def get_context(path):
context = None
cache_key = "page_context:{}".format(path)
# try from memcache
if can_cache():
context = frappe.cache().get_value(cache_key)
if not context:
context = get_sitemap_options(path)
# permission may be required for rendering
context["access"] = get_access(context.pathname)
context = build_context(context)
if can_cache(context.no_cache):
frappe.cache().set_value(cache_key, context)
else:
context["access"] = get_access(context.pathname)
if not context.data:
context.data = {}
context.data["path"] = path
context.update(context.data or {})
# TODO private pages
return context
def get_context(path):
context = None
cache_key = "page_context:{}".format(path)
# try from memcache
if can_cache():
context = frappe.cache().get_value(cache_key)
if not context:
context = get_sitemap_options(path)
# permission may be required for rendering
context["access"] = get_access(context.pathname)
context = build_context(context)
if can_cache(context.no_cache):
frappe.cache().set_value(cache_key, context)
else:
context["access"] = get_access(context.pathname)
if not context.data:
context.data = {}
context.data["path"] = path
context.update(context.data or {})
return context
def suggest_user(term, group):
pathname = get_pathname(group)
if not get_access(pathname).get("admin"):
raise frappe.PermissionError
users = frappe.db.sql(
"""select pr.name, pr.first_name, pr.last_name,
pr.user_image, pr.location
from `tabUser` pr
where (pr.first_name like %(term)s or pr.last_name like %(term)s)
and pr.user_type = "Website User"
and pr.user_image is not null and pr.enabled=1
and not exists(select wsp.name from `tabWebsite Route Permission` wsp
where wsp.website_route=%(group)s and wsp.user=pr.name)""",
{"term": "%{}%".format(term), "group": pathname},
as_dict=True,
)
template = frappe.get_template("templates/includes/user_display.html")
return [
{
"value": "{} {}".format(pr.first_name or "", pr.last_name or ""),
"user_html": template.render({"user": pr}),
"user": pr.name,
}
for pr in users
]
def save_post(post, content, picture=None, picture_name=None, title=None,
assigned_to=None, status=None, event_datetime=None):
post = frappe.get_doc("Post", post)
access = get_access(get_pathname(post.website_group))
if not access.get("write"):
raise frappe.PermissionError
# TODO improve error message
if frappe.session.user != post.owner:
for fieldname in ("title", "content"):
if post.get(fieldname) != locals().get(fieldname):
frappe.throw(_("Cannot change {0}").format(fieldname))
if picture and picture_name:
frappe.throw(_("Cannot change picture"))
post.update({
"title": (title or "").title(),
"content": content,
"assigned_to": assigned_to,
"status": status,
"event_datetime": event_datetime
})
post.ignore_permissions = True
post.save()
if picture_name and picture:
process_picture(post, picture_name, picture)
return post.parent_post or post.name
def update_description(group, description):
if not get_access(get_pathname(group)).get("admin"):
raise frappe.PermissionError
group = frappe.get_doc("Website Group", group)
group.group_description = description
group.save(ignore_permissions=True)
def suggest_user(term, group):
doc = frappe.get_doc("Website Group", group)
pathname = doc.get_route()
if not get_access(doc, pathname).get("admin"):
raise frappe.PermissionError
users = frappe.db.sql("""select pr.name, pr.first_name, pr.last_name,
pr.user_image, pr.location
from `tabUser` pr
where (pr.first_name like %(term)s or pr.last_name like %(term)s)
and pr.user_type = "Website User"
and pr.user_image is not null and pr.enabled=1
and not exists(select wsp.name from `tabWebsite Route Permission` wsp
where wsp.website_route=%(group)s and wsp.user=pr.name)""", {
"term": "%{}%".format(term),
"group": pathname
},
as_dict=True)
template = frappe.get_template("templates/includes/user_display.html")
return [{
"value": "{} {}".format(pr.first_name or "", pr.last_name or ""),
"user_html": template.render({"user": pr}),
"user": pr.name
} for pr in users]
def save_post(post, content, picture=None, picture_name=None, title=None,
assigned_to=None, status=None, event_datetime=None):
post = frappe.get_doc("Post", post)
group = frappe.get_doc("Website Group", post.website_group)
access = get_access(group, group.get_route())
if not access.get("write"):
raise frappe.PermissionError
# TODO improve error message
if frappe.session.user != post.owner:
for fieldname in ("title", "content"):
if post.get(fieldname) != locals().get(fieldname):
frappe.throw(_("Cannot change {0}").format(fieldname))
if picture and picture_name:
frappe.throw(_("Cannot change picture"))
post.update({
"title": (title or "").title(),
