def reset_account(cls):
"""
Reset the password for the user.
.. tip::
This does NOT reset the password, but just creates an activation
code and sends the link to the email of the user. If the user uses
the link, he can change his password.
"""
form = ResetAccountForm()
if form.validate_on_submit():
try:
nereid_user, = cls.search([
('email', '=', form.email.data),
('company', '=', current_website.company.id),
])
except ValueError:
return cls.build_response(
'Invalid email address',
render_template('reset-password.jinja'),
400
)
nereid_user.send_reset_email()
return cls.build_response(
'An email has been sent to your account for resetting'
' your credentials',
redirect(url_for('nereid.website.login')), 200
)
elif form.errors:
if request.is_xhr or request.is_json:
return jsonify(error=form.errors), 400
flash(_('Invalid email address.'))
return render_template('reset-password.jinja')
def change_password(cls):
"""
Changes the password
.. tip::
On changing the password, the user is logged out and the login page
is thrown at the user
"""
form = ChangePasswordForm()
if request.method == "POST" and form.validate():
if current_user.match_password(form.old_password.data):
cls.write([current_user], {"password": form.password.data})
logout_user()
return cls.build_response(
"Your password has been successfully changed! " "Please login again",
redirect(url_for("nereid.website.login")),
200,
)
else:
return cls.build_response(
"The current password you entered is invalid",
render_template("change-password.jinja", change_password_form=form),
400,
)
if form.errors and (request.is_xhr or request.is_json):
return jsonify(errors=form.errors), 400
return render_template("change-password.jinja", change_password_form=form)
def reset_account(cls):
"""
Reset the password for the user.
.. tip::
This does NOT reset the password, but just creates an activation
code and sends the link to the email of the user. If the user uses
the link, he can change his password.
"""
if request.method == 'POST':
user_ids = cls.search([
('email', '=', request.form['email']),
('company', '=', request.nereid_website.company.id),
])
if not user_ids:
flash(_('Invalid email address'))
return render_template('reset-password.jinja')
nereid_user, = user_ids
nereid_user.create_act_code("reset")
nereid_user.send_reset_email()
flash(
_('An email has been sent to your account for resetting'
' your credentials'))
return redirect(url_for('nereid.website.login'))
return render_template('reset-password.jinja')
def change_password(cls):
"""
Changes the password
.. tip::
On changing the password, the user is logged out and the login page
is thrown at the user
"""
form = ChangePasswordForm()
if request.method == 'POST' and form.validate():
if current_user.match_password(form.old_password.data):
cls.write([current_user], {'password': form.password.data})
logout_user()
return cls.build_response(
'Your password has been successfully changed! '
'Please login again',
redirect(url_for('nereid.website.login')), 200)
else:
return cls.build_response(
'The current password you entered is invalid',
render_template('change-password.jinja',
change_password_form=form), 400)
if form.errors and (request.is_xhr or request.is_json):
return jsonify(errors=form.errors), 400
return render_template('change-password.jinja',
change_password_form=form)
def test_0010_change_context(self):
'''
Render template from local searchpath
'''
with Transaction().start(DB_NAME, USER, CONTEXT):
self.setup_defaults()
app = self.get_app()
with app.test_request_context('/'):
self.assertEqual(
render_template(
'tests/test-changing-context.html',
variable="a"
), 'a'
)
lazy_template = render_template(
'tests/test-changing-context.html',
variable="a"
)
self.assertTrue(
isinstance(lazy_template, LazyRenderer)
)
# Now change the value of the variable in the context and
# see if the template renders with the new value
lazy_template.context['variable'] = "b"
self.assertEqual(lazy_template, "b")
# Make a unicode of the same template
unicode_of_response = unicode(lazy_template)
self.assertEqual(unicode_of_response, "b")
self.assertTrue(
isinstance(unicode_of_response, unicode)
)
def reset_account(cls):
"""
Reset the password for the user.
.. tip::
This does NOT reset the password, but just creates an activation
code and sends the link to the email of the user. If the user uses
the link, he can change his password.
"""
form = ResetAccountForm()
if form.validate_on_submit():
try:
nereid_user, = cls.search([
('email', '=', form.email.data),
('company', '=', request.nereid_website.company.id),
])
except ValueError:
return cls.build_response(
'Invalid email address',
render_template('reset-password.jinja'),
400
)
nereid_user.send_reset_email()
return cls.build_response(
'An email has been sent to your account for resetting'
' your credentials',
redirect(url_for('nereid.website.login')), 200
)
elif form.errors:
if request.is_xhr or request.is_json:
return jsonify(error=form.errors), 400
flash(_('Invalid email address.'))
return render_template('reset-password.jinja')
def reset_account(self):
"""
Reset the password for the user.
.. tip::
This does NOT reset the password, but just creates an activation
code and sends the link to the email of the user. If the user uses
the link, he can change his password.
