def change_language_request(req):
language = req.args.get("change_language")
if language:
# change language cookie if language is configured
switch_language(req, language)
params = req.args.copy()
del params["change_language"]
req.request["Location"] = build_url_from_path_and_params(req.path, params)
return httpstatus.HTTP_MOVED_TEMPORARILY
def change_language_request(req):
language = req.args.get("change_language")
if language:
# change language cookie if language is configured
switch_language(req, language)
params = req.args.copy()
del params["change_language"]
req.request["Location"] = build_url_from_path_and_params(
req.path, params)
return httpstatus.HTTP_MOVED_TEMPORARILY
def show_workflow_step(self, req):
typenames = self.get("newnodetype").split(";")
wfnode = self.parents[0]
redirect = ""
message = ""
# check existence of metadata types listed in the definition of the start node
mdts = q(Metadatatypes).one()
for schema in typenames:
if not mdts.children.filter_by(name=schema.strip().split("/")[-1]).scalar():
return ('<i>%s: %s </i>') % (schema, t(lang(req), "permission_denied"))
if "workflow_start" in req.params:
switch_language(req, req.params.get('workflow_language'))
content_class = Node.get_class_for_typestring(req.params.get('selected_schema').split('/')[0])
node = content_class(name=u'', schema=req.params.get('selected_schema').split('/')[1])
self.children.append(node)
# create user group named '_workflow' if it doesn't exist
workflow_group = q(UserGroup).filter_by(name=u'_workflow').scalar()
if workflow_group is None:
workflow_group = UserGroup(name=u'_workflow', description=u'internal dummy group for nodes in workflows')
db.session.add(workflow_group)
# create access rule with '_workflow' user group
workflow_rule = get_or_add_access_rule(group_ids=[workflow_group.id])
special_access_ruleset = node.get_or_add_special_access_ruleset(ruletype=u'read')
special_access_ruleset.rule_assocs.append(AccessRulesetToRule(rule=workflow_rule))
node.set("creator", "workflow-" + self.parents[0].name)
node.set("creationtime", date.format_date())
node.set("system.wflanguage", req.params.get('workflow_language', req.Cookies.get('language')))
node.set("key", mkKey())
node.set("system.key", node.get("key")) # initial key identifier
req.session["key"] = node.get("key")
db.session.commit()
return self.forwardAndShow(node, True, req)
elif "workflow_start_auth" in req.params: # auth node by id and key
try:
node = q(Node).get(req.params.get('nodeid'))
# startkey, but protected
if node.get('system.key') == req.params.get('nodekey') and node.get('key') != req.params.get('nodekey'):
message = "workflow_start_err_protected"
elif node.get('key') == req.params.get('nodekey'):
redirect = "/pnode?id=%s&key=%s" % (node.id, node.get('key'))
else:
message = "workflow_start_err_wrongkey"
except:
logg.exception("exception in workflow step start (workflow_start_auth)")
message = "workflow_start_err_wrongkey"
types = []
for a in typenames:
if a:
m = getMetaType(a)
# we could now check m.isActive(), but for now let's
# just take all specified metatypes, so that edit area
# and workflow are independent on this
types += [(m, a)]
cookie_error = t(lang(req), "Your browser doesn't support cookies")
js = """
<script language="javascript">
function cookie_test() {
if (document.cookie=="")
document.cookie = "CookieTest=Erfolgreich";
if (document.cookie=="") {
alert("%s");
}
}
cookie_test();
</script>""" % cookie_error
return req.getTAL("workflow/start.html",
{'types': types,
'id': self.id,
'js': js,
'starttext': self.get('starttext'),
'languages': self.parents[0].getLanguages(),
'currentlang': lang(req),
'sidebartext': self.getSidebarText(lang(req)),
'redirect': redirect,
'message': message,
'allowcontinue': self.get('allowcontinue'),
"csrf": req.csrf_token.current_token,},
macro="workflow_start")
def show_workflow_step(self, req):
