class SearchView(BaseView):
def __init__(self, request):
BaseView.__init__(self, request)
self.form = Form(self.request, schema=SearchFormAsin())
@view_config(route_name='search_form',
renderer='templates/results.mako')
def finder(self):
items = []
if self.request.POST:
data = self._validate_input()
query_params, can_be_executed = query_preparator.prepare_params(data)
if can_be_executed:
items = item_getter.execute_query(query_params)
else:
self.request.session.flash('Please provide less than 5 asins')
return dict(form=FormRenderer(self.form),
items=items)
def _validate_input(self):
self.form.validate()
if self.form.errors:
self.request.session.flash('Please provide asins')
return self.form.data
def concept_save_view(request):
if "concept" in request.POST:
form = Form(request, schema=ConceptAnswersSchema())
if form.validate():
answers = []
concept_answers = form.bind(models.ConceptAnswer())
concept = concept_answers.concept
concept_answers = concept_answers.concept_answer
for concept_answer in concept_answers:
answer = models.ConceptAnswer()
answer.concept = concept
answer.concept_answer = concept_answer
answers.append(answer)
with transaction.manager:
models.DBSession.add_all(answers)
else:
print form.all_errors()
print "NOT VALIDATED"
return "I saw it"
form = Form(request, schema=ConceptSchema())
concept_model = None
if form.validate():
concept = form.bind(models.Concept())
#with transaction.manager:
# models.DBSession.add(concept)
concept_model = models.DBSession.merge(concept)
models.DBSession.flush()
return HTTPFound(request.route_url("concept_edit_page", page="Concepts",\
concept_id=concept_model.id))
else:
print "Failed"
def license_create(request):
viewer_username = authenticated_userid(request)
if viewer_username == "":
viewer_username = "******"
# form = Form(request, LicenseSchema)
form = Form(request)
if 'form.submitted' in request.POST and not form.validate():
# form didn't validate
request.session.flash('form does not validate!')
request.session.flash(form.data['license_name'])
request.session.flash(form.data['license_url'])
if 'form.submitted' in request.POST and form.validate():
request.session.flash('form validated!')
license_name = form.data['license_name']
license = License(
license_name=form.data['license_name'],
license_album=form.data['license_album'],
license_url=form.data['license_url'],
)
dbsession.add(license)
request.session.flash(u'writing to database ...')
# ToDo: https://redmine.local/issues/5
return {
'viewer_username': viewer_username,
'form': FormRenderer(form)
}
def band_add(request):
form = Form(request, BandSchema)
if 'form.submitted' in request.POST and not form.validate():
# form didn't validate
request.session.flash('form does not validate!')
if 'form.submitted' in request.POST and form.validate():
request.session.flash('form validated!')
dbsession = DBSession()
band_registrar = request.user
if 'registrar_is_member' in form.data:
request.session.flash(
"reg_is_member: " + form.data['registrar_is_member'])
band = Band(
name=form.data['band_name'],
homepage=form.data['band_homepage'],
email=form.data['band_email'],
registrar=request.user.username,
registrar_id=request.user.id,
)
dbsession.add(band)
dbsession.flush()
return HTTPFound(route_url('band_view', request, band_id=band.id))
return {
'viewer_username': authenticated_userid(request),
'form': FormRenderer(form)
}
def test_is_validated_with_specified_params(self):
from pyramid_simpleform import Form
request = testing.DummyRequest()
request.method = "POST"
form = Form(request, SimpleFESchema)
form.validate(params={'name' : 'foo'})
obj = form.bind(SimpleObj())
self.assert_(obj.name == 'foo')
def manage(self):
errors = None
if self.request.method == 'POST':
sid = self.request.params.get('sid', None)
else:
sid = self.request.matchdict.get('sid', None)
try:
if sid: #edit
model = supplierService.GetSupplier(sid, self.TenantId)
if not model:
return HTTPFound(location='/suppliers/index')
form = Form(self.request, schema=SupplierSchema, obj=model)
cntform = vForm(prefix='suppliercontact-', request=self.request, schema=ContactSchema, obj=model.Contacts[0])
valid = form.validate()
valid = cntform.validate() and valid
if valid:
form.bind(model)
cntform.bind(model.Contacts[0])
model.UpdatedBy = self.UserId
model.Status = True
if supplierService.SaveSupplier(model):
return HTTPFound(location='/suppliers/index')
else:
errors = 'Unable to add suppliers details!'
else: #add
model = Supplier()
form = Form(self.request, schema=SupplierSchema, defaults={})
cntform = vForm(prefix='suppliercontact-', request=self.request, schema=ContactSchema, defaults={})
valid = form.validate()
valid = cntform.validate() and valid
if valid:
model = form.bind(Supplier())
contact = cntform.bind(SupplierContactDetails())
model.Contacts.append(contact)
model.TenantId = self.TenantId
model.CreatedBy = self.UserId
model.Status = True
if supplierService.AddSupplier(model):
return HTTPFound(location='/suppliers/index')
else:
errors = 'Unable to save suppliers details!'
except Exception, e:
errors = str(e)
def test_bind_with_include(self):
from pyramid_simpleform import Form
request = testing.DummyRequest()
request.method = "POST"
request.POST['name'] = 'test'
form = Form(request, SimpleFESchema)
form.validate()
obj = form.bind(SimpleObj(), include=['foo'])
self.assert_(obj.name == None)
def test_bind(self):
from pyramid_simpleform import Form
request = testing.DummyRequest()
request.method = "POST"
request.POST["name"] = "test"
form = Form(request, SimpleFESchema)
form.validate()
obj = form.bind(SimpleObj())
self.assert_(obj.name == "test")
def test_bind_with_exclude(self):
from pyramid_simpleform import Form
request = testing.DummyRequest()
request.method = "POST"
request.POST["name"] = "test"
form = Form(request, SimpleFESchema)
form.validate()
obj = form.bind(SimpleObj(), exclude=["name"])
self.assertTrue(obj.name == None)
def managepurchase(self):
errors = None
model = None
form = None
productmodel = Product()
pForm = Form(self.request, schema=ProductSchema, defaults=productmodel.toDict())
log.info(self.request.method)
if self.request.method == 'GET':
pid = self.request.matchdict.get('pid', None)
else:
pid = self.request.params.get('pid', None)
lstSuppliers = self.GetSuppliers()
try:
if pid:
model = stockService.GetPurchase(pid, self.TenantId)
if not model:
return HTTPFound(location='/stock/purchases')
form = Form(self.request, schema=PurchaseSchema, obj=model)
if form.validate():
form.bind(model)
model.TenantId = self.TenantId
model.UpdatedBy = self.UserId
model.Status = True
if stockService.SavePurchase(model):
return HTTPFound(location=self.request.route_url('purchases'))
else:
errors = 'Unable to save purchase details!'
