def assign_role_owner_to_login(context): """Assign bungeni.Owner role on context to the currently logged in user. """ current_user_login = get_principal_id() log.debug("assign_role_owner_to_login [%s] user:%s" % ( context, current_user_login)) assign_role("bungeni.Owner", current_user_login, context)
def user_is_context_owner(context): """Test if current user is the context owner e.g. to check if someone manipulating the context object is other than the owner of the object. """ user_login = get_principal_id() owner_login = utils.get_owner_login_pi(context) return user_login == owner_login
def user_is_context_owner(context): """Test if current user is the context owner e.g. to check if someone manipulating the context object is other than the owner of the object. """ user_id = get_principal_id() owner_id = getOwnerId(context) return user_id==owner_id
def assign_role_owner_to_login(context): """Assign bungeni.Owner role on context to the currently logged in user. """ current_user_login = get_principal_id() log.debug("assign_role_owner_to_login [%s] user:%s" % (context, current_user_login)) assign_role("bungeni.Owner", current_user_login, context)
def _bill_create(info, context): utils.setParliamentId(info, context) user_id = model_utils.get_principal_id() if not user_id: user_id = "-" zope.securitypolicy.interfaces.IPrincipalRoleMap(context).assignRoleToPrincipal("bungeni.Owner", user_id) owner_id = utils.getOwnerId(context) if owner_id and (owner_id != user_id): zope.securitypolicy.interfaces.IPrincipalRoleMap(context).assignRoleToPrincipal("bungeni.Owner", owner_id)
def _address_create(info, context): # !+OWNER_ADDRESS(mr, mov-2010) is this logic correct, also for admin? try: user_id = dbutils.get_user_login(context.user_id) except AttributeError: # 'GroupAddress' object has no attribute 'user_id' user_id = model_utils.get_principal_id() if user_id: zope.securitypolicy.interfaces.IPrincipalRoleMap(context).assignRoleToPrincipal(u"bungeni.Owner", user_id)
def _address_create(info, context): # !+OWNER_ADDRESS(mr, mov-2010) is this logic correct, also for admin? try: user_login = dbutils.get_user_login(context.user_id) except AttributeError: # 'GroupAddress' object has no attribute 'user_id' user_login = model_utils.get_principal_id() if user_login: utils.assign_owner_role(context, user_login)
def create(info, context): # !+OWNER_ADDRESS(mr, mov-2010) is this logic correct, also for admin? try: user_id = dbutils.get_user_login(context.user_id) except AttributeError: # 'GroupAddress' object has no attribute 'user_id' user_id = model_utils.get_principal_id() if user_id: zope.securitypolicy.interfaces.IPrincipalRoleMap( context).assignRoleToPrincipal(u"bungeni.Owner", user_id)
def create( info, context ): user_id = get_principal_id() if not user_id: user_id ='-' zope.securitypolicy.interfaces.IPrincipalRoleMap( context ).assignRoleToPrincipal( u'bungeni.Owner', user_id) utils.setParliamentId(info, context) owner_id = utils.getOwnerId( context ) if owner_id and (owner_id != user_id): zope.securitypolicy.interfaces.IPrincipalRoleMap( context ).assignRoleToPrincipal( u'bungeni.Owner', owner_id)
def setBungeniOwner(context): user_id = get_principal_id() if not user_id: user_id = "-" owner_id = getOwnerId(context) log.debug("setBungeniOwner [%s] user_id:%s owner_id:%s" % (context, user_id, owner_id)) if user_id: IPrincipalRoleMap(context).assignRoleToPrincipal(u"bungeni.Owner", user_id) if owner_id and (owner_id != user_id): IPrincipalRoleMap(context).assignRoleToPrincipal(u"bungeni.Owner", owner_id)
def _objectChanged(self, change_kind, object, description="", notes=None, date_active=None): """ description: this is a non-localized string as base description of the log item, offers a (building block) for the description of this log item. UI components may use this in any of the following ways: - AS IS, optionally localized - as a building block for an elaborated description e.g. for generating descriptions that are hyperlinks to an event or version objects - ignore it entirely, and generate a custom description via other means e.g. from the "notes" extras dict. notes: a python dict, containing "extra" information about the log item; the entries in this dict are a function of the "change_kind". It is serialized for storing in the db. For specific examples, see: "workflow": self.objectStateChanged() "new-version": self.objectNewVersion() date_active: the UI for some changes allow the user to manually set the date_active -- this is what should be used as the *effective* date i.e. the date to be used for all intents and purposes other than for data auditing. When not user-modified, the value should be equal to date_audit. """ oid, otype = self._getKey(object) user_id = get_principal_id() assert user_id is not None, _("No IRequest in interaction") session = Session() change = self.change_object() change.action = change_kind change.date_audit = datetime.now() if date_active: change.date_active = date_active else: change.date_active = change.date_audit change.user_id = user_id change.description = description if notes: change.notes = repr(notes) else: change.notes = None change.content_type = otype change.origin = object session.add(change) session.flush() return change.change_id
def setBungeniOwner(context): user_id = get_principal_id() if not user_id: user_id = "-" owner_id = getOwnerId(context) log.debug("setBungeniOwner [%s] user_id:%s owner_id:%s" % ( context, user_id, owner_id)) if user_id: IPrincipalRoleMap(context).assignRoleToPrincipal(u'bungeni.Owner', user_id) if owner_id and (owner_id!=user_id): IPrincipalRoleMap(context).assignRoleToPrincipal(u'bungeni.Owner', owner_id)
def create(info, context): user_id = get_principal_id() if not user_id: user_id = '-' zope.securitypolicy.interfaces.IPrincipalRoleMap( context).assignRoleToPrincipal(u'bungeni.Owner', user_id) utils.setParliamentId(info, context) owner_id = utils.getOwnerId(context) if owner_id and (owner_id != user_id): zope.securitypolicy.interfaces.IPrincipalRoleMap( context).assignRoleToPrincipal(u'bungeni.Owner', owner_id)
def assign_owner_role_pi(context): """Assign bungeni.Owner role to the ParliamentaryItem. """ current_user_login = get_principal_id() owner_login = get_owner_login_pi(context) log.debug("assign_owner_role_pi [%s] user:%s owner:%s" % ( context, current_user_login, owner_login)) if current_user_login: assign_owner_role(context, current_user_login) if owner_login and (owner_login != current_user_login): assign_owner_role(context, owner_login)
def assign_owner_role_pi(context): """Assign bungeni.Owner role to the ParliamentaryItem. """ current_user_login = get_principal_id() owner_login = get_owner_login_pi(context) log.debug("assign_owner_role_pi [%s] user:%s owner:%s" % (context, current_user_login, owner_login)) if current_user_login: assign_owner_role(context, current_user_login) if owner_login and (owner_login != current_user_login): assign_owner_role(context, owner_login)
def _bill_create(info, context): utils.setParliamentId(info, context) user_id = model_utils.get_principal_id() if not user_id: user_id = "-" zope.securitypolicy.interfaces.IPrincipalRoleMap( context).assignRoleToPrincipal("bungeni.Owner", user_id) owner_id = utils.getOwnerId(context) if owner_id and (owner_id != user_id): zope.securitypolicy.interfaces.IPrincipalRoleMap( context).assignRoleToPrincipal("bungeni.Owner", owner_id)
def __call__(self, form, action, data): """Save data, make version and fire transition. Redirects to the ``next_url`` location. """ result = handle_edit_action(form, action, data) if form.errors: return result else: context = getattr(form.context, "_object", form.context) log.debug(""" TransitionHandler.__call__() form=%s action=(name=%s, label=%s) data=%s principal_id=%s context=%s transition_id=%s result=%s next_url=%s current_url=%s """ % (form, action.label, action.name, data, get_principal_id(), context, self.transition_id, result, form.next_url, form.request.getURL()) ) # dress-up transition data object data.setdefault("note", data.get("note", "")) data.setdefault("date_active", data.get("date_active", None)) data.setdefault("registry_number", data.get("registry_number", "")) reg_number = data.get("registry_number","") if reg_number: unproxied_context = removeSecurityProxy(context) unproxied_context.registry_number = reg_number # !+ because WorkflowController API e.g. fireTransition(), ONLY # foresees for a comment attribute as additional data, we bypass # using that altogether, and pass it along downstream by stuffing # onto the request IAnnotations(form.request)["change_data"] = data interfaces.IWorkflowController(context).fireTransition( self.transition_id) # NOTE: for some reason form.next_url is (always?) None -- # in which case we redirect to HTTP_REFERER instead. next_url = form.next_url if next_url is None: next_url = form.request["HTTP_REFERER"] log.error(" TransitionHandler.__call__() => CANNOT redirect to " "next_url [None]... will try instead to redirect to " "HTTP_REFERER [%s]" % (next_url,)) return form.request.response.redirect(next_url)
