Esempio n. 1
0
File: user.py Progetto: 2cadz/nereid
    def reset_account(cls):
        """
        Reset the password for the user.

        .. tip::
            This does NOT reset the password, but just creates an activation
            code and sends the link to the email of the user. If the user uses
            the link, he can change his password.
        """
        form = ResetAccountForm()
        if form.validate_on_submit():
            try:
                nereid_user, = cls.search([
                    ('email', '=', form.email.data),
                    ('company', '=', current_website.company.id),
                ])
            except ValueError:
                return cls.build_response(
                    'Invalid email address',
                    render_template('reset-password.jinja'),
                    400
                )
            nereid_user.send_reset_email()
            return cls.build_response(
                'An email has been sent to your account for resetting'
                ' your credentials',
                redirect(url_for('nereid.website.login')), 200
            )
        elif form.errors:
            if request.is_xhr or request.is_json:
                return jsonify(error=form.errors), 400
            flash(_('Invalid email address.'))

        return render_template('reset-password.jinja')
Esempio n. 2
0
    def change_password(cls):
        """
        Changes the password

        .. tip::
            On changing the password, the user is logged out and the login page
            is thrown at the user
        """
        form = ChangePasswordForm()

        if request.method == "POST" and form.validate():
            if current_user.match_password(form.old_password.data):
                cls.write([current_user], {"password": form.password.data})
                logout_user()
                return cls.build_response(
                    "Your password has been successfully changed! " "Please login again",
                    redirect(url_for("nereid.website.login")),
                    200,
                )
            else:
                return cls.build_response(
                    "The current password you entered is invalid",
                    render_template("change-password.jinja", change_password_form=form),
                    400,
                )

        if form.errors and (request.is_xhr or request.is_json):
            return jsonify(errors=form.errors), 400

        return render_template("change-password.jinja", change_password_form=form)
Esempio n. 3
0
    def reset_account(cls):
        """
        Reset the password for the user.

        .. tip::
            This does NOT reset the password, but just creates an activation
            code and sends the link to the email of the user. If the user uses
            the link, he can change his password.
        """
        if request.method == 'POST':
            user_ids = cls.search([
                ('email', '=', request.form['email']),
                ('company', '=', request.nereid_website.company.id),
            ])

            if not user_ids:
                flash(_('Invalid email address'))
                return render_template('reset-password.jinja')

            nereid_user, = user_ids

            nereid_user.create_act_code("reset")
            nereid_user.send_reset_email()
            flash(
                _('An email has been sent to your account for resetting'
                  ' your credentials'))
            return redirect(url_for('nereid.website.login'))

        return render_template('reset-password.jinja')
Esempio n. 4
0
    def change_password(cls):
        """
        Changes the password

        .. tip::
            On changing the password, the user is logged out and the login page
            is thrown at the user
        """
        form = ChangePasswordForm()

        if request.method == 'POST' and form.validate():
            if current_user.match_password(form.old_password.data):
                cls.write([current_user], {'password': form.password.data})
                logout_user()
                return cls.build_response(
                    'Your password has been successfully changed! '
                    'Please login again',
                    redirect(url_for('nereid.website.login')), 200)
            else:
                return cls.build_response(
                    'The current password you entered is invalid',
                    render_template('change-password.jinja',
                                    change_password_form=form), 400)

        if form.errors and (request.is_xhr or request.is_json):
            return jsonify(errors=form.errors), 400

        return render_template('change-password.jinja',
                               change_password_form=form)
Esempio n. 5
0
    def test_0010_change_context(self):
        '''
        Render template from local searchpath
        '''
        with Transaction().start(DB_NAME, USER, CONTEXT):
            self.setup_defaults()
            app = self.get_app()

            with app.test_request_context('/'):
                self.assertEqual(
                    render_template(
                        'tests/test-changing-context.html',
                        variable="a"
                    ), 'a'
                )
                lazy_template = render_template(
                    'tests/test-changing-context.html',
                    variable="a"
                )
                self.assertTrue(
                    isinstance(lazy_template, LazyRenderer)
                )

                # Now change the value of the variable in the context and
                # see if the template renders with the new value
                lazy_template.context['variable'] = "b"
                self.assertEqual(lazy_template, "b")

                # Make a unicode of the same template
                unicode_of_response = unicode(lazy_template)
                self.assertEqual(unicode_of_response, "b")
                self.assertTrue(
                    isinstance(unicode_of_response, unicode)
                )
Esempio n. 6
0
    def reset_account(cls):
        """
        Reset the password for the user.

        .. tip::
            This does NOT reset the password, but just creates an activation
            code and sends the link to the email of the user. If the user uses
            the link, he can change his password.
        """
        form = ResetAccountForm()
        if form.validate_on_submit():
            try:
                nereid_user, = cls.search([
                    ('email', '=', form.email.data),
                    ('company', '=', request.nereid_website.company.id),
                ])
            except ValueError:
                return cls.build_response(
                    'Invalid email address',
                    render_template('reset-password.jinja'),
                    400
                )
            nereid_user.send_reset_email()
            return cls.build_response(
                'An email has been sent to your account for resetting'
                ' your credentials',
                redirect(url_for('nereid.website.login')), 200
            )
        elif form.errors:
            if request.is_xhr or request.is_json:
                return jsonify(error=form.errors), 400
            flash(_('Invalid email address.'))

        return render_template('reset-password.jinja')
Esempio n. 7
0
    def reset_account(self):
        """
        Reset the password for the user.