typenames = self.get("newnodetype").split(";")
wfnode = self.getParents()[0]
redirect = ""
message = ""
# check existence of metadata types listed in the definition of the start node
mdts = tree.getRoot("metadatatypes")
for schema in typenames:
if not mdts.hasChild(schema.strip().split("/")[-1]):
return ("<i>%s: %s </i>") % (schema, t(lang(req), "permission_denied"))
if "workflow_start" in req.params:
switch_language(req, req.params.get("workflow_language"))
node = tree.Node(name="", type=req.params.get("selected_schema"))
self.addChild(node)
node.setAccess("read", "{user workflow}")
node.set("creator", "workflow-" + self.getParents()[0].getName())
node.set("creationtime", date.format_date())
node.set("system.wflanguage", req.params.get("workflow_language", req.session.get("language")))
node.set("key", mkKey())
node.set("system.key", node.get("key")) # initial key identifier
req.session["key"] = node.get("key")
return self.forwardAndShow(node, True, req)
elif "workflow_start_auth" in req.params: # auth node by id and key
try:
node = tree.getNode(req.params.get("nodeid"))
# startkey, but protected
if node.get("system.key") == req.params.get("nodekey") and node.get("key") != req.params.get("nodekey"):
message = "workflow_start_err_protected"
elif node.get("key") == req.params.get("nodekey"):
redirect = "/pnode?id=%s&key=%s" % (node.id, node.get("key"))
else:
message = "workflow_start_err_wrongkey"
except:
message = "workflow_start_err_wrongkey"
types = []
for a in typenames:
if a:
m = getMetaType(a)
# we could now check m.isActive(), but for now let's
# just take all specified metatypes, so that edit area
# and workflow are independent on this
types += [(m, a)]
cookie_error = t(lang(req), "Your browser doesn't support cookies")
js = (
"""
<script language="javascript">
function cookie_test() {
if (document.cookie=="")
document.cookie = "CookieTest=Erfolgreich";
if (document.cookie=="") {
alert("%s");
}
}
cookie_test();
</script>"""
% cookie_error
)
return req.getTAL(
"workflow/start.html",
{
"types": types,
"id": self.id,
"js": js,
"starttext": self.get("starttext"),
"languages": self.getParents()[0].getLanguages(),
"currentlang": lang(req),
"sidebartext": self.getSidebarText(lang(req)),
"redirect": redirect,
"message": message,
"allowcontinue": self.get("allowcontinue"),
},
macro="workflow_start",
)
def show_node_big(self, req, *args):
template = "workflow/workflow.html"
macro = "object_step"
# the workflow operations (node forwarding, key assignment,
# parent node handling) are highly non-reentrant, so protect
# everything with a global lock
global workflow_lock
with workflow_lock:
# stop caching
_setCookie(req, "nocache", "1", path="/")
key = req.params.get("key", req.session.get("key", ""))
req.session["key"] = key
if "obj" in req.params:
nodes = [
q(Node).get(id) for id in req.params['obj'].split(',')
]
for node in nodes:
if not self.has_write_access() and \
(key != node.get("key")): # no permission
link = '(' + self.name + ')'
try:
return req.getTAL(
template, {
"node": node,
"link": link,
"email": config.get("email.workflow"),
"csrf": req.csrf_token.current_token
},
macro=macro)
except:
logg.exception(
"exception in show_node_big, ignoring")
return ""
if 'action' in req.params:
if self.has_write_access():
if req.params.get('action') == 'delete':
for node in nodes:
for parent in node.parents:
parent.children.remove(node)
elif req.params.get('action').startswith('move_'):
step = q(Node).get(
req.params.get('action').replace('move_', ''))
for node in nodes:
for parent in node.parents:
parent.children.remove(node)
step.children.append(node)
db.session.commit()
return self.show_workflow_step(req)
else:
node = nodes[0]
if self in node.parents:
# set correct language for workflow for guest user only
if node.get('key') == node.get(
'system.key') and current_user.is_anonymous:
