def get_context(path): context = None cache_key = "page_context:{}".format(path) # try from memcache if can_cache(): context = frappe.cache().get_value(cache_key) if not context: context = get_sitemap_options(path) # permission may be required for rendering context["access"] = get_access(context.pathname) context = build_context(context) if can_cache(context.no_cache): frappe.cache().set_value(cache_key, context) else: context["access"] = get_access(context.pathname) if not context.data: context.data = {} context.data["path"] = path context.update(context.data or {}) # TODO private pages return context
def get_context(path): context = None cache_key = "page_context:{}".format(path) # try from memcache if can_cache(): context = frappe.cache().get_value(cache_key) if not context: context = get_sitemap_options(path) # permission may be required for rendering context["access"] = get_access(context.pathname) context = build_context(context) if can_cache(context.no_cache): frappe.cache().set_value(cache_key, context) else: context["access"] = get_access(context.pathname) if not context.data: context.data = {} context.data["path"] = path context.update(context.data or {}) return context
def suggest_user(term, group): pathname = get_pathname(group) if not get_access(pathname).get("admin"): raise frappe.PermissionError users = frappe.db.sql( """select pr.name, pr.first_name, pr.last_name, pr.user_image, pr.location from `tabUser` pr where (pr.first_name like %(term)s or pr.last_name like %(term)s) and pr.user_type = "Website User" and pr.user_image is not null and pr.enabled=1 and not exists(select wsp.name from `tabWebsite Route Permission` wsp where wsp.website_route=%(group)s and wsp.user=pr.name)""", {"term": "%{}%".format(term), "group": pathname}, as_dict=True, ) template = frappe.get_template("templates/includes/user_display.html") return [ { "value": "{} {}".format(pr.first_name or "", pr.last_name or ""), "user_html": template.render({"user": pr}), "user": pr.name, } for pr in users ]
def save_post(post, content, picture=None, picture_name=None, title=None, assigned_to=None, status=None, event_datetime=None): post = frappe.get_doc("Post", post) access = get_access(get_pathname(post.website_group)) if not access.get("write"): raise frappe.PermissionError # TODO improve error message if frappe.session.user != post.owner: for fieldname in ("title", "content"): if post.get(fieldname) != locals().get(fieldname): frappe.throw(_("Cannot change {0}").format(fieldname)) if picture and picture_name: frappe.throw(_("Cannot change picture")) post.update({ "title": (title or "").title(), "content": content, "assigned_to": assigned_to, "status": status, "event_datetime": event_datetime }) post.ignore_permissions = True post.save() if picture_name and picture: process_picture(post, picture_name, picture) return post.parent_post or post.name
def update_description(group, description): if not get_access(get_pathname(group)).get("admin"): raise frappe.PermissionError group = frappe.get_doc("Website Group", group) group.group_description = description group.save(ignore_permissions=True)
def suggest_user(term, group): doc = frappe.get_doc("Website Group", group) pathname = doc.get_route() if not get_access(doc, pathname).get("admin"): raise frappe.PermissionError users = frappe.db.sql("""select pr.name, pr.first_name, pr.last_name, pr.user_image, pr.location from `tabUser` pr where (pr.first_name like %(term)s or pr.last_name like %(term)s) and pr.user_type = "Website User" and pr.user_image is not null and pr.enabled=1 and not exists(select wsp.name from `tabWebsite Route Permission` wsp where wsp.website_route=%(group)s and wsp.user=pr.name)""", { "term": "%{}%".format(term), "group": pathname }, as_dict=True) template = frappe.get_template("templates/includes/user_display.html") return [{ "value": "{} {}".format(pr.first_name or "", pr.last_name or ""), "user_html": template.render({"user": pr}), "user": pr.name } for pr in users]