else:
model = Purchase()
form = Form(self.request, schema=PurchaseSchema, defaults=model.toDict())
if form.validate():
model = form.bind(Purchase())
model.TenantId = self.TenantId
model.CreatedBy = self.UserId
model.Status = True
if stockService.AddPurchase(model):
return HTTPFound(location=self.request.route_url('editpurchase',pid=model.Id))
else:
errors = 'Unable to save purchase details!'
except Exception, e:
errors = str(e)
log.debug(e)
DBSession.rollback()
def test_errorlist_with_field(self):
from pyramid_simpleform import Form
from pyramid_simpleform.renderers import FormRenderer
request = testing.DummyRequest()
request.method = "POST"
form = Form(request, SimpleFESchema)
form.validate()
renderer = FormRenderer(form)
self.assertEqual(renderer.errorlist("name"), '<ul class="error"><li>Missing value</li></ul>')
def band_edit(request):
band_id = request.matchdict['band_id']
band = Band.get_by_band_id(band_id)
if not isinstance(band, Band):
msg = "Band id not found in database" # TODO: check template!
return HTTPFound(route_url('not_found', request))
# no change through form, so reuse old value (for now)
band_registrar = band.registrar
band_registrar_id = band.registrar_id
form = Form(request, schema=BandEditSchema, obj=band)
if 'form.submitted' in request.POST and not form.validate():
# form didn't validate
request.session.flash('form does not validate!')
#request.session.flash(form.data['name'])
#request.session.flash(form.data['homepage'])
#request.session.flash(form.data['email'])
if 'form.submitted' in request.POST and form.validate():
if form.data['name'] != band.name:
band.name = form.data['name']
if DEBUG: # pragma: no cover
print "changing band name"
request.session.flash('changing band name')
if form.data['homepage'] != band.homepage:
band.homepage = form.data['homepage']
if DEBUG: # pragma: no cover
print "changing band homepage"
request.session.flash('changing band homepage')
if form.data['email'] != band.email:
band.email = form.data['email']
if DEBUG: # pragma: no cover
print "changing band email"
request.session.flash('changing band email')
# TODO: trigger email_verification process
#request.session.flash(u'writing to database ...')
dbsession.flush()
# if all went well, redirect to band view
return HTTPFound(route_url('band_view', request, band_id=band.id))
return {
'viewer_username': authenticated_userid(request),
'form': FormRenderer(form)
}
def manage(self):
errors = None
if self.request.method == 'POST':
cid = self.request.params.get('cid', None)
else:
cid = self.request.matchdict.get('cid', None)
try:
if cid:
model = customerService.GetCustomer(cid, self.TenantId)
if not model:
return HTTPFound(location='/customers/index')
form = Form(self.request, schema=CustomerSchema, obj=model)
cntform = Form(self.request, schema=ContactSchema, obj=model.Contacts[0])
if form.validate() and cntform.validate():
form.bind(model)
cntform.bind(model.Contacts[0])
model.UpdatedBy = self.UserId
model.Status = True
if customerService.SaveCustomer(model):
return HTTPFound(location='/customers/index')
else:
errors = 'Unable to add customer details!'
else:
model = Customer()
form = Form(self.request, schema=CustomerSchema, defaults={})
cntform = Form(self.request, schema=ContactSchema, defaults={})
if form.validate() and cntform.validate():
model = form.bind(Customer())
contact = cntform.bind(CustomerContactDetails())
model.Contacts.append(contact)
model.TenantId = self.TenantId
model.CreatedBy = self.UserId
model.Status = True
log.info('adding new customer')
if customerService.AddCustomer(model):
return HTTPFound(location='/customers/index')
else:
errors = 'Unable to save customer details!'
except Exception, e:
errors = str(e)
def test_errorlist_with_no_errors(self):
from pyramid_simpleform import Form
from pyramid_simpleform.renderers import FormRenderer
request = testing.DummyRequest()
request.method = "POST"
request.POST['name'] = 'test'
form = Form(request, SimpleFESchema)
form.validate()
renderer = FormRenderer(form)
self.assert_(renderer.errorlist() == '')
def api_student_assignment_upload(request):
conn=DBSession()
validators=dict(fsfileid=formencode.validators.String(not_empty=True,min=16,messages=dict(empty=(u'文件不能为空' ))),\
title=formencode.validators.String(not_empty=True,messages=dict(empty=(u'标题不能为空'))),\
description=formencode.validators.String(not_empty=True,messages=dict(empty=(u'描述不能为空'))),\
uploadid=formencode.validators.Int(not_empty=False),
assignmentid=formencode.validators.Int(not_empty=True))
form=Form(request,validators=validators,state=State(request=request))
student=conn.query(Student).filter(Student.userid==request.user.id).first()
if form.validate():
try:
assignment=conn.query(Assignment).filter(Assignment.id==form.data['assignmentid']).first()
if form.data['uploadid'] and int(form.data['uploadid']):
upload=conn.query(AssignmentUpload).filter(AssignmentUpload.id==int(form.data['uploadid'])).first()
upload.title=form.data['title']
upload.fsfileid=form.data['fsfileid']
upload.description=form.data['description']
upload.updatetime=time.time()
upload.studentid=student.id
conn.flush()
else:
upload=AssignmentUpload()
upload.assignmentid=form.data['assignmentid']
upload.title=form.data['title']
upload.fsfileid=form.data['fsfileid']
upload.createtime=time.time()
upload.updatetime=time.time()
upload.description=form.data['description']
upload.studentid=student.id
conn.add(upload)
conn.flush()
return dict(return_url='/student/assignment/list')
except Exception,e:
log.debug(e)
return dict(code=301,error=u'参数错误')
def __call__(self):
if Permission.FILE & self.user.permissions != Permission.FILE:
raise HTTPForbidden('You are not authorized to upload files.')
