def update_description(group, description):
if not get_access(get_pathname(group)).get("admin"):
raise frappe.PermissionError
group = frappe.get_doc("Website Group", group)
group.group_description = description
group.save(ignore_permissions=True)
def update_description(group, description):
if not get_access(get_pathname(group)).get("admin"):
raise frappe.PermissionError
group = frappe.get_doc("Website Group", group)
group.group_description = description
group.save(ignore_permissions=True)
def suggest_user(term, group):
pathname = get_pathname(group)
if not get_access(pathname).get("admin"):
raise frappe.PermissionError
users = frappe.db.sql(
"""select pr.name, pr.first_name, pr.last_name,
pr.user_image, pr.location
from `tabUser` pr
where (pr.first_name like %(term)s or pr.last_name like %(term)s)
and pr.user_type = "Website User"
and pr.user_image is not null and pr.enabled=1
and not exists(select wsp.name from `tabWebsite Route Permission` wsp
where wsp.website_route=%(group)s and wsp.user=pr.name)""",
{"term": "%{}%".format(term), "group": pathname},
as_dict=True,
)
template = frappe.get_template("templates/includes/user_display.html")
return [
{
"value": "{} {}".format(pr.first_name or "", pr.last_name or ""),
"user_html": template.render({"user": pr}),
"user": pr.name,
}
for pr in users
]
def save_post(post, content, picture=None, picture_name=None, title=None,
assigned_to=None, status=None, event_datetime=None):
post = frappe.get_doc("Post", post)
access = get_access(get_pathname(post.website_group))
if not access.get("write"):
raise frappe.PermissionError
# TODO improve error message
if frappe.session.user != post.owner:
for fieldname in ("title", "content"):
if post.get(fieldname) != locals().get(fieldname):
frappe.throw(_("Cannot change {0}").format(fieldname))
if picture and picture_name:
frappe.throw(_("Cannot change picture"))
post.update({
"title": (title or "").title(),
"content": content,
"assigned_to": assigned_to,
"status": status,
"event_datetime": event_datetime
})
post.ignore_permissions = True
post.save()
if picture_name and picture:
process_picture(post, picture_name, picture)
return post.parent_post or post.name
def update_permission(group, profile, perm, value):
pathname = get_pathname(group)
if not get_access(pathname).get("admin"):
raise frappe.PermissionError
permission = frappe.bean("Website Route Permission", {
"website_route": pathname,
"profile": profile
})
permission.doc.fields[perm] = int(value)
permission.save(ignore_permissions=True)
# send email
if perm == "admin" and int(value):
group_title = frappe.db.get_value("Website Route", pathname,
"page_title")
subject = "You have been made Administrator of Group " + group_title
send(recipients=[profile],
subject=subject,
add_unsubscribe_link=False,
message="""<h3>Group Notification<h3>\
<p>%s</p>\
<p style="color: #888">This is just for your information.</p>""" % subject)
def add_website_group(group, new_group, public_read, public_write, group_type="Forum"):
if not get_access(get_pathname(group)).get("admin"):
raise frappe.PermissionError
parent_website_route = frappe.db.get_value("Website Route",
{"ref_doctype": "Website Group", "docname": group})
frappe.get_doc({
"doctype": "Website Group",
"group_name": group + "-" + new_group,
"group_title": new_group,
"parent_website_route": parent_website_route,
"group_type": group_type,
"public_read": int(public_read),
"public_write": int(public_write)
}).insert(ignore_permissions=True)
def add_post(group,
content,
picture,
picture_name,
title=None,
parent_post=None,
assigned_to=None,
status=None,
event_datetime=None):
access = get_access(get_pathname(group))
if not access.get("write"):
raise frappe.PermissionError
if parent_post:
if frappe.db.get_value("Post", parent_post, "parent_post"):
frappe.throw("Cannot reply to a reply")
group = frappe.doc("Website Group", group)
post = frappe.bean({
"doctype": "Post",
"title": (title or "").title(),
"content": content,
"website_group": group.name,
"parent_post": parent_post or None
})
if not parent_post:
if group.group_type == "Tasks":
post.doc.is_task = 1
post.doc.assigned_to = assigned_to
elif group.group_type == "Events":
post.doc.is_event = 1
post.doc.event_datetime = event_datetime
post.ignore_permissions = True
post.insert()
if picture_name and picture:
process_picture(post, picture_name, picture)
# send email
if parent_post:
post.run_method("send_email_on_reply")
return post.doc.parent_post or post.doc.name
def add_website_group(group, new_group, public_read, public_write, group_type="Forum"):
if not get_access(get_pathname(group)).get("admin"):
raise frappe.PermissionError
parent_website_route = frappe.db.get_value("Website Route", {"ref_doctype": "Website Group", "docname": group})
frappe.get_doc(
{
"doctype": "Website Group",
"group_name": group + "-" + new_group,
"group_title": new_group,
"parent_website_route": parent_website_route,
"group_type": group_type,
"public_read": int(public_read),
"public_write": int(public_write),
}
).insert(ignore_permissions=True)
def add_sitemap_permission(group, user):
