def __call__(self): self.iu = get_import_utility() json_data = self.request.get("BODY", "") if not json_data: return data = json.loads(json_data) # SWITCH to Manager old_sm = getSecurityManager() tmp_user = UnrestrictedUser( old_sm.getUser().getId(), '', ['Manager'], '' ) portal = getToolByName(self.context, 'portal_url').getPortalObject() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) # DO Stuff as Manager self.iu.create_content(data, self.context) # @TODO: Maybe add option to commit after all created # SWITCH Back setSecurityManager(old_sm) return ""
def handle_modified(self, content): fieldmanager = ILanguageIndependentFieldsManager(content) if not fieldmanager.has_independent_fields(): return sm = getSecurityManager() try: # Do we have permission to sync language independent fields? if self.bypass_security_checks(): # Clone the current user and assign a new editor role to # allow edition of all translated objects even if the # current user whould not have permission to do that. tmp_user = UnrestrictedUser( sm.getUser().getId(), '', ['Editor', ], '') # Wrap the user in the acquisition context of the portal # and finally switch the user to our new editor acl_users = getToolByName(content, 'acl_users') tmp_user = tmp_user.__of__(acl_users) newSecurityManager(None, tmp_user) # Copy over all language independent fields transmanager = ITranslationManager(content) for translation in self.get_all_translations(content): trans_obj = transmanager.get_translation(translation) if fieldmanager.copy_fields(trans_obj): self.reindex_translation(trans_obj) finally: # Restore the old security manager setSecurityManager(sm)
def __call__(self): om = IOrderManagement(self.context) tid = self.request.get('TID','') order = getattr(om.orders,tid,None) log("\n%s\n%s\n%s" % (order, tid, self.request.get('STATUS'))) if order and self.request.get('STATUS') in ['RESERVED','BILLED']: # Set order to payed (Mails will be sent) wftool = getToolByName(self.context, "portal_workflow") # We need a new security manager here, because this transaction # should usually just be allowed by a Manager except here. old_sm = getSecurityManager() tmp_user = UnrestrictedUser( old_sm.getUser().getId(), '', ['Manager'], '' ) portal = getToolByName(self.context, 'portal_url').getPortalObject() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) try: # set to pending (send emails) wftool.doActionFor(order, "submit") # set to payed wftool.doActionFor(order, "pay_not_sent") except Exception, msg: self.status = msg # Reset security manager setSecurityManager(old_sm)
def receivePayment(self): """ """ shop = self.context # Get cart - Note: self.request.get("order") doesn't work! order_uid = self.request.get("QUERY_STRING")[6:] order = IOrderManagement(shop).getOrderByUID(order_uid) # change order state to "payed_not_sent" wftool = getToolByName(self, "portal_workflow") # We need a new security manager here, because this transaction should # usually just be allowed by a Manager except here. old_sm = getSecurityManager() tmp_user = UnrestrictedUser( old_sm.getUser().getId(), '', ['Manager'], '' ) portal = getToolByName(self.context, 'portal_url').getPortalObject() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) wftool.doActionFor(order, "pay_not_sent") ## Reset security manager setSecurityManager(old_sm)
def switchToManager(self): """ assume the security context of a Manager """ old_sm = getSecurityManager() tmp_user = UnrestrictedUser('temp_usr', '', ['Manager'], '') tmp_user = tmp_user.__of__(self.acl_users) newSecurityManager(None, tmp_user) return old_sm
def wrapper(*args, **kwargs): sm = getSecurityManager() acl_users = getSite().acl_users tmp_user = UnrestrictedUser( sm.getUser().getId(), '', [role], '' ) tmp_user = tmp_user.__of__(acl_users) newSecurityManager(None, tmp_user) ret = fct(*args, **kwargs) setSecurityManager(sm) return ret
def _validate_sudo(self, request): sm = getSecurityManager() acl_users = getToolByName(self.context, 'acl_users') tmp_user = UnrestrictedUser( sm.getUser().getId(), '', ['Manager'], '' ) tmp_user = tmp_user.__of__(acl_users) newSecurityManager(None, tmp_user) role = request.role target = uuidToObject(request.target) target.manage_setLocalRoles( request.userid, [role] ) target.reindexObject() setSecurityManager(sm)