self.breadcrumbs.add('Archives', self.request.route_url('archives'))
self.breadcrumbs.add('Upload', self.request.route_url('archives_upload'))
self.title = 'Upload File'
form = Form(self.request, schema=FileSchema,
defaults={'title': '',
'fileDate': '',
'description': ''})
if 'submit' in self.request.POST and form.validate():
token = self.request.POST.get('_csrf')
if token is None or token != self.request.session.get_csrf_token():
raise HTTPForbidden('CSRF token is invalid or missing.')
file = File(name=self._validated(FileSchema, form, 'title'),
filename=self._validated(FileSchema, form, 'fileUpload').filename,
description=self._validated(FileSchema, form, 'description'),
submitTime=datetime.datetime.utcnow(),
fileDate=form.data['fileDate'] or datetime.date.today(),
ownerid=self.user.id,
isDeleted=False)
self.dbsession.add(file)
self.dbsession.flush()
here = os.path.dirname(__file__)
thisFile = self._validated(FileSchema, form, 'fileUpload').file
open(os.path.join(here, os.path.pardir, 'data', 'archive', str(file.id)), 'wb').write(\
thisFile.read())
return HTTPFound(location=self.request.route_url('archives_file', fileid=file.id))
return self.finalize({'form': form})
def api_mentor_assignment_add(request):
conn=DBSession()
validators=dict(fsfileid=formencode.validators.String(not_empty=True,min=16,messages=dict(empty=(u'文件不能为空' ))),\
title=formencode.validators.String(not_empty=True,messages=dict(empty=(u'标题不能为空'))),\
description=formencode.validators.String(not_empty=True,messages=dict(empty=(u'描述不能为空'))),\
duedate=formencode.validators.String(not_empty=True,messages=dict(empty=(u'截止时间不能为空'))),
lessonid=formencode.validators.Int(not_empty=True),
assignmentid=formencode.validators.Int(not_empty=False))
form=Form(request,validators=validators,state=State(request=request))
if form.validate():
try:
lesson=conn.query(Lesson).filter(Lesson.id==form.data['lessonid'],Lesson.courseid.in_(\
conn.query(Course.id).filter(Course.mentorid.in_(\
conn.query(Mentor.id).filter(Mentor.userid==request.user.id))))).first()
if form.data['assignmentid'] and int(form.data['assignmentid']):
assignment=conn.query(Assignment).filter(Assignment.id==lesson.assignmentid).first()
assignment.title=form.data['title']
assignment.fsfileid=form.data['fsfileid']
assignment.duedate=time.mktime(time.strptime(form.data['duedate'],'%Y-%m-%d'))
assignment.description=form.data['description']
conn.flush()
else:
assignment=Assignment()
assignment.title=form.data['title']
assignment.fsfileid=form.data['fsfileid']
assignment.duedate=time.mktime(time.strptime(form.data['duedate'],'%Y-%m-%d'))
assignment.description=form.data['description']
conn.add(assignment)
conn.flush()
lesson.assignmentid=assignment.id
conn.flush()
return dict(return_url='/mentor/lesson/listbycourse?courseid='+str(lesson.courseid))
except Exception,e:
log.debug(e)
return dict(code=301,error=u'参数错误')
def password_edit_view(request):
""" Render the change password form page.
Seek the database for the user datas based on user_id used in the route. If
the user did not exist then add an error flash message and redirect to the
user list.
If the user exist then render an empty password form. If the form is
validated then change the user password in the database and add
success flash message. If the form is not valid, then display again the
form with validation errors.
:param request: a ``pyramid.request`` object
"""
_ = request.translate
user_id = request.matchdict['user_id']
user = AuthUser.get_by_id(user_id)
if not user:
request.session.flash(_(u"This user did not exist!"), 'error')
return HTTPFound(location=request.route_path('tools.user_list'))
form = Form(request, schema=UserPasswordForm, obj=user)
if 'form_submitted' in request.params and form.validate():
form.bind(user)
DBSession.add(user)
request.session.flash(_(u"Password updated."), 'success')
return HTTPFound(location=request.route_path('tools.user_list'))
return dict(renderer=FormRenderer(form))
def view_blog_edit(self):
form = Form(self.request, schema=BlogCreateSchema,
state=State(request=self.request))
blogname = get_param(self.request, 'blogname', self.context.name)
text = get_param(self.request, 'text', self.context.description)
image_url = get_param(self.request, 'image_url',
self.context.image_url)
if form.validate():
self.context.name = blogname
self.context.description = text
self.context.image_url = image_url
self.message = msg['saved']
cbs = [p for p in self.request.params.keys()
if u'checkbox' in p]
# check all the checkbox-parameters and
# parse them
for cb in cbs:
item = self.request.params[cb]
self.context.remove(item)
self.message = msg['items_removed']
_dict = {
'form': FormRenderer(form),
'message': self.message,
'blogname': blogname,
'text': text,
'image_url': image_url
}
return dict(self.base_dict.items() + _dict.items())
def view_signup(self):
""" Register view for new users that aren't signed up yet """
username = get_param(self.request, 'username')
email = get_param(self.request, 'email')
password = u''
# Create form by using schemas with validations
form = Form(self.request, schema=SignUpSchema,
state=State(request=self.request))
if form.validate():
username = self.request.params['username']
password = self.request.params['password']
email = self.request.params['email']
get_resource('users', self.request).add(username,
password, email)
get_resource('groups', self.request).add(username,
group_names['member'])
get_resource('groups', self.request).add(username,
u'u:%s' % username)
self.message = msg['succeed_add_user'] + " " + username
_dict = {
'url': self.request.application_url + '/signup',
'username': username,
'email': email,
'password': password,
'form': FormRenderer(form),
'params': self.request.params,
'message': self.message
}
return dict(self.base_dict.items() + _dict.items())
def login(request):
message = None
form = Form(request, schema=UserSchema())
if request.method == 'POST' and form.validate():
username = request.params['username']
password = request.params['password']
password_again = request.params['password_again']
if bool(password_again):
if password == password_again:
user = form.bind(User())
DBSession.add(user)
DBSession.flush()
user_id = user.id
headers = remember(request, user.id)
return HTTPFound(location='/', headers=headers)
else:
message = 'Passwords do not match.'