"""
if request.method == "POST":
user_ids = self.search(
[("email", "=", request.form["email"]), ("company", "=", request.nereid_website.company.id)]
)
if not user_ids:
flash(_("Invalid email address"))
return render_template("reset-password.jinja")
self.create_act_code(user_ids[0], "reset")
user = self.browse(user_ids[0])
self.send_reset_email(user)
flash(_("An email has been sent to your account for resetting" " your credentials"))
return redirect(url_for("nereid.website.login"))
return render_template("reset-password.jinja")
def test_0010_change_context(self):
'''
Render template from local searchpath
'''
with Transaction().start(DB_NAME, USER, CONTEXT):
self.setup_defaults()
app = self.get_app()
with app.test_request_context('/'):
self.assertEqual(
render_template('tests/test-changing-context.html',
variable="a"), 'a')
lazy_template = render_template(
'tests/test-changing-context.html', variable="a")
self.assertTrue(isinstance(lazy_template, LazyRenderer))
# Now change the value of the variable in the context and
# see if the template renders with the new value
lazy_template.context['variable'] = "b"
self.assertEqual(lazy_template, "b")
# Make a unicode of the same template
unicode_of_response = unicode(lazy_template)
self.assertEqual(unicode_of_response, "b")
self.assertTrue(isinstance(unicode_of_response, unicode))
def reset_account(cls):
"""
Reset the password for the user.
.. tip::
This does NOT reset the password, but just creates an activation
code and sends the link to the email of the user. If the user uses
the link, he can change his password.
"""
if request.method == 'POST':
user_ids = cls.search(
[
('email', '=', request.form['email']),
('company', '=', request.nereid_website.company.id),
]
)
if not user_ids or not request.form['email']:
flash(_('Invalid email address'))
return render_template('reset-password.jinja')
nereid_user, = user_ids
nereid_user.send_reset_email()
flash(_('An email has been sent to your account for resetting'
' your credentials'))
return redirect(url_for('nereid.website.login'))
return render_template('reset-password.jinja')
def create_address(cls):
"""
Create an address for the current nereid_user
GET
~~~
Return an address creation form
POST
~~~~
Creates an address and redirects to the address view. If a next_url
is provided, redirects there.
.. version_added: 3.0.3.0
"""
form = cls.get_address_form()
if request.method == 'POST' and form.validate():
party = request.nereid_user.party
address, = cls.create([{
'name': form.name.data,
'street': form.street.data,
'streetbis': form.streetbis.data,
'zip': form.zip.data,
'city': form.city.data,
'country': form.country.data,
'subdivision': form.subdivision.data,
'party': party.id,
}])
if form.email.data:
party.add_contact_mechanism_if_not_exists(
'email', form.email.data
)
if form.phone.data:
party.add_contact_mechanism_if_not_exists(
'phone', form.phone.data
)
return redirect(url_for('party.address.view_address'))
try:
return render_template('address-add.jinja', form=form)
except TemplateNotFound:
# The address-add template was introduced in 3.0.3.0
# so just raise a deprecation warning till 3.2.X and then
# expect the use of address-add template
warnings.warn(
"address-add.jinja template not found. "
"Will be required in future versions",
DeprecationWarning
)
return render_template('address-edit.jinja', form=form)
def registration(self):
"""
Invokes registration of an user
"""
registration_form = self.get_registration_form()
if request.method == 'POST' and registration_form.validate():
existing = self.search([
('email', '=', request.form['email']),
('company', '=', request.nereid_website.company.id),
])
if existing:
flash(_('A registration already exists with this email. '
'Please contact customer care')
)
else:
user_id = self.create({
'name': registration_form.name.data,
'display_name': registration_form.name.data,
'email': registration_form.email.data,
'password': registration_form.password.data,
'company': request.nereid_website.company.id,
})
self.create_act_code(user_id)
registration.send(user_id)
user = self.browse(user_id)
self.send_activation_email(user)
flash(
_('Registration Complete. Check your email for activation')
)
return redirect(
request.args.get('next', url_for('nereid.website.home'))
)
return render_template('registration.jinja', form=registration_form)
def new_password(cls):
"""Create a new password
.. tip::
Unlike change password this does not demand the old password.
And hence this method will check in the session for a parameter
called allow_new_password which has to be True. This acts as a
security against attempts to POST to this method and changing
password.
The allow_new_password flag is popped on successful saving
This is intended to be used when a user requests for a password reset.
"""
form = NewPasswordForm(request.form)
if request.method == 'POST' and form.validate():
if not session.get('allow_new_password', False):
current_app.logger.debug('New password not allowed in session')
abort(403)
cls.write(
[request.nereid_user],
{'password': form.password.data}
)
session.pop('allow_new_password')
flash(_(
'Your password has been successfully changed! '
'Please login again'))
session.pop('user')
return redirect(url_for('nereid.website.login'))
return render_template('new-password.jinja', password_form=form)
def edit_address(self, address=None):
"""
Create/Edit an Address
POST will create a new address or update and existing address depending
on the value of address.