def save_post(post, content, picture=None, picture_name=None, title=None, assigned_to=None, status=None, event_datetime=None): post = frappe.get_doc("Post", post) group = frappe.get_doc("Website Group", post.website_group) access = get_access(group, group.get_route()) if not access.get("write"): raise frappe.PermissionError # TODO improve error message if frappe.session.user != post.owner: for fieldname in ("title", "content"): if post.get(fieldname) != locals().get(fieldname): frappe.throw(_("Cannot change {0}").format(fieldname)) if picture and picture_name: frappe.throw(_("Cannot change picture")) post.update({ "title": (title or "").title(), "content": content, "assigned_to": assigned_to, "status": status, "event_datetime": event_datetime }) post.ignore_permissions = True post.save() if picture_name and picture: process_picture(post, picture_name, picture) return post.parent_post or post.name
def update_permission(group, user, perm, value): pathname = get_pathname(group) if not get_access(pathname).get("admin"): raise frappe.PermissionError permission = frappe.get_doc("Website Route Permission", { "website_route": pathname, "user": user }) permission.set(perm, int(value)) permission.save(ignore_permissions=True) # send email if perm == "admin" and int(value): group_title = frappe.db.get_value("Website Route", pathname, "page_title") subject = "You have been made Administrator of Group " + group_title send(recipients=[user], subject=subject, add_unsubscribe_link=False, message="""<h3>Group Notification<h3>\ <p>%s</p>\ <p style="color: #888">This is just for your information.</p>""" % subject)
def get_post_list_html(group, view, limit_start=0, limit_length=20): from frappe.templates.generators.website_group import get_views # verify permission for paging if frappe.local.form_dict.cmd == "get_post_list_html": pathname = frappe.db.get_value("Website Route", {"ref_doctype": "Website Group", "docname": group}) access = get_access(pathname) if not access.get("read"): return frappe.PermissionError conditions = "" values = [group] group_type = frappe.db.get_value("Website Group", group, "group_type") if group_type == "Events": # should show based on time upto precision of hour # because the current hour should also be in upcoming values.append(now_datetime().replace(minute=0, second=0, microsecond=0)) if view in ("feed", "closed"): order_by = "p.creation desc" if view == "closed": conditions += " and p.is_task=1 and p.status='Closed'" elif view in ("popular", "open"): now = get_datetime_str(now_datetime()) order_by = """(p.upvotes + post_reply_count - (timestampdiff(hour, p.creation, \"{}\") / 2)) desc, p.creation desc""".format(now) if view == "open": conditions += " and p.is_task=1 and p.status='Open'" elif view == "upcoming": conditions += " and p.is_event=1 and p.event_datetime >= %s" order_by = "p.event_datetime asc" elif view == "past": conditions += " and p.is_event=1 and p.event_datetime < %s" order_by = "p.event_datetime desc" values += [int(limit_start), int(limit_length)] posts = frappe.db.sql("""select p.*, pr.user_image, pr.first_name, pr.last_name, (select count(pc.name) from `tabPost` pc where pc.parent_post=p.name) as post_reply_count from `tabPost` p, `tabUser` pr where p.website_group = %s and pr.name = p.owner and ifnull(p.parent_post, '')='' {conditions} order by {order_by} limit %s, %s""".format(conditions=conditions, order_by=order_by), tuple(values), as_dict=True, debug=True) context = { "posts": posts, "limit_start": limit_start, "view": get_views(group_type)[view] } return frappe.get_template("templates/includes/post_list.html").render(context)
def get_post_list_html(group, view, limit_start=0, limit_length=20): from frappe.website.doctype.website_group.website_group import get_views # verify permission for paging if frappe.local.form_dict.cmd == "get_post_list_html": doc = frappe.get_doc("Website Group", group) access = get_access(doc, doc.get_route()) if not access.get("read"): return frappe.PermissionError conditions = "" values = [group] group_type = frappe.db.get_value("Website Group", group, "group_type") if group_type == "Events": # should show based on time upto precision of hour # because the current hour should also be in upcoming values.append(now_datetime().replace(minute=0, second=0, microsecond=0)) if view in ("feed", "closed"): order_by = "p.creation desc" if view == "closed": conditions += " and p.is_task=1 and p.status='Closed'" elif view in ("popular", "open"): now = get_datetime_str(now_datetime()) order_by = """(p.upvotes + post_reply_count - (timestampdiff(hour, p.creation, \"{}\") / 2)) desc, p.creation desc""".format(now) if view == "open": conditions += " and p.is_task=1 and p.status='Open'" elif view == "upcoming": conditions += " and p.is_event=1 and p.event_datetime >= %s" order_by = "p.event_datetime asc" elif view == "past": conditions += " and p.is_event=1 and p.event_datetime < %s" order_by = "p.event_datetime desc" values += [int(limit_start), int(limit_length)] posts = frappe.db.sql("""select p.