switch_language(req, node.get('system.wflanguage'))
link = req.makeLink("/mask", {"id": self.id})
if "forcetrue" in req.params:
return self.forwardAndShow(node, True, req, link=link)
if "forcefalse" in req.params:
return self.forwardAndShow(node, False, req, link=link)
return self.show_workflow_node(node, req)
else:
return self.show_workflow_notexist(node, req)
else:
return self.show_workflow_step(req)
def show_workflow_step(self, req):
typenames = self.get("newnodetype").split(";")
wfnode = self.getParents()[0]
redirect = ""
message = ""
# check existence of metadata types listed in the definition of the start node
mdts = tree.getRoot("metadatatypes")
for schema in typenames:
if not mdts.hasChild(schema.strip().split("/")[-1]):
return ('<i>%s: %s </i>') % (schema,
t(lang(req), "permission_denied"))
if "workflow_start" in req.params:
switch_language(req, req.params.get('workflow_language'))
node = tree.Node(name="", type=req.params.get('selected_schema'))
self.addChild(node)
node.setAccess("read", "{user workflow}")
node.set("creator", "workflow-" + self.getParents()[0].getName())
node.set("creationtime", date.format_date())
node.set(
"system.wflanguage",
req.params.get('workflow_language',
req.session.get('language')))
node.set("key", mkKey())
node.set("system.key", node.get("key")) # initial key identifier
req.session["key"] = node.get("key")
return self.forwardAndShow(node, True, req)
elif "workflow_start_auth" in req.params: # auth node by id and key
try:
node = tree.getNode(req.params.get('nodeid'))
# startkey, but protected
if node.get('system.key') == req.params.get(
'nodekey'
) and node.get('key') != req.params.get('nodekey'):
message = "workflow_start_err_protected"
elif node.get('key') == req.params.get('nodekey'):
redirect = "/pnode?id=%s&key=%s" % (node.id,
node.get('key'))
else:
message = "workflow_start_err_wrongkey"
except:
message = "workflow_start_err_wrongkey"
types = []
for a in typenames:
if a:
m = getMetaType(a)
# we could now check m.isActive(), but for now let's
# just take all specified metatypes, so that edit area
# and workflow are independent on this
types += [(m, a)]
cookie_error = t(lang(req), "Your browser doesn't support cookies")
js = """
<script language="javascript">
function cookie_test() {
if (document.cookie=="")
document.cookie = "CookieTest=Erfolgreich";
if (document.cookie=="") {
alert("%s");
}
}
cookie_test();
</script>""" % cookie_error
return req.getTAL("workflow/start.html", {
'types': types,
'id': self.id,
'js': js,
'starttext': self.get('starttext'),
'languages': self.getParents()[0].getLanguages(),
'currentlang': lang(req),
'sidebartext': self.getSidebarText(lang(req)),
'redirect': redirect,
'message': message,
'allowcontinue': self.get('allowcontinue')
},
macro="workflow_start")
def show_workflow_step(self, req):
typenames = self.get("newnodetype").split(";")
wfnode = self.parents[0]
redirect = ""
message = ""
# check existence of metadata types listed in the definition of the start node
mdts = q(Metadatatypes).one()
for schema in typenames:
if not mdts.children.filter_by(
name=schema.strip().split("/")[-1]).scalar():
return ('<i>%s: %s </i>') % (schema,
t(lang(req), "permission_denied"))
if "workflow_start" in req.params:
switch_language(req, req.params.get('workflow_language'))
content_class = Node.get_class_for_typestring(
req.params.get('selected_schema').split('/')[0])
node = content_class(
name=u'',
schema=req.params.get('selected_schema').split('/')[1])
self.children.append(node)
# create user group named '_workflow' if it doesn't exist
workflow_group = q(UserGroup).filter_by(name=u'_workflow').scalar()
if workflow_group is None:
workflow_group = UserGroup(
name=u'_workflow',
description=u'internal dummy group for nodes in workflows')
db.session.add(workflow_group)
# create access rule with '_workflow' user group
workflow_rule = get_or_add_access_rule(