def wrapper(*args, **kwargs): context = args[0] if checkPermission("collective.spaces.AddSpace", context): result = fn(*args, **kwargs) else: old_sm = getSecurityManager() tmp_user = UnrestrictedUser(old_sm.getUser().getId(), "", ["Contributor"], "") tmp_user = tmp_user.__of__(getToolByName(context, "acl_users")) try: newSecurityManager(None, tmp_user) result = fn(*args, **kwargs) except: raise finally: setSecurityManager(old_sm) return result
def __call__(self): self.iu = get_import_utility() json_data = self.request.get("BODY", "") if not json_data: return data = json.loads(json_data) # SWITCH to Manager old_sm = getSecurityManager() tmp_user = UnrestrictedUser(old_sm.getUser().getId(), '', ['Manager'], '') portal = getToolByName(self.context, 'portal_url').getPortalObject() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) # DO Stuff as Manager self.iu.create_content(data, self.context) # @TODO: Maybe add option to commit after all created # SWITCH Back setSecurityManager(old_sm) return ""
def test_authenticate_emergency_user_with_broken_extractor( self ): from Products.PluggableAuthService.interfaces.plugins \ import IExtractionPlugin, IAuthenticationPlugin from AccessControl.User import UnrestrictedUser from Products.PluggableAuthService import PluggableAuthService old_eu = PluggableAuthService.emergency_user eu = UnrestrictedUser( 'foo', 'bar', ( 'manage', ), () ) PluggableAuthService.emergency_user = eu plugins = self._makePlugins() zcuf = self._makeOne( plugins ) borked = DummyPlugin() directlyProvides( borked, ( IExtractionPlugin, ) ) borked.extractCredentials = lambda req: 'abc' zcuf._setObject( 'borked', borked ) plugins = zcuf._getOb( 'plugins' ) plugins.activatePlugin( IExtractionPlugin, 'borked' ) request = FauxRequest( form={ 'login' : eu.getUserName() , 'password' : eu._getPassword() } ) user_ids = zcuf._extractUserIds( request=request , plugins=zcuf.plugins ) self.assertEqual( len( user_ids ), 1 ) self.assertEqual( user_ids[ 0 ][0], 'foo' ) PluggableAuthService.emergency_user = old_eu
def execute_under_special_role(role, function, *args, **kwargs): """ Blatantly copied for reference, of: http://pydoc.net/Python/Products.EasyNewsletter/2.6.15/Products.EasyNewsletter.content.EasyNewsletter/ #noqa Execute code under special role priviledges. Example how to call:: execute_under_special_role(portal, "Manager", doSomeNormallyNotAllowedStuff, source_folder, target_folder) @param portal: Reference to ISiteRoot obj whose access ctls we are using @param function: Method to be called with special priviledges @param role: User role we are using for the security context when calling \ the priviledged code. For example, use "Manager". @param args: Passed to the function @param kwargs: Passed to the function """ portal = getSite() sm = getSecurityManager() try: try: # Clone the current access control user and assign a new role # for him/her. Note that the username (getId()) is left in # exception tracebacks in error_log # so it is important thing to store tmp_user = UnrestrictedUser( sm.getUser().getId(), '', [role], '') # Act as user of the portal tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) # Call the function return function(*args, **kwargs) except: # If special exception handlers are needed, run them here raise finally: setSecurityManager(sm)
def afterSetUp(self): setSite(self.app.site) newSecurityManager(None, UnrestrictedUser('god', '', ['Manager'], '')) self.site = self.app.site self.site.invokeFactory('File', id='file') self.site.portal_workflow.doActionFor(self.site.file, 'publish') self.site.invokeFactory('Image', id='image') self.site.portal_workflow.doActionFor(self.site.image, 'publish') self.site.invokeFactory('Folder', id='subfolder') self.subfolder = self.site.subfolder self.workflow = self.site.portal_workflow transaction.commit() # Make sure we have _p_jars
def test_authenticate_emergency_user_with_broken_extractor(self): from Products.PluggableAuthService.interfaces.plugins \ import IExtractionPlugin, IAuthenticationPlugin from AccessControl.User import UnrestrictedUser from Products.PluggableAuthService import PluggableAuthService old_eu = PluggableAuthService.emergency_user eu = UnrestrictedUser('foo', 'bar', ('manage', ), ()) PluggableAuthService.emergency_user = eu plugins = self._makePlugins() zcuf = self._makeOne(plugins) borked = DummyPlugin() directlyProvides(borked, (IExtractionPlugin, )) borked.extractCredentials = lambda req: 'abc' zcuf._setObject('borked', borked) plugins = zcