class MyUserDBModelView(UserDBModelView): # View that add DB specifics to User view. # Override to implement your own custom view. # Then override userdbmodelview property on SecurityManager show_fieldsets = [ (lazy_gettext('User info'), {{'fields': ['username', 'active', 'roles', 'login_count', 'extra']}}), (lazy_gettext('Personal Info'), {{'fields': ['first_name', 'last_name', 'email'], 'expanded': True}}), (lazy_gettext('Audit Info'), {{'fields': ['last_login', 'fail_login_count', 'created_on', 'created_by', 'changed_on', 'changed_by'], 'expanded': False}}), ] user_show_fieldsets = [ (lazy_gettext('User info'), {{'fields': ['username', 'active', 'roles', 'login_count', 'extra']}}), (lazy_gettext('Personal Info'), {{'fields': ['first_name', 'last_name', 'email'], 'expanded': True}}), ] add_columns = ['first_name', 'last_name', 'username', 'active', 'email', 'roles', 'extra', 'password', 'conf_password'] list_columns = ['first_name', 'last_name', 'username', 'email', 'active', 'roles'] edit_columns = ['first_name', 'last_name', 'username', 'active', 'email', 'roles', 'extra']
class TestForm(DynamicForm): TestFieldOne = StringField(lazy_gettext('Test Field One'), validators=[DataRequired()], widget=BS3TextFieldWidget()) TestFieldTwo = StringField(lazy_gettext('Test Field One'), validators=[DataRequired()], widget=BS3TextFieldWidget())
class RegisterUserDBView(BaseRegisterUser): """ View for Registering a new user, auth db mode """ form = RegisterUserDBForm """ The WTForm form presented to the user to register himself """ form_title = lazy_gettext('Fill out the registration form') """ The form title """ redirect_url = '/' error_message = lazy_gettext( 'Not possible to register you at the moment, try again later') message = lazy_gettext('Registration sent to your email') """ The message shown on a successful registration """ def form_get(self, form): datamodel_user = SQLAInterface(User, self.appbuilder.get_session) datamodel_register_user = SQLAInterface(RegisterUser, self.appbuilder.get_session) if len(form.username.validators) == 1: form.username.validators.append(Unique(datamodel_user, 'username')) form.username.validators.append( Unique(datamodel_register_user, 'username')) if len(form.email.validators) == 2: form.email.validators.append(Unique(datamodel_user, 'email')) form.email.validators.append( Unique(datamodel_register_user, 'email')) def form_post(self, form): self.add_registration(username=form.username.data, first_name=form.first_name.data, last_name=form.last_name.data, email=form.email.data, password=form.password.data)
class RegisterUserModelView(ModelView): route_base = '/registeruser' base_permissions = ['can_list', 'can_show', 'can_delete'] list_title = lazy_gettext('List of Registration Requests') show_title = lazy_gettext('Show Registration') list_columns = ['username', 'registration_date', 'email'] show_exclude_columns = ['password'] search_exclude_columns = ['password']
class PermissionModelView(ModelView): route_base = '/permissions' base_permissions = ['can_list'] list_title = lazy_gettext('List Base Permissions') show_title = lazy_gettext('Show Base Permission') add_title = lazy_gettext('Add Base Permission') edit_title = lazy_gettext('Edit Base Permission') label_columns = {'name': lazy_gettext('Name')}
class ViewMenuModelView(ModelView): route_base = '/viewmenus' base_permissions = ['can_list'] list_title = lazy_gettext('List View Menus') show_title = lazy_gettext('Show View Menu') add_title = lazy_gettext('Add View Menu') edit_title = lazy_gettext('Edit View Menu') label_columns = {'name': lazy_gettext('Name')}