def __call__(self, form, action, data): """Stuff additional form transition field values onto the request, and fire transition (context.status will be modified as a result of that). Redirects to the ``next_url`` location. """ context = getattr(form.context, "_object", form.context) log.debug(""" TransitionHandler.__call__() form=%s action=(name=%s, label=%s) data=%s principal_id=%s context=%s transition_id=%s next_url=%s current_url=%s """ % (form, action.label, action.name, data, get_principal_id(), context, self.transition_id, form.next_url, form.request.getURL()) ) # dress-up transition data object data.setdefault("note", data.get("note", "")) data.setdefault("date_active", data.get("date_active", None)) data.setdefault("registry_number", data.get("registry_number", "")) # !+registry_number(mr, feb-2012) should be within a workflow action? reg_number = data.get("registry_number", "") if reg_number: unproxied_context = removeSecurityProxy(context) unproxied_context.registry_number = reg_number # !+ because WorkflowController API e.g. fireTransition(), ONLY # foresees for a comment attribute as additional data, we bypass # using that altogether, and pass it along downstream by stuffing # onto the request IAnnotations(form.request)["change_data"] = data interfaces.IWorkflowController(context).fireTransition( self.transition_id) # NOTE: for some reason form.next_url is (always?) None -- # in which case we redirect to HTTP_REFERER instead. next_url = form.next_url if next_url is None: next_url = form.request["HTTP_REFERER"] log.error(" TransitionHandler.__call__() => CANNOT redirect to " "next_url [None]... will try instead to redirect to " "HTTP_REFERER [%s]" % (next_url,)) return form.request.response.redirect(next_url)
def create(info, context): """ create a question -> state.draft, grant all rights to owner deny right to add supplementary questions. """ print "QUESTION CREATE:", info, context utils.setQuestionDefaults(info, context) user_id = get_principal_id() if user_id: zope.securitypolicy.interfaces.IPrincipalRoleMap(context ).assignRoleToPrincipal( u'bungeni.Owner', user_id) owner_id = utils.getOwnerId(context) print " ", user_id, owner_id if owner_id and (owner_id != user_id): zope.securitypolicy.interfaces.IPrincipalRoleMap(context ).assignRoleToPrincipal(u'bungeni.Owner', owner_id)
def __call__(self, form, action, data): """Save data, make version and fire transition. Redirects to the ``next_url`` location. """ context = getattr(form.context, "_object", form.context) if self.wf_name: info = component.getAdapter(context, interfaces.IWorkflowInfo, self.wf_name) else: info = interfaces.IWorkflowInfo(context) result = handle_edit_action(form, action, data) # if form.errors: return result else: # NOTE: for some reason form.next_url is (always?) None -- # for when it is None, we redirect to HTTP_REFERER instead. log.debug(""" TransitionHandler.__call__() form=%s action=(name=%s, label=%s) data=%s principal_id=%s context=%s transition_id=%s result=%s next_url=%s current_url=%s """ % (form, action.label, action.name, data, get_principal_id(), context, self.transition_id, result, form.next_url, form.request.getURL())) # dress-up transition data object data.setdefault("note", data.get("note", "")) data.setdefault("date_active", data.get("data_active", None)) # and because WorkflowInfo API e.g. fireTransition(), ONLY # foresees for a comment attribute as additional data, we bypass # using that altogether, and pass it along downstream by stuffing # onto the request IAnnotations(form.request)["change_data"] = data info.fireTransition(self.transition_id) next_url = form.next_url if next_url is None: next_url = form.request["HTTP_REFERER"] log.error( " TransitionHandler.__call__() => CANNOT redirect to " "next_url [None]... will try instead to redirect to " "HTTP_REFERER [%s]" % (next_url, )) return form.request.response.redirect(next_url)
