cmid(self):
cm_id = self.request.matchdict.get('cmid')
if cm_id != 'new':
validator = validators.IntID(not_empty=True)
try:
cm_id = validator.to_python(cm_id)
except validators.Invalid:
raise HTTPNotFound()
return cm_id
def _get_suggestion_id(self):
request = self.request
_ = request.translate
validator = validators.IntID()
try:
sjid = validator.to_python(request.params.get('sjid'))
except validators.Invalid, e:
request.session.flash(
_('Invalid Suggestion ID: ') + e.message, 'errorqueue')
raise HTTPFound(location=request.route_url('review_suggestions'))
def _get_request_id(self):
request = self.request
_ = request.translate
validator = validators.IntID()
try:
reqid = validator.to_python(request.params.get('reqid'))
except validators.Invalid, e:
request.session.flash(
_('Invalid Account Request ID: ') + e.message, 'errorqueue')
raise HTTPFound(location=request.route_url('users'))
def autocomplete(self):
request = self.request
if not request.user or not (request.user.Admin
or request.user.ManageAreaList):
return []
term_validator = validators.UnicodeString(not_empty=True)
try:
terms = term_validator.to_python(request.params.get('term'))
except validators.Invalid:
return []
cm_id_validator = validators.IntID()
try:
cur_parent = cm_id_validator.to_python(
request.params.get('parent'))
except validators.Invalid:
cur_parent = None
cur_cm_id = None
if request.matched_route.name == 'json_search_areas':
try:
cur_cm_id = cm_id_validator.to_python(
request.params.get('cmid'))
except validators.Invalid:
pass
retval = []
search_areas = request.matched_route.name == 'json_search_areas'
with request.connmgr.get_connection() as conn:
if search_areas:
cursor = conn.execute(
'EXEC sp_Community_ls_SearchAreaSelector ?, ?, ?, ?',
request.user.User_ID, cur_cm_id, cur_parent, terms)
else:
cursor = conn.execute(
'EXEC sp_Community_ls_ParentSelector ?, ?, ?',
request.user.User_ID, cur_parent, terms)
cols = ['chkid', 'value', 'label']
retval = [dict(zip(cols, x)) for x in cursor.fetchall()]
cursor.close()
return retval
def json_community(self):
request = self.request
validator = validators.IntID(not_empty=True)
try:
cm_id = validator.to_python(request.matchdict.get('cmid'))
except validators.Invalid as e:
return {'fail': True, 'reason': e.msg}
community = None
with request.connmgr.get_connection() as conn:
community = conn.execute('EXEC sp_Community_s_MoreInfo ?',
cm_id).fetchone()
_ = request.translate
if not community:
return {'fail': True, 'reason': _('Community Not Found.')}
pcn = xml_to_dict_list(community.ParentCommunityName)
if pcn:
pcn = pcn[0]
community.ParentCommunityName = pcn
community.OtherNames = xml_to_dict_list(community.OtherNames)
community.ChildCommunities = xml_to_dict_list(
community.ChildCommunities)
community.SearchCommunities = xml_to_dict_list(
community.SearchCommunities)
community.Managers = xml_to_dict_list(community.Managers)
community_info = render('community_more_details.mak',
{'community': community}, request)
if community.ParentCommunityName:
cm_title = _('%s (in %s)') % (
community.Name, community.ParentCommunityName['Name'])
else:
cm_title = community.Name
return {
'fail': False,
'community_info': community_info,
'community_name': cm_title
}
class AltAreasSchema(CommunitySchema):
alt_areas = validators.ForEach(validators.IntID(), not_emtpy=True)
chained_validators = [validators.ForceRequire('alt_areas')]
def get(self):
request = self.request
_ = request.translate
is_new = not not request.matched_route.name == 'user_new'
is_request = not not request.matched_route.name == 'request_account'
is_account = not not request.matched_route.name == 'account'
if is_new:
reqid = self._get_request_id()
elif is_account:
uid = request.user.User_ID
elif not is_request:
validator = validators.IntID(not_empty=True)
try:
uid = validator.to_python(request.matchdict.get('uid'))
except validators.Invalid:
raise HTTPNotFound()
account_request = None
user = None
cm_name_map = {}
manage_areas = []
manage_external = []