        .. tip::
            This does NOT reset the password, but just creates an activation
            code and sends the link to the email of the user. If the user uses
            the link, he can change his password.
        """
        if request.method == "POST":
            user_ids = self.search(
                [("email", "=", request.form["email"]), ("company", "=", request.nereid_website.company.id)]
            )

            if not user_ids:
                flash(_("Invalid email address"))
                return render_template("reset-password.jinja")

            self.create_act_code(user_ids[0], "reset")
            user = self.browse(user_ids[0])
            self.send_reset_email(user)
            flash(_("An email has been sent to your account for resetting" " your credentials"))
            return redirect(url_for("nereid.website.login"))

        return render_template("reset-password.jinja")
Esempio n. 8
0
    def test_0010_change_context(self):
        '''
        Render template from local searchpath
        '''
        with Transaction().start(DB_NAME, USER, CONTEXT):
            self.setup_defaults()
            app = self.get_app()

            with app.test_request_context('/'):
                self.assertEqual(
                    render_template('tests/test-changing-context.html',
                                    variable="a"), 'a')
                lazy_template = render_template(
                    'tests/test-changing-context.html', variable="a")
                self.assertTrue(isinstance(lazy_template, LazyRenderer))

                # Now change the value of the variable in the context and
                # see if the template renders with the new value
                lazy_template.context['variable'] = "b"
                self.assertEqual(lazy_template, "b")

                # Make a unicode of the same template
                unicode_of_response = unicode(lazy_template)
                self.assertEqual(unicode_of_response, "b")
                self.assertTrue(isinstance(unicode_of_response, unicode))
Esempio n. 9
0
    def reset_account(cls):
        """
        Reset the password for the user.

        .. tip::
            This does NOT reset the password, but just creates an activation
            code and sends the link to the email of the user. If the user uses
            the link, he can change his password.
        """
        if request.method == 'POST':
            user_ids = cls.search(
                [
                    ('email', '=', request.form['email']),
                    ('company', '=', request.nereid_website.company.id),
                ]
            )

            if not user_ids or not request.form['email']:
                flash(_('Invalid email address'))
                return render_template('reset-password.jinja')

            nereid_user, = user_ids
            nereid_user.send_reset_email()
            flash(_('An email has been sent to your account for resetting'
                    ' your credentials'))
            return redirect(url_for('nereid.website.login'))

        return render_template('reset-password.jinja')
Esempio n. 10
0
    def create_address(cls):
        """
        Create an address for the current nereid_user

        GET
        ~~~

        Return an address creation form

        POST
        ~~~~

        Creates an address and redirects to the address view. If a next_url
        is provided, redirects there.

        .. version_added: 3.0.3.0
        """
        form = cls.get_address_form()

        if request.method == 'POST' and form.validate():
            party = request.nereid_user.party
            address, = cls.create([{
                'name': form.name.data,
                'street': form.street.data,
                'streetbis': form.streetbis.data,
                'zip': form.zip.data,
                'city': form.city.data,
                'country': form.country.data,
                'subdivision': form.subdivision.data,
                'party': party.id,
            }])
            if form.email.data:
                party.add_contact_mechanism_if_not_exists(
                    'email', form.email.data
                )
            if form.phone.data:
                party.add_contact_mechanism_if_not_exists(
                    'phone', form.phone.data
                )
            return redirect(url_for('party.address.view_address'))

        try:
            return render_template('address-add.jinja', form=form)
        except TemplateNotFound:
            # The address-add template was introduced in 3.0.3.0
            # so just raise a deprecation warning till 3.2.X and then
            # expect the use of address-add template
            warnings.warn(
                "address-add.jinja template not found. "
                "Will be required in future versions",
                DeprecationWarning
            )
            return render_template('address-edit.jinja', form=form)
Esempio n. 11
0
    def registration(self):
        """
        Invokes registration of an user
        """
        registration_form = self.get_registration_form()

        if request.method == 'POST' and registration_form.validate():
            existing = self.search([
                ('email', '=', request.form['email']),
                ('company', '=', request.nereid_website.company.id),
                ])
            if existing:
                flash(_('A registration already exists with this email. '
                    'Please contact customer care')
                )
            else:
                user_id = self.create({
                    'name': registration_form.name.data,
                    'display_name': registration_form.name.data,
                    'email': registration_form.email.data,
                    'password': registration_form.password.data,
                    'company': request.nereid_website.company.id,
                    })
                self.create_act_code(user_id)
                registration.send(user_id)
                user = self.browse(user_id)
                self.send_activation_email(user)
                flash(
                    _('Registration Complete. Check your email for activation')
                )
                return redirect(
                    request.args.get('next', url_for('nereid.website.home'))
                )

        return render_template('registration.jinja', form=registration_form)
Esempio n. 12
0
    def new_password(cls):
        """Create a new password

        .. tip::

            Unlike change password this does not demand the old password.
            And hence this method will check in the session for a parameter
            called allow_new_password which has to be True. This acts as a
            security against attempts to POST to this method and changing
            password.

            The allow_new_password flag is popped on successful saving

        This is intended to be used when a user requests for a password reset.
        """
        form = NewPasswordForm(request.form)

        if request.method == 'POST' and form.validate():
            if not session.get('allow_new_password', False):
                current_app.logger.debug('New password not allowed in session')
                abort(403)

            cls.write(
                [request.nereid_user],
                {'password': form.password.data}
            )
            session.pop('allow_new_password')
            flash(_(
                'Your password has been successfully changed! '
                'Please login again'))
            session.pop('user')
            return redirect(url_for('nereid.website.login'))

        return render_template('new-password.jinja', password_form=form)
Esempio n. 13
0
    def edit_address(self, address=None):
        """
        Create/Edit an Address

        POST will create a new address or update and existing address depending
        on the value of address.
        GET will return a new address/existing address edit form