def __call__(self, form, action, data): """Save data, make version and fire transition. Redirects to the ``next_url`` location. """ context = getattr(form.context, "_object", form.context) if self.wf_name: info = component.getAdapter( context, interfaces.IWorkflowInfo, self.wf_name) else: info = interfaces.IWorkflowInfo(context) result = handle_edit_action(form, action, data) # if form.errors: return result else: # NOTE: for some reason form.next_url is (always?) None -- # for when it is None, we redirect to HTTP_REFERER instead. log.debug(""" TransitionHandler.__call__() form=%s action=(name=%s, label=%s) data=%s principal_id=%s context=%s transition_id=%s result=%s next_url=%s current_url=%s """ % (form, action.label, action.name, data, get_principal_id(), context, self.transition_id, result, form.next_url, form.request.getURL())) # dress-up transition data object data.setdefault("note", data.get("note", "")) data.setdefault("date_active", data.get("data_active", None)) # and because WorkflowInfo API e.g. fireTransition(), ONLY # foresees for a comment attribute as additional data, we bypass # using that altogether, and pass it along downstream by stuffing # onto the request IAnnotations(form.request)["change_data"] = data info.fireTransition(self.transition_id) next_url = form.next_url if next_url is None: next_url = form.request["HTTP_REFERER"] log.error(" TransitionHandler.__call__() => CANNOT redirect to " "next_url [None]... will try instead to redirect to " "HTTP_REFERER [%s]" % (next_url,)) return form.request.response.redirect(next_url)
def __call__(self): body_text = self.request.form['body_text'] session = Session() report = domain.Report() start_date = self.request.form['start_date'] end_date = self.request.form['end_date'] report.start_date = start_date report.end_date = end_date report.created_date = datetime.datetime.now() report.note = self.request.form['note'] report.report_type = self.request.form['report_type'] report.body_text = body_text report.user_id = get_principal_id() report.group_id = self.context.group_id report.language = "en" session.add(report) if self.request.form['single'] == "False": self.sitting_items = self.get_sittings_items(start_date, end_date) else: self.sitting_items = [] st = self.context.sitting_id sitting = session.query(domain.GroupSitting).get(st) self.sitting_items.append(sitting) for sitting in self.sitting_items: sr = domain.SittingReport() sr.report = report sr.sitting = sitting session.add(sr) session.flush() rpm = zope.securitypolicy.interfaces.IRolePermissionMap(report) rpm.grantPermissionToRole(u'zope.View', 'bungeni.Anybody') if IGroupSitting.providedBy(self.context): back_link = './schedule' elif ISchedulingContext.providedBy(self.context): back_link = './' else: raise NotImplementedError self.request.response.redirect(back_link)
def is_owner(self): return ((model_utils.get_prm_owner_principal_id(self.context) == model_utils.get_principal_id()) or model_utils.get_db_user() == self.context.owner)
def create(info, context): user_id = get_principal_id() if user_id: zope.securitypolicy.interfaces.IPrincipalRoleMap( context).assignRoleToPrincipal(u'bungeni.Owner', user_id)
def _group_create(info, context): user_id = model_utils.get_principal_id() if user_id: zope.securitypolicy.interfaces.IPrincipalRoleMap(context).assignRoleToPrincipal(u"bungeni.Owner", user_id)
def is_owner(self): return ( (model_utils.get_prm_owner_principal_id(self.context) == model_utils.get_principal_id() ) or model_utils.get_db_user() == self.context.owner )