GET will return a new address/existing address edit form
:param address: ID of the address
"""
form = AddressForm(request.form, name=request.nereid_user.name)
countries = [
(c.id, c.name) for c in request.nereid_website.countries
]
form.country.choices = countries
if address not in (a.id for a in request.nereid_user.party.addresses):
address = None
if request.method == 'POST' and form.validate():
if address is not None:
self.write(address, {
'name': form.name.data,
'street': form.street.data,
'streetbis': form.streetbis.data,
'zip': form.zip.data,
'city': form.city.data,
'country': form.country.data,
'subdivision': form.subdivision.data,
'email': form.email.data,
'phone': form.phone.data,
})
else:
self.create({
'name': form.name.data,
'street': form.street.data,
'streetbis': form.streetbis.data,
'zip': form.zip.data,
'city': form.city.data,
'country': form.country.data,
'subdivision': form.subdivision.data,
'party': request.nereid_user.party.id,
'email': form.email.data,
'phone': form.email.data,
})
return redirect(url_for('party.address.view_address'))
elif request.method == 'GET' and address:
# Its an edit of existing address, prefill data
record = self.browse(address)
form = AddressForm(
name=record.name,
street=record.street,
streetbis=record.streetbis,
zip=record.zip,
city=record.city,
country=record.country.id,
subdivision=record.subdivision.id,
email=record.email,
phone=record.phone
)
form.country.choices = countries
return render_template('address-edit.jinja', form=form, address=address)
def render_list(cls, page=1):
"""Render all orders
"""
filter_by = request.args.get('filter_by', None)
domain = [
('party', '=', current_user.party.id),
]
req_date = (date.today() + relativedelta(months=-3))
if filter_by == 'done':
domain.append(('state', '=', 'done'))
elif filter_by == 'canceled':
domain.append(('state', '=', 'cancel'))
elif filter_by == 'archived':
domain.append(('state', 'not in', ('draft', 'quotation')))
# Add a sale_date domain for recent orders.
domain.append(('sale_date', '<', req_date))
else:
domain.append(
('state', 'not in', ('draft', 'quotation', 'cancel')))
# Add a sale_date domain for recent orders.
domain.append(('sale_date', '>=', req_date))
# Handle order duration
sales = Pagination(cls, domain, page, cls.per_page)
return render_template('sales.jinja', sales=sales)
def update_comment(self, task_id, comment_id):
"""
Update a specific comment.
"""
project_obj = Pool().get('project.work')
nereid_user_obj = Pool().get('nereid.user')
# allow modification only if the user is an admin or the author of
# this ticket
task = project_obj.browse(task_id)
comment = self.browse(comment_id)
assert task.type == "task"
assert comment.project.id == task.id
# Allow only admins and author of this comment to edit it
if nereid_user_obj.is_project_admin(request.nereid_user) or \
comment.updated_by == request.nereid_user:
self.write(comment_id, {'comment': request.form['comment']})
else:
abort(403)
if request.is_xhr:
comment_record = self.browse(comment_id)
html = render_template('comment.jinja', comment=comment_record)
return jsonify({
'success': True,
'html': html,
'state': project_obj.browse(task.id).state,
})
return redirect(request.referrer)
def render(self, post_id):
"Render the blog post"
post = self.browse(post_id)
if not post:
abort(404)
return render_template('blog_post.jinja', post=post)
def quick_search(cls):
"""
This version of quick_search uses elasticsearch to build
search results for searches from the website.
"""
Product = Pool().get('product.product')
config = Pool().get('elasticsearch.configuration')(1)
if not config.get_es_connection(timeout=5):
# NO ES fallback to default search
return super(Website, cls).quick_search()
page = request.args.get('page', 1, type=int)
phrase = request.args.get('q', '')
search_obj = Product._quick_search_es(phrase)
products = ElasticPagination(Product.__name__, search_obj, page,
Product.per_page)
if products:
logger.info("Search for %s yielded in %d results." %
(phrase, products.count))
else:
logger.info(
"Search for %s yielded no results from elasticsearch." %
phrase)
return render_template('search-results.jinja',
products=products,
facets=products.result_set.facets)
def edit_post(self):
"""
Edit an existing post
"""
if self.nereid_user != request.nereid_user:
abort(404)
# Search for a post with same uri
post_form = BlogPostForm(request.form, obj=self)
with Transaction().set_context(blog_id=self.id):
if request.method == 'POST' and post_form.validate():
self.title = post_form.title.data
self.content = post_form.content.data
self.allow_guest_comments = post_form.allow_guest_comments.data
self.save()
flash('Your post has been updated.')
if request.is_xhr:
return jsonify(success=True, item=self.serialize())
return redirect(
url_for('blog.post.render',
user_id=self.nereid_user.id,
uri=self.uri))
if request.is_xhr:
return jsonify(
success=request.method != 'POST', # False for POST, else True
errors=post_form.errors or None,
)
return render_template('blog_post_edit.jinja',
form=post_form,
post=self)
def home_func(self, file_id):
static_file_obj = Pool().get('nereid.static.file')
return render_template(
'home.jinja',
static_file_obj=static_file_obj,
static_file_id=file_id,
)
def render_task(cls, task_id, project_id):
"""
Renders the task in a project
"""
task = cls.get_task(task_id)
comments = sorted(
task.history + task.work.timesheet_lines + task.attachments + task.repo_commits, key=lambda x: x.create_date
)
hours = {}
for line in task.work.timesheet_lines:
hours[line.employee] = hours.setdefault(line.employee, 0) + line.hours
if request.is_xhr:
response = cls.serialize(task)
with Transaction().set_context(task=task_id):
response["comments"] = [comment.serialize("listing") for comment in comments]
return jsonify(response)
return render_template(
"project/task.jinja",
task=task,
active_type_name="render_task_list",
project=task.parent,
comments=comments,
timesheet_summary=hours,
)
def quick_search(cls):
"""
This version of quick_search uses elasticsearch to build
search results for searches from the website.