        :param address: ID of the address
        """
        form = AddressForm(request.form, name=request.nereid_user.name)
        countries = [
            (c.id, c.name) for c in request.nereid_website.countries
            ]
        form.country.choices = countries
        if address not in (a.id for a in request.nereid_user.party.addresses):
            address = None
        if request.method == 'POST' and form.validate():
            if address is not None:
                self.write(address, {
                    'name': form.name.data,
                    'street': form.street.data,
                    'streetbis': form.streetbis.data,
                    'zip': form.zip.data,
                    'city': form.city.data,
                    'country': form.country.data,
                    'subdivision': form.subdivision.data,
                    'email': form.email.data,
                    'phone': form.phone.data,
                    })
            else:
                self.create({
                    'name': form.name.data,
                    'street': form.street.data,
                    'streetbis': form.streetbis.data,
                    'zip': form.zip.data,
                    'city': form.city.data,
                    'country': form.country.data,
                    'subdivision': form.subdivision.data,
                    'party': request.nereid_user.party.id,
                    'email': form.email.data,
                    'phone': form.email.data,
                    })
            return redirect(url_for('party.address.view_address'))
        elif request.method == 'GET' and address:
            # Its an edit of existing address, prefill data
            record = self.browse(address)
            form = AddressForm(
                name=record.name,
                street=record.street,
                streetbis=record.streetbis,
                zip=record.zip,
                city=record.city,
                country=record.country.id,
                subdivision=record.subdivision.id,
                email=record.email,
                phone=record.phone
            )
            form.country.choices = countries
        return render_template('address-edit.jinja', form=form, address=address)
Esempio n. 14
0
    def render_list(cls, page=1):
        """Render all orders
        """
        filter_by = request.args.get('filter_by', None)

        domain = [
            ('party', '=', current_user.party.id),
        ]
        req_date = (date.today() + relativedelta(months=-3))

        if filter_by == 'done':
            domain.append(('state', '=', 'done'))

        elif filter_by == 'canceled':
            domain.append(('state', '=', 'cancel'))

        elif filter_by == 'archived':
            domain.append(('state', 'not in', ('draft', 'quotation')))

            # Add a sale_date domain for recent orders.
            domain.append(('sale_date', '<', req_date))

        else:
            domain.append(
                ('state', 'not in', ('draft', 'quotation', 'cancel')))

            # Add a sale_date domain for recent orders.
            domain.append(('sale_date', '>=', req_date))

        # Handle order duration
        sales = Pagination(cls, domain, page, cls.per_page)

        return render_template('sales.jinja', sales=sales)
Esempio n. 15
0
    def update_comment(self, task_id, comment_id):
        """
        Update a specific comment.
        """
        project_obj = Pool().get('project.work')
        nereid_user_obj = Pool().get('nereid.user')

        # allow modification only if the user is an admin or the author of
        # this ticket
        task = project_obj.browse(task_id)
        comment = self.browse(comment_id)
        assert task.type == "task"
        assert comment.project.id == task.id

        # Allow only admins and author of this comment to edit it
        if nereid_user_obj.is_project_admin(request.nereid_user) or \
                comment.updated_by == request.nereid_user:
            self.write(comment_id, {'comment': request.form['comment']})
        else:
            abort(403)

        if request.is_xhr:
            comment_record = self.browse(comment_id)
            html = render_template('comment.jinja', comment=comment_record)
            return jsonify({
                'success': True,
                'html': html,
                'state': project_obj.browse(task.id).state,
            })
        return redirect(request.referrer)
Esempio n. 16
0
    def render(self, post_id):
        "Render the blog post"
        post = self.browse(post_id)
        if not post:
            abort(404)

        return render_template('blog_post.jinja', post=post)
Esempio n. 17
0
    def quick_search(cls):
        """
        This version of quick_search uses elasticsearch to build
        search results for searches from the website.
        """
        Product = Pool().get('product.product')
        config = Pool().get('elasticsearch.configuration')(1)

        if not config.get_es_connection(timeout=5):
            # NO ES fallback to default search
            return super(Website, cls).quick_search()

        page = request.args.get('page', 1, type=int)
        phrase = request.args.get('q', '')

        search_obj = Product._quick_search_es(phrase)

        products = ElasticPagination(Product.__name__, search_obj, page,
                                     Product.per_page)

        if products:
            logger.info("Search for %s yielded in %d results." %
                        (phrase, products.count))
        else:
            logger.info(
                "Search for %s yielded no results from elasticsearch." %
                phrase)

        return render_template('search-results.jinja',
                               products=products,
                               facets=products.result_set.facets)
Esempio n. 18
0
    def edit_post(self):
        """
            Edit an existing post
        """
        if self.nereid_user != request.nereid_user:
            abort(404)

        # Search for a post with same uri
        post_form = BlogPostForm(request.form, obj=self)

        with Transaction().set_context(blog_id=self.id):
            if request.method == 'POST' and post_form.validate():
                self.title = post_form.title.data
                self.content = post_form.content.data
                self.allow_guest_comments = post_form.allow_guest_comments.data
                self.save()
                flash('Your post has been updated.')
                if request.is_xhr:
                    return jsonify(success=True, item=self.serialize())
                return redirect(
                    url_for('blog.post.render',
                            user_id=self.nereid_user.id,
                            uri=self.uri))
        if request.is_xhr:
            return jsonify(
                success=request.method != 'POST',  # False for POST, else True
                errors=post_form.errors or None,
            )
        return render_template('blog_post_edit.jinja',
                               form=post_form,
                               post=self)
Esempio n. 19
0
 def home_func(self, file_id):
     static_file_obj = Pool().get('nereid.static.file')
     return render_template(
         'home.jinja',
         static_file_obj=static_file_obj,
         static_file_id=file_id,
     )
Esempio n. 20
0
    def render_task(cls, task_id, project_id):
        """
        Renders the task in a project
        """
        task = cls.get_task(task_id)

        comments = sorted(
            task.history + task.work.timesheet_lines + task.attachments + task.repo_commits, key=lambda x: x.create_date
        )

        hours = {}
        for line in task.work.timesheet_lines:
            hours[line.employee] = hours.setdefault(line.employee, 0) + line.hours

        if request.is_xhr:
            response = cls.serialize(task)
            with Transaction().set_context(task=task_id):
                response["comments"] = [comment.serialize("listing") for comment in comments]
            return jsonify(response)

