def update(): (db, table) = get_table(request) keyed = hasattr(db[table], '_primarykey') record = None if keyed: key = [f for f in request.vars if f in db[table]._primarykey] if key: record = db( db[table][key[0]] == request.vars[key[0]]).select().first() else: record = db(db[table].id == request.args(2)).select().first() if not record: qry = query_by_table_type(table, db) session.flash = T('record does not exist') redirect(URL('select', args=request.args[:1], vars=dict(query=qry))) if keyed: for k in db[table]._primarykey: db[table][k].writable = False form = SQLFORM(db[table], record, deletable=True, delete_label=T('Check to delete'), ignore_rw=ignore_rw and not keyed, linkto=URL('select', args=request.args[:1]), upload=URL(r=request, f='download', args=request.args[:1])) if form.accepts(request.vars, session): session.flash = T('done!') qry = query_by_table_type(table, db) redirect(URL('select', args=request.args[:1], vars=dict(query=qry))) return dict(form=form, table=db[table])
def edit(): table, row = validate(request.args(0), request.args(1)) #row = db.patient(request.args(0)) or redirect(URL('index')) # specify custom labels labels ={'lname':'Last Name', 'mrn': 'MRN'} form = SQLFORM(db.patient, record = row, fields=['mrn','lname', 'ethnicity', 'date_of_birth'], labels = labels, #formstyle="divs", showid=False, submit_button='Save') if form.accepts(request.vars, session): session.flash = '%s %s successfully updated.' % (singular(table), row['id']) redirect(URL('list_patient', args=table)) elif form.errors: response.flash = 'Error. Please correct the issues marked in red below.' return dict(table=table, row=row, form=form)
def update(): (db, table) = get_table(request) keyed = hasattr(db[table],'_primarykey') record = None if keyed: key = [f for f in request.vars if f in db[table]._primarykey] if key: record = db(db[table][key[0]] == request.vars[key[0]]).select().first() else: record = db(db[table].id == request.args(2)).select().first() if not record: qry = query_by_table_type(table, db) session.flash = T('record does not exist') redirect(URL('select', args=request.args[:1], vars=dict(query=qry))) if keyed: for k in db[table]._primarykey: db[table][k].writable=False form = SQLFORM(db[table], record, deletable=True, delete_label=T('Check to delete'), ignore_rw=ignore_rw and not keyed, linkto=URL('select', args=request.args[:1]), upload=URL(r=request, f='download', args=request.args[:1])) if form.accepts(request.vars, session): session.flash = T('done!') qry = query_by_table_type(table, db) redirect(URL('select', args=request.args[:1], vars=dict(query=qry))) return dict(form=form,table=db[table])
def questions(): """ At this stage, the user the following workflow will be implemented: - User adds questions via the drop down or clicks "Add Question" to add a new one. """ table = db["survey_questions"] record = request.args(0) template = db( db.survey_template.id == session.rcvars.survey_template).select( limitby=(0, 1)).first() if not template: session.error = T("No template found!") redirect(URL(r=request, f="template")) if not record: questions_query = (db.survey_template_link.survey_questions_id == db.survey_questions.id) & ( template.id == db.survey_template_link.survey_template_id) record = db(questions_query).select(db.survey_questions.id, limitby=(0, 1)).first() if record: redirect(URL(r=request, f="questions", args=[record.id])) questions_form = SQLFORM(table, record, deletable=True, keepvalues=True) all_questions = db().select(db.survey_question.ALL) output = dict(all_questions=all_questions) # Let's avoid blowing up -- this loads questions try: query = (template.id == db.survey_template_link.survey_template_id) contained_questions = db(query).select(db.survey_question.id) if len(contained_questions) > 0: output.update(contained_questions=contained_questions) else: output.update(contained_questions=contained_questions) except: output.update(contained_questions=[]) pass # this means we didn't pass an id, e.g., making a new section! if questions_form.accepts(request.vars, session, keepvalues=True): questions = request.post_vars.questions if questions: for question in questions: if not has_dupe_questions(template.id, question): db.survey_template_link.insert( survey_template_id=session.rcvars.survey_template, survey_questions_id=questions_form.vars.id, survey_question_id=question) elif questions_form.errors: response.error = T("Please correct all errors.") output.update(form=questions_form) return output