class RegisterUserDBForm(DynamicForm): username = StringField(lazy_gettext('User Name'), validators=[DataRequired()], widget=BS3TextFieldWidget()) first_name = StringField(lazy_gettext('First Name'), validators=[DataRequired()], widget=BS3TextFieldWidget()) last_name = StringField(lazy_gettext('Last Name'), validators=[DataRequired()], widget=BS3TextFieldWidget()) email = StringField(lazy_gettext('Email'), validators=[DataRequired(), Email()], widget=BS3TextFieldWidget()) password = PasswordField( lazy_gettext('Password'), description=lazy_gettext( 'Please use a good password policy, this application does not check this for you' ), validators=[DataRequired()], widget=BS3PasswordFieldWidget()) conf_password = PasswordField( lazy_gettext('Confirm Password'), description=lazy_gettext('Please rewrite the password to confirm'), validators=[ EqualTo('password', message=lazy_gettext('Passwords must match')) ], widget=BS3PasswordFieldWidget()) recaptcha = RecaptchaField()
class UserInfoEdit(DynamicForm): first_name = StringField( lazy_gettext('First Name'), validators=[DataRequired()], widget=BS3TextFieldWidget(), description=lazy_gettext('Write the user first name or names')) last_name = StringField( lazy_gettext('Last Name'), validators=[DataRequired()], widget=BS3TextFieldWidget(), description=lazy_gettext('Write the user last name'))
class ResetMyPasswordView(SimpleFormView): """ View for resetting own user password """ route_base = '/resetmypassword' form = ResetPasswordForm form_title = lazy_gettext('Reset Password Form') redirect_url = '/' message = lazy_gettext('Password Changed') def form_post(self, form): self.appbuilder.sm.reset_password(g.user.id, form.password.data) flash(as_unicode(self.message), 'info')
class RegisterUserOIDForm(DynamicForm): username = StringField(lazy_gettext('User Name'), validators=[DataRequired()], widget=BS3TextFieldWidget()) first_name = StringField(lazy_gettext('First Name'), validators=[DataRequired()], widget=BS3TextFieldWidget()) last_name = StringField(lazy_gettext('Last Name'), validators=[DataRequired()], widget=BS3TextFieldWidget()) email = StringField(lazy_gettext('Email'), validators=[DataRequired(), Email()], widget=BS3TextFieldWidget()) recaptcha = RecaptchaField()
class RoleModelView(ModelView): route_base = '/roles' list_title = lazy_gettext('List Roles') show_title = lazy_gettext('Show Role') add_title = lazy_gettext('Add Role') edit_title = lazy_gettext('Edit Role') label_columns = { 'name': lazy_gettext('Name'), 'permissions': lazy_gettext('Permissions') } list_columns = ['name', 'permissions'] order_columns = ['name'] @action("Copy Role", lazy_gettext('Copy Role'), lazy_gettext('Copy the selected roles?'), icon='fa-copy', single=False) def copy_role(self, items): self.update_redirect() for item in items: new_role = item.__class__() new_role.name = item.name new_role.permissions = item.permissions new_role.name = new_role.name + ' copy' self.datamodel.add(new_role) return redirect(self.get_redirect())
class ResetPasswordView(SimpleFormView): """ View for reseting all users password """ route_base = '/resetpassword' form = ResetPasswordForm form_title = lazy_gettext('Reset Password Form') redirect_url = '/' message = lazy_gettext('Password Changed') def form_post(self, form): pk = request.args.get('pk') self.appbuilder.sm.reset_password(pk, form.password.data) flash(as_unicode(self.message), 'info')
class ResetPasswordForm(DynamicForm): password = PasswordField( lazy_gettext('Password'), description=lazy_gettext( 'Please use a good password policy, this application does not check this for you' ), validators=[DataRequired()], widget=BS3PasswordFieldWidget()) conf_password = PasswordField( lazy_gettext('Confirm Password'), description=lazy_gettext('Please rewrite the password to confirm'), validators=[ EqualTo('password', message=lazy_gettext('Passwords must match')) ], widget=BS3PasswordFieldWidget())
class AuthView(BaseView): route_base = '' login_template = '' invalid_login_message = lazy_gettext('Invalid login. Please try again.') title = lazy_gettext('Sign In') @expose('/login/', methods=['GET', 'POST']) def login(self): pass @expose('/logout/') def logout(self): logout_user() return redirect(self.appbuilder.get_url_for_index)