else:
user = DBSession.query(User).filter(User.username==username).first()
if user and user.password == password:
headers = remember(request, user.id)
return HTTPFound(location='/', headers=headers)
else:
message = 'Username or password is incorrect.'
return {
'message': message,
'form': form,
'renderer': FormRenderer(form),
'user': get_user(request),
}
def view_user_edit(self):
""" View for editing a single user """
form = Form(self.request, schema=UserEditSchema,
state=State(request=self.request))
self.error_message = None
if form.validate():
password = self.request.params['password']
if self.context.validate_password(password):
if self.request.params['new_password']:
password = self.request.params['new_password']
self.message = 'Successfully saved'
email = self.request.params['email']
self.context.edit(password, email)
else:
self.error_message = msg['password_invalid']
_dict = {
'username': self.context.username,
'form': FormRenderer(form),
'email': self.context.email,
'message': self.message,
'error_message': self.error_message
}
return dict(self.base_dict.items() + _dict.items())
def contact_view(request):
form = Form(request, schema=ContactSchema)
if form.validate():
mailer = request.registry['mailer']
office_email = request.registry.settings['office.email']
from_ = "%s <%s>" % (form.data['name'], form.data['email'])
message = Message(
subject=form.data['subject'] + ' [formative.co.za]',
sender=form.data['email'],
recipients=[office_email],
body=form.data['message'],
extra_headers = {"From": from_}
)
mailer.send_immediately(message)
request.session.flash('Message sent.', queue='info')
return HTTPFound(location="/")
if form.errors:
request.session.flash('There are errors in your form.', queue='error')
return {"renderer":FormRenderer(form)}
def motion_add(request):
"""create a new motion.
1. show new motion form
2. save to database after user submit
"""
# initialize the form to select all participants
all_users = load_users()
all_user_options = [(itm.id, itm.name) for itm in all_users]
selected_users = [itm.id for itm in all_users]
# add four blank options on new motion form
form = Form(request, schema=MotionSchema, defaults=dict(participants = selected_users,
options=["","","",""]))
if form.validate():
title = form.data.get("title")
desc = form.data.get("desc")
options = form.data.get("options")
users = form.data.get("participants")
add_motion(title, desc, options, users)
return HTTPFound(location=route_path('motion_list', request))
return dict(renderer=FormRenderer(form), all_user_options=all_user_options)
def user_add(request):
form = Form(request, schema=RegistrationSchema)
if "form.submitted" in request.POST and form.validate():
session = DBSession()
username = form.data["username"]
user = User(username=username, password=form.data["password"], name=form.data["name"], email=form.data["email"])
session.add(user)
headers = remember(request, username)
redirect_url = request.route_url("main")
return HTTPFound(location=redirect_url, headers=headers)
login_form = login_form_view(request)
return {
"form": FormRenderer(form),
"toolbar": toolbar_view(request),
"cloud": cloud_view(request),
"latest": latest_view(request),
"login_form": login_form,
}
def edit(request):
"""customer edit """
id = request.matchdict['id']
dbsession = DBSession()
customer = dbsession.query(Customer).filter_by(id=id).one()
print customer
address = dbsession.query(Address).filter_by(user_id=id).one()
if customer is None or address is None:
request.session.flash("error;Customer not found!")
return HTTPFound(location=request.route_url("customer_list"))
generalForm = Form(request, schema=CustomerForm, obj=customer)
locationForm = Form(request, schema=LocationForm, obj=address)
if "general_submitted" in request.POST and generalForm.validate():
generalForm.bind(customer)
dbsession.add(customer)
request.session.flash("success; Successful call to update customer")
if "location_submitted" in request.POST:
locationForm.bind(address)
dbsession.add(address)
request.session.flash("success; Successful call to update location")
action_url = request.route_url("customer_edit", id=id)
return dict(generalForm=FormRenderer(generalForm),
locationForm=FormRenderer(locationForm),
action_url=action_url)
def crime_add(self):
"""
Crimes list for classification
:return:
"""
# Gera formulário
form = Form(
self.request,
defaults={},
schema=crime_schema.CrimeSchema()
)
if form.validate():
log.debug("Dados do formulário: ")
# Tenta instanciar o formulário no objeto
crime_obj = Crimes(
category_name=form.data.get('category_name'),
category_pretty_name=form.data.get('category_pretty_name'),
description=form.data.get('description'),
date=datetime.datetime.now(),
default_token=form.data.get('default_token'),
tokens=form.data.get('tokens'),
color=form.data.get('color')
)