group_ids=[workflow_group.id])
special_access_ruleset = node.get_or_add_special_access_ruleset(
ruletype=u'read')
special_access_ruleset.rule_assocs.append(
AccessRulesetToRule(rule=workflow_rule))
node.set("creator", "workflow-" + self.parents[0].name)
node.set("creationtime", date.format_date())
node.set(
"system.wflanguage",
req.params.get('workflow_language',
req.Cookies.get('language')))
node.set("key", mkKey())
node.set("system.key", node.get("key")) # initial key identifier
req.session["key"] = node.get("key")
db.session.commit()
return self.forwardAndShow(node, True, req)
elif "workflow_start_auth" in req.params: # auth node by id and key
try:
node = q(Node).get(req.params.get('nodeid'))
# startkey, but protected
if node.get('system.key') == req.params.get(
'nodekey'
) and node.get('key') != req.params.get('nodekey'):
message = "workflow_start_err_protected"
elif node.get('key') == req.params.get('nodekey'):
redirect = "/pnode?id=%s&key=%s" % (node.id,
node.get('key'))
else:
message = "workflow_start_err_wrongkey"
except:
logg.exception(
"exception in workflow step start (workflow_start_auth)")
message = "workflow_start_err_wrongkey"
types = []
for a in typenames:
if a:
m = getMetaType(a)
# we could now check m.isActive(), but for now let's
# just take all specified metatypes, so that edit area
# and workflow are independent on this
types += [(m, a)]
cookie_error = t(lang(req), "Your browser doesn't support cookies")
js = """
<script language="javascript">
function cookie_test() {
if (document.cookie=="")
document.cookie = "CookieTest=Erfolgreich";
if (document.cookie=="") {
alert("%s");
}
}
cookie_test();
</script>""" % cookie_error
return req.getTAL("workflow/start.html", {
'types': types,
'id': self.id,
'js': js,
'starttext': self.get('starttext'),
'languages': self.parents[0].getLanguages(),
'currentlang': lang(req),
'sidebartext': self.getSidebarText(lang(req)),
'redirect': redirect,
'message': message,
'allowcontinue': self.get('allowcontinue'),
"csrf": req.csrf_token.current_token,
},
macro="workflow_start")
def show_node_big(self, req, *args):
template = "workflow/workflow.html"
macro = "object_step"
# the workflow operations (node forwarding, key assignment,
# parent node handling) are highly non-reentrant, so protect
# everything with a global lock
global workflow_lock
workflow_lock.acquire()
# stop caching
req.setCookie("nocache", "1", path="/")
try:
key = req.params.get("key", req.session.get("key", ""))
req.session["key"] = key
if "obj" in req.params:
nodes = [q(Node).get(id) for id in req.params['obj'].split(',')]
for node in nodes:
if not self.has_write_access() and \
(key != node.get("key")): # no permission
link = '(' + self.name + ')'
try:
return req.getTAL(template, {"node": node, "link": link, "email": config.get("email.workflow"), "csrf": req.csrf_token.current_token}, macro=macro)
except:
logg.exception("exception in show_node_big, ignoring")
return ""
if 'action' in req.params:
if self.has_write_access():
if req.params.get('action') == 'delete':
for node in nodes:
for parent in node.parents:
parent.children.remove(node)
elif req.params.get('action').startswith('move_'):
step = q(Node).get(req.params.get('action').replace('move_', ''))
for node in nodes:
for parent in node.parents:
parent.children.remove(node)
step.children.append(node)
db.session.commit()
return self.show_workflow_step(req)
else:
node = nodes[0]
if self in node.parents:
# set correct language for workflow for guest user only
if node.get('key') == node.get('system.key') and current_user.is_anonymous:
switch_language(req, node.get('system.wflanguage'))
link = req.makeLink("/mask", {"id": self.id})
if "forcetrue" in req.params:
return self.forwardAndShow(node, True, req, link=link)
if "forcefalse" in req.params:
return self.forwardAndShow(node, False, req, link=link)