        return render_template(
            "project/task.jinja",
            task=task,
            active_type_name="render_task_list",
            project=task.parent,
            comments=comments,
            timesheet_summary=hours,
        )
    def quick_search(cls):
        """
        This version of quick_search uses elasticsearch to build
        search results for searches from the website.
        """
        Product = Pool().get('product.product')

        page = request.args.get('page', 1, type=int)
        phrase = request.args.get('q', '')

        logger = Pool().get('elasticsearch.configuration').get_logger()

        search_obj = Product._quick_search_es(phrase)

        products = ElasticPagination(
            Product.__name__, search_obj, page, Product.per_page
        )

        if products:
            logger.info(
                "Search for %s yielded in %d results." %
                (phrase, products.count)
            )
        else:
            logger.info(
                "Search for %s yielded no results from elasticsearch." % phrase
            )

        return render_template(
            'search-results.jinja',
            products=products,
            facets=products.result_set.facets
        )
Esempio n. 22
0
    def render(cls, user_id, uri):
        "Render the blog post"
        NereidUser = Pool().get('nereid.user')

        if 're_captcha_public' in CONFIG.options and request.is_guest_user:
            comment_form = GuestCommentForm(
                captcha={'ip_address': request.remote_addr})
        else:
            comment_form = PostCommentForm()

        user = NereidUser(user_id)

        posts = cls.search([
            ('nereid_user', '=', user.id),
            ('uri', '=', uri),
        ])
        if not posts:
            abort(404)

        # if only one post is found then it is rendered and
        # if more than one are found then the first one is rendered
        post = posts[0]

        if not (post.state == 'Published'
                or request.nereid_user == post.nereid_user):
            abort(403)

        if request.is_xhr:
            return jsonify(post.serialize())
        return render_template('blog_post.jinja',
                               post=post,
                               comment_form=comment_form,
                               poster=user)
Esempio n. 23
0
    def render(self, uri, page=1):
        """
        Renders the template
        """
        product_obj = Pool().get('product.product')
        category_ids = self.search([('displayed_on_eshop', '=', True),
                                    ('uri', '=', uri),
                                    ('sites', '=', request.nereid_website.id)])
        if not category_ids:
            return NotFound('Product Category Not Found')

        # if only one product is found then it is rendered and
        # if more than one are found then the first one is rendered
        category = self.browse(category_ids[0])
        child_categories = self.search([('childs', 'child_of', [category.id])])
        print child_categories
        products = Pagination(product_obj, [
            ('displayed_on_eshop', '=', True),
            ('category', 'in', child_categories + [category.id]),
        ],
                              page=page,
                              per_page=self.per_page)
        return render_template(
            'category.jinja',
            category=category,
            products=products,
        )
Esempio n. 24
0
    def test_0020_pickling(self):
        '''
        Test if the lazy rendering object can be pickled and rendered
        with a totally different context (when no application, request
        or transaction bound objects are present).
        '''
        with Transaction().start(DB_NAME, USER, CONTEXT) as txn:
            self.setup_defaults()
            app = self.get_app()

            with app.test_request_context('/'):
                response = render_template('tests/test-changing-context.html',
                                           variable="a")
                self.assertEqual(response, 'a')
                pickled_response = pickle.dumps(response)

            txn.rollback()
            # Drop the cache as the transaction is rollbacked
            Cache.drop(DB_NAME)

        with Transaction().start(DB_NAME, USER, CONTEXT) as txn:
            self.setup_defaults()
            app = self.get_app()

            with app.test_request_context('/'):
                response = pickle.loads(pickled_response)
                self.assertEqual(response, 'a')

            txn.rollback()
            # Drop the cache as the transaction is rollbacked
            Cache.drop(DB_NAME)
Esempio n. 25
0
    def render_task(cls, task_id, project_id):
        """
        Renders the task in a project
        """
        task = cls.get_task(task_id)

        comments = sorted(task.history + task.work.timesheet_lines +
                          task.attachments + task.repo_commits,
                          key=lambda x: x.create_date)

        hours = {}
        for line in task.work.timesheet_lines:
            hours[line.employee] = hours.setdefault(line.employee, 0) + \
                line.hours

        if request.is_xhr:
            response = cls.serialize(task)
            with Transaction().set_context(task=task_id):
                response['comments'] = [
                    comment.serialize('listing') for comment in comments
                ]
            return jsonify(response)

        return render_template('project/task.jinja',
                               task=task,
                               active_type_name='render_task_list',
                               project=task.parent,
                               comments=comments,
                               timesheet_summary=hours)
Esempio n. 26
0
    def render(cls, uri, page=1):
        """
        Renders the template 'category.jinja' with the category and the
        products of the category paginated in the context

        :param uri: URI of the product category
        :param page: Integer value of the page
        """
        ProductTemplate = Pool().get('product.template')

        categories = cls.search([
            ('displayed_on_eshop', '=', True),
            ('uri', '=', uri),
            ('sites', '=', request.nereid_website.id)
        ])
        if not categories:
            return NotFound('Product Category Not Found')

        # if only one category is found then it is rendered and
        # if more than one are found then the first one is rendered
        category = categories[0]
        products = Pagination(ProductTemplate, [
            ('products.displayed_on_eshop', '=', True),
            ('category', '=', category.id),
        ], page=page, per_page=cls.per_page)
        return render_template(
            'category.jinja', category=category, products=products
        )
Esempio n. 27
0
    def registration(self):
        """
        Invokes registration of an user
        """
        registration_form = self.get_registration_form()

        if request.method == "POST" and registration_form.validate():
            existing = self.search(
                [("email", "=", request.form["email"]), ("company", "=", request.nereid_website.company.id)]
            )
            if existing:
                flash(_("A registration already exists with this email. " "Please contact customer care"))
            else:
                user_id = self.create(
                    {
                        "name": registration_form.name.data,
                        "display_name": registration_form.name.data,
                        "email": registration_form.email.data,
                        "password": registration_form.password.data,
                        "company": request.nereid_website.company.id,
                    }
                )
                self.create_act_code(user_id)
                registration.send(user_id)
                user = self.browse(user_id)
                self.send_activation_email(user)
                flash(_("Registration Complete. Check your email for activation"))
                return redirect(request.args.get("next", url_for("nereid.website.home")))

        return render_template("registration.jinja", form=registration_form)
Esempio n. 28
0
 def sales(cls, page=1):
     'All sales'
     Sale = Pool().get('sale.sale')
     sales = Pagination(Sale, [('party', '=', current_user.party.id),
                               ('state', '!=', 'draft')], page,
                        cls.per_page)
     return render_template('sales.jinja', sales=sales)
Esempio n. 29
0
    def new_password(self):
        """Create a new password

        .. tip::

            Unlike change password this does not demand the old password.
            And hence this method will check in the session for a parameter
            called allow_new_password which has to be True. This acts as a
            security against attempts to POST to this method and changing
            password.

