@rest.dispatch_on(GET="invitation") def accept_invitation(self, id): db = request.environ["sqlalchemy.session"] model = request.environ["sqlalchemy.model"] try: invitation = db.query(model.BalanceInvitation).filter_by(token=id).one() except: return render_jinja("balances/invitation/invalid.jinja") user = db.query(model.AuthenticatedUser).filter_by(uid=h.authenticated_user().uid).one() user_balance = ( db.query(model.UserBalance) .filter_by(user_uid=user.uid) .filter_by(balance_uid=invitation.balance.uid) .first() ) if user_balance is None: user_balance = model.UserBalance(writable=True) invitation.balance.users.append(user_balance) user.balances.append(user_balance) db.flush() db.delete(invitation) db.commit() return redirect_to(action="index", id=None) # Require admin group for all requests BalancesController = middleware(BalancesController(), ValidAuthKitUser())
return { "id" : ec.uid } @rest.restrict("POST") @jsonify def edit_many(self): db = request.environ['sqlalchemy.session'] model = request.environ['sqlalchemy.model'] modified = [] if not request.params.has_key('uids'): return { "failure": Messages.invalidArguments() } for uid in request.params.getall("uids"): try: ec = db.query(model.ExpenseCategory).filter_by(uid=uid).one() name = request.params.get('name_%s' % (uid)) if not name: continue ec.name = name db.commit() modified.append({"uid" : uid}) except: # if it fails just skip it and go for next continue return modified ExpenseCategoriesController = middleware(ExpenseCategoriesController(), ValidAuthKitUser())
# -*- coding: utf-8 -*- import logging from authkit.authorize import middleware from authkit.permissions import HasAuthKitGroup from fivecents.lib.base import * log = logging.getLogger(__name__) class SettingsController(BaseController): def index(self): redirect_to(h.url_for(action='mailhost')) def mailhost(self): return render_jinja('admin/settings/mailhost.jinja') @pagination def change_categories(self): return render_jinja('admin/settings/change_categories.jinja') # Require admin group for all requests SettingsController = middleware(SettingsController(), HasAuthKitGroup(groups=["administrators"]))
db.commit() return { "id" : ic.uid } @rest.restrict("POST") @jsonify def edit_many(self): model = request.environ["sqlalchemy.model"] db = request.environ["sqlalchemy.session"] modified = [] if not request.params.has_key('uids'): return { "failure": Messages.invalidArguments() } for uid in request.params.getall("uids"): try: ec = db.query(model.IncomeCategory).filter_by(uid=uid).one() name = request.params['name_%s' % (uid)] if name == "": continue ec.name = name db.commit() modified.append({"uid" : uid}) except: # if it fails just skip it and go for next continue return modified IncomeCategoriesController = middleware(IncomeCategoriesController(), ValidAuthKitUser())
def check(self, app, environ, start_response): for permission in self.permissions: app = middleware(app, permission) #raise Exception(app, self.permissions) return app(environ, start_response)
@pagination def list(self): dbFacade = DbFacade(self.get_sa_session(), self.get_sa_model()) sort = { "username": dbFacade.model.AuthenticatedUser.username, "screenname": dbFacade.model.AuthenticatedUser.screenname, "email": dbFacade.model.AuthenticatedUser.email, "created_on": dbFacade.model.AuthenticatedUser.created_on, }.get(request.params.get("sort", "username"), dbFacade.model.AuthenticatedUser.username) users = dbFacade.db.query(dbFacade.model.AuthenticatedUser) \ .order_by([request.params.get("dir", "asc") == "desc" and sort.desc() or sort.asc()]).all() total = len(users) subset = Page(users, item_count=total, current_index=request.environ['pagination.startIndex'], items_per_page=request.environ['pagination.results']) return { "totalItems" : total, "itemsFound" : len(subset), "items" : [{ "username" : item.username, "uid" : item.uid, "screenname" : item.screenname, "email" : item.email, "created_on" : item.created_on} for item in subset ] } AuthenticatedUsersController = middleware(AuthenticatedUsersController(), HasAuthKitGroup(groups=["administrators"]))
} @rest.restrict("GET") @jsonify def income_categories(self, id): db = request.environ['sqlalchemy.session'] model = request.environ['sqlalchemy.model'] try: categories = db.execute(select([model.IncomeCategory.name, func.sum(model.BalanceChange.c.amount).label('amount_sum')], and_( model.balance_changes_table.c.balance_uid == id, model.balance_changes_table.c.occurred_on >= date(datetime.utcnow().year, datetime.utcnow().month, 1), model.balance_changes_table.c.is_income == True), from_obj=[model.income_categories_table.join(model.balance_changes_table)], group_by=[model.income_categories_table.c.name])).fetchall() maxValue = 0 for category in categories: if category[1] > maxValue: maxValue = category[1] except Exception, e: response.status_code = 400 return Messages.failedToRead(exception=e) return { "itemsFound" : len(categories), "maxValue" : maxValue, "items" : [{ "value" : str(category[1]), "label": category[0]} for category in categories ] } ChartsController = middleware(ChartsController(), ValidAuthKitUser())
@validate(schema=ScreennameFormSchema(), form='screenname') def screenname(self): if 'POST' == request.method.upper() and not hasattr(c, 'form_errors'): db = request.environ['sqlalchemy.session'] model = request.environ['sqlalchemy.model'] au = db.query(model.AuthenticatedUser).filter_by(uid=h.authenticated_user().uid).one() au.screenname = self.form_result['screenname'] db.commit() h.authenticated_user(reload=True) return redirect_to(h.url_for(action='index')) c.account = h.authenticated_user() return render_jinja('account/screenname.jinja') @rest.dispatch_on(POST='save_password') def password(self): return render_jinja('account/changepassword.jinja') @validate(schema=ChangePasswordFormSchema, form='password') @rest.dispatch_on(GET='password') def save_password(self): request.environ['authkit.users'].user_set_password(h.authenticated_user().username, self.form_result['password']) request.environ['sqlalchemy.session'].commit() h.authenticated_user(reload=True) return redirect_to(h.url_for(action='index')) # Require admin group for all requests AccountController = middleware(AccountController(), ValidAuthKitUser())
except: return { "failure": Messages.invalidArguments() } try: stock.buy = asbool(request.params['buy']) except: return { "failure": Messages.invalidArguments() } try: with localcontext() as ctx: ctx.prec = 2 stock.price = h.parse_decimal(request.params['price']) except: log.error("Invalid number: %s" % request.params.get('amount'), exc_info=1) return { "failure": Messages.invalidCurrencyFormat() } try: stock.occurred_on = h.parse_date(request.params['occurred_on']) except: return { "failure": Messages.invalidDate() } if stock.user is None: stock.user = h.authenticated_user() self.dbFacade().stocks.changeDao.save(stock) self.dbFacade().db.commit() return { "id" : stock.uid } StocksController = middleware(StocksController(), ValidAuthKitUser())
return { "id" : ec.uid } @rest.restrict("POST") @jsonify def edit_many(self): db = self.get_sa_session() model = self.get_sa_model() modified = [] if not request.params.has_key('uids'): return { "failure": Messages.invalidArguments() } for uid in request.params.getall("uids"): try: ec = db.query(model.ChangeCategory).filter_by(uid=uid).one() name = request.params.get('name_%s' % (uid)) if not name: continue ec.name = name db.commit() modified.append({"uid" : uid}) except: # if it fails just skip it and go for next continue return modified ChangeCategoriesController = middleware(ChangeCategoriesController(), ValidAuthKitUser())