class ValidationRequestForm(AutoExtensibleForm, form.Form): schema = ValidationRequestFormSchema enableCSRFProtection = True @button.buttonAndHandler(_(u"Validate access")) def validateAccess(self, action): data, errors = self.extractData() rid = data.get("requestaccessid") status = IStatusMessage(self.request) if rid is None: status.add(_(u"You must provide a request ID")) else: self.manager = self.context.restrictedTraverse("request_manager") self.manager.validate(rid) status.add(_(u"The request has been validated")) if not hasattr(self, 'next_url'): self.next_url = self.context.absolute_url() self.request.response.redirect(self.next_url) @button.buttonAndHandler(_(u"Refuse access")) def RefuseAccess(self, action): data, errors = self.extractData() rid = data.get("requestaccessid") status = IStatusMessage(self.request) if rid is None: status.add(_(u"You must provide a request ID")) else: self.manager = self.context.restrictedTraverse("request_manager") self.manager.refuse(rid) status.add(_(u"The request has been refused")) self.request.response.redirect(self.next_url)
class ValidationInvitationForm(AutoExtensibleForm, form.Form): schema = ValidationRequestFormSchema enableCSRFProtection = True def getContent(self): return {} @button.buttonAndHandler(_(u"Accept access")) def acceptAccess(self, action): data, errors = self.extractData() rid = data.get("requestaccessid") status = IStatusMessage(self.request) if rid is None: status.add(_(u"You must provide a request ID")) else: self.manager = self.context.restrictedTraverse("request_manager") self.manager.validate(rid) status.add(_(u"You have accepted the invitation")) self.request.response.redirect(self.next_url) @button.buttonAndHandler(_(u"Decline access")) def declineAccess(self, action): data, errors = self.extractData() rid = data.get("requestaccessid") status = IStatusMessage(self.request) if rid is None: status.add(_(u"You must provide a request ID")) else: self.manager = self.context.restrictedTraverse("request_manager") self.manager.refuse(rid) status.add(_(u"You have declined access")) self.request.response.redirect(self.next_url)
class Settings(interface.Interface): """addon settings""" roles = schema.List( title=_(u"Roles"), value_type=schema.Choice( title=_(u"Role"), vocabulary="plone.app.vocabularies.Roles" ), )
def declineAccess(self, action): data, errors = self.extractData() rid = data.get("requestaccessid") status = IStatusMessage(self.request) if rid is None: status.add(_(u"You must provide a request ID")) else: self.manager = self.context.restrictedTraverse("request_manager") self.manager.refuse(rid) status.add(_(u"You have declined access")) self.request.response.redirect(self.next_url)
def validateAccess(self, action): data, errors = self.extractData() rid = data.get("requestaccessid") status = IStatusMessage(self.request) if rid is None: status.add(_(u"You must provide a request ID")) else: self.manager = self.context.restrictedTraverse("request_manager") self.manager.validate(rid) status.add(_(u"The request has been validated")) if not hasattr(self, 'next_url'): self.next_url = self.context.absolute_url() self.request.response.redirect(self.next_url)
def requestAccess(self, action): data, errors = self.extractData() role = data.get('role') manager = self.context.restrictedTraverse("@@request_manager") request = manager.create() request.role = role status = IStatusMessage(self.request) if manager.add(request): msg = _(u"Your request has been saved. It's now under review") status.add(msg) else: status.add(_(u"Invitation or request already exists."), type='error') self.request.response.redirect(self.context.absolute_url())
class InvitationForm(AutoExtensibleForm, form.Form): schema = InvitationFormSchema enableCSRFProtection = True @button.buttonAndHandler(_(u"Propose access")) def proposeAccess(self, action): data, errors = self.extractData() status = IStatusMessage(self.request) self.manager = self.context.restrictedTraverse("request_manager") validated = [] for userid in data['userids']: request = self.manager.create() request.userid = userid request.role = "Contributor" request.rtype = "invitation" res = self.manager.add(request) validated.append(res) if False in validated: status.add(_(u"Invitation or request already exists.")) else: status.add(_(u"Invitation sent")) self.request.response.redirect(self.context.absolute_url()) @property def label(self): return _(u"Propose access on ${title}", mapping={"title": self.context.Title().decode('utf-8')})