            The allow_new_password flag is popped on successful saving

        This is intended to be used when a user requests for a password reset.
        """
        form = NewPasswordForm(request.form)

        if request.method == "POST" and form.validate():
            if not session.get("allow_new_password", False):
                current_app.logger.debug("New password not allowed in session")
                abort(403)

            self.write(request.nereid_user.id, {"password": form.password.data})
            session.pop("allow_new_password")
            flash(_("Your password has been successfully changed! " "Please login again"))
            session.pop("user")
            return redirect(url_for("nereid.website.login"))

        return render_template("new-password.jinja", password_form=form)
Esempio n. 30
0
 def invoices(cls, page=1):
     'List of Invoices'
     Invoice = Pool().get('account.invoice')
     invoices = Pagination(Invoice, [('party', '=', current_user.party.id),
                                     ('state', '!=', 'draft')], page,
                           cls.per_page)
     return render_template('invoices.jinja', invoices=invoices)
Esempio n. 31
0
 def render_wishlist(self):
     """
     Render a template with the items in wishlist
     """
     return render_template(
         'wishlist.jinja', products=request.nereid_user.wishlist
     )
Esempio n. 32
0
    def test_0040_inheritance(self):
        '''Test if templates are read in the order of the tryton
        module dependency graph. To test this we install the test
        module now and then try to load a template which is different
        with the test module.
        '''
        trytond.tests.test_tryton.install_module('nereid_test')

        with Transaction().start(DB_NAME, USER, CONTEXT) as txn:  # noqa
            # Add nereid_test also to list of modules installed so
            # that it is also added to the templates path

            self.setup_defaults()
            app = self.get_app()

            self.assertEqual(len(app.jinja_loader.loaders), 3)

            with app.test_request_context('/'):
                self.assertEqual(
                    render_template('tests/from-module.html'),
                    'from-nereid-test-module'
                )

            txn.rollback()
            Cache.drop(DB_NAME)
Esempio n. 33
0
    def test_0100_product_images(self):
        """
        Test for adding product images
        """
        Product = POOL.get('product.product')
        StaticFolder = POOL.get("nereid.static.folder")
        StaticFile = POOL.get("nereid.static.file")
        Media = POOL.get('product.media')

        self.setup_defaults()
        self.create_test_products()

        folder, = StaticFolder.create([{'name': 'Test'}])
        file_buffer = buffer('test-content')
        file, = StaticFile.create([{
            'name': 'test.png',
            'folder': folder.id,
            'file_binary': file_buffer
        }])

        product, = Product.search([], limit=1)

        Media.create([{
            'product': product.id,
            'template': product.template.id,
            'static_file': file.id,
        }])

        app = self.get_app()
        with app.test_request_context('/'):
            home_template = render_template('home.jinja', product=product)
            self.assertTrue(file.name in home_template)
Esempio n. 34
0
    def new_password(cls):
        """Create a new password

        .. tip::

            Unlike change password this does not demand the old password.
            And hence this method will check in the session for a parameter
            called allow_new_password which has to be True. This acts as a
            security against attempts to POST to this method and changing
            password.

            The allow_new_password flag is popped on successful saving

        This is intended to be used when a user requests for a password reset.
        """
        form = NewPasswordForm(request.form)

        if request.method == 'POST' and form.validate():
            if not session.get('allow_new_password', False):
                current_app.logger.debug('New password not allowed in session')
                abort(403)

            cls.write([request.nereid_user], {'password': form.password.data})
            session.pop('allow_new_password')
            flash(
                _('Your password has been successfully changed! '
                  'Please login again'))
            session.pop('user')
            return redirect(url_for('nereid.website.login'))

        return render_template('new-password.jinja', password_form=form)
Esempio n. 35
0
    def render(cls, uri, page=1):
        """
        Renders the category
        """
        Article = Pool().get('nereid.cms.article')

        # Find in cache or load from DB
        try:
            category, = cls.search([('unique_name', '=', uri)])
        except ValueError:
            abort(404)

        order = []
        if category.sort_order == 'recent_first':
            order.append(('write_date', 'DESC'))
        elif category.sort_order == 'older_first':
            order.append(('write_date', 'ASC'))
        elif category.sort_order == 'sequence':
            order.append(('sequence', 'ASC'))

        articles = Pagination(
            Article, [
                ('categories', '=', category.id),
                ('state', '=', 'published')
            ], page, category.articles_per_page, order=order
        )
        return render_template(
            category.template, category=category, articles=articles)
Esempio n. 36
0
    def test_0100_product_images(self):
        """
        Test for adding product images
        """
        Product = POOL.get('product.product')
        StaticFolder = POOL.get("nereid.static.folder")
        StaticFile = POOL.get("nereid.static.file")
        Media = POOL.get('product.media')

        with Transaction().start(DB_NAME, USER, CONTEXT):
            self.setup_defaults()
            self.create_test_products()

            folder, = StaticFolder.create([{
                'name': 'Test'
            }])
            file_buffer = buffer('test-content')
            file, = StaticFile.create([{
                'name': 'test.png',
                'folder': folder.id,
                'file_binary': file_buffer
            }])

            product, = Product.search([], limit=1)