class Formulariooferta(FlaskForm): cliente = StringField('Cliente', render_kw={'readonly': "true"}) producto = SelectField('Producto', render_kw={'readonly': "true"}) descuento = FloatField('Descuento %', render_kw={'readonly': 'true'}, validators=[DataRequired()], default=0) precio = FloatField('Precio $', render_kw={'readonly': 'true'}, validators=[DataRequired()], default=0) cantidad_oferta = IntegerField('Cantidad disponible para la oferta', render_kw={'readonly': 'true'}, validators=[DataRequired()], widget=BS3TextFieldWidget()) cantidad = IntegerField('Cantidad', render_kw={'type': "number"}, validators=[DataRequired()], widget=BS3TextFieldWidget()) total = FloatField('Total $', render_kw={'readonly': 'true'}, validators=[DataRequired()], default=0, description=lazy_gettext("""Total Previo Impuestos""")) submit = SubmitField("Realizar Pedido", render_kw={"onclick": "confirmacion(event)"})
def wraps(self, *args, **kwargs): permission_str = PERMISSION_PREFIX + f._permission_name if self.appbuilder.sm.has_access(permission_str, self.__class__.__name__): return f(self, *args, **kwargs) else: flash(as_unicode(lazy_gettext("Access is Denied")), "danger") return redirect(url_for(self.appbuilder.sm.auth_view.__class__.__name__ + ".login"))
class MyUserDBModelView(UserDBModelView): show_fieldsets = [ (lazy_gettext('User info'), { 'fields': [ 'username', 'active', 'roles', 'seclevel', 'user_vendor', 'user_vendor_site', 'login_count' ] }), (lazy_gettext('Personal Info'), { 'fields': ['first_name', 'last_name', 'email', 'user_interests'], 'expanded': True }), (lazy_gettext('Audit Info'), { 'fields': [ 'last_login', 'fail_login_count', 'created_on', 'created_by', 'changed_on', 'changed_by' ], 'expanded': False }), ] user_show_fieldsets = [ (lazy_gettext('User info'), { 'fields': [ 'username', 'active', 'roles', 'login_count', 'user_vendor', 'user_vendor_site' ] }), (lazy_gettext('Personal Info'), { 'fields': ['first_name', 'last_name', 'email', 'user_interests'], 'expanded': True }), ] add_columns = [ 'first_name', 'last_name', 'username', 'active', 'email', 'roles', 'seclevel', 'user_vendor', 'user_vendor_site', 'user_interests', 'password', 'conf_password' ] list_columns = [ 'first_name', 'last_name', 'username', 'email', 'active', 'roles', 'seclevel', 'user_vendor', 'user_vendor_site' ] edit_columns = [ 'first_name', 'last_name', 'username', 'active', 'email', 'roles', 'seclevel', 'user_vendor', 'user_vendor_site', 'user_interests' ]
def wraps(self, *args, **kwargs): permission_str = PERMISSION_PREFIX + f._permission_name if self.appbuilder.sm.has_access(permission_str, self.__class__.__name__): return f(self, *args, **kwargs) else: log.warning("Access is Denied for: {0} on: {1}".format(permission_str, self.__class__.__name__)) flash(as_unicode(lazy_gettext("Access is Denied")), "danger") return redirect(url_for(self.appbuilder.sm.auth_view.__class__.__name__ + ".login"))
def test_lazy_gettext(self): app = flask.Flask(__name__) b = babel.Babel(app, default_locale='de_DE') yes = lazy_gettext(u'Yes') with app.test_request_context(): assert text_type(yes) == 'Ja' app.config['BABEL_DEFAULT_LOCALE'] = 'en_US' with app.test_request_context(): assert text_type(yes) == 'Yes'
class UserStatsChartView(DirectByChartView): chart_title = lazy_gettext('User Statistics') label_columns = { 'username': lazy_gettext('User Name'), 'login_count': lazy_gettext('Login count'), 'fail_login_count': lazy_gettext('Failed login count') } search_columns = UserModelView.search_columns definitions = [{ 'label': 'Login Count', 'group': 'username', 'series': ['login_count'] }, { 'label': 'Failed Login Count', 'group': 'username', 'series': ['fail_login_count'] }]
class UserInfoEditView(SimpleFormView): form = UserInfoEdit form_title = lazy_gettext('Edit User Information') redirect_url = '/' message = lazy_gettext('User information changed') def form_get(self, form): item = self.appbuilder.sm.get_user_by_id(g.user.id) # fills the form generic solution for key, value in form.data.items(): form_field = getattr(form, key) form_field.data = getattr(item, key) def form_post(self, form): form = self.form.refresh(request.form) item = self.appbuilder.sm.get_user_by_id(g.user.id) form.populate_obj(item) self.appbuilder.sm.update_user(item) flash(as_unicode(self.message), 'info')