"""
Product = Pool().get('product.product')
page = request.args.get('page', 1, type=int)
phrase = request.args.get('q', '')
logger = Pool().get('elasticsearch.configuration').get_logger()
search_obj = Product._quick_search_es(phrase)
products = ElasticPagination(
Product.__name__, search_obj, page, Product.per_page
)
if products:
logger.info(
"Search for %s yielded in %d results." %
(phrase, products.count)
)
else:
logger.info(
"Search for %s yielded no results from elasticsearch." % phrase
)
return render_template(
'search-results.jinja',
products=products,
facets=products.result_set.facets
)
def render(cls, user_id, uri):
"Render the blog post"
NereidUser = Pool().get('nereid.user')
if 're_captcha_public' in CONFIG.options and request.is_guest_user:
comment_form = GuestCommentForm(
captcha={'ip_address': request.remote_addr})
else:
comment_form = PostCommentForm()
user = NereidUser(user_id)
posts = cls.search([
('nereid_user', '=', user.id),
('uri', '=', uri),
])
if not posts:
abort(404)
# if only one post is found then it is rendered and
# if more than one are found then the first one is rendered
post = posts[0]
if not (post.state == 'Published'
or request.nereid_user == post.nereid_user):
abort(403)
if request.is_xhr:
return jsonify(post.serialize())
return render_template('blog_post.jinja',
post=post,
comment_form=comment_form,
poster=user)
def render(self, uri, page=1):
"""
Renders the template
"""
product_obj = Pool().get('product.product')
category_ids = self.search([('displayed_on_eshop', '=', True),
('uri', '=', uri),
('sites', '=', request.nereid_website.id)])
if not category_ids:
return NotFound('Product Category Not Found')
# if only one product is found then it is rendered and
# if more than one are found then the first one is rendered
category = self.browse(category_ids[0])
child_categories = self.search([('childs', 'child_of', [category.id])])
print child_categories
products = Pagination(product_obj, [
('displayed_on_eshop', '=', True),
('category', 'in', child_categories + [category.id]),
],
page=page,
per_page=self.per_page)
return render_template(
'category.jinja',
category=category,
products=products,
)
def test_0020_pickling(self):
'''
Test if the lazy rendering object can be pickled and rendered
with a totally different context (when no application, request
or transaction bound objects are present).
'''
with Transaction().start(DB_NAME, USER, CONTEXT) as txn:
self.setup_defaults()
app = self.get_app()
with app.test_request_context('/'):
response = render_template('tests/test-changing-context.html',
variable="a")
self.assertEqual(response, 'a')
pickled_response = pickle.dumps(response)
txn.rollback()
# Drop the cache as the transaction is rollbacked
Cache.drop(DB_NAME)
with Transaction().start(DB_NAME, USER, CONTEXT) as txn:
self.setup_defaults()
app = self.get_app()
with app.test_request_context('/'):
response = pickle.loads(pickled_response)
self.assertEqual(response, 'a')
txn.rollback()
# Drop the cache as the transaction is rollbacked
Cache.drop(DB_NAME)
def render_task(cls, task_id, project_id):
"""
Renders the task in a project
"""
task = cls.get_task(task_id)
comments = sorted(task.history + task.work.timesheet_lines +
task.attachments + task.repo_commits,
key=lambda x: x.create_date)
hours = {}
for line in task.work.timesheet_lines:
hours[line.employee] = hours.setdefault(line.employee, 0) + \
line.hours
if request.is_xhr:
response = cls.serialize(task)
with Transaction().set_context(task=task_id):
response['comments'] = [
comment.serialize('listing') for comment in comments
]
return jsonify(response)
return render_template('project/task.jinja',
task=task,
active_type_name='render_task_list',
project=task.parent,
comments=comments,
timesheet_summary=hours)
def render(cls, uri, page=1):
"""
Renders the template 'category.jinja' with the category and the
products of the category paginated in the context
:param uri: URI of the product category
:param page: Integer value of the page
"""
ProductTemplate = Pool().get('product.template')
categories = cls.search([
('displayed_on_eshop', '=', True),
('uri', '=', uri),
('sites', '=', request.nereid_website.id)
])
if not categories:
return NotFound('Product Category Not Found')
# if only one category is found then it is rendered and
# if more than one are found then the first one is rendered
category = categories[0]
products = Pagination(ProductTemplate, [
('products.displayed_on_eshop', '=', True),
('category', '=', category.id),
], page=page, per_page=cls.per_page)
return render_template(
'category.jinja', category=category, products=products
)
def registration(self):
"""
Invokes registration of an user
"""
registration_form = self.get_registration_form()
if request.method == "POST" and registration_form.validate():
existing = self.search(
[("email", "=", request.form["email"]), ("company", "=", request.nereid_website.company.id)]
)
if existing:
flash(_("A registration already exists with this email. " "Please contact customer care"))
else:
user_id = self.create(
{
"name": registration_form.name.data,
"display_name": registration_form.name.data,
"email": registration_form.email.data,
"password": registration_form.password.data,
"company": request.nereid_website.company.id,
}
)
self.create_act_code(user_id)
registration.send(user_id)
user = self.browse(user_id)
self.send_activation_email(user)
flash(_("Registration Complete. Check your email for activation"))
return redirect(request.args.get("next", url_for("nereid.website.home")))
return render_template("registration.jinja", form=registration_form)
def sales(cls, page=1):
'All sales'
Sale = Pool().get('sale.sale')
sales = Pagination(Sale, [('party', '=', current_user.party.id),
('state', '!=', 'draft')], page,
cls.per_page)
return render_template('sales.jinja', sales=sales)
def new_password(self):
"""Create a new password
.. tip::
Unlike change password this does not demand the old password.