            Media.create([{
                'product': product.id,
                'template': product.template.id,
                'static_file': file.id,
            }])

            app = self.get_app()
            with app.test_request_context('/'):
                home_template = render_template('home.jinja', product=product)
                self.assertTrue(file.name in home_template)
Esempio n. 37
0
    def change_password(self):
        """
        Changes the password

        .. tip::
            On changing the password, the user is logged out and the login page
            is thrown at the user
        """
        form = ChangePasswordForm(request.form)

        if request.method == "POST" and form.validate():
            user = request.nereid_user

            # Confirm the current password
            password = form.old_password.data
            password += user.salt or ""
            if isinstance(password, unicode):
                password = password.encode("utf-8")
            password_sha = hashlib.sha1(password).hexdigest()

            if password_sha == user.password:
                self.write(request.nereid_user.id, {"password": form.password.data})
                flash(_("Your password has been successfully changed! " "Please login again"))
                session.pop("user")
                return redirect(url_for("nereid.website.login"))
            else:
                flash(_("The current password you entered is invalid"))

        return render_template("change-password.jinja", change_password_form=form)
Esempio n. 38
0
    def render(self, confirmation=None):
        """Render given sale order

        :param sale: ID of the sale Order
        :param confirmation: If any value is provided for this field then this
                             page is considered the confirmation page. This
                             also passes a `True` if such an argument is proved
                             or a `False`
        """
        NereidUser = Pool().get('nereid.user')

        # This Ugly type hack is for a bug in previous versions where some
        # parts of the code passed confirmation as a text
        confirmation = False if confirmation is None else True

        # Try to find if the user can be shown the order
        access_code = request.values.get('access_code', None)

        if current_user.is_anonymous():
            if not access_code:
                # No access code provided, user is not authorized to
                # access order page
                return NereidUser.unauthorized_handler()
            if access_code != self.guest_access_code:
                # Invalid access code
                abort(403)
        else:
            if self.party.id != request.nereid_user.party.id:
                # Order does not belong to the user
                abort(403)

        return render_template(
            'sale.jinja', sale=self, confirmation=confirmation
        )
Esempio n. 39
0
 def render(self, purpose=None):
     """
     Render the line
     """
     return Markup(
         render_template('cart/sale-line.jinja', line=self,
                         purpose=purpose))
Esempio n. 40
0
    def change_password(cls):
        """
        Changes the password

        .. tip::
            On changing the password, the user is logged out and the login page
            is thrown at the user
        """
        form = ChangePasswordForm(request.form)

        if request.method == 'POST' and form.validate():
            if request.nereid_user.match_password(form.old_password.data):
                cls.write(
                    [request.nereid_user],
                    {'password': form.password.data}
                )
                flash(
                    _('Your password has been successfully changed! '
                        'Please login again')
                )
                logout_user()
                return redirect(url_for('nereid.website.login'))
            else:
                flash(_("The current password you entered is invalid"))

        return render_template(
            'change-password.jinja', change_password_form=form
        )
Esempio n. 41
0
    def all_leads(cls, page=1):
        """
        All leads captured
        """
        Country = Pool().get('country.country')

        countries = Country.search([])
        filter_domain = []

        company = request.args.get('company', None)
        if company:
            filter_domain.append(('party.name', 'ilike', '%%%s%%' % company))

        name = request.args.get('name', None)
        if name:
            filter_domain.append(('address.name', 'ilike', '%%%s%%' % name))

        email = request.args.get('email', None)
        if email:
            filter_domain.append(('address.email', 'ilike', '%%%s%%' % email))

        state = request.args.get('state', None)
        if state:
            filter_domain.append(('state', '=', '%s' % state))

        leads = Pagination(cls, filter_domain, page, 10)
        return render_template('crm/leads.jinja',
                               leads=leads,
                               countries=countries)
Esempio n. 42
0
    def change_password(cls):
        """
        Changes the password

        .. tip::
            On changing the password, the user is logged out and the login page
            is thrown at the user
        """
        form = ChangePasswordForm(request.form)

        if request.method == 'POST' and form.validate():
            if request.nereid_user.match_password(form.old_password.data):
                cls.write(
                    [request.nereid_user],
                    {'password': form.password.data}
                )
                flash(
                    _('Your password has been successfully changed! '
                        'Please login again')
                )
                logout_user()
                return redirect(url_for('nereid.website.login'))
            else:
                flash(_("The current password you entered is invalid"))

        return render_template(
            'change-password.jinja', change_password_form=form
        )
Esempio n. 43
0
    def edit_post(self):
        """
            Edit an existing post
        """
        if self.nereid_user != request.nereid_user:
            abort(404)

        # Search for a post with same uri
        post_form = BlogPostForm(request.form, obj=self)

        with Transaction().set_context(blog_id=self.id):
            if request.method == 'POST' and post_form.validate():
                self.title = post_form.title.data
                self.content = post_form.content.data
                self.allow_guest_comments = post_form.allow_guest_comments.data
                self.save()
                flash('Your post has been updated.')
                if request.is_xhr:
                    return jsonify(success=True, item=self.serialize())
                return redirect(url_for(
                    'blog.post.render', user_id=self.nereid_user.id,
                    uri=self.uri
                ))
        if request.is_xhr:
            return jsonify(
                success=request.method != 'POST',  # False for POST, else True
                errors=post_form.errors or None,
            )
        return render_template(
            'blog_post_edit.jinja', form=post_form, post=self
        )
Esempio n. 44
0
    def render(cls, user_id, uri):
        "Render the blog post"
        NereidUser = Pool().get('nereid.user')

        if 're_captcha_public' in CONFIG.options and request.is_guest_user:
            comment_form = GuestCommentForm(
                captcha={'ip_address': request.remote_addr}
            )
        else:
            comment_form = PostCommentForm()

        user = NereidUser(user_id)

        posts = cls.search([
            ('nereid_user', '=', user.id),
            ('uri', '=', uri),
        ])
        if not posts:
            abort(404)