*, pr.user_image, pr.first_name, pr.last_name, (select count(pc.name) from `tabPost` pc where pc.parent_post=p.name) as post_reply_count from `tabPost` p, `tabUser` pr where p.website_group = %s and pr.name = p.owner and ifnull(p.parent_post, '')='' {conditions} order by {order_by} limit %s, %s""".format(conditions=conditions, order_by=order_by), tuple(values), as_dict=True) context = { "posts": posts, "limit_start": limit_start, "view": get_views(group_type)[view] } return frappe.get_template("templates/includes/post_list.html").render(context)
def get_allowed_events(user, events): group_access = {} for pathname in set([p.pathname for p in events]): group_access[pathname] = get_access(pathname, profile=user).get("read") or 0 allowed_events = [] for post in events: if group_access.get(post.pathname): allowed_events.append(post) return allowed_events
def add_website_group(group, new_group, public_read, public_write, group_type="Forum"): doc = frappe.get_doc("Website Group", group) pathname = doc.get_route() if not get_access(doc, pathname).get("admin"): raise frappe.PermissionError frappe.get_doc({ "doctype": "Website Group", "group_name": group + "-" + new_group, "group_title": new_group, "parent_website_group": group, "group_type": group_type, "public_read": int(public_read), "public_write": int(public_write) }).insert(ignore_permissions=True)
def add_website_group(group, new_group, public_read, public_write, group_type="Forum"): if not get_access(get_pathname(group)).get("admin"): raise frappe.PermissionError parent_website_route = frappe.db.get_value("Website Route", {"ref_doctype": "Website Group", "docname": group}) frappe.get_doc({ "doctype": "Website Group", "group_name": group + "-" + new_group, "group_title": new_group, "parent_website_route": parent_website_route, "group_type": group_type, "public_read": int(public_read), "public_write": int(public_write) }).insert(ignore_permissions=True)
def add_post(group, content, picture, picture_name, title=None, parent_post=None, assigned_to=None, status=None, event_datetime=None): access = get_access(get_pathname(group)) if not access.get("write"): raise frappe.PermissionError if parent_post: if frappe.db.get_value("Post", parent_post, "parent_post"): frappe.throw("Cannot reply to a reply") group = frappe.doc("Website Group", group) post = frappe.bean({ "doctype": "Post", "title": (title or "").title(), "content": content, "website_group": group.name, "parent_post": parent_post or None }) if not parent_post: if group.group_type == "Tasks": post.doc.is_task = 1 post.doc.assigned_to = assigned_to elif group.group_type == "Events": post.doc.is_event = 1 post.doc.event_datetime = event_datetime post.ignore_permissions = True post.insert() if picture_name and picture: process_picture(post, picture_name, picture) # send email if parent_post: post.run_method("send_email_on_reply") return post.doc.parent_post or post.doc.name
def add_website_group(group, new_group, public_read, public_write, group_type="Forum"): if not get_access(get_pathname(group)).get("admin"): raise frappe.PermissionError parent_website_route = frappe.db.get_value("Website Route", {"ref_doctype": "Website Group", "docname": group}) frappe.get_doc( { "doctype": "Website Group", "group_name": group + "-" + new_group, "group_title": new_group, "parent_website_route": parent_website_route, "group_type": group_type, "public_read": int(public_read), "public_write": int(public_write), } ).insert(ignore_permissions=True)
def set_vote(ref_doctype, ref_name): website_group_name = frappe.db.get_value(ref_doctype, ref_name, "website_group") group = frappe.get_doc("Website Group", website_group_name) if not get_access(group, group.get_route()).get("read"): raise frappe.PermissionError try: user_vote = frappe.get_doc({ "doctype": "User Vote", "ref_doctype": ref_doctype, "ref_name": ref_name }) user_vote.ignore_permissions = True user_vote.insert() return "ok" except frappe.DuplicateEntryError: return "duplicate"