"content": content,
"assigned_to": assigned_to,
"status": status,
"event_datetime": event_datetime
})
post.ignore_permissions = True
post.save()
if picture_name and picture:
process_picture(post, picture_name, picture)
return post.parent_post or post.name
def update_description(group, description):
if not get_access(get_pathname(group)).get("admin"):
raise frappe.PermissionError
group = frappe.get_doc("Website Group", group)
group.group_description = description
group.save(ignore_permissions=True)
def update_permission(group, user, perm, value):
pathname = get_pathname(group)
if not get_access(pathname).get("admin"):
raise frappe.PermissionError
permission = frappe.get_doc("Website Route Permission", {
"website_route": pathname,
"user": user
})
permission.set(perm, int(value))
permission.save(ignore_permissions=True)
# send email
if perm == "admin" and int(value):
group_title = frappe.db.get_value("Website Route", pathname,
"page_title")
subject = "You have been made Administrator of Group " + group_title
send(recipients=[user],
subject=subject,
add_unsubscribe_link=False,
message="""<h3>Group Notification<h3>\
<p>%s</p>\
<p style="color: #888">This is just for your information.</p>""" % subject)
def get_post_list_html(group, view, limit_start=0, limit_length=20):
from frappe.templates.generators.website_group import get_views
# verify permission for paging
if frappe.local.form_dict.cmd == "get_post_list_html":
pathname = frappe.db.get_value("Website Route",
{"ref_doctype": "Website Group", "docname": group})
access = get_access(pathname)
if not access.get("read"):
return frappe.PermissionError
conditions = ""
values = [group]
group_type = frappe.db.get_value("Website Group", group, "group_type")
if group_type == "Events":
# should show based on time upto precision of hour
# because the current hour should also be in upcoming
values.append(now_datetime().replace(minute=0, second=0, microsecond=0))
if view in ("feed", "closed"):
order_by = "p.creation desc"
if view == "closed":
conditions += " and p.is_task=1 and p.status='Closed'"
elif view in ("popular", "open"):
now = get_datetime_str(now_datetime())
order_by = """(p.upvotes + post_reply_count - (timestampdiff(hour, p.creation, \"{}\") / 2)) desc,
p.creation desc""".format(now)
if view == "open":
conditions += " and p.is_task=1 and p.status='Open'"
elif view == "upcoming":
conditions += " and p.is_event=1 and p.event_datetime >= %s"
order_by = "p.event_datetime asc"
elif view == "past":
conditions += " and p.is_event=1 and p.event_datetime < %s"
order_by = "p.event_datetime desc"
values += [int(limit_start), int(limit_length)]
posts = frappe.db.sql("""select p.*, pr.user_image, pr.first_name, pr.last_name,
(select count(pc.name) from `tabPost` pc where pc.parent_post=p.name) as post_reply_count
from `tabPost` p, `tabUser` pr
where p.website_group = %s and pr.name = p.owner and ifnull(p.parent_post, '')=''
{conditions} order by {order_by} limit %s, %s""".format(conditions=conditions, order_by=order_by),
tuple(values), as_dict=True, debug=True)
context = { "posts": posts, "limit_start": limit_start, "view": get_views(group_type)[view] }
return frappe.get_template("templates/includes/post_list.html").render(context)
def get_post_list_html(group, view, limit_start=0, limit_length=20):
from frappe.website.doctype.website_group.website_group import get_views
# verify permission for paging
if frappe.local.form_dict.cmd == "get_post_list_html":
doc = frappe.get_doc("Website Group", group)
access = get_access(doc, doc.get_route())
if not access.get("read"):
return frappe.PermissionError
conditions = ""
values = [group]
group_type = frappe.db.get_value("Website Group", group, "group_type")
if group_type == "Events":
# should show based on time upto precision of hour
# because the current hour should also be in upcoming
values.append(now_datetime().replace(minute=0, second=0, microsecond=0))
if view in ("feed", "closed"):
order_by = "p.creation desc"
if view == "closed":
conditions += " and p.is_task=1 and p.status='Closed'"
elif view in ("popular", "open"):
now = get_datetime_str(now_datetime())
order_by = """(p.upvotes + post_reply_count - (timestampdiff(hour, p.creation, \"{}\") / 2)) desc,
p.creation desc""".format(now)
if view == "open":
conditions += " and p.is_task=1 and p.status='Open'"
elif view == "upcoming":
conditions += " and p.is_event=1 and p.event_datetime >= %s"
order_by = "p.event_datetime asc"
elif view == "past":
conditions += " and p.is_event=1 and p.event_datetime < %s"
order_by = "p.event_datetime desc"
values += [int(limit_start), int(limit_length)]