        # if only one post is found then it is rendered and
        # if more than one are found then the first one is rendered
        post = posts[0]

        if not (post.state == 'Published' or
                request.nereid_user == post.nereid_user):
            abort(403)

        if request.is_xhr:
            return jsonify(post.serialize())
        return render_template(
            'blog_post.jinja', post=post, comment_form=comment_form,
            poster=user
        )
Esempio n. 45
0
    def render(self, slug=None, page=1):
        """
        Renders a page of products in the tree and all of its branches

        :param slug: slug of the browse node to be shown
        :param page: page of the products to be displayed
        """
        Product = Pool().get('product.product')

        try:
            self.slug
        except UserError:
            abort(404)

        if self.type_ != 'catalog':
            # Display only catalog nodes
            abort(403)

        products = Pagination(Product, [
            ('displayed_on_eshop', '=', True),
            ('nodes.left', '>=', self.left),
            ('nodes.right', '<=', self.right),
            ('template.active', '=', True),
        ], page=page, per_page=self.products_per_page)

        return render_template(
            'catalog/node.html', products=products, node=self
        )
Esempio n. 46
0
    def new_post(cls):
        """Create a new post
        """
        post_form = BlogPostForm(request.form)

        if request.method == 'POST' and post_form.validate():
            post, = cls.create([{
                'title': post_form.title.data,
                'uri': post_form.uri.data,
                'content': post_form.content.data,
                'nereid_user': request.nereid_user.id,
                'allow_guest_comments': post_form.allow_guest_comments.data,
            }])
            if post_form.publish.data:
                cls.publish([post])
                flash('Your post has been published.')
            else:
                flash('Your post has been saved.')

            if request.is_xhr:
                return jsonify(success=True, item=post.serialize())
            return redirect(url_for(
                'blog.post.render', user_id=post.nereid_user.id,
                uri=post.uri
            ))
        if request.is_xhr:
            return jsonify(
                success=request.method != 'POST',  # False for POST, else True
                errors=post_form.errors or None,
            )
        return render_template('blog_post_form.jinja', form=post_form)
Esempio n. 47
0
    def static_file_test(cls):
        static_file_obj = Pool().get('nereid.static.file')

        static_file, = static_file_obj.search([])
        return render_template('home.jinja',
                               static_file_obj=static_file_obj,
                               static_file_id=static_file.id)
Esempio n. 48
0
    def test_0020_pickling(self):
        '''
        Test if the lazy rendering object can be pickled and rendered
        with a totally different context (when no application, request
        or transaction bound objects are present).
        '''
        with Transaction().start(DB_NAME, USER, CONTEXT):
            self.setup_defaults()
            app = self.get_app()

            with app.test_request_context('/'):
                response = render_template(
                    'tests/test-changing-context.html',
                    variable="a"
                )
                self.assertEqual(response, 'a')
                pickled_response = pickle.dumps(response)

        with Transaction().start(DB_NAME, USER, CONTEXT):
            self.setup_defaults()
            app = self.get_app()

            with app.test_request_context('/'):
                response = pickle.loads(pickled_response)
                self.assertEqual(response, 'a')
Esempio n. 49
0
    def new_password(self, sign, max_age=24 * 60 * 60):
        """Create a new password

        This is intended to be used when a user requests for a password reset.
        The link sent out to reset the password will be a timestamped sign
        which is validated for max_age before allowing the user to set the
        new password.
        """
        form = NewPasswordForm(request.form)

        if request.method == 'POST' and form.validate():
            try:
                unsigned = self._serializer.loads(
                    self._signer.unsign(sign, max_age=max_age),
                    salt='reset-password'
                )
            except SignatureExpired:
                flash(_("The password reset link has expired"))
            except BadSignature:
                flash(_('Invalid reset password code'))
            else:
                if not self.id == unsigned:
                    current_app.logger.debug('Invalid reset password code')
                    abort(403)

                self.write([self], {'password': form.password.data})
                flash(_(
                    'Your password has been successfully changed! '
                    'Please login again'))
            return redirect(url_for('nereid.website.login'))

        return render_template(
            'new-password.jinja', password_form=form, sign=sign, user=self
        )
Esempio n. 50
0
    def revenue_opportunity(self):
        """
        Set the Conversion Probability and estimated revenue amount
        """
        NereidUser = Pool().get('nereid.user')

        nereid_user = NereidUser.search([('employee', '=', self.employee.id)],
                                        limit=1)
        if nereid_user:
            employee = nereid_user[0]
        else:
            employee = None

        if request.method == 'POST':
            self.write(
                [self], {
                    'probability': request.form['probability'],
                    'amount': Decimal(request.form.get('amount'))
                })
            flash('Lead has been updated.')
            return redirect(
                url_for('sale.opportunity.admin_lead', active_id=self.id) +
                "#tab-revenue")
        return render_template(
            'crm/admin-lead.jinja',
            lead=self,
            employee=employee,
        )
Esempio n. 51
0
    def render(cls, uri, page=1):
        """
        Renders the category
        """
        Article = Pool().get('nereid.cms.article')

        # Find in cache or load from DB
        try:
            category, = cls.search([('unique_name', '=', uri)])
        except ValueError:
            abort(404)

        order = []
        if category.sort_order == 'recent_first':
            order.append(('write_date', 'DESC'))
        elif category.sort_order == 'older_first':
            order.append(('write_date', 'ASC'))
        elif category.sort_order == 'sequence':
            order.append(('sequence', 'ASC'))

        articles = Pagination(
            Article, [
                ('categories', '=', category.id),
                ('state', '=', 'published')
            ], page, category.articles_per_page, order=order
        )
        return render_template(
            category.template, category=category, articles=articles)
Esempio n. 52
0
    def edit_address(cls, address=None):
        """
        Create/Edit an Address