And hence this method will check in the session for a parameter
called allow_new_password which has to be True. This acts as a
security against attempts to POST to this method and changing
password.
The allow_new_password flag is popped on successful saving
This is intended to be used when a user requests for a password reset.
"""
form = NewPasswordForm(request.form)
if request.method == "POST" and form.validate():
if not session.get("allow_new_password", False):
current_app.logger.debug("New password not allowed in session")
abort(403)
self.write(request.nereid_user.id, {"password": form.password.data})
session.pop("allow_new_password")
flash(_("Your password has been successfully changed! " "Please login again"))
session.pop("user")
return redirect(url_for("nereid.website.login"))
return render_template("new-password.jinja", password_form=form)
def invoices(cls, page=1):
'List of Invoices'
Invoice = Pool().get('account.invoice')
invoices = Pagination(Invoice, [('party', '=', current_user.party.id),
('state', '!=', 'draft')], page,
cls.per_page)
return render_template('invoices.jinja', invoices=invoices)
def render_wishlist(self):
"""
Render a template with the items in wishlist
"""
return render_template(
'wishlist.jinja', products=request.nereid_user.wishlist
)
def test_0040_inheritance(self):
'''Test if templates are read in the order of the tryton
module dependency graph. To test this we install the test
module now and then try to load a template which is different
with the test module.
'''
trytond.tests.test_tryton.install_module('nereid_test')
with Transaction().start(DB_NAME, USER, CONTEXT) as txn: # noqa
# Add nereid_test also to list of modules installed so
# that it is also added to the templates path
self.setup_defaults()
app = self.get_app()
self.assertEqual(len(app.jinja_loader.loaders), 3)
with app.test_request_context('/'):
self.assertEqual(
render_template('tests/from-module.html'),
'from-nereid-test-module'
)
txn.rollback()
Cache.drop(DB_NAME)
def test_0100_product_images(self):
"""
Test for adding product images
"""
Product = POOL.get('product.product')
StaticFolder = POOL.get("nereid.static.folder")
StaticFile = POOL.get("nereid.static.file")
Media = POOL.get('product.media')
self.setup_defaults()
self.create_test_products()
folder, = StaticFolder.create([{'name': 'Test'}])
file_buffer = buffer('test-content')
file, = StaticFile.create([{
'name': 'test.png',
'folder': folder.id,
'file_binary': file_buffer
}])
product, = Product.search([], limit=1)
Media.create([{
'product': product.id,
'template': product.template.id,
'static_file': file.id,
}])
app = self.get_app()
with app.test_request_context('/'):
home_template = render_template('home.jinja', product=product)
self.assertTrue(file.name in home_template)
def new_password(cls):
"""Create a new password
.. tip::
Unlike change password this does not demand the old password.
And hence this method will check in the session for a parameter
called allow_new_password which has to be True. This acts as a
security against attempts to POST to this method and changing
password.
The allow_new_password flag is popped on successful saving
This is intended to be used when a user requests for a password reset.
"""
form = NewPasswordForm(request.form)
if request.method == 'POST' and form.validate():
if not session.get('allow_new_password', False):
current_app.logger.debug('New password not allowed in session')
abort(403)
cls.write([request.nereid_user], {'password': form.password.data})
session.pop('allow_new_password')
flash(
_('Your password has been successfully changed! '
'Please login again'))
session.pop('user')
return redirect(url_for('nereid.website.login'))
return render_template('new-password.jinja', password_form=form)
def render(cls, uri, page=1):
"""
Renders the category
"""
Article = Pool().get('nereid.cms.article')
# Find in cache or load from DB
try:
category, = cls.search([('unique_name', '=', uri)])
except ValueError:
abort(404)
order = []
if category.sort_order == 'recent_first':
order.append(('write_date', 'DESC'))
elif category.sort_order == 'older_first':
order.append(('write_date', 'ASC'))
elif category.sort_order == 'sequence':
order.append(('sequence', 'ASC'))
articles = Pagination(
Article, [
('categories', '=', category.id),
('state', '=', 'published')
], page, category.articles_per_page, order=order
)
return render_template(
category.template, category=category, articles=articles)
def test_0100_product_images(self):
"""
Test for adding product images
"""
Product = POOL.get('product.product')
StaticFolder = POOL.get("nereid.static.folder")
StaticFile = POOL.get("nereid.static.file")
Media = POOL.get('product.media')
with Transaction().start(DB_NAME, USER, CONTEXT):
self.setup_defaults()
self.create_test_products()
folder, = StaticFolder.create([{
'name': 'Test'
}])
file_buffer = buffer('test-content')
file, = StaticFile.create([{