posts = frappe.db.sql("""select p.*, pr.user_image, pr.first_name, pr.last_name,
(select count(pc.name) from `tabPost` pc where pc.parent_post=p.name) as post_reply_count
from `tabPost` p, `tabUser` pr
where p.website_group = %s and pr.name = p.owner and ifnull(p.parent_post, '')=''
{conditions} order by {order_by} limit %s, %s""".format(conditions=conditions, order_by=order_by),
tuple(values), as_dict=True)
context = { "posts": posts, "limit_start": limit_start, "view": get_views(group_type)[view] }
return frappe.get_template("templates/includes/post_list.html").render(context)
def get_allowed_events(user, events):
group_access = {}
for pathname in set([p.pathname for p in events]):
group_access[pathname] = get_access(pathname, profile=user).get("read") or 0
allowed_events = []
for post in events:
if group_access.get(post.pathname):
allowed_events.append(post)
return allowed_events
def add_website_group(group, new_group, public_read, public_write, group_type="Forum"):
doc = frappe.get_doc("Website Group", group)
pathname = doc.get_route()
if not get_access(doc, pathname).get("admin"):
raise frappe.PermissionError
frappe.get_doc({
"doctype": "Website Group",
"group_name": group + "-" + new_group,
"group_title": new_group,
"parent_website_group": group,
"group_type": group_type,
"public_read": int(public_read),
"public_write": int(public_write)
}).insert(ignore_permissions=True)
def add_website_group(group, new_group, public_read, public_write, group_type="Forum"):
if not get_access(get_pathname(group)).get("admin"):
raise frappe.PermissionError
parent_website_route = frappe.db.get_value("Website Route",
{"ref_doctype": "Website Group", "docname": group})
frappe.get_doc({
"doctype": "Website Group",
"group_name": group + "-" + new_group,
"group_title": new_group,
"parent_website_route": parent_website_route,
"group_type": group_type,
"public_read": int(public_read),
"public_write": int(public_write)
}).insert(ignore_permissions=True)
def add_post(group,
content,
picture,
picture_name,
title=None,
parent_post=None,
assigned_to=None,
status=None,
event_datetime=None):
access = get_access(get_pathname(group))
if not access.get("write"):
raise frappe.PermissionError
if parent_post:
if frappe.db.get_value("Post", parent_post, "parent_post"):
frappe.throw("Cannot reply to a reply")
group = frappe.doc("Website Group", group)
post = frappe.bean({
"doctype": "Post",
"title": (title or "").title(),
"content": content,
"website_group": group.name,
"parent_post": parent_post or None
})
if not parent_post:
if group.group_type == "Tasks":
post.doc.is_task = 1
post.doc.assigned_to = assigned_to
elif group.group_type == "Events":
post.doc.is_event = 1
post.doc.event_datetime = event_datetime
post.ignore_permissions = True
post.insert()
if picture_name and picture:
process_picture(post, picture_name, picture)
# send email
if parent_post:
post.run_method("send_email_on_reply")
return post.doc.parent_post or post.doc.name
def add_website_group(group, new_group, public_read, public_write, group_type="Forum"):
if not get_access(get_pathname(group)).get("admin"):
raise frappe.PermissionError
parent_website_route = frappe.db.get_value("Website Route", {"ref_doctype": "Website Group", "docname": group})
frappe.get_doc(
{
"doctype": "Website Group",
"group_name": group + "-" + new_group,
"group_title": new_group,
"parent_website_route": parent_website_route,
"group_type": group_type,
"public_read": int(public_read),
"public_write": int(public_write),
}
).insert(ignore_permissions=True)
def set_vote(ref_doctype, ref_name):
website_group_name = frappe.db.get_value(ref_doctype, ref_name, "website_group")
group = frappe.get_doc("Website Group", website_group_name)
if not get_access(group, group.get_route()).get("read"):
raise frappe.PermissionError
try:
user_vote = frappe.get_doc({
"doctype": "User Vote",
"ref_doctype": ref_doctype,
"ref_name": ref_name
})
user_vote.ignore_permissions = True
user_vote.insert()
return "ok"
except frappe.DuplicateEntryError:
return "duplicate"
def add_sitemap_permission(group, user):
pathname = get_pathname(group)
if not get_access(pathname).get("admin"):
raise frappe.PermissionError
permission = frappe.get_doc(
{"doctype": "Website Route Permission", "website_route": pathname, "user": user, "read": 1}
)
permission.insert(ignore_permissions=True)
user = permission.as_dict()
user.update(
frappe.db.get_value(
"User", user.user, ["name", "first_name", "last_name", "user_image", "location"], as_dict=True
)
)
return frappe.get_template("templates/includes/sitemap_permission.html").render({"user": user})
def set_vote(ref_doctype, ref_name):
website_group_name = frappe.db.get_value(ref_doctype, ref_name,