def wraps(self, *args, **kwargs): permission_str = PERMISSION_PREFIX + f._permission_name if self.appbuilder.sm.has_access(permission_str, self.__class__.__name__): return f(self, *args, **kwargs) else: log.warning("Access is Denied for: {0} on: {1}".format(permission_str, self.__class__.__name__)) response = make_response(jsonify({'message': str(lazy_gettext("Access is Denied")), 'severity': 'danger'}), 401) response.headers['Content-Type'] = "application/json" return response return redirect(url_for(self.appbuilder.sm.auth_view.__class__.__name__ + ".login"))
def action(self, name, pk): """ Action method to handle actions from a show view """ if self.appbuilder.sm.has_access(name, self.__class__.__name__): action = self.actions.get(name) return action.func(self.datamodel.get(pk)) else: print("INVALID ACCESS ON {0}".format(self.__class__.__name__)) flash(as_unicode(lazy_gettext("Access is Denied")), "danger") return redirect('.')
def action_post(self): """ Action method to handle multiple records selected from a list view """ name = request.form['action'] pks = request.form.getlist('rowid') if self.appbuilder.sm.has_access(name, self.__class__.__name__): action = self.actions.get(name) items = [self.datamodel.get(pk) for pk in pks] return action.func(items) else: flash(as_unicode(lazy_gettext("Access is Denied")), "danger") return redirect('.')
def action_post(self): """ Action method to handle multiple records selected from a list view """ name = request.form['action'] pks = request.form.getlist('rowid') if self.appbuilder.sm.has_access(name, self.__class__.__name__): action = self.actions.get(name) items = [self.datamodel.get(pk) for pk in pks] return action.func(items) else: print("INVALID ACCESS ON {0} {1}".format(name, self.__class__.__name__)) flash(as_unicode(lazy_gettext("Access is Denied")), "danger") return redirect('.')
class PermissionViewModelView(ModelView): route_base = '/permissionviews' base_permissions = ['can_list'] list_title = lazy_gettext('List Permissions on Views/Menus') show_title = lazy_gettext('Show Permission on Views/Menus') add_title = lazy_gettext('Add Permission on Views/Menus') edit_title = lazy_gettext('Edit Permission on Views/Menus') label_columns = {'permission': lazy_gettext('Permission'), 'view_menu': lazy_gettext('View/Menu')} list_columns = ['permission', 'view_menu']
class DataModel(): obj = None """ Messages to display on CRUD Events """ add_row_message = lazy_gettext('Added Row') edit_row_message = lazy_gettext('Changed Row') delete_row_message = lazy_gettext('Deleted Row') delete_integrity_error_message = lazy_gettext( 'Associated data exists, please delete them first') add_integrity_error_message = lazy_gettext( 'Integrity error, probably unique constraint') edit_integrity_error_message = lazy_gettext( 'Integrity error, probably unique constraint') general_error_message = lazy_gettext('General Error') def __init__(self, obj): self.obj = obj def _get_attr_value(self, item, col): if hasattr(getattr(item, col), '__call__'): # its a function return getattr(item, col)() else: # its attribute return getattr(item, col) def get_values_item(self, item, show_columns): return [self._get_attr_value(item, col) for col in show_columns] def get_values(self, lst, list_columns): """ Get Values: formats values for list template. returns [{'col_name':'col_value',....},{'col_name':'col_value',....}] :param lst: The list of item objects from query :param list_columns: The list of columns to include """ retlst = [] for item in lst: retdict = {} for col in list_columns: retdict[col] = self._get_attr_value(item, col) retlst.append(retdict) return retlst