'name': 'test.png',
'folder': folder.id,
'file_binary': file_buffer
}])
product, = Product.search([], limit=1)
Media.create([{
'product': product.id,
'template': product.template.id,
'static_file': file.id,
}])
app = self.get_app()
with app.test_request_context('/'):
home_template = render_template('home.jinja', product=product)
self.assertTrue(file.name in home_template)
def change_password(self):
"""
Changes the password
.. tip::
On changing the password, the user is logged out and the login page
is thrown at the user
"""
form = ChangePasswordForm(request.form)
if request.method == "POST" and form.validate():
user = request.nereid_user
# Confirm the current password
password = form.old_password.data
password += user.salt or ""
if isinstance(password, unicode):
password = password.encode("utf-8")
password_sha = hashlib.sha1(password).hexdigest()
if password_sha == user.password:
self.write(request.nereid_user.id, {"password": form.password.data})
flash(_("Your password has been successfully changed! " "Please login again"))
session.pop("user")
return redirect(url_for("nereid.website.login"))
else:
flash(_("The current password you entered is invalid"))
return render_template("change-password.jinja", change_password_form=form)
def render(self, confirmation=None):
"""Render given sale order
:param sale: ID of the sale Order
:param confirmation: If any value is provided for this field then this
page is considered the confirmation page. This
also passes a `True` if such an argument is proved
or a `False`
"""
NereidUser = Pool().get('nereid.user')
# This Ugly type hack is for a bug in previous versions where some
# parts of the code passed confirmation as a text
confirmation = False if confirmation is None else True
# Try to find if the user can be shown the order
access_code = request.values.get('access_code', None)
if current_user.is_anonymous():
if not access_code:
# No access code provided, user is not authorized to
# access order page
return NereidUser.unauthorized_handler()
if access_code != self.guest_access_code:
# Invalid access code
abort(403)
else:
if self.party.id != request.nereid_user.party.id:
# Order does not belong to the user
abort(403)
return render_template(
'sale.jinja', sale=self, confirmation=confirmation
)
def render(self, purpose=None):
"""
Render the line
"""
return Markup(
render_template('cart/sale-line.jinja', line=self,
purpose=purpose))
def change_password(cls):
"""
Changes the password
.. tip::
On changing the password, the user is logged out and the login page
is thrown at the user
"""
form = ChangePasswordForm(request.form)
if request.method == 'POST' and form.validate():
if request.nereid_user.match_password(form.old_password.data):
cls.write(
[request.nereid_user],
{'password': form.password.data}
)
flash(
_('Your password has been successfully changed! '
'Please login again')
)
logout_user()
return redirect(url_for('nereid.website.login'))
else:
flash(_("The current password you entered is invalid"))
return render_template(
'change-password.jinja', change_password_form=form
)
def all_leads(cls, page=1):
"""
All leads captured
"""
Country = Pool().get('country.country')
countries = Country.search([])
filter_domain = []
company = request.args.get('company', None)
if company:
filter_domain.append(('party.name', 'ilike', '%%%s%%' % company))
name = request.args.get('name', None)
if name:
filter_domain.append(('address.name', 'ilike', '%%%s%%' % name))
email = request.args.get('email', None)
if email:
filter_domain.append(('address.email', 'ilike', '%%%s%%' % email))
state = request.args.get('state', None)
if state:
filter_domain.append(('state', '=', '%s' % state))
leads = Pagination(cls, filter_domain, page, 10)
return render_template('crm/leads.jinja',
leads=leads,
countries=countries)
def change_password(cls):
"""
Changes the password
.. tip::
On changing the password, the user is logged out and the login page
is thrown at the user
"""
form = ChangePasswordForm(request.form)
if request.method == 'POST' and form.validate():
if request.nereid_user.match_password(form.old_password.data):
cls.write(
[request.nereid_user],
{'password': form.password.data}
)
flash(
_('Your password has been successfully changed! '
'Please login again')
)
logout_user()
return redirect(url_for('nereid.website.login'))
else:
flash(_("The current password you entered is invalid"))
return render_template(
'change-password.jinja', change_password_form=form
)
def edit_post(self):
"""
Edit an existing post
"""
if self.nereid_user != request.nereid_user:
abort(404)
# Search for a post with same uri
post_form = BlogPostForm(request.form, obj=self)
with Transaction().set_context(blog_id=self.id):
if request.method == 'POST' and post_form.validate():
self.title = post_form.title.data
self.content = post_form.content.data
self.allow_guest_comments = post_form.allow_guest_comments.data
self.save()
flash('Your post has been updated.')