# persist model somewhere...
crime_obj.create_crimes()
return HTTPFound(location="/crime")
return dict(
renderer=FormRenderer(form),
action=self.request.route_url('crime_add')
)
def view_task(request):
story_id = request.matchdict['story_id']
story = DBSession.query(Story).get(story_id)
task_id = request.matchdict['task_id']
task = DBSession.query(Task).get(task_id)
times_spent = DBSession.query(TimeSpent.duration).filter(
TimeSpent.task_id==task_id).all()
form = Form(request, schema=TimeSpentSchema())
if request.method == 'POST' and form.validate():
time_spent = form.bind(TimeSpent())
time_spent.task_id = task_id
time_spent.task = task
DBSession.add(time_spent)
DBSession.flush()
return HTTPFound(location='/story/%s/task/%s' % (story_id, task_id))
return {
'story': story,
'story_id': story_id,
'task': task,
'task_id': task_id,
'times_spent': times_spent,
'renderer': FormRenderer(form),
'form': form,
'total_time_spent': str(sum_time_spent(times_spent)),
'user': get_user(request),
}
def add_message(request):
"""
Add message receive an topic
"""
form = Form(request,
schema=MessageSchema
)
topic = request.matchdict['name']
if form.validate():
title = form.data['title']
author = form.data['author']
content = form.data['content']
topic_oid = topic
slug = make_slug(title)
d = {
'title' : title,
'author' : author,
'content':content,
'topic' : topic_oid,
'slug' : slug
}
request.db['Message'].insert(d)
return HTTPFound(location='/topic/'+topic)
return { 'form' : FormRenderer(form), 'topic' : topic }
def user_add(request):
form = Form(request, schema=RegistrationSchema)
if 'form.submitted' in request.POST and form.validate():
session = DBSession()
username=form.data['username']
user = User(
username=username,
password=form.data['password'],
name=form.data['name'],
email=form.data['email']
)
session.add(user)
headers = remember(request, username)
redirect_url = route_url('main', request)
return HTTPFound(location=redirect_url, headers=headers)
login_form = login_form_view(request)
return {
'form': FormRenderer(form),
'toolbar': toolbar_view(request),
'cloud': cloud_view(request),
'latest': latest_view(request),
'login_form': login_form,
}
def addlga(request):
title="Add Local Government Areas"
state_id = request.matchdict['state_id']
state = State.get_by_id(state_id)
form = Form(request, schema=StateSchema)
if 'form_submitted' in request.POST and form.validate():
lga_string = form.data['name']
lga=LGA.create_lga(state_id,lga_string)
request.session.flash("success; Lga added")
return HTTPFound(location=request.route_url('view_state', state_id=state_id))
action_url = request.route_url('add_lga', state_id=state_id)
return dict(
title=title,
state=state,
form=FormRenderer(form),
action_url=action_url)
def add_node(request):
"""Adds a new into Marteau"""
check_auth(request)
owner = request.user
form = Form(request, schema=NodeSchema)
if not form.validate():
request.session.flash("Bad node name")
return HTTPFound(location='/nodes')
node_name = form.data.get('name')
node = Node(name=node_name, owner=owner)
queue = request.registry['queue']
queue.save_node(node)
return HTTPFound(location='/nodes')
def person_add_view(request):
health_id = request.POST['health_id']
form = Form(request, schema=PersonSchema())
if form.validate():
person = form.bind(models.Person())
with transaction.manager:
models.DBSession.add(person)
return HTTPFound(request.route_url("patient_dashboard_page",\
health_id=health_id, page= "Patient Dashboard"))
#page= "Patients List", health_id= health_id)
else:
print "Form Validation Failed"
print form.all_errors()
print request.POST
return {"message": "Reched ME!!"}
def change_username(request):
"Change username"
form = Form(request, schema=schema.ChangeUsername)
user = request.user
if request.method == 'POST':
if form.validate():
user.username = form.data['username']
model.save(user)
request.registry.notify(events.UserChangedUsername(request, user))
# Get location based on new username
location = get_redirect_location(request)
return HTTPFound(location=location)
# Get location based on unchanged username
location = get_redirect_location(request)
form.data['next'] = location
return {'renderer': FormRenderer(form), 'user': user}
def user_edit(request):
id = request.matchdict['id']
user = load_user(id)
if not user:
return HTTPUnauthorized()
form = Form(request, schema=UserSchema, obj=user)
if form.validate():
update_user(id, form.data.get("name"), form.data.get("email"),
form.data.get("vote_weight"))
return HTTPFound(location=route_path("user_list", request))
return dict(renderer=FormRenderer(form))
def register(self):
form = Form(self.request, schema=UserSchema)
if form.validate():
user = form.bind(resources.User())
user.password, user.salt = gen_hash_password(user.password)
personal_tag = resources.Tag()
personal_tag.label = user.email
personal_tag.tag_type = 'user'
personal_tag.tag_permission = 2
personal_tag.save()
user.personal_tag = personal_tag
user.save()
user = authenticate_user(self.request.params['email'],
self.request.params['password'])
headers = remember(self.request, str(user.id))
return HTTPFound(location="/", headers=headers)
return {'renderer': FormRenderer(form)}
def start_session(request):
form = Form(request,
schema=StartSessionForm())
if form.validate():
identifier = form.data["identifier"]
secret = form.data["secret"]
account_name = form.data["account_name"]
db = request.db
session = AuthSession.create(db, identifier, secret, account_name)
if session is None:
raise exc.HTTPForbidden()
else:
log.debug("new auth session for client %s username %s",
identifier, account_name)
return {"auth_token": session.token}
else:
raise exc.HTTPForbidden()
def signin(request):
form = Form(request, schema=SigninSchema())
if form.validate():
query = DBSession.query(User).filter(User.email == form.data['email'])
if query.count():
user = query.first()
if user.check_password(form.data['password']):
headers = remember(request, user.email)
return HTTPFound(location='/', headers=headers)
else:
request.session.flash(u'Wrong email or password', 'error')
else:
request.session.flash(u'Wrong email or password', 'error')
return _response_dict(
request,
renderer=FormRenderer(form),
)
def editstate(request):
state_id = request.matchdict['state_id']
state =State.get_by_id(state_id)
title = "Editing %s" %(state.name)
form = Form(request, schema=StateSchema)
if 'form_submitted' in request.POST and form.validate():
s_string = form.data['name']
state.name = s_string
transaction.commit()
request.session.flash('success; State updated')
return HTTPFound(location=request.route_url('list_state'))
action_url = request.route_url('edit_state', state_id=state_id)
return dict(
title=title,
form=FormRenderer(form),
state=state,
action_url=action_url)
def __call__(self):
if self.user.permissions & Permission.NEWS != Permission.NEWS:
raise HTTPForbidden(
'You are not authorized to edit this news article.')