""" Database delete generic error, format with err message """ LOGMSG_WAR_DBI_AVG_ZERODIV = "Zero division on aggregate_avg" LOGMSG_WAR_FAB_VIEW_EXISTS = "View already exists {0} ignoring" """ Attempt to add an already added view, format with view name """ LOGMSG_WAR_DBI_ADD_INTEGRITY = "Add record integrity error: {0}" """ Dabase integrity error, format with err message """ LOGMSG_WAR_DBI_EDIT_INTEGRITY = "Edit record integrity error: {0}" """ Dabase integrity error, format with err message """ LOGMSG_WAR_DBI_DEL_INTEGRITY = "Delete record integrity error: {0}" """ Dabase integrity error, format with err message """ LOGMSG_INF_FAB_ADD_VIEW = "Registering class {0} on menu {1}" """ Inform that view class was added, format with class name, name""" FLAMSG_ERR_SEC_ACCESS_DENIED = lazy_gettext("Access is Denied") """ Access denied flash message """ PERMISSION_PREFIX = 'can_' """ Prefix to be concatenated to permission names, and inserted in the backend """ AUTH_OID = 0 AUTH_DB = 1 AUTH_LDAP = 2 AUTH_REMOTE_USER = 3 AUTH_OAUTH = 4 """ Constants for supported authentication types """
class MyUserDBModelView(UserDBModelView): """ View that add DB specifics to User view. Override to implement your own custom view. Then override userdbmodelview property on SecurityManager """ login_template = 'login.html' label_columns = {'activeformat':'Está activo?','cuilformat':'Cuil'} show_fieldsets = [ (lazy_gettext('User info'), {'fields': ['username', 'active', 'roles', 'login_count', 'cuil']}), (lazy_gettext('Personal Info'), {'fields': ['first_name', 'last_name', 'email'], 'expanded': True}), (lazy_gettext('Audit Info'), {'fields': ['last_login', 'fail_login_count', 'created_on', 'created_by', 'changed_on', 'changed_by'], 'expanded': False}), ] user_show_fieldsets = [ (lazy_gettext('Informacion de Usuario'), {'fields': ['username', 'active', 'roles', 'login_count', 'cuil']}), (lazy_gettext('Informacion Personal'), {'fields': ['first_name', 'last_name', 'email'], 'expanded': True}), ] add_columns = [ 'username', 'first_name', 'last_name', 'email', 'cuil', 'password', 'conf_password' ] list_columns = [ 'first_name', 'last_name', 'username', 'email', 'cuilformat', 'activeformat', 'roles' ] edit_columns = [ 'first_name', 'last_name', 'username', 'cuil', 'active', 'roles' ] validators_columns ={ 'cuil':[InputRequired(),cuitvalidatorProveedores] } add_form_extra_fields = { 'roles': QuerySelectMultipleField( 'Rol', query_factory=cuil_query, widget=Select2ManyWidget() ), "password": PasswordField( lazy_gettext("Password"), description=lazy_gettext( "Utilice una buena política de contraseñas, esta aplicación no verifica esto por usted" ), validators=[validators.DataRequired()], widget=BS3PasswordFieldWidget(), ), "conf_password": PasswordField( lazy_gettext("Confirmar Password"), description=lazy_gettext("Vuelva a escribir la contraseña del usuario para confirmar"), validators=[ EqualTo("password", message=lazy_gettext("Passwords deben coincidir")) ], widget=BS3PasswordFieldWidget(), ), } edit_form_extra_fields = { 'roles': QuerySelectMultipleField( 'Rol', query_factory=cuil_query, widget=Select2ManyWidget() ), 'first_name': StringField( 'Nombre', validators=[validators.DataRequired()] ), 'last_name': StringField( 'Apellidos', validators=[validators.DataRequired()] ), 'username': StringField( 'Nombre de usuario', validators=[validators.DataRequired()] ), 'cuil': StringField( 'Cuil', validators=[InputRequired(),cuitvalidatorProveedores] ) }