return self.show_workflow_node(node, req)
else:
return self.show_workflow_notexist(node, req)
else:
return self.show_workflow_step(req)
finally:
workflow_lock.release()
def show_node_big(self, req, template="workflow/workflow.html", macro="object_step"):
# the workflow operations (node forwarding, key assignment,
# parent node handling) are highly non-reentrant, so protect
# everything with a global lock
global workflow_lock
workflow_lock.acquire()
try:
access = acl.AccessData(req)
key = req.params.get("key", req.session.get("key", ""))
req.session["key"] = key
if "obj" in req.params:
nodes = [tree.getNode(id) for id in req.params['obj'].split(',')]
for node in nodes:
if not access.hasWriteAccess(self) and \
(key != node.get("key")): # no permission
link = '(' + self.name + ')'
try:
return req.getTAL(template, {"node": node, "link": link, "email": config.get("email.workflow")}, macro=macro)
except:
return ""
if 'action' in req.params:
if access.hasWriteAccess(self):
if req.params.get('action') == 'delete':
for node in nodes:
for parent in node.getParents():
parent.removeChild(node)
elif req.params.get('action').startswith('move_'):
step = tree.getNode(req.params.get('action').replace('move_', ''))
for node in nodes:
for parent in node.getParents():
parent.removeChild(node)
step.addChild(node)
return self.show_workflow_step(req)
else:
node = nodes[0]
if self in node.getParents():
# set correct language for workflow for guest user only
if node.get('key') == node.get('system.key') and getUserFromRequest(req) == getUser(config.get('user.guestuser')):
switch_language(req, node.get('system.wflanguage'))
link = req.makeLink("/mask", {"id": self.id})
if "forcetrue" in req.params:
return self.forwardAndShow(node, True, req, link=link)
if "forcefalse" in req.params:
return self.forwardAndShow(node, False, req, link=link)
return self.show_workflow_node(node, req)
else:
return self.show_workflow_notexist(node, req)
else:
return self.show_workflow_step(req)
finally:
workflow_lock.release()
def show_node_big(self, req, template="workflow/workflow.html", macro="object_step"):
# the workflow operations (node forwarding, key assignment,
# parent node handling) are highly non-reentrant, so protect
# everything with a global lock
global workflow_lock
workflow_lock.acquire()
try:
access = acl.AccessData(req)
key = req.params.get("key", req.session.get("key", ""))
req.session["key"] = key
if "obj" in req.params:
nodes = [tree.getNode(id) for id in req.params["obj"].split(",")]
for node in nodes:
if not access.hasWriteAccess(self) and (key != node.get("key")): # no permission
link = "(" + self.name + ")"
try:
return req.getTAL(
template,
{"node": node, "link": link, "email": config.get("email.workflow")},
macro=macro,
)
except:
return ""
if "action" in req.params:
if access.hasWriteAccess(self):
if req.params.get("action") == "delete":
for node in nodes:
for parent in node.getParents():
parent.removeChild(node)
elif req.params.get("action").startswith("move_"):
step = tree.getNode(req.params.get("action").replace("move_", ""))
for node in nodes:
for parent in node.getParents():
parent.removeChild(node)
step.addChild(node)
return self.show_workflow_step(req)
else:
node = nodes[0]
if self in node.getParents():
# set correct language for workflow for guest user only
if node.get("key") == node.get("system.key") and getUserFromRequest(req) == getUser(
config.get("user.guestuser")
):
switch_language(req, node.get("system.wflanguage"))
link = req.makeLink("/mask", {"id": self.id})
if "forcetrue" in req.params:
return self.forwardAndShow(node, True, req, link=link)
if "forcefalse" in req.params:
return self.forwardAndShow(node, False, req, link=link)
return self.show_workflow_node(node, req)
else:
return self.show_workflow_notexist(node, req)
else:
return self.show_workflow_step(req)
finally:
workflow_lock.release()