def index(): """ example action using the internationalization operator T and flash rendered by views/default/index.html or views/generic.html """ form = SQLFORM(db.notes, fields=['content'], _name='myform', showid=True, labels = {'content': 'Your notes'}, hidden=dict(lat="", lng="")) if form.accepts(request.vars, session): response.flash = 'form accepted' elif form.errors: response.flash = 'form has errors' else: response.flash = 'please fill out the form' response.flash = T('Welcome to web2py') return dict(form=form, message=T('Hello World'))
def questions(): """ At this stage, the user the following workflow will be implemented: - User adds questions via the drop down or clicks "Add Question" to add a new one. """ table = db["survey_questions"] record = request.args(0) template = db(db.survey_template.id == session.rcvars.survey_template).select(limitby=(0, 1)).first() if not template: session.error = T("No template found!") redirect(URL(r=request, f="template")) if not record: questions_query = (db.survey_template_link.survey_questions_id == db.survey_questions.id) & (template.id == db.survey_template_link.survey_template_id) record = db(questions_query).select(db.survey_questions.id, limitby=(0, 1)).first() if record: redirect(URL(r=request, f="questions", args=[record.id])) questions_form = SQLFORM(table, record, deletable=True, keepvalues=True) all_questions = db().select(db.survey_question.ALL) output = dict(all_questions=all_questions) # Let's avoid blowing up -- this loads questions try: query = (template.id == db.survey_template_link.survey_template_id) contained_questions = db(query).select(db.survey_question.id) if len(contained_questions) > 0: output.update(contained_questions=contained_questions) else: output.update(contained_questions=contained_questions) except: output.update(contained_questions=[]) pass # this means we didn't pass an id, e.g., making a new section! if questions_form.accepts(request.vars, session, keepvalues=True): questions = request.post_vars.questions if questions: for question in questions: if not has_dupe_questions(template.id, question): db.survey_template_link.insert(survey_template_id=session.rcvars.survey_template, survey_questions_id=questions_form.vars.id, survey_question_id=question) elif questions_form.errors: response.error = T("Please correct all errors.") output.update(form=questions_form) return output
def create(): msg_id = request.args(0) contact = get_contact(auth.user) db.msg_attachment.msg_id.default = msg_id db.msg_attachment.attach_by.default = contact.id form = SQLFORM(db.msg_attachment) if form.accepts(request.vars, session, dbio=False): filename = request.vars.attachment.filename form.vars.filename = filename form.vars.attachment_type = filename[filename.rindex('.') + 1:] msg_attachment_id = db.msg_attachment.insert( **db.msg_attachment._filter_fields(form.vars)) subject = db.msg[msg_id].subject dbutils.log_event(db, user_id=auth.user.id, item_id=msg_attachment_id, table_name='msg_attachment', access='create', details=','.join([subject,filename,msg_id])) session.flash = 'File successfully attached.' redirect(URL('messages','read', args=msg_id)) return dict(form = form)
def checkForm(self, table): formnamemodal = "formmodal_%s" % self.key form = SQLFORM(table, formname=formnamemodal) if form.accepts(self.request.vars, self.session, formname=formnamemodal): options = TAG[''](*[OPTION(v, _value=k, _selected=str(form.vars.id) == str(k)) for (k, v) in self.field.requires.options()]) _cmd = "jQuery('#%s').html('%s');" _cmd += "jQuery('#%s').modal('hide')" command = _cmd % (self.key, options.xml().replace("'", "\'"), self.modal_id ) self.response.flash = 'Se creó el registro' self.response.js = command elif form.errors: self.response.flash = "Controle el formulario" return form
def content(self): formnamemodal = "form_%s" % self.modal_key table = self.field._db[self.field.type[10:]] _cmd, params = None, {} form = SQLFORM(table, formname=formnamemodal) if form.accepts(current.request.vars, current.session, formname=formnamemodal): if self.autocomplete in ('option', 'OPTION', OPTION): options = TAG[''](*[OPTION(v, _value=k, _selected=str(form.vars.id) == str(k)) for (k, v) in self.field.requires.options()]) _cmd += "$('#%(modal_key)s').html('%(options)s');" params = {'modal_key': self.modal_key, 'options': options.xml().replace("'", "\'")} elif isinstance(self.autocomplete, Field): fieldtarget = str(table[self.autocomplete.name]).replace('.', '_') _cmd += "$('#%(modal_key)s').val('%(autocomplete)s');" _cmd += "$('#_autocomplete_%(ftarget)s_auto').val(%(id)s);" params = {'modal_key': self.modal_key, 'autocomplete': form.vars[self.autocomplete.name], 'id': form.vars.id, 'ftarget': fieldtarget} current.response.flash = "Se creó el registro" current.response.js = self.js(form, _cmd, **params) elif form.errors: current.response.flash = "Controle el formulario" return form