self.breadcrumbs.add('News', self.request.route_url('news'))
try:
article = self.dbsession.query(News).filter(
News.id == self.request.matchdict['articleid']).one()
except:
raise HTTPNotFound('No article found.')
if article.isDeleted:
raise HTTPNotFound('No article found.')
self.breadcrumbs.add(
article.title,
self.request.route_url('news_article', articleid=article.id))
self.breadcrumbs.add(
'Edit', self.request.route_url('news_edit', articleid=article.id))
self.title = 'Editing "' + article.title + '"'
form = Form(self.request,
schema=NewsSchema,
defaults={
'title': article.title,
'content': article.content
})
if 'edit' in self.request.POST and form.validate():
token = self.request.POST.get('_csrf')
if token is None or token != self.request.session.get_csrf_token():
raise HTTPForbidden('CSRF token is invalid or missing.')
article.title = self._validated(NewsSchema, form, 'title')
article.content = self._validated(NewsSchema, form, 'content')
article.lastModified = datetime.datetime.utcnow()
self.dbsession.add(article)
self.dbsession.flush()
return HTTPFound(location=self.request.route_url(
'news_article', articleid=article.id))
elif 'delete' in self.request.POST and 'deleteCheck' in self.request.POST:
token = self.request.POST.get('_csrf')
if token is None or token != self.request.session.get_csrf_token():
raise HTTPForbidden('CSRF token is invalid or missing.')
article.isDeleted = True
self.dbsession.add(article)
self.dbsession.flush()
return HTTPFound(location=self.request.route_url('news'))
return self.finalize({'form': form, 'article': article})
def genkey(self):
self.require_verification()
form = Form(self.request, schema=forms.GenKeySchema)
with utils.db_session(self.dbmaker) as session:
user = session.query(User).filter(User.username==self.username).first()
if form.validate():
name = form.data['keyname']
passphrase = form.data['passphrase']
pub, priv = utils.keygen(name, user.email, passphrase)
keyobj = Key(name, user.id, pub, priv)
user.keys.append(keyobj)
session.add(keyobj)
session.add(user)
self.request.session.flash(u'successfully generated key %s.' % (name, ))
return HTTPFound(location=self.request.route_url('keys'))
def new(request):
"""new customer """
categories = get_categories()
countries = get_countries()
form = Form(request, schema=CustomerForm)
if "form_submitted" in request.POST and form.validate():
dbsession = DBSession()
customer = form.bind(Customer())
dbsession.add(customer)
request.session.flash("warning;New Customer is saved!")
return HTTPFound(location=request.route_url("customer_list"))
return dict(form=FormRenderer(form),
categories=categories,
countries=countries,
action_url=request.route_url("customer_new"))
def listing_category_edit(request):
"""listing category edit """
title = 'Edit listing category'
id = request.matchdict['id']
dbsession = DBSession()
category = PropertyCategory.get_by_id(id)
if category is None:
request.session.flash("warning; Category not found!")
return HTTPFound(location=request.route_url("listing_category_list"))
form = Form(request, schema=BlogCategoryForm, obj=category)
if "form_submitted" in request.POST and form.validate():
form.bind(category)
dbsession.add(category)
request.session.flash("success;The Category is saved!")
return HTTPFound(location=request.route_url("listing_category_list"))
action_url = request.route_url("listing_category_edit", id=id)
return dict(form=FormRenderer(form), action_url=action_url)
def api_user_uploadfile(request):
"""用户上传文件,需要传入路径和
"""
validators=dict(uploadfile=formencode.validators.FieldStorageUploadConverter(\
not_empty=True,messages=dict(empty=(u'文件不能为空' ))))
form = Form(request, validators=validators, state=State(request=request))
if form.validate():
try:
path = "frostcms/upload"
if not os.path.exists(path):
os.makedirs(path)
extension = form.data['uploadfile'].filename.split('.')[-1:][0]
uid = uuid.uuid1()
filename = "%s.%s" % (uid, extension)
filepath = os.path.join(path, filename).replace("\\", "/")
myfile = open(filepath, 'wb')
form.data['uploadfile'].file.seek(0)
while 1:
tmp = form.data['uploadfile'].file.read(2 << 16)
if not tmp:
break
myfile.write(tmp)
myfile.close()
fsfile = Fsfile()
fsfile.id = uid
fsfile.userid = request.user.id
fsfile.createtime = time.time()
fsfile.filename = form.data['uploadfile'].filename
fsfile.filepath = filepath
conn = DBSession()
conn.add(fsfile)
conn.flush()
returnStr = str(
dict(fsfileid=str(uid), filename=str(fsfile.filename)))
#returnStr="<body><pre>"+str(result)+"</pre></body>"
response = request.response
response.headers['Pragma'] = 'no-cache'
response.headers['Cache-Control'] = 'no-cache'
response.headers['Expires'] = '0'
response.headers['Content-Type'] = "text/html"
response.write(returnStr)
return response
except Exception, e:
return dict(code=301, error=u'参数错误')
def idea_add(request):
target = request.GET.get('target')
session = DBSession()
if target:
target = Idea.get_by_id(target)
if not target:
return HTTPNotFound()
kind = 'comment'
else:
kind = 'idea'
form = Form(request, schema=AddIdeaSchema)
if 'form.submitted' in request.POST and form.validate():
author_username = authenticated_userid(request)
author = User.get_by_username(author_username)
idea = Idea(
target=target,
author=author,
title=form.data['title'],
text=form.data['text']
)
tags = Tag.create_tags(form.data['tags'])
if tags:
idea.tags = tags
session.add(idea)
redirect_url = route_url('idea', request, idea_id=idea.idea_id)
return HTTPFound(location=redirect_url)
login_form = login_form_view(request)
return {
'title': 'add an idea',
'form': FormRenderer(form),
'toolbar': toolbar_view(request),
'cloud': cloud_view(request),
'latest': latest_view(request),
'login_form': login_form,
'target': target,
'kind': kind,
}
def pyforum_message_view(self):
id_topic = self.request.matchdict['id_topic']
topic_title = self.request.matchdict['topic_title']
topics = Message.objects().filter(topic__icontains=id_topic)
form = Form(self.request,schema=MessageSchema())
if form.validate():