        POST will create a new address or update and existing address depending
        on the value of address.
        GET will return a new address/existing address edit form

        :param address: ID of the address
        """
        form = AddressForm(request.form, name=request.nereid_user.name)
        countries = [(c.id, c.name) for c in request.nereid_website.countries]
        form.country.choices = countries
        if address not in (a.id for a in request.nereid_user.party.addresses):
            address = None
        if request.method == 'POST' and form.validate():
            if address is not None:
                cls.write(
                    [cls(address)], {
                        'name': form.name.data,
                        'street': form.street.data,
                        'streetbis': form.streetbis.data,
                        'zip': form.zip.data,
                        'city': form.city.data,
                        'country': form.country.data,
                        'subdivision': form.subdivision.data,
                        'email': form.email.data,
                        'phone': form.phone.data,
                    })
            else:
                cls.create({
                    'name': form.name.data,
                    'street': form.street.data,
                    'streetbis': form.streetbis.data,
                    'zip': form.zip.data,
                    'city': form.city.data,
                    'country': form.country.data,
                    'subdivision': form.subdivision.data,
                    'party': request.nereid_user.party.id,
                    'email': form.email.data,
                    'phone': form.email.data,
                })
            return redirect(url_for('party.address.view_address'))
        elif request.method == 'GET' and address:
            # Its an edit of existing address, prefill data
            record = cls(address)
            form = AddressForm(name=record.name,
                               street=record.street,
                               streetbis=record.streetbis,
                               zip=record.zip,
                               city=record.city,
                               country=record.country.id,
                               subdivision=record.subdivision.id,
                               email=record.email,
                               phone=record.phone)
            form.country.choices = countries
        return render_template('address-edit.jinja',
                               form=form,
                               address=address)
Esempio n. 53
0
 def shipments(cls, page=1):
     'List of Shipments'
     Shipment = Pool().get('stock.shipment.out')
     shipments = Pagination(Shipment, [
         ('customer', '=', current_user.party.id),
         ('state', '!=', 'draft'),
     ], page, cls.per_page)
     return render_template('shipments.jinja', shipments=shipments)
Esempio n. 54
0
 def chat_template(cls):
     '''
     The rendered templates are used by the javascript code to fetch chat
     views. You can modify this template to change the look and feel of your
     chat app.
     '''
     return Response(unicode(render_template('chat/chat_base.jinja')),
                     mimetype='text/template')
Esempio n. 55
0
    def edit_address(cls, address=None):
        """
        Edit an Address

        POST will update an existing address.
        GET will return a existing address edit form.

        .. version_changed:: 3.0.3.0

            For creating new address use the create_address handled instead of
            this one. The functionality would be deprecated in 3.2.X

        :param address: ID of the address
        """
        if address is None:
            warnings.warn(
                "Address creation will be deprecated from edit_address handler."
                " Use party.address.create_address instead",
                DeprecationWarning
            )
            return cls.create_address()

        form = cls.get_address_form()

        if address not in (a.id for a in request.nereid_user.party.addresses):
            # Check if the address is in the list of addresses of the
            # current user's party
            abort(403)

        address = cls(address)

        if request.method == 'POST' and form.validate():
            party = request.nereid_user.party
            cls.write([address], {
                'name': form.name.data,
                'street': form.street.data,
                'streetbis': form.streetbis.data,
                'zip': form.zip.data,
                'city': form.city.data,
                'country': form.country.data,
                'subdivision': form.subdivision.data,
            })
            if form.email.data:
                party.add_contact_mechanism_if_not_exists(
                    'email', form.email.data
                )
            if form.phone.data:
                party.add_contact_mechanism_if_not_exists(
                    'phone', form.phone.data
                )
            return redirect(url_for('party.address.view_address'))

        elif request.method == 'GET' and address:
            # Its an edit of existing address, prefill data
            form = cls.get_address_form(address)

        return render_template('address-edit.jinja', form=form, address=address)
Esempio n. 56
0
    def registration(cls):
        """
        Invokes registration of an user
        """
        Party = Pool().get('party.party')
        ContactMechanism = Pool().get('party.contact_mechanism')

        registration_form = cls.get_registration_form()

        if registration_form.validate_on_submit():
            with Transaction().set_context(active_test=False):
                existing = cls.search([
                    ('email', '=', registration_form.email.data.lower()),
                    ('company', '=', current_website.company.id),
                ])
            if existing:
                message = _('A registration already exists with this email. '
                            'Please contact customer care')
                if request.is_xhr or request.is_json:
                    return jsonify(message=unicode(message)), 400
                else:
                    flash(message)
            else:
                party = Party(name=registration_form.name.data)
                party.addresses = []
                party.contact_mechanisms = [
                    ContactMechanism(type="email",
                                     value=registration_form.email.data)
                ]
                party.save()
                nereid_user = cls(
                    **{
                        'party': party.id,
                        'display_name': registration_form.name.data,
                        'email': registration_form.email.data,
                        'password': registration_form.password.data,
                        'company': current_website.company.id,
                    })
                nereid_user.save()
                registration.send(nereid_user)
                nereid_user.send_activation_email()
                message = _(
                    'Registration Complete. Check your email for activation')
                if request.is_xhr or request.is_json:
                    return jsonify(message=unicode(message)), 201
                else:
                    flash(message)
                return redirect(
                    request.args.get('next', url_for('nereid.website.home')))

        if registration_form.errors and (request.is_xhr or request.is_json):
            return jsonify({
                'message': unicode(_('Form has errors')),
                'errors': registration_form.errors,
            }), 400

        return render_template('registration.jinja', form=registration_form)
Esempio n. 57
0
    def view_cart_esi(cls):
        """Returns a view of the shopping cart

        Similar to :meth:view_cart but for ESI
        """
        cart = cls.open_cart()
        response = render_template('shopping-cart-esi.jinja', cart=cart)
        response.headers['Cache-Control'] = 'max-age=0'
        return response