class BaseInterface(object): """ Base class for all data model interfaces. Sub class it to implement your own interface for some data engine. """ obj = None filter_converter_class = None """ when sub classing override with your own custom filter converter """ """ Messages to display on CRUD Events """ add_row_message = lazy_gettext('Added Row') edit_row_message = lazy_gettext('Changed Row') delete_row_message = lazy_gettext('Deleted Row') delete_integrity_error_message = lazy_gettext( 'Associated data exists, please delete them first') add_integrity_error_message = lazy_gettext( 'Integrity error, probably unique constraint') edit_integrity_error_message = lazy_gettext( 'Integrity error, probably unique constraint') general_error_message = lazy_gettext('General Error') """ Tuple with message and text with severity type ex: ("Added Row", "info") """ message = () def __init__(self, obj): self.obj = obj def _get_attr_value(self, item, col): if not hasattr(item, col): # it's an inner obj attr return reduce(getattr, col.split('.'), item) if hasattr(getattr(item, col), '__call__'): # its a function return getattr(item, col)() else: # its attribute return getattr(item, col) def get_filters(self, search_columns=None): search_columns = search_columns or [] return Filters(self.filter_converter_class, self, search_columns) def get_values_item(self, item, show_columns): return [self._get_attr_value(item, col) for col in show_columns] def _get_values(self, lst, list_columns): """ Get Values: formats values for list template. returns [{'col_name':'col_value',....},{'col_name':'col_value',....}] :param lst: The list of item objects from query :param list_columns: The list of columns to include """ retlst = [] for item in lst: retdict = {} for col in list_columns: retdict[col] = self._get_attr_value(item, col) retlst.append(retdict) return retlst def get_values(self, lst, list_columns): """ Get Values: formats values for list template. returns [{'col_name':'col_value',....},{'col_name':'col_value',....}] :param lst: The list of item objects from query :param list_columns: The list of columns to include """ for item in lst: retdict = {} for col in list_columns: retdict[col] = self._get_attr_value(item, col) yield retdict def get_values_json(self, lst, list_columns): """ Converts list of objects from query to JSON """ result = [] for item in self.get_values(lst, list_columns): for key, value in list(item.items()): if isinstance(value, datetime.datetime) or isinstance( value, datetime.date): value = value.isoformat() item[key] = value if isinstance(value, list): item[key] = [str(v) for v in value] result.append(item) return result """ Returns the models class name useful for auto title on views """ @property def model_name(self): return self.obj.__class__.__name__ """ Next methods must be overridden """ def query(self, filters=None, order_column='', order_direction='', page=None, page_size=None): pass def is_image(self, col_name): return False def is_file(self, col_name): return False def is_gridfs_file(self, col_name): return False def is_gridfs_image(self, col_name): return False def is_string(self, col_name): return False def is_text(self, col_name): return False def is_integer(self, col_name): return False def is_numeric(self, col_name): return False def is_float(self, col_name): return False def is_boolean(self, col_name): return False def is_date(self, col_name): return False def is_datetime(self, col_name): return False def is_relation(self, prop): return False def is_relation_col(self, col): return False def is_relation_many_to_one(self, prop): return False def is_relation_many_to_many(self, prop): return False def is_relation_one_to_one(self, prop): return False def is_relation_one_to_many(self, prop): return False def is_nullable(self, col_name): return True def is_unique(self, col_name): return False def is_pk(self, col_name): return False def is_fk(self, col_name): return False def get_max_length(self, col_name): return -1 def get_min_length(self, col_name): return -1 """ ----------------------------------------- FUNCTIONS FOR CRUD OPERATIONS ----------------------------------------- """ def add(self, item): """ Adds object """ raise NotImplementedError def edit(self, item): """ Edit (change) object """ raise NotImplementedError def delete(self, item): """ Deletes object """ raise NotImplementedError def get_col_default(self, col_name): pass def get_keys(self, lst): """ return