def setPassword(self, password, domains=None, REQUEST=None): '''Allows the authenticated member to set his/her own password. ''' if not self.isAnonymousUser(): member = self.getAuthenticatedMember() rtool = queryUtility(IRegistrationTool) if rtool is not None: failMessage = rtool.testPasswordValidity(password) if failMessage is not None: raise BadRequest(failMessage) member.setSecurityProfile(password=password, domains=domains) else: raise BadRequest('Not logged in.')
def _checkId(self, id, allow_dup=0): PortalFolderBase.inheritedAttribute('_checkId')(self, id, allow_dup) if allow_dup: return # FIXME: needed to allow index_html for join code if id == 'index_html': return # Another exception: Must allow "syndication_information" to enable # Syndication... if id == 'syndication_information': return # IDs starting with '@@' are reserved for views. if id[:2] == '@@': raise BadRequest('The id "%s" is invalid because it begins with ' '"@@".' % id) # This code prevents people other than the portal manager from # overriding skinned names and tools. if not getSecurityManager().checkPermission(ManagePortal, self): ob = aq_inner(self) while ob is not None: if ISiteRoot.providedBy(ob): break # BBB if getattr(ob, '_isPortalRoot', False): warn( "The '_isPortalRoot' marker attribute for site " "roots is deprecated and will be removed in " "CMF 2.3; please mark the root object with " "'ISiteRoot' instead.", DeprecationWarning, stacklevel=2) break ob = aq_parent(ob) if ob is not None: # If the portal root has a non-contentish object by this name, # don't allow an override. if (hasattr(ob, id) and id not in ob.contentIds() and # Allow root doted prefixed object name overrides not id.startswith('.')): raise BadRequest('The id "%s" is reserved.' % id) # Don't allow ids used by Method Aliases. ti = self.getTypeInfo() if ti and ti.queryMethodID(id, context=self): raise BadRequest('The id "%s" is reserved.' % id)
def setPassword(self, password, domains=None, REQUEST=None): '''Allows the authenticated member to set his/her own password. ''' # XXX: this method violates the rules for tools/utilities: # it depends on a non-utility tool registration = getToolByName(self, 'portal_registration', None) if not self.isAnonymousUser(): member = self.getAuthenticatedMember() if registration: failMessage = registration.testPasswordValidity(password) if failMessage is not None: raise BadRequest(failMessage) member.setSecurityProfile(password=password, domains=domains) else: raise BadRequest('Not logged in.')
def setProperties(self, properties=None, **kw): '''Allows the authenticated member to set his/her own properties. Accepts either keyword arguments or a mapping for the "properties" argument. ''' mtool = getUtility(IMembershipTool) if not mtool.isMemberAccessAllowed(self._user.getId()): raise BadRequest(u'Only own properties can be set.') if properties is None: properties = kw rtool = queryUtility(IRegistrationTool) if rtool is not None: failMessage = rtool.testPropertiesValidity(properties, self) if failMessage is not None: raise BadRequest(failMessage) self.setMemberProperties(properties)
def setProperties(self, properties=None, **kw): '''Allows the authenticated member to set his/her own properties. Accepts either keyword arguments or a mapping for the "properties" argument. ''' # XXX: this method violates the rules for tools/utilities: # it depends on a non-utility tool if properties is None: properties = kw membership = getToolByName(self, 'portal_membership') registration = getToolByName(self, 'portal_registration', None) if not membership.isAnonymousUser(): member = membership.getAuthenticatedMember() if registration: failMessage = registration.testPropertiesValidity(properties, member) if failMessage is not None: raise BadRequest(failMessage) member.setMemberProperties(properties) else: raise BadRequest('Not logged in.')