def _objectChanged(self, change_kind, object, description="", extras=None, date_active=None): """ description: this is a non-localized string as base description of the log item, offers a (building block) for the description of this log item. UI components may use this in any of the following ways: - AS IS, optionally localized - as a building block for an elaborated description e.g. for generating descriptions that are hyperlinks to an event or version objects - ignore it entirely, and generate a custom description via other means e.g. from the "notes" extras dict. extras: !+CHANGE_EXTRAS(mr, dec-2010) a python dict, containing "extra" information about the log item, with the "key/value" entries depending on the change "action"; Specific examples, for acttions: workflow: self.objectStateChanged() source destination transition comment new-version: self.objectNewVersion() version_id modified: self.objectModified() comment For now, this dict is serialized (using repr(), values are assumed to be simple strings or numbers) as the value of the notes column, for storing in the db--but if and when the big picture of these extra keys is understood clearly then the changes table may be redesigned to accomodate for a selection of these keys as real table columns. date_active: the UI for some changes allow the user to manually set the date_active -- this is what should be used as the *effective* date i.e. the date to be used for all intents and purposes other than for data auditing. When not user-modified, the value should be equal to date_audit. """ oid, otype = self._getKey(object) user_id = get_principal_id() assert user_id is not None, _("No IRequest in interaction") session = Session() change = self.change_object() change.action = change_kind change.date_audit = datetime.now() if date_active: change.date_active = date_active else: change.date_active = change.date_audit change.user_id = user_id change.description = description change.extras = extras change.content_type = otype change.origin = object session.add(change) session.flush() return change.change_id
def update(self): """Refresh the query. """ # evaluate serialization of a dict, failure returns an empty dict def _eval_as_dict(s): try: d = eval(s) assert isinstance(d, dict) return d except (SyntaxError, TypeError, AssertionError): #debug.log_exc(sys.exc_info(), log_handler=log.info) return {} # !+CHANGE_EXTRAS(mr, dec-2010) # only *Change records have an extras dict (as "notes" str attr) and the # content of this depends on the value of "atype" (see core/audit.py) item_id = self.context.parliamentary_item_id self.items = [ dict(atype=action, item_id=piid, description=desc, adate=date, notes=_eval_as_dict(notes)) for action, piid, desc, date, notes in queries.execute_sql(self.sql_timeline, item_id=item_id) ] # Filter out workflow draft items for anonymous users if get_principal_id() in ("zope.anybody",): _draft_states = ("draft", "working_draft") def show_timeline_item(item): if item["atype"] == "workflow": if item["notes"].get("destination") in _draft_states: return False return True self.items = [ item for item in self.items if show_timeline_item(item) ] #change_cls = getattr(domain, "%sChange" % (self.context.__class__.__name__)) for r in self.items: # workflow if r["atype"] == "workflow": # description # the workflow transition change log stores the (unlocalized) # human title for the transition's destination workflow state # -- here we just localize what is supplied: r["description"] = _(r["description"]) # NOTE: we could elaborate an entirely custom description # from scratch e.g via interpolation of a template string: ''' if r["notes"].get("destination", ""): description = "%s %s" % ( _("some text"), _(misc.get_wf_state( self.context, r["notes"]["destination"]))) ''' # event elif r["atype"] == "event": # description r["description"] = """<a href="event/obj-%s">%s</a>""" % ( r["item_id"], _(r["description"])) # version elif r["atype"] == "version": # description try: r["description"] = """<a href="versions/obj-%s">%s</a>""" % ( r["notes"]["version_id"], _(r["description"])) except (KeyError,): # no recorded version_id, just localize what is supplied r["description"] = _(r["description"]) # path = url.absoluteURL(self.context, self.request) self.addurl = "%s/event/add" % (path)