def content(self): formnamemodal = "form_%s" % self.modal_key table = self.field._db[self.field.type[10:]] form = SQLFORM(table, formname=formnamemodal) if form.accepts(current.request.vars, current.session, formname=formnamemodal): if not self.autocomplete: options = TAG[""]( *[ OPTION(v, _value=k, _selected=str(form.vars.id) == str(k)) for (k, v) in self.field.requires.options() ] ) _cmd = "jQuery('#%s').html('%s');" _cmd += "jQuery('#%s').modal('hide')" command = _cmd % (self.modal_key, options.xml().replace("'", "'"), self.modal_id) else: fieldtarget = str(table[self.autocomplete]).replace(".", "_") _cmd = "jQuery('#%(modal_key)s').val('%(autocomplete)s');" _cmd += "jQuery('#_autocomplete_%(ftarget)s_auto').val(%(id)s);" _cmd += "jQuery('#%(modal_id)s').modal('hide');" command = _cmd % dict( modal_key=self.modal_key, autocomplete=form.vars[self.autocomplete], id=form.vars.id, ftarget=fieldtarget, modal_id=self.modal_id, ) current.response.flash = "Se creó el registro" current.response.js = command elif form.errors: current.response.flash = "Controle el formulario" return form
def update(self): """Generic table update. Returns: dict, dictionary suitable for html template """ if len(self.request.args) > 0: row = self.sqldb(self.sqldb_table.id == self.request.args[0]).select()[0] form = SQLFORM(self.sqldb_table, row, deletable=True) action = 'Update' else: form = SQLFORM(self.sqldb_table) action = 'Add' if form.accepts(self.request.vars, self.session, keepvalues=True): self.response.flash = 'record updated' elif form.errors: self.response.flash = 'Form could not be submitted.' + \ 'Please make corrections.' elif not self.response.flash: self.response.flash = "Fill out the form and submit." return dict(form=form, action=action, table=self.table_name)
def new(): #table, dummy = validate(request.args(0)) table = db.patient labels ={'lname':'Last Name', 'mrn': 'MRN'} #form = SQLFORM(table, formstyle="divs", showid=False, submit_button='Add') form = SQLFORM(table, fields=['mrn','lname', 'ethnicity', 'date_of_birth'], labels = labels, #formstyle="divs", showid=False, submit_button='Add New') if form.accepts(request.vars, session): session.flash = '%s %s successfully created.' % (singular(table), form.vars.id) redirect(URL('status', args=table)) elif form.errors: response.flash = 'Error. Please correct the issues marked in red below.' return dict(table=table, form=form)
def merge_form(self, merge_id, source, onvalidation=None, onaccept=None, message="Records merged", format=None): """ DRY helper function for SQLFORM in Merge """ # Environment db = self.db session = self.manager.session request = self.manager.request response = self.manager.response # Get the CRUD settings audit = self.manager.audit settings = self.settings # Table and model prefix = self.prefix name = self.name tablename = self.tablename table = self.table model = self.manager.model record = None labels = None # Add asterisk to labels of required fields labels = Storage() mark_required = self._config("mark_required") response.s3.has_required = False for field in table: if field.writable: required = field.required or \ field.notnull or \ mark_required and field.name in mark_required validators = field.requires if not validators and not required: continue if not required: if not isinstance(validators, (list, tuple)): validators = [validators] for v in validators: if hasattr(v, "options"): if hasattr(v, "zero") and v.zero is None: continue val, error = v("") if error: required = True break if required: response.s3.has_required = True labels[field.name] = DIV("%s:" % field.label, SPAN(" *", _class="req")) for f in source: row = self.db(table.id==merge_id).select(limitby=(0, 1)).first() if f in row.keys(): print f if table[f].represent is not None: value = table[f].represent(source[f]) else: value = str(source[f]) comment = DIV(INPUT(_type="hidden", _value=row[f]), value) # Get formstyle from settings formstyle = self.settings.formstyle # Get the form form = SQLFORM(table, record = merge_id, col3 = dict(), # using this for the copy button+merge data deletable = False, showid = False, upload = self.download_url, labels = labels, formstyle = formstyle, submit_button = self.settings.submit_button) # Process the form logged = False # Set form name formname = "%s/%s" % (self.tablename, form.record_id) # Get the proper onvalidation routine if isinstance(onvalidation, dict): onvalidation = onvalidation.get(self.tablename, []) if form.accepts(request.post_vars, session, formname=formname, onvalidation=onvalidation, keepvalues=False, hideerror=False): # Message response.flash = message # Audit if merge_id is None: audit("create", prefix, name, form=form, representation=format) else: audit("update", prefix, name, form=form, record=merge_id, representation=format) logged = True # Update super entity links model.update_super(table, form.vars) # Store session vars if form.vars.id: if record_id is None: self.manager.auth.s3_make_session_owner(table, form.vars.id) self.resource.lastid = str(form.vars.id) self.manager.store_session(prefix, name, form.vars.id) # Execute onaccept callback(onaccept, form, tablename=tablename) if not logged and not form.errors: audit("read", prefix, name, record=merge_id, representation=format) return form