def _checkId(self, id, allow_dup=0): PortalFolderBase.inheritedAttribute('_checkId')(self, id, allow_dup) if allow_dup: return # FIXME: needed to allow index_html for join code if id == 'index_html': return # Another exception: Must allow "syndication_information" to enable # Syndication... if id == 'syndication_information': return # IDs starting with '@@' are reserved for views. if id[:2] == '@@': raise BadRequest('The id "%s" is invalid because it begins with ' '"@@".' % id) # This code prevents people other than the portal manager from # overriding skinned names and tools. if not getSecurityManager().checkPermission(ManagePortal, self): ob = aq_inner(self) while ob is not None: if ISiteRoot.providedBy(ob): break ob = aq_parent(ob) if ob is not None: # If the portal root has a non-contentish object by this name, # don't allow an override. if hasattr(ob, id) and \ id not in ob.contentIds() and \ not id.startswith('.'): raise BadRequest('The id "%s" is reserved.' % id) # Don't allow ids used by Method Aliases. ti = self.getTypeInfo() if ti and ti.queryMethodID(id, context=self): raise BadRequest('The id "%s" is reserved.' % id)
def render(self): """Render a tile after removing an object from it.""" tile_type = self.request.form.get('tile-type') tile_id = self.request.form.get('tile-id') uid = self.request.form.get('uid') if tile_type and tile_id and uid: tile = self.context.restrictedTraverse('{0}/{1}'.format( tile_type, tile_id)) if isinstance(tile, ListTile): tile.remove_item(uid) return tile() else: raise BadRequest('Invalid parameters')
def _checkId(self, id, allow_dup=0): PortalFolderBase.inheritedAttribute('_checkId')(self, id, allow_dup) if allow_dup: return # FIXME: needed to allow index_html for join code if id == 'index_html': return # Another exception: Must allow "syndication_information" to enable # Syndication... if id == 'syndication_information': return # IDs starting with '@@' are reserved for views. if id[:2] == '@@': raise BadRequest('The id "%s" is invalid because it begins with ' '"@@".' % id)
def render(self): """Render a tile after populating it with an object.""" tile_type = self.request.form.get('tile-type') tile_id = self.request.form.get('tile-id') uid = self.request.form.get('uid') if tile_type and tile_id and uid: catalog = api.portal.get_tool('portal_catalog') results = catalog(UID=uid) if results: obj = results[0].getObject() tile = self.context.restrictedTraverse('{0}/{1}'.format( tile_type, tile_id)) tile.populate_with_object(obj) # reinstantiate the tile to update its content on AJAX calls tile = self.context.restrictedTraverse('{0}/{1}'.format( tile_type, tile_id)) return tile() else: raise BadRequest('Invalid parameters')
def manage_addTypeInformation(self, add_meta_type, id=None, typeinfo_name=None, RESPONSE=None): """Create a TypeInformation in self. """ # BBB: typeinfo_name is ignored import Products if not id: raise BadRequest('An id is required.') for mt in Products.meta_types: if mt['name'] == add_meta_type: klass = mt['instance'] break else: raise ValueError('Meta type %s is not a type class.' % add_meta_type) id = str(id) ob = klass(id) self._setObject(id, ob) if RESPONSE is not None: RESPONSE.redirect('%s/manage_main' % self.absolute_url())
pms = api.portal.get_tool('portal_membership') pgr = api.portal.get_tool('portal_groups') registration = api.portal.get_tool('portal_registration') ORGANIZATIONS = get_organizations() for row in reader: row_id = normalizeString(row['username'], self) # add users if not exist if row_id not in [ud['userid'] for ud in acl.searchUsers()]: pms.addMember(row_id, row['password'], ('Member', ), []) member = pms.getMemberById(row_id) properties = {'fullname': row['fullname'], 'email': row['email']} failMessage = registration.testPropertiesValidity( properties, member) if failMessage is not None: raise BadRequest(failMessage) member.setMemberProperties(properties) out.append("User '%s' is added" % row_id) else: out.append("User %s already exists" % row_id) # attribute roles group_title = safe_unicode(row['grouptitle']) org_id = normalizeString(group_title, self) for organization in ORGANIZATIONS: if normalized_org_titles_equals(organization.Title(), group_title): org_id = organization.id org_uid = org_id_to_uid(org_id) plone_groups = []