a list of pk values from object list """ pk_name = self.get_pk_name() return [getattr(item, pk_name) for item in lst] def get_pk_name(self, item): """ Returns the primary key name """ raise NotImplementedError def get_pk_value(self, item): return getattr(item, self.get_pk_name()) def get(self, pk, filter=None): """ return the record from key, you can optionally pass filters if pk exits on the db but filters exclude it it will return none. """ pass def get_related_model(self, prop): raise NotImplementedError def get_related_interface(self, col_name): """ Returns a BaseInterface for the related model of column name. :param col_name: Column name with relation :return: BaseInterface """ raise NotImplementedError def get_related_obj(self, col_name, value): raise NotImplementedError def get_related_fk(self, model): raise NotImplementedError def get_columns_list(self): """ Returns a list of all the columns names """ return [] def get_user_columns_list(self): """ Returns a list of user viewable columns names """ return self.get_columns_list() def get_search_columns_list(self): """ Returns a list of searchable columns names """ return [] def get_order_columns_list(self, list_columns=None): """ Returns a list of order columns names """ return [] def get_relation_fk(self, prop): pass
class LoginForm_oid(DynamicForm): openid = StringField(lazy_gettext('openid'), validators=[DataRequired()]) username = StringField(lazy_gettext('User Name')) remember_me = BooleanField(lazy_gettext('remember_me'), default=False)
class UserDBModelView(UserModelView): """ View that add DB specifics to User view. Override to implement your own custom view. Then override userdbmodelview property on SecurityManager """ add_form_extra_fields = { 'password': PasswordField( lazy_gettext('Password'), description=lazy_gettext( 'Please use a good password policy, this application does not check this for you' ), validators=[validators.DataRequired()], widget=BS3PasswordFieldWidget()), 'conf_password': PasswordField(lazy_gettext('Confirm Password'), description=lazy_gettext( 'Please rewrite the user\'s password to confirm'), validators=[ EqualTo('password', message=lazy_gettext('Passwords must match')) ], widget=BS3PasswordFieldWidget()) } add_columns = [ 'first_name', 'last_name', 'username', 'active', 'email', 'roles', 'password', 'conf_password' ] @expose('/show/<pk>', methods=['GET']) @has_access def show(self, pk): actions = {} actions['resetpasswords'] = self.actions.get('resetpasswords') widgets = self._get_show_widget(pk, actions=actions) self.update_redirect() return self.render_template(self.show_template, pk=pk, title=self.show_title, widgets=widgets, appbuilder=self.appbuilder, related_views=self._related_views) @expose('/userinfo/') @has_access def userinfo(self): actions = {} actions['resetmypassword'] = self.actions.get('resetmypassword') widgets = self._get_show_widget( g.user.id, actions=actions, show_fieldsets=self.user_show_fieldsets) self.update_redirect() return self.render_template( self.show_template, title=self.user_info_title, widgets=widgets, appbuilder=self.appbuilder, ) @action('resetmypassword', lazy_gettext("Reset my password"), "", "fa-lock", multiple=False) def resetmypassword(self, item): return redirect(url_for('ResetMyPasswordView.this_form_get')) @action('resetpasswords', lazy_gettext("Reset Password"), "", "fa-lock", multiple=False) def resetpasswords(self, item): return redirect(url_for('ResetPasswordView.this_form_get', pk=item.id)) def pre_update(self, item): item.changed_on = datetime.datetime.now() item.changed_by_fk = g.user.id def pre_add(self, item): item.password = generate_password_hash(item.password)