def insert(): (db, table) = get_table(request) form = SQLFORM(db[table], ignore_rw=ignore_rw) if form.accepts(request.vars, session): response.flash = T('new record inserted') return dict(form=form, table=db[table])
def insert(): (db, table) = get_table(request) form = SQLFORM(db[table], ignore_rw=ignore_rw) if form.accepts(request.vars, session): response.flash = T('new record inserted') return dict(form=form,table=db[table])
def register( self, next=DEFAULT, onvalidation=DEFAULT, onaccept=DEFAULT, log=DEFAULT, ): """ Overrides Web2Py's register() to add new functionality: * Checks whether registration is permitted * Custom Flash styles * utcnow * Allow form to be embedded in other pages returns a registration form .. method:: Auth.register([next=DEFAULT [, onvalidation=DEFAULT [, onaccept=DEFAULT [, log=DEFAULT]]]]) """ request = self.environment.request response = self.environment.response session = self.environment.session # S3: Don't allow registration if disabled db = self.db settings = db(db.s3_setting.id > 0).select(db.s3_setting.utc_offset, limitby=(0, 1)).first() if settings: self_registration = session.s3.self_registration utc_offset = settings.utc_offset else: # db empty and prepopulate is false self_registration = True utc_offset = self.deployment_settings.get_L10n_utc_offset() if not self_registration: session.error = self.messages.registration_disabled redirect(URL(r=request, args=["login"])) if self.is_logged_in() and request.function != "index": redirect(self.settings.logged_url) if next == DEFAULT: next = request.vars._next or self.settings.register_next if onvalidation == DEFAULT: onvalidation = self.settings.register_onvalidation if onaccept == DEFAULT: onaccept = self.settings.register_onaccept if log == DEFAULT: log = self.messages.register_log user = self.settings.table_user user.utc_offset.default = utc_offset passfield = self.settings.password_field form = SQLFORM(user, hidden=dict(_next=request.vars._next), showid=self.settings.showid, submit_button=self.messages.submit_button, delete_label=self.messages.delete_label) for i, row in enumerate(form[0].components): item = row[1][0] if isinstance(item, INPUT) and item["_name"] == passfield: form[0].insert(i + 1, TR( LABEL(self.messages.verify_password + ":"), INPUT(_name="password_two", _type="password", requires=IS_EXPR("value==%s" % \ repr(request.vars.get(passfield, None)), error_message=self.messages.mismatched_password)), "", _class="%s_%s__row" % (user, "password_two"))) if self.settings.captcha != None: form[0].insert(-1, TR("", self.settings.captcha, "")) user.registration_key.default = key = str(uuid.uuid4()) if form.accepts(request.vars, session, formname="register", onvalidation=onvalidation): description = \ "group uniquely assigned to %(first_name)s %(last_name)s"\ % form.vars if self.settings.create_user_groups: group_id = self.add_group("user_%s" % form.vars.id, description) self.add_membership(group_id, form.vars.id) if self.settings.registration_requires_verification and self.db(self.settings.table_user.id > 0).count() > 1: if not self.settings.mailer or \ not self.settings.mailer.send(to=form.vars.email, subject=self.messages.verify_email_subject, message=self.messages.verify_email % dict(key=key)): self.db.rollback() response.error = self.messages.invalid_email return form session.confirmation = self.messages.email_sent elif self.settings.registration_requires_approval and self.db(self.settings.table_user.id > 0).count() > 1: user[form.vars.id] = dict(registration_key="pending") session.warning = self.messages.registration_pending else: user[form.vars.id] = dict(registration_key="") session.confirmation = self.messages.registration_successful table_user = self.settings.table_user if "username" in table_user.fields: username = "******" else: username = "******" user = self.db(table_user[username] == form.vars[username]).select(limitby=(0, 1)).first() user = Storage(table_user._filter_fields(user, id=True)) # Add the first user to admin group # Installers should create a default user with random password to make this safe if self.db(table_user.id > 0).count() == 1: table_group = self.settings.table_group admin_group = self.db(table_group.role == "Administrator").select(table_group.id, limitby=(0, 1)).first() if admin_group: self.add_membership(admin_group.id, user.id) # Add extra startup roles for system administrator roles = self.settings.admin_startup_roles if roles: for r in roles: group = self.db(table_group.role == r).select(table_group.id, limitby=(0, 1)).first() if group: self.add_membership(group.id, user.id) session.auth = Storage(user=user, last_visit=request.now, expiration=self.settings.expiration) self.user = user session.flash = self.messages.logged_in if log: self.log_event(log % form.vars) if onaccept: onaccept(form) if not next: next = self.url(args = request.args) elif isinstance(next, (list, tuple)): # fix issue with 2.6 next = next[0] elif next and not next[0] == "/" and next[:4] != "http": next = self.url(next.replace("[id]", str(form.vars.id))) redirect(next) return form