if request.is_xhr:
return jsonify(success=True, item=self.serialize())
return redirect(url_for(
'blog.post.render', user_id=self.nereid_user.id,
uri=self.uri
))
if request.is_xhr:
return jsonify(
success=request.method != 'POST', # False for POST, else True
errors=post_form.errors or None,
)
return render_template(
'blog_post_edit.jinja', form=post_form, post=self
)
def render(cls, user_id, uri):
"Render the blog post"
NereidUser = Pool().get('nereid.user')
if 're_captcha_public' in CONFIG.options and request.is_guest_user:
comment_form = GuestCommentForm(
captcha={'ip_address': request.remote_addr}
)
else:
comment_form = PostCommentForm()
user = NereidUser(user_id)
posts = cls.search([
('nereid_user', '=', user.id),
('uri', '=', uri),
])
if not posts:
abort(404)
# if only one post is found then it is rendered and
# if more than one are found then the first one is rendered
post = posts[0]
if not (post.state == 'Published' or
request.nereid_user == post.nereid_user):
abort(403)
if request.is_xhr:
return jsonify(post.serialize())
return render_template(
'blog_post.jinja', post=post, comment_form=comment_form,
poster=user
)
def render(self, slug=None, page=1):
"""
Renders a page of products in the tree and all of its branches
:param slug: slug of the browse node to be shown
:param page: page of the products to be displayed
"""
Product = Pool().get('product.product')
try:
self.slug
except UserError:
abort(404)
if self.type_ != 'catalog':
# Display only catalog nodes
abort(403)
products = Pagination(Product, [
('displayed_on_eshop', '=', True),
('nodes.left', '>=', self.left),
('nodes.right', '<=', self.right),
('template.active', '=', True),
], page=page, per_page=self.products_per_page)
return render_template(
'catalog/node.html', products=products, node=self
)
def new_post(cls):
"""Create a new post
"""
post_form = BlogPostForm(request.form)
if request.method == 'POST' and post_form.validate():
post, = cls.create([{
'title': post_form.title.data,
'uri': post_form.uri.data,
'content': post_form.content.data,
'nereid_user': request.nereid_user.id,
'allow_guest_comments': post_form.allow_guest_comments.data,
}])
if post_form.publish.data:
cls.publish([post])
flash('Your post has been published.')
else:
flash('Your post has been saved.')
if request.is_xhr:
return jsonify(success=True, item=post.serialize())
return redirect(url_for(
'blog.post.render', user_id=post.nereid_user.id,
uri=post.uri
))
if request.is_xhr:
return jsonify(
success=request.method != 'POST', # False for POST, else True
errors=post_form.errors or None,
)
return render_template('blog_post_form.jinja', form=post_form)
def static_file_test(cls):
static_file_obj = Pool().get('nereid.static.file')
static_file, = static_file_obj.search([])
return render_template('home.jinja',
static_file_obj=static_file_obj,
static_file_id=static_file.id)
def test_0020_pickling(self):
'''
Test if the lazy rendering object can be pickled and rendered
with a totally different context (when no application, request
or transaction bound objects are present).
'''
with Transaction().start(DB_NAME, USER, CONTEXT):
self.setup_defaults()
app = self.get_app()
with app.test_request_context('/'):
response = render_template(
'tests/test-changing-context.html',
variable="a"
)
self.assertEqual(response, 'a')
pickled_response = pickle.dumps(response)
with Transaction().start(DB_NAME, USER, CONTEXT):
self.setup_defaults()
app = self.get_app()
with app.test_request_context('/'):
response = pickle.loads(pickled_response)
self.assertEqual(response, 'a')
def new_password(self, sign, max_age=24 * 60 * 60):
"""Create a new password
This is intended to be used when a user requests for a password reset.
The link sent out to reset the password will be a timestamped sign
which is validated for max_age before allowing the user to set the
new password.
"""
form = NewPasswordForm(request.form)
if request.method == 'POST' and form.validate():
try:
unsigned = self._serializer.loads(
self._signer.unsign(sign, max_age=max_age),
salt='reset-password'
)
except SignatureExpired:
flash(_("The password reset link has expired"))
except BadSignature:
flash(_('Invalid reset password code'))
else:
if not self.id == unsigned:
current_app.logger.debug('Invalid reset password code')
abort(403)
self.write([self], {'password': form.password.data})
flash(_(
'Your password has been successfully changed! '
'Please login again'))
return redirect(url_for('nereid.website.login'))
return render_template(
'new-password.jinja', password_form=form, sign=sign, user=self
)
def revenue_opportunity(self):
"""
Set the Conversion Probability and estimated revenue amount
"""
NereidUser = Pool().get('nereid.user')
nereid_user = NereidUser.search([('employee', '=', self.employee.id)],
limit=1)
if nereid_user:
employee = nereid_user[0]
else:
employee = None
if request.method == 'POST':
self.write(
[self], {
'probability': request.form['probability'],
'amount': Decimal(request.form.get('amount'))
})
flash('Lead has been updated.')
return redirect(
url_for('sale.opportunity.admin_lead', active_id=self.id) +
"#tab-revenue")
return render_template(
'crm/admin-lead.jinja',
lead=self,
employee=employee,
)
def render(cls, uri, page=1):
"""
Renders the category
"""
Article = Pool().get('nereid.cms.article')
# Find in cache or load from DB
try:
category, = cls.search([('unique_name', '=', uri)])
except ValueError:
abort(404)
order = []
if category.sort_order == 'recent_first':
order.append(('write_date', 'DESC'))
elif category.sort_order == 'older_first':
order.append(('write_date', 'ASC'))
elif category.sort_order == 'sequence':
order.append(('sequence', 'ASC'))
articles = Pagination(
Article, [
('categories', '=', category.id),
('state', '=', 'published')
], page, category.articles_per_page, order=order
)
return render_template(
category.template, category=category, articles=articles)
def edit_address(cls, address=None):
"""
Create/Edit an Address
POST will create a new address or update and existing address depending
on the value of address.