"website_group")
group = frappe.get_doc("Website Group", website_group_name)
if not get_access(group, group.get_route()).get("read"):
raise frappe.PermissionError
try:
user_vote = frappe.get_doc({
"doctype": "User Vote",
"ref_doctype": ref_doctype,
"ref_name": ref_name
})
user_vote.ignore_permissions = True
user_vote.insert()
return "ok"
except frappe.DuplicateEntryError:
return "duplicate"
def add_website_group(group,
new_group,
public_read,
public_write,
group_type="Forum"):
doc = frappe.get_doc("Website Group", group)
pathname = doc.get_route()
if not get_access(doc, pathname).get("admin"):
raise frappe.PermissionError
frappe.get_doc({
"doctype": "Website Group",
"group_name": group + "-" + new_group,
"group_title": new_group,
"parent_website_group": group,
"group_type": group_type,
"public_read": int(public_read),
"public_write": int(public_write)
}).insert(ignore_permissions=True)
def update_permission(group, user, perm, value):
doc = frappe.get_doc("Website Group", group)
pathname = doc.get_route()
if not get_access(doc, pathname).get("admin"):
raise frappe.PermissionError
permission = frappe.get_doc("Website Route Permission",
{"website_route": pathname, "user": user, "reference": group})
permission.set(perm, int(value))
permission.save(ignore_permissions=True)
# send email
if perm=="admin" and int(value):
subject = "You have been made Administrator of Group " + doc.group_title
send(recipients=[user],
subject= subject, add_unsubscribe_link=False,
message="""<h3>Group Notification<h3>\
<p>%s</p>\
<p style="color: #888">This is just for your information.</p>""" % subject)
def add_sitemap_permission(group, user):
pathname = get_pathname(group)
if not get_access(pathname).get("admin"):
raise frappe.PermissionError
permission = frappe.get_doc({
"doctype": "Website Route Permission",
"website_route": pathname,
"user": user,
"read": 1
})
permission.insert(ignore_permissions=True)
user = permission.as_dict()
user.update(frappe.db.get_value("User", user.user,
["name", "first_name", "last_name", "user_image", "location"], as_dict=True))
return frappe.get_template("templates/includes/sitemap_permission.html").render({
"user": user
})
def add_post(group, content, picture, picture_name, title=None, parent_post=None,
assigned_to=None, status=None, event_datetime=None):
doc = frappe.get_doc("Website Group", group)
access = get_access(doc, doc.get_route())
if not access.get("write"):
raise frappe.PermissionError
if parent_post:
if frappe.db.get_value("Post", parent_post, "parent_post"):
frappe.throw(_("Cannot reply to a reply"))
group = frappe.get_doc("Website Group", group)
post = frappe.get_doc({
"doctype":"Post",
"title": (title or "").title(),
"content": content,
"website_group": group.name,
"parent_post": parent_post or None
})
if not parent_post:
if group.group_type == "Tasks":
post.is_task = 1
post.assigned_to = assigned_to
elif group.group_type == "Events":
post.is_event = 1
post.event_datetime = event_datetime
post.ignore_permissions = True
post.insert()
if picture_name and picture:
process_picture(post, picture_name, picture)
# send email
if parent_post:
post.run_method("send_email_on_reply")
return post.parent_post or post.name
def get_context(path):
context = None
cache_key = "page_context:{}".format(path)
def add_data_path(context):
if not context.data:
context.data = {}
context.data["path"] = path
# try from memcache
if can_cache():
context = frappe.cache().get_value(cache_key)
if not context:
context = get_route_info(path)
# permission may be required for rendering
if context.doc and context.doc.doctype == "Website Group":
context["access"] = get_access(context.doc, context.pathname)
else:
context["access"] = frappe._dict({
"public_read": 1,
"public_write": 1
})
context = build_context(context)
add_data_path(context)
if can_cache(context.no_cache):
frappe.cache().set_value(cache_key, context)
else:
context["access"] = frappe._dict({"public_read": 1, "public_write": 1})
add_data_path(context)
context.update(context.data or {})
return context
def add_sitemap_permission(group, profile):
pathname = get_pathname(group)
if not get_access(pathname).get("admin"):
raise frappe.PermissionError
permission = frappe.bean({
"doctype": "Website Route Permission",
"website_route": pathname,
"profile": profile,
"read": 1
})
permission.insert(ignore_permissions=True)
profile = permission.doc.fields
profile.update(
frappe.db.get_value(
"Profile",
profile.profile,
["name", "first_name", "last_name", "user_image", "location"],
as_dict=True))
return frappe.get_template(
"templates/includes/sitemap_permission.html").render(
{"profile": profile})