def __call__(self): date = datetime.datetime.strptime(self.request.form['date'], '%Y-%m-%d').date() self.display_minutes = (self.request.form['display_minutes'] == "True") time_span = self.request.form['time_span'] if time_span == TIME_SPAN.daily: time_span = TIME_SPAN.daily elif time_span == TIME_SPAN.weekly: time_span = TIME_SPAN.weekly end = self.get_end_date(date, time_span) body_text = super(StoreReportView, self).__call__() sitting_items = [] for sitting in self.sitting_items: if self.display_minutes: if sitting.status in ["published-minutes"]: sitting_items.append(sitting) else: if sitting.status in [ "published-agenda", "draft-minutes", "published-minutes" ]: sitting_items.append(sitting) if len(sitting_items) == 0: referer = self.request.getHeader('HTTP_REFERER') if referer: referer = referer.split('?')[0] else: referer = "" self.request.response.redirect( referer + "?portal_status_message=No data found") return self.sitting_items = sitting_items session = Session() report = domain.Report() report.start_date = date report.end_date = end report.created_date = datetime.datetime.now() if self.display_minutes: report.report_type = 'minutes' else: report.report_type = 'agenda' report.body_text = body_text report.user_id = get_principal_id() report.group_id = self.group.group_id session.add(report) for sitting in self.sitting_items: sr = domain.SittingReport() sr.report = report sr.sitting = sitting session.add(sr) session.flush() rpm = zope.securitypolicy.interfaces.IRolePermissionMap(report) rpm.grantPermissionToRole(u'zope.View', 'bungeni.Anybody') if IGroupSitting.providedBy(self.context): back_link = ui_url.absoluteURL(self.context, self.request) + '/schedule' elif ISchedulingContext.providedBy(self.context): back_link = ui_url.absoluteURL(self.context, self.request) else: raise NotImplementedError self.request.response.redirect(back_link) session.close()
def _group_create(info, context): user_login = model_utils.get_principal_id() if user_login: utils.assign_owner_role(context, user_login)
def constructQuery(self, context): # !+get_db_user(mr, apr-2012) repeat of [utils.get_db_user()], # but here we must return a query... principal_id = utils.get_principal_id() return Session().query(domain.User).filter( domain.User.login == principal_id)
def update(self): """Refresh the query. """ # evaluate serialization of a dict, failure returns an empty dict def _eval_as_dict(s): try: d = eval(s) assert isinstance(d, dict) return d except (SyntaxError, TypeError, AssertionError): #debug.log_exc(sys.exc_info(), log_handler=log.info) return {} # NOTE: only *Change records have a "notes" dict attribute and the # content of this depends on the value of "atype" (see core/audit.py) item_id = self.context.parliamentary_item_id self.results = [ dict(atype=action, item_id=piid, description=desc, adate=date, notes=_eval_as_dict(notes)) for action, piid, desc, date, notes in queries.execute_sql(self.sql_timeline, item_id=item_id) ] # Filter out workflow draft items for anonymous users if get_principal_id() in ("zope.anybody", ): _draft_states = ("draft", "working_draft") def show_timeline_item(result): if result["atype"] == "workflow": if result["notes"].get("destination") in _draft_states: return False return True self.results = [ result for result in self.results if show_timeline_item(result) ] #change_cls = getattr(domain, "%sChange" % (self.context.__class__.__name__)) for r in self.results: # workflow if r["atype"] == "workflow": # description # the workflow transition change log stores the (unlocalized) # human title for the transition's destination workflow state # -- here we just localize what is supplied: r["description"] = _(r["description"]) # NOTE: we could elaborate an entirely custom description # from scratch e.g via interpolation of a template string: ''' if r["notes"].get("destination", ""): description = "%s %s" % ( _("some text"), _(misc.get_wf_state( self.context, r["notes"]["destination"]))) ''' # event elif r["atype"] == "event": # description r["description"] = """<a href="event/obj-%s">%s</a>""" % ( r["item_id"], _(r["description"])) # version elif r["atype"] == "version": # description try: r["description"] = """<a href="versions/obj-%s">%s</a>""" % ( r["notes"]["version_id"], _(r["description"])) except (KeyError, ): # no recorded version_id, just localize what is supplied r["description"] = _(r["description"]) # path = url.absoluteURL(self.context, self.request) self.addurl = '%s/event/add' % (path)
def create(info, context): user_id = get_principal_id() if user_id: zope.securitypolicy.interfaces.IPrincipalRoleMap( context ).assignRoleToPrincipal( u'bungeni.Owner', user_id)