GET will return a new address/existing address edit form
:param address: ID of the address
"""
form = AddressForm(request.form, name=request.nereid_user.name)
countries = [(c.id, c.name) for c in request.nereid_website.countries]
form.country.choices = countries
if address not in (a.id for a in request.nereid_user.party.addresses):
address = None
if request.method == 'POST' and form.validate():
if address is not None:
cls.write(
[cls(address)], {
'name': form.name.data,
'street': form.street.data,
'streetbis': form.streetbis.data,
'zip': form.zip.data,
'city': form.city.data,
'country': form.country.data,
'subdivision': form.subdivision.data,
'email': form.email.data,
'phone': form.phone.data,
})
else:
cls.create({
'name': form.name.data,
'street': form.street.data,
'streetbis': form.streetbis.data,
'zip': form.zip.data,
'city': form.city.data,
'country': form.country.data,
'subdivision': form.subdivision.data,
'party': request.nereid_user.party.id,
'email': form.email.data,
'phone': form.email.data,
})
return redirect(url_for('party.address.view_address'))
elif request.method == 'GET' and address:
# Its an edit of existing address, prefill data
record = cls(address)
form = AddressForm(name=record.name,
street=record.street,
streetbis=record.streetbis,
zip=record.zip,
city=record.city,
country=record.country.id,
subdivision=record.subdivision.id,
email=record.email,
phone=record.phone)
form.country.choices = countries
return render_template('address-edit.jinja',
form=form,
address=address)
def shipments(cls, page=1):
'List of Shipments'
Shipment = Pool().get('stock.shipment.out')
shipments = Pagination(Shipment, [
('customer', '=', current_user.party.id),
('state', '!=', 'draft'),
], page, cls.per_page)
return render_template('shipments.jinja', shipments=shipments)
def chat_template(cls):
'''
The rendered templates are used by the javascript code to fetch chat
views. You can modify this template to change the look and feel of your
chat app.
'''
return Response(unicode(render_template('chat/chat_base.jinja')),
mimetype='text/template')
def edit_address(cls, address=None):
"""
Edit an Address
POST will update an existing address.
GET will return a existing address edit form.
.. version_changed:: 3.0.3.0
For creating new address use the create_address handled instead of
this one. The functionality would be deprecated in 3.2.X
:param address: ID of the address
"""
if address is None:
warnings.warn(
"Address creation will be deprecated from edit_address handler."
" Use party.address.create_address instead",
DeprecationWarning
)
return cls.create_address()
form = cls.get_address_form()
if address not in (a.id for a in request.nereid_user.party.addresses):
# Check if the address is in the list of addresses of the
# current user's party
abort(403)
address = cls(address)
if request.method == 'POST' and form.validate():
party = request.nereid_user.party
cls.write([address], {
'name': form.name.data,
'street': form.street.data,
'streetbis': form.streetbis.data,
'zip': form.zip.data,
'city': form.city.data,
'country': form.country.data,
'subdivision': form.subdivision.data,
})
if form.email.data:
party.add_contact_mechanism_if_not_exists(
'email', form.email.data
)
if form.phone.data:
party.add_contact_mechanism_if_not_exists(
'phone', form.phone.data
)
return redirect(url_for('party.address.view_address'))
elif request.method == 'GET' and address:
# Its an edit of existing address, prefill data
form = cls.get_address_form(address)
return render_template('address-edit.jinja', form=form, address=address)
def registration(cls):
"""
Invokes registration of an user
"""
Party = Pool().get('party.party')
ContactMechanism = Pool().get('party.contact_mechanism')
registration_form = cls.get_registration_form()
if registration_form.validate_on_submit():
with Transaction().set_context(active_test=False):
existing = cls.search([
('email', '=', registration_form.email.data.lower()),
('company', '=', current_website.company.id),
])
if existing:
message = _('A registration already exists with this email. '
'Please contact customer care')
if request.is_xhr or request.is_json:
return jsonify(message=unicode(message)), 400
else:
flash(message)
else:
party = Party(name=registration_form.name.data)
party.addresses = []
party.contact_mechanisms = [
ContactMechanism(type="email",
value=registration_form.email.data)
]
party.save()
nereid_user = cls(
**{
'party': party.id,
'display_name': registration_form.name.data,
'email': registration_form.email.data,
'password': registration_form.password.data,
'company': current_website.company.id,
})
nereid_user.save()
registration.send(nereid_user)
nereid_user.send_activation_email()
message = _(
'Registration Complete. Check your email for activation')
if request.is_xhr or request.is_json:
return jsonify(message=unicode(message)), 201
else:
flash(message)
return redirect(
request.args.get('next', url_for('nereid.website.home')))
if registration_form.errors and (request.is_xhr or request.is_json):
return jsonify({
'message': unicode(_('Form has errors')),
'errors': registration_form.errors,
}), 400
return render_template('registration.jinja', form=registration_form)
def view_cart_esi(cls):
"""Returns a view of the shopping cart
Similar to :meth:view_cart but for ESI
"""
cart = cls.open_cart()
response = render_template('shopping-cart-esi.jinja', cart=cart)
response.headers['Cache-Control'] = 'max-age=0'
return response