def proposeAccess(self, action): data, errors = self.extractData() status = IStatusMessage(self.request) self.manager = self.context.restrictedTraverse("request_manager") validated = [] for userid in data['userids']: request = self.manager.create() request.userid = userid request.role = "Contributor" request.rtype = "invitation" res = self.manager.add(request) validated.append(res) if False in validated: status.add(_(u"Invitation or request already exists.")) else: status.add(_(u"Invitation sent")) self.request.response.redirect(self.context.absolute_url())
def handleCancel(self, action): if self.request.response.getStatus() in (302, 303): return data, errors = self.extractData() self.manager = self.context.restrictedTraverse("request_manager") rid = data.get("requestaccessid") self.manager.remove(rid) status = IStatusMessage(self.request) message = _(u"Your request has been canceled") status.add(message) self.request.response.redirect(self.next_url)
class RequestSchema(form.Schema): """Request your access to a group""" id = schema.ASCIILine(title=_(u"ID")) rtype = schema.Choice( title=_(u"Type of request"), vocabulary="collective.requestaccess.vocabulary.rtypes" ) creatorid = schema.ASCIILine(title=_(u"Creator ID")) userid = schema.ASCIILine(title=_(u"User ID")) target = schema.ASCIILine(title=_(u"Target UUID")) target_path = schema.List( title=_(u"Target Path"), value_type=schema.ASCIILine(title=_(u"Target path part")), ) target_title = schema.ASCIILine(title=_(u"Target title")) role = schema.Choice( title=_(u"Role"), vocabulary="collective.requestaccess.vocabulary.roles" )
class CancelRequestForm(AutoExtensibleForm, form.Form): schema = CancelRequestFormSchema enableCSRFProtection = True @button.buttonAndHandler(_(u"Cancel")) def handleCancel(self, action): if self.request.response.getStatus() in (302, 303): return data, errors = self.extractData() self.manager = self.context.restrictedTraverse("request_manager") rid = data.get("requestaccessid") self.manager.remove(rid) status = IStatusMessage(self.request) message = _(u"Your request has been canceled") status.add(message) self.request.response.redirect(self.next_url)
def validate(self, rid): """Validate the request and add localrole. Security: A user can not validate a request for himself """ self.update() request = self.container[rid] if request.creatorid == self.memberid: msg = _(u"You can 't validate your own request") IStatusMessage(self.request).add(msg) return self._validate_sudo(request) #delete the request event.notify(RequestValidatedEvent(self.container[rid])) self.remove(rid)
class AddRequestForm(AutoExtensibleForm, form.Form): schema = AddRequestFormSchema enableCSRFProtection = True @button.buttonAndHandler(_(u"Request access")) def requestAccess(self, action): data, errors = self.extractData() role = data.get('role') manager = self.context.restrictedTraverse("@@request_manager") request = manager.create() request.role = role status = IStatusMessage(self.request) if manager.add(request): msg = _(u"Your request has been saved. It's now under review") status.add(msg) else: status.add(_(u"Invitation or request already exists."), type='error') self.request.response.redirect(self.context.absolute_url()) @property def label(self): return _(u"Request access on ${title}", mapping={"title": self.context.Title().decode('utf-8')})
def RequestTypes(context): return SimpleVocabulary([ SimpleTerm("request", "request", _(u"Request")), SimpleTerm("invitation", "invitation", _(u"Invitation")), ])
def label(self): return _(u"Propose access on ${title}", mapping={"title": self.context.Title().decode('utf-8')})
def label(self): return _(u"Request access on ${title}", mapping={"title": self.context.Title().decode('utf-8')})
class InvitationFormSchema(model.Schema): # userid = schema.ASCIILine(title=_(u"User ID")) directives.widget('userids', SelectFieldWidget, multiple="multiple") userids = schema.List(title=_(u"Users"), value_type=schema.Choice( vocabulary="collective.rcse.vocabulary.members"))
class CancelRequestFormSchema(model.Schema): requestaccessid = schema.ASCIILine(title=_(u"Request ID"))
class ValidationRequestFormSchema(model.Schema): requestaccessid = schema.ASCIILine(title=_(u"Request ID"))
class AddRequestFormSchema(model.Schema): role = schema.Choice( title=_(u"Role"), vocabulary="collective.requestaccess.vocabulary.roles")