class UserModelView(ModelView): route_base = '/users' list_title = lazy_gettext('List Users') show_title = lazy_gettext('Show User') add_title = lazy_gettext('Add User') edit_title = lazy_gettext('Edit User') label_columns = { 'get_full_name': lazy_gettext('Full Name'), 'first_name': lazy_gettext('First Name'), 'last_name': lazy_gettext('Last Name'), 'username': lazy_gettext('User Name'), 'password': lazy_gettext('Password'), 'active': lazy_gettext('Is Active?'), 'email': lazy_gettext('EMail'), 'roles': lazy_gettext('Role'), 'last_login': lazy_gettext('Last login'), 'login_count': lazy_gettext('Login count'), 'fail_login_count': lazy_gettext('Failed login count'), 'created_on': lazy_gettext('Created on'), 'created_by': lazy_gettext('Created by'), 'changed_on': lazy_gettext('Changed on'), 'changed_by': lazy_gettext('Changed by') } description_columns = { 'first_name': lazy_gettext('Write the user first name or names'), 'last_name': lazy_gettext('Write the user last name'), 'username': lazy_gettext( 'Username valid for authentication on DB or LDAP, unused for OID auth' ), 'password': lazy_gettext( 'Please use a good password policy, this application does not check this for you' ), 'active': lazy_gettext( 'It\'s not a good policy to remove a user, just make it inactive'), 'email': lazy_gettext('The user\'s email, this will also be used for OID auth'), 'roles': lazy_gettext( 'The user role on the application, this will associate with a list of permissions' ), 'conf_password': lazy_gettext('Please rewrite the user\'s password to confirm') } list_columns = [ 'first_name', 'last_name', 'username', 'email', 'active', 'roles' ] show_fieldsets = [ (lazy_gettext('User info'), { 'fields': ['username', 'active', 'roles', 'login_count'] }), (lazy_gettext('Personal Info'), { 'fields': ['first_name', 'last_name', 'email'], 'expanded': True }), (lazy_gettext('Audit Info'), { 'fields': [ 'last_login', 'fail_login_count', 'created_on', 'created_by', 'changed_on', 'changed_by' ], 'expanded': False }), ] user_show_fieldsets = [ (lazy_gettext('User info'), { 'fields': ['username', 'active', 'roles', 'login_count'] }), (lazy_gettext('Personal Info'), { 'fields': ['first_name', 'last_name', 'email'], 'expanded': True }), ] search_exclude_columns = ['password'] add_columns = [ 'first_name', 'last_name', 'username', 'active', 'email', 'roles' ] edit_columns = [ 'first_name', 'last_name', 'username', 'active', 'email', 'roles' ] user_info_title = lazy_gettext("Your user information") @expose('/userinfo/') @has_access def userinfo(self): widgets = self._get_show_widget( g.user.id, show_fieldsets=self.user_show_fieldsets) self.update_redirect() return self.render_template(self.show_template, title=self.user_info_title, widgets=widgets, appbuilder=self.appbuilder)
LOGMSG_ERR_DBI_EDIT_GENERIC = "Edit record error: {0}" """ Database edit generic error, format with err message """ LOGMSG_ERR_DBI_DEL_GENERIC = "Delete record error: {0}" """ Database delete generic error, format with err message """ LOGMSG_WAR_DBI_AVG_ZERODIV = "Zero division on aggregate_avg" LOGMSG_WAR_FAB_VIEW_EXISTS = "View already exists {0} ignoring" """ Attempt to add an already added view, format with view name """ LOGMSG_WAR_DBI_ADD_INTEGRITY = "Add record integrity error: {0}" """ Dabase integrity error, format with err message """ LOGMSG_WAR_DBI_EDIT_INTEGRITY = "Edit record integrity error: {0}" """ Dabase integrity error, format with err message """ LOGMSG_WAR_DBI_DEL_INTEGRITY = "Delete record integrity error: {0}" """ Dabase integrity error, format with err message """ LOGMSG_INF_FAB_ADD_VIEW = "Registering class {0} on menu {1}" """ Inform that view class was added, format with class name, name""" FLAMSG_ERR_SEC_ACCESS_DENIED = lazy_gettext("Access is Denied") """ Access denied flash message """ PERMISSION_PREFIX = 'can_' """ Prefix to be concatenated to permission names, and inserted in the backend """ AUTH_OID = 0 AUTH_DB = 1 AUTH_LDAP = 2 AUTH_REMOTE_USER = 3 AUTH_OAUTH = 4 """ Constants for supported authentication types """
class LoginForm_db(DynamicForm): username = StringField(lazy_gettext('User Name'), validators=[DataRequired()]) password = PasswordField(lazy_gettext('Password'), validators=[DataRequired()])