def login( self, next=DEFAULT, onvalidation=DEFAULT, onaccept=DEFAULT, log=DEFAULT, ): """ Overrides Web2Py's login() to use custom flash styles & utcnow returns a login form .. method:: Auth.login([next=DEFAULT [, onvalidation=DEFAULT [, onaccept=DEFAULT [, log=DEFAULT]]]]) """ table_user = self.settings.table_user if "username" in table_user.fields: username = "******" else: username = "******" old_requires = table_user[username].requires table_user[username].requires = IS_NOT_EMPTY() request = self.environment.request response = self.environment.response session = self.environment.session passfield = self.settings.password_field if next == DEFAULT: next = request.vars._next or self.settings.login_next if onvalidation == DEFAULT: onvalidation = self.settings.login_onvalidation if onaccept == DEFAULT: onaccept = self.settings.login_onaccept if log == DEFAULT: log = self.messages.login_log user = None # default # do we use our own login form, or from a central source? if self.settings.login_form == self: form = SQLFORM( table_user, fields=[username, passfield], hidden=dict(_next=request.vars._next), showid=self.settings.showid, submit_button=self.messages.submit_button, delete_label=self.messages.delete_label, ) accepted_form = False if form.accepts(request.vars, session, formname="login", dbio=False, onvalidation=onvalidation): accepted_form = True # check for username in db users = self.db(table_user[username] == form.vars[username]).select() if users: # user in db, check if registration pending or disabled temp_user = users[0] if temp_user.registration_key == "pending": response.warning = self.messages.registration_pending return form elif temp_user.registration_key == "disabled": response.error = self.messages.login_disabled return form elif temp_user.registration_key: response.warning = \ self.messages.registration_verifying return form # try alternate logins 1st as these have the current version of the password for login_method in self.settings.login_methods: if login_method != self and \ login_method(request.vars[username], request.vars[passfield]): if not self in self.settings.login_methods: # do not store password in db form.vars[passfield] = None user = self.get_or_create_user(form.vars) break if not user: # alternates have failed, maybe because service inaccessible if self.settings.login_methods[0] == self: # try logging in locally using cached credentials if temp_user[passfield] == form.vars.get(passfield, ""): # success user = temp_user else: # user not in db if not self.settings.alternate_requires_registration: # we're allowed to auto-register users from external systems for login_method in self.settings.login_methods: if login_method != self and \ login_method(request.vars[username], request.vars[passfield]): if not self in self.settings.login_methods: # do not store password in db form.vars[passfield] = None user = self.get_or_create_user(form.vars) break if not user: # invalid login session.error = self.messages.invalid_login redirect(self.url(args=request.args)) else: # use a central authentication server cas = self.settings.login_form cas_user = cas.get_user() if cas_user: cas_user[passfield] = None user = self.get_or_create_user(cas_user) elif hasattr(cas, "login_form"): return cas.login_form() else: # we need to pass through login again before going on next = URL(r=request) + "?_next=" + next redirect(cas.login_url(next)) # process authenticated users if user: user = Storage(table_user._filter_fields(user, id=True)) session.auth = Storage(user=user, last_visit=request.now, expiration=self.settings.expiration) self.user = user session.confirmation = self.messages.logged_in if log and self.user: self.log_event(log % self.user) # how to continue if self.settings.login_form == self: if accepted_form: if onaccept: onaccept(form) if isinstance(next, (list, tuple)): # fix issue with 2.6 next = next[0] if next and not next[0] == "/" and next[:4] != "http": next = self.url(next.replace("[id]", str(form.vars.id))) redirect(next) table_user[username].requires = old_requires return form else: redirect(next)