external_systems = []
if not is_request:
if is_new:
with request.connmgr.get_connection() as conn:
cursor = conn.execute(
'EXEC sp_Users_AccountRequest_s ?; EXEC sp_External_System_l',
reqid)
account_request = cursor.fetchone()
cursor.nextset()
external_systems = cursor.fetchall()
cursor.close()
else:
if is_account:
with request.connmgr.get_connection() as conn:
cursor = conn.execute('EXEC sp_Users_s ?', uid)
user = cursor.fetchone()
cursor.nextset()
cm_tmp = cursor.fetchall()
cursor.nextset()
ex_tmp = cursor.fetchall()
cursor.close()
else:
with request.connmgr.get_connection() as conn:
cursor = conn.execute('EXEC sp_External_System_l')
external_systems = cursor.fetchall()
cursor.close()
user = request.context.user
cm_tmp = request.context.manage_areas
ex_tmp = request.context.manage_external
manage_areas = [str(x[0]) for x in cm_tmp]
manage_external = [str(x[0]) for x in ex_tmp]
cm_name_map = {str(x[0]): x[1] for x in cm_tmp}
if is_new:
if not account_request:
request.session.flash(_('Account Request Not Found'),
'errorqueue')
return HTTPFound(location=request.route_url('users'))
elif not is_request:
if not user:
return HTTPNotFound()
data = request.model_state.data
if is_new:
data['user'] = account_request
if account_request.CanUseRequestedName:
data['user.UserName'] = account_request.PreferredUserName
elif account_request.CanUseLastPlusInital:
data['user.UserName'] = account_request.LastName.lower(
) + account_request.FirstName[0].lower()
elif account_request.CanUseDottedJoin:
data['user.UserName'] = '******'.join(
(account_request.FirstName, account_request.LastName))
elif not is_request:
data['user'] = user
data['manage_areas'] = manage_areas
data['manage_external'] = manage_external
if is_new:
title_text = _('Add New User')
elif is_account:
title_text = _('Update Account')
elif is_request:
title_text = _('Request Account')
else:
title_text = _('Modify User')
return {
'title_text': title_text,
'account_request': account_request,
'cm_name_map': cm_name_map,
'user': user,
'is_admin': not is_request and not is_account,
'is_account': is_account,
'external_systems': external_systems
}
def post(self):
request = self.request
_ = request.translate
is_new = not not request.matched_route.name == 'user_new'
is_request = not not request.matched_route.name == 'request_account'
is_account = not not request.matched_route.name == 'account'
reqid = None
if is_new:
reqid = self._get_request_id()
elif is_account:
uid = request.user.User_ID
elif not is_request:
validator = validators.IntID(not_empty=True)
try:
uid = validator.to_python(request.matchdict.get('uid'))
except validators.Invalid:
raise HTTPNotFound()
if is_new and request.params.get('Reject'):
return HTTPFound(location=request.route_url(
'request_reject', _query=[('reqid', reqid)]))
extra_validators = {}
if is_new:
extra_validators['user'] = NewUserValidator()
elif is_account:
extra_validators['user'] = BaseUserValidator()
extra_validators['password'] = PasswordValidator(if_missing=None)
elif not is_request:
extra_validators['user'] = ManageUsersValidator()
extra_validators['password'] = PasswordValidator(if_missing=None)
else:
extra_validators['user'] = RequestAccessValidator()
extra_validators['TomorrowsDate'] = TomorrowsDateValidator
if is_request or is_account:
schema = UpdateProfileRequestAccessBase(**extra_validators)
else:
schema = ManageUserAddUserWrapper(**extra_validators)
model_state = request.model_state
model_state.form.variable_decode = True
model_state.schema = schema
if model_state.validate():
form_data = model_state.data
user = form_data['user']
fields = list(schema.fields['user'].fields.keys())
args = [user.get(x) for x in fields]
if not is_request and not is_account:
root = ET.Element('ManageAreas')
if not user.get('Admin'):
for cmid in form_data.get('manage_areas') or []:
if cmid:
ET.SubElement(root, 'CM_ID').text = str(cmid)
fields.append('ManageAreas')
args.append(ET.tostring(root))
root = ET.Element('ManageExternal')
if not user.get('Admin'):