def add_sitemap_permission(group, user): pathname = get_pathname(group) if not get_access(pathname).get("admin"): raise frappe.PermissionError permission = frappe.get_doc( {"doctype": "Website Route Permission", "website_route": pathname, "user": user, "read": 1} ) permission.insert(ignore_permissions=True) user = permission.as_dict() user.update( frappe.db.get_value( "User", user.user, ["name", "first_name", "last_name", "user_image", "location"], as_dict=True ) ) return frappe.get_template("templates/includes/sitemap_permission.html").render({"user": user})
def update_permission(group, user, perm, value): doc = frappe.get_doc("Website Group", group) pathname = doc.get_route() if not get_access(doc, pathname).get("admin"): raise frappe.PermissionError permission = frappe.get_doc("Website Route Permission", {"website_route": pathname, "user": user, "reference": group}) permission.set(perm, int(value)) permission.save(ignore_permissions=True) # send email if perm=="admin" and int(value): subject = "You have been made Administrator of Group " + doc.group_title send(recipients=[user], subject= subject, add_unsubscribe_link=False, message="""<h3>Group Notification<h3>\ <p>%s</p>\ <p style="color: #888">This is just for your information.</p>""" % subject)
def add_sitemap_permission(group, user): pathname = get_pathname(group) if not get_access(pathname).get("admin"): raise frappe.PermissionError permission = frappe.get_doc({ "doctype": "Website Route Permission", "website_route": pathname, "user": user, "read": 1 }) permission.insert(ignore_permissions=True) user = permission.as_dict() user.update(frappe.db.get_value("User", user.user, ["name", "first_name", "last_name", "user_image", "location"], as_dict=True)) return frappe.get_template("templates/includes/sitemap_permission.html").render({ "user": user })
def add_post(group, content, picture, picture_name, title=None, parent_post=None, assigned_to=None, status=None, event_datetime=None): doc = frappe.get_doc("Website Group", group) access = get_access(doc, doc.get_route()) if not access.get("write"): raise frappe.PermissionError if parent_post: if frappe.db.get_value("Post", parent_post, "parent_post"): frappe.throw(_("Cannot reply to a reply")) group = frappe.get_doc("Website Group", group) post = frappe.get_doc({ "doctype":"Post", "title": (title or "").title(), "content": content, "website_group": group.name, "parent_post": parent_post or None }) if not parent_post: if group.group_type == "Tasks": post.is_task = 1 post.assigned_to = assigned_to elif group.group_type == "Events": post.is_event = 1 post.event_datetime = event_datetime post.ignore_permissions = True post.insert() if picture_name and picture: process_picture(post, picture_name, picture) # send email if parent_post: post.run_method("send_email_on_reply") return post.parent_post or post.name
def get_context(path): context = None cache_key = "page_context:{}".format(path) def add_data_path(context): if not context.data: context.data = {} context.data["path"] = path # try from memcache if can_cache(): context = frappe.cache().get_value(cache_key) if not context: context = get_route_info(path) # permission may be required for rendering if context.doc and context.doc.doctype == "Website Group": context["access"] = get_access(context.doc, context.pathname) else: context["access"] = frappe._dict({ "public_read": 1, "public_write": 1 }) context = build_context(context) add_data_path(context) if can_cache(context.no_cache): frappe.cache().set_value(cache_key, context) else: context["access"] = frappe._dict({"public_read": 1, "public_write": 1}) add_data_path(context) context.update(context.data or {}) return context
def add_sitemap_permission(group, profile): pathname = get_pathname(group) if not get_access(pathname).get("admin"): raise frappe.PermissionError permission = frappe.bean({ "doctype": "Website Route Permission", "website_route": pathname, "profile": profile, "read": 1 }) permission.insert(ignore_permissions=True) profile = permission.doc.fields profile.update( frappe.db.get_value( "Profile", profile.profile, ["name", "first_name", "last_name", "user_image", "location"], as_dict=True)) return frappe.get_template( "templates/includes/sitemap_permission.html").render( {"profile": profile})