context = {'name' : form.data['name'],
'description': form.data['description'],
'topic': id_topic}
Message.add(context)
return HTTPFound(location='/message_list/{0}/{1}'.format(id_topic,topic_title))
return {'title': 'List View PyForum',
'topics':topics,
'id_topic':id_topic,
'topic_title':topic_title,
'form' : FormRenderer(form)
}
def location_add(request):
form = Form(request, schema=LocationSchema())
if form.validate():
location = form.bind(models.Location())
with transaction.manager:
models.DBSession.add(location)
locations = models.DBSession.query(models.Location).all()
locations_list = [(location.id, location.name)
for location in locations]
return {
"page": "Locations",
"items": locations_list,
"headings": headings
}
else:
print form.all_errors()
print form.errors_for('parent')
print "Form validation failed"
def api_mentor_assignment_overmark(request):
validators = dict(assignmentid=formencode.validators.Int(not_empty=True))
form = Form(request, validators=validators, state=State(request=request))
if form.validate():
conn = DBSession()
assignment = conn.query(Assignment).filter(
Assignment.id == form.data['assignmentid']).first()
if assignment:
assignment.state = 2
assignmentuploads = conn.query(AssignmentUpload).filter(
AssignmentUpload.assignmentid ==
form.data['assignmentid']).all()
for assignmentupload in assignmentuploads:
assignmentupload.state = 2
conn.flush()
return dict(return_url="/mentor/assignment/list")
return dict(code=1401, error=u'作业已经不存在')
return dict(code=101, error=form.errors)
def edit(request):
"""country edit """
id = request.matchdict['id']
dbsession = DBSession()
country = dbsession.query(Country).filter_by(id=id).one()
if country is None:
request.session.flash("error;Country not found!")
return HTTPFound(location=request.route_url("country_list"))
form = Form(request, schema=CountryForm, obj=country)
if "form_submitted" in request.POST and form.validate():
form.bind(country)
dbsession.add(country)
request.session.flash("warning;The Country is saved!")
return HTTPFound(location=request.route_url("country_list"))
action_url = request.route_url("country_edit", id=id)
return dict(form=FormRenderer(form), action_url=action_url)
def view_blogpost_edit(self):
form = Form(self.request, schema=BlogPostSchema,
state=State(request=self.request))
if form.validate():
self.message = msg['saved']
title = self.request.params[u'title']
text = self.request.params[u'text']
self.context.title = title
self.context.text = text
_dict = {
'project': '',
'title': self.context.title,
'text': self.context.text,
'form': FormRenderer(form),
'message': self.message
}
return dict(self.base_dict.items() + _dict.items())
def view_blog_remove(self):
""" The Blog can be removed from this view """
form = Form(self.request, schema=BaseSchema,
state=State(request=self.request))
self.message = "Edit %s" % self.context.name
if form.validate():
return HTTPFound(location=resource_url(self.context.__parent__,
self.request))
_dict = {
'page': self.context,
'blogname': self.context.name,
'message': self.message,
'form': FormRenderer(form)
}
return dict(self.base_dict.items() + _dict.items())
def view_edit(self):
title = get_param(self.request, 'title', self.context.title)
text = get_param(self.request, 'text', self.context.text)
form = Form(self.request, schema=PageEditSchema,
state=State(request=self.request))
if form.validate():
self.message = msg['saved']
self.context.text = text
self.context.title = title
_dict = {
'title': title,
'text': text,
'form': FormRenderer(form),
'message': self.message
}
return dict(self.base_dict.items() + _dict.items())
def passforgot(request):
form = Form(request, schema=ForgotPasswordForm)
if 'form_submitted' in request.POST and form.validate():
user = Users.get_by_email(form.data['email'])
if user:
timestamp = time.time() + 3600
hmac_key = hmac.new(
'%s:%s:%d' % (str(user.id), 'r5$55g35%4#$:l3#24&', timestamp),
user.email).hexdigest()[0:10]
time_key = base64.urlsafe_b64encode('%d' % timestamp)
email_hash = '%s%s' % (hmac_key, time_key)
email_forgot(request, user.id, user.email, email_hash)
request.session.flash('success; Password reset email sent')
return HTTPFound(location=request.route_url('login'))
request.session.flash('danger; No user with the given email address')
return HTTPFound(location=request.route_url('login'))
request.session.flash('danger; No such user')
return HTTPFound(location=request.route_url('login'))
def emailage(request):
camefrom = request.params.get('camefrom')
listing = Listings.get_by_name(camefrom)
form = Form(request, schema=MailAgentSchema)
if 'submit' in request.POST and form.validate():
receiver = listing.user.email
name = form.data['fullname']
phone = form.data['mobile']
email = form.data['email']
sender = "%s via nairabricks.com <*****@*****.**>" % name
subject = "Contact Request from %s via nairabricks.com" % name
content = "<p>I am Interested in your listing at nairabricks.com. I will like to know more about %s in %s. Please get in touch with me</p>" % (
listing.title, listing.address)
footer = "<small>Phone: %s</small>" % phone + "<br/>"
msg_body = "<html><head><title>"+subject+"</title></head><body>"+\
"Concerning listing Number %s"%listing.serial +\
"<br/>%s <br/>%s"%(content,footer)+\
"</body></html>"
extra_headers = {"Reply-To": '%s <%s>' % (name, email)}
html_email_sender(request,
recipients=receiver,
subject=subject,
body=msg_body,
sender=sender,
extra_headers=extra_headers)
if request.is_xhr:
html = """<div class="alert alert-success alert-dismissable col-xs-12">
<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
Email Sent
</div>"""
return Response(html)
request.session.flash("success; Email sent")
return HTTPFound(
location=request.route_url('property_view', name=camefrom))
if request.is_xhr:
html = """<div class="alert alert-success alert-dismissable col-xs-12">
<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
Email not sent
</div>"""
return Response(html)
request.session.flash("danger; Email not sent")