for code in form_data.get('manage_external') or []:
if code:
ET.SubElement(root, 'SystemCode').text = str(code)
fields.append('ManageExternalSystems')
args.append(ET.tostring(root))
log.debug('args: %s', args)
if is_new:
fields.append('Request_ID')
args.append(reqid)
if not is_request:
fields.append('MODIFIED_BY')
args.append(request.user.UserName)
password = None
if not is_request:
if is_new:
password = security.MakeRandomPassword()
else:
password = model_state.value('password.Password')
if password:
salt = security.MakeSalt()
hash = security.Crypt(salt, password)
hash_args = [security.DEFAULT_REPEAT, salt, hash]
else:
hash_args = [None, None, None]
fields.extend(
['PasswordHashRepeat', 'PasswordHashSalt', 'PasswordHash'])
args.extend(hash_args)
user_id_sql = ''
if is_new:
user_id_sql = '@User_ID OUTPUT,'
elif not is_request:
fields.append('User_ID')
args.append(uid)
if is_request:
sql = '''
DECLARE @RT int, @ErrMsg nvarchar(500), @Request_ID int
%s
EXEC @RT = sp_Users_AccountRequest_i @Request_ID OUTPUT, %s, @ErrMsg=@ErrMsg OUTPUT
SELECT @RT AS [Return], @ErrMsg AS ErrMsg, @Request_ID AS Request_ID
'''
else:
sql = '''
DECLARE @RT int, @ErrMsg nvarchar(500), @User_ID int
SET @ErrMsg = NULL
EXEC @RT = sp_Users_u %s %s, @ErrMsg=@ErrMsg OUTPUT
SELECT @RT AS [Return], @ErrMsg AS ErrMsg, @User_ID AS [User_ID]
'''
sql = sql % (user_id_sql, ','.join('@%s=?' % x for x in fields))
with request.connmgr.get_connection() as conn:
result = conn.execute(sql, args).fetchone()
if not result.Return:
if is_new:
# force to language of request?
gettext = get_translate_fn(request, user['Culture'])
subject = gettext(
'Your CIOC Community Manager Site Account')
welcome_message = gettext(welcome_email_template) % {
'FirstName': user['FirstName'],
'UserName': user['UserName'],
'Password': password,
'url': request.route_url('login')
}
email.email('*****@*****.**', user['Email'], subject,
welcome_message)
request.session.flash(_('User Successfully Added'))
return HTTPFound(
location=request.route_url('user', uid=result.User_ID))
elif is_request:
subject = 'CIOC Community Manager Account Request'
tmpl_args = {
'url':
request.route_url('user_new',
_query=[('reqid', result.Request_ID)
])
}
tmpl_args.update(user)
request_message = request_email_template % tmpl_args
email.email('*****@*****.**', '*****@*****.**', subject,
request_message)
return HTTPFound(
location=request.route_url('request_account_thanks'))
if is_account:
request.session.flash(_('Account successfully updated'))
else:
request.session.flash(_('User successfully modified'))
return HTTPFound(location=request.current_route_url())
model_state.add_error_for(
'*',
_('Could not add user: '******'manage_areas') or []
else:
data = model_state.data
decoded = variable_decode(request.POST)
data['manage_areas'] = manage_areas = decoded.get(
'manage_areas') or []
if is_account:
manage_areas = request.user.ManageAreaList or []
log.debug('errors: %s', model_state.form.errors)
account_request = user = None
cm_name_map = {}
if not is_request:
with request.connmgr.get_connection() as conn:
if is_new:
account_request = conn.execute(
'EXEC sp_Users_AccountRequest_s ?', reqid).fetchone()
else:
if is_account:
user = conn.execute('EXEC sp_Users_s ?',
uid).fetchone()
else:
user = request.context.user
cm_name_map = {
str(x[0]): x[1]
for x in conn.execute(
'EXEC sp_Community_ls_Names ?', ','.join(
str(x) for x in manage_areas)).fetchall()
}
if is_new:
if not account_request:
request.session.flash(_('Account Request Not Found'),
'errorqueue')
return HTTPFound(location=request.route_url('users'))
elif not is_request:
if not user:
raise HTTPNotFound()
if is_new:
title_text = _('Add New User')
elif is_request:
title_text = _('Request Account')
elif is_account:
title_text = _('Update Account')
else:
title_text = _('Modify User')
return {
'title_text': title_text,
'account_request': account_request,
'user': user,
'cm_name_map': cm_name_map,
'is_admin': not is_request and not is_account,
'is_account': is_account
}