pathname = get_pathname(group)
if not get_access(pathname).get("admin"):
raise frappe.PermissionError
permission = frappe.get_doc(
{"doctype": "Website Route Permission", "website_route": pathname, "user": user, "read": 1}
)
permission.insert(ignore_permissions=True)
user = permission.as_dict()
user.update(
frappe.db.get_value(
"User", user.user, ["name", "first_name", "last_name", "user_image", "location"], as_dict=True
)
)
return frappe.get_template("templates/includes/sitemap_permission.html").render({"user": user})
def add_sitemap_permission(group, user):
pathname = get_pathname(group)
if not get_access(pathname).get("admin"):
raise frappe.PermissionError
permission = frappe.get_doc({
"doctype": "Website Route Permission",
"website_route": pathname,
"user": user,
"read": 1
})
permission.insert(ignore_permissions=True)
user = permission.as_dict()
user.update(frappe.db.get_value("User", user.user,
["name", "first_name", "last_name", "user_image", "location"], as_dict=True))
return frappe.get_template("templates/includes/sitemap_permission.html").render({
"user": user
})
def suggest_user(term, group):
pathname = get_pathname(group)
if not get_access(pathname).get("admin"):
raise frappe.PermissionError
users = frappe.db.sql("""select pr.name, pr.first_name, pr.last_name,
pr.user_image, pr.location
from `tabUser` pr
where (pr.first_name like %(term)s or pr.last_name like %(term)s)
and pr.user_type = "Website User"
and pr.user_image is not null and pr.enabled=1
and not exists(select wsp.name from `tabWebsite Route Permission` wsp
where wsp.website_route=%(group)s and wsp.user=pr.name)""",
{"term": "%{}%".format(term), "group": pathname}, as_dict=True)
template = frappe.get_template("templates/includes/user_display.html")
return [{
"value": "{} {}".format(pr.first_name or "", pr.last_name or ""),
"user_html": template.render({"user": pr}),
"user": pr.name
} for pr in users]
def add_post(group, content, picture, picture_name, title=None, parent_post=None,
assigned_to=None, status=None, event_datetime=None):
access = get_access(get_pathname(group))
if not access.get("write"):
raise frappe.PermissionError
if parent_post:
if frappe.db.get_value("Post", parent_post, "parent_post"):
frappe.throw(_("Cannot reply to a reply"))
group = frappe.get_doc("Website Group", group)
post = frappe.get_doc({
"doctype":"Post",
"title": (title or "").title(),
"content": content,
"website_group": group.name,
"parent_post": parent_post or None
})
if not parent_post:
if group.group_type == "Tasks":
post.is_task = 1
post.assigned_to = assigned_to
elif group.group_type == "Events":
post.is_event = 1
post.event_datetime = event_datetime
post.ignore_permissions = True
post.insert()
if picture_name and picture:
process_picture(post, picture_name, picture)
# send email
if parent_post:
post.run_method("send_email_on_reply")
return post.parent_post or post.name
def save_post(post,
content,
picture=None,
picture_name=None,
title=None,
assigned_to=None,
status=None,
event_datetime=None):
post = frappe.bean("Post", post)
access = get_access(get_pathname(post.doc.website_group))
if not access.get("write"):
raise frappe.PermissionError
# TODO improve error message
if frappe.session.user != post.doc.owner:
for fieldname in ("title", "content"):
if post.doc.fields.get(fieldname) != locals().get(fieldname):
frappe.throw("You cannot change: {}".format(fieldname.title()))
if picture and picture_name:
frappe.throw("You cannot change: Picture")
post.doc.fields.update({
"title": (title or "").title(),
"content": content,
"assigned_to": assigned_to,
"status": status,
"event_datetime": event_datetime
})
post.ignore_permissions = True
post.save()
if picture_name and picture:
process_picture(post, picture_name, picture)
return post.doc.parent_post or post.doc.name
def update_permission(group, user, perm, value):
pathname = get_pathname(group)
if not get_access(pathname).get("admin"):
raise frappe.PermissionError
permission = frappe.get_doc("Website Route Permission", {"website_route": pathname, "user": user})
permission.set(perm, int(value))
permission.save(ignore_permissions=True)
# send email
if perm == "admin" and int(value):
group_title = frappe.db.get_value("Website Route", pathname, "page_title")
subject = "You have been made Administrator of Group " + group_title
send(
recipients=[user],
subject=subject,
add_unsubscribe_link=False,
message="""<h3>Group Notification<h3>\
<p>%s</p>\
<p style="color: #888">This is just for your information.</p>"""
% subject,
)
def add_sitemap_permission(group, profile):
pathname = get_pathname(group)
if not get_access(pathname).get("admin"):
raise frappe.PermissionError
permission = frappe.bean({
"doctype": "Website Route Permission",
"website_route": pathname,
"profile": profile,
"read": 1
})
permission.insert(ignore_permissions=True)
profile = permission.doc.fields
profile.update(
frappe.db.get_value(
"Profile",
profile.profile,
["name", "first_name", "last_name", "user_image", "location"],
as_dict=True))
return frappe.get_template(
"templates/includes/sitemap_permission.html").render(
{"profile": profile})