return HTTPFound(
location=request.route_url('property_view', name=camefrom))
def share_file(self):
form = Form(self.request, schema=forms.PassphraseSchema)
if 'form.submitted' in self.request.POST and form.validate():
passphrase = form.data['passphrase']
query_file = os.path.join(self.storage_dir, self.username, self.filename)
share_user = self.request.params['share_user']
with utils.db_session(self.dbmaker) as session:
owner = session.query(User).filter(User.username==self.username).one()
f = session.query(File).filter(File.name==self.filename).one()
u = session.query(User).filter(User.username==share_user).first()
if u is None:
del f.shared_users[:]
else:
for key in u.keys:
f.keys.append(key)
session.add(f)
owner_pubs = [k.public_key for k in owner.keys]
owner_privs = [k.private_key for k in owner.keys]
recipients = owner_pubs + [k.public_key for k in f.keys]
with open(query_file, 'rb') as o:
data = o.read()
decrypted = utils.decrypt(data, owner_privs, owner_pubs, passwd)
with tempfile.NamedTemporaryFile() as tmp:
tmp.write(decrypted)
tmp.flush()
tmp.seek(0)
encrypted = utils.encrypt(tmp, recipients)
tmp = tempfile.NamedTemporaryFile(dir=self.storage_dir, delete=False)
tmp.write(encrypted)
os.rename(tmp.name, query_file)
self.request.session.flash(
u'successfully shared file: %s with user %s' % (self.filename, share_user)
)
return HTTPFound(location=self.request.route_url('view_files'))
with utils.db_session(self.dbmaker) as session:
sharable_users = session.query(User).filter(User.sharable==True)
sharable_users = sharable_users.filter(User.username!=self.username).all()
sharable_users = [u.username for u in sharable_users]
return dict(
username=self.username,
filename=self.filename,
sharable_users=sharable_users
)
def contact(request):
form = Form(request, schema=ContactUs)
if 'submit' in request.POST and form.validate():
name = form.data['fullname']
email = form.data['email']
body = form.data['body']
subject = "Contact Request by %s" % name
extra_headers = {"Reply-To": '%s <%s>' % (name, email)}
html_email_sender(
request,
recipients="*****@*****.**",
subject=subject,
body=body,
extra_headers=extra_headers,
sender="*****@*****.**",
)
request.session.flash('info;Email sent, thank you for contacting us')
return HTTPFound(location="/")
return dict(title="contact us", form=FormRenderer(form))
def restore_account_view(request):
form = Form(request, schema=RestoreUserSchema)
if form.validate():
token = uuid.uuid4().hex
url = request.route_url('restore_password', token=token)
mail_message = "Restore password with link\n{}\nif you accidently get this mail you can ignore it".format(
url)
user = User()
form.bind(user)
user = request.dbsession.query(User).filter(
User.email == user.email).first()
log.debug(user)
if user is None:
request.session.flash(
'warning; Cand find user with that username or email')
return {
'form': FormRenderer(form),
}
if user.group == Groups.admin:
request.session.flash(
'warning; admin cant restore password you need to use sever scripts to delete admin and create new one'
)
return HTTPFound(request.route_path('home'))
user.token = token
mailer = request.mailer
message = Message(subject="Eschool, create account",
sender="*****@*****.**",
recipients=[user.email],
body=mail_message)
mailer.send(message)
request.session.flash("success; Message with restore link sent")
return HTTPFound(request.route_path('home'))
return {
'form': FormRenderer(form),
}
def view_login(self):
""" Login view """
login_url = resource_url(self.request.context, self.request, 'login')
referrer = self.request.url
if referrer == login_url:
# never use the login form itself as came_from
referrer = '/'
came_from = self.request.params.get('came_from', referrer)
username = ''
password = ''
# Create form by using schemas with validations
form = Form(self.request, schema=LoginSchema,
state=State(request=self.request),
defaults={'klass': 'class'})
if form.validate():
username = self.request.params['username']
password = self.request.params['password']
try:
if self.context['users'][username].validate_password(password):
headers = remember(self.request, username)
return HTTPFound(location=came_from,
headers=headers)
except KeyError:
pass
self.message = msg['login_failed']
if self.logged_in:
self.message = msg['logged_in_as'] + " " + self.logged_in + ". "
if type(self.context) == HTTPForbidden:
self.message += msg['content_forbidden']
_dict = {
'url': self.request.application_url + 'login',
'came_from': came_from,
'username': username,
'password': password,
'form': FormRenderer(form),
'message': self.message
}
return dict(self.base_dict.items() + _dict.items())
def post(self, schema, data):
#
# ファイルアップロード用のスキーマ
#
form = Form(data, schema=schema)
if form.validate():
#
# トランザクションの開始
#
with transaction.manager:
#
# セッションの作成
#
session = Session()
#
# ファイル名、ファイルのデータ取得
#
storage = form.request.params.getone('file')
model = self._Model(**{
'name': storage.filename,
'data': storage.file.read(),
})
#
# セッションに要素の追加
#
session.add(model)
#
# 登録
#
session.flush()
#
# 辞書として返す
#
return model.to_dict()
#
# 失敗した場合の処理
#
return HTTPNotFound()
def api_mentor_courseware_add(request):
conn = DBSession()
validators=dict(fsfileid=formencode.validators.String(not_empty=True,min=16,messages=dict(empty=(u'文件不能为空' ))),\
title=formencode.validators.String(not_empty=True,messages=dict(empty=(u'标题不能为空'))),\
description=formencode.validators.String(not_empty=True,messages=dict(empty=(u'描述不能为空'))))
form = Form(request, validators=validators, state=State(request=request))
if form.validate():
mentor = conn.query(Mentor).filter(
Mentor.userid == request.user.id).first()
courseware = Courseware()
courseware.title = form.data['title']
courseware.description = form.data['description']
courseware.createtime = time.time()
courseware.mentorid = mentor.id
courseware.fsfileid = form.data['fsfileid']
conn.add(courseware)
conn.flush()
return dict(return_url='/mentor/courseware/list')
return dict(code=101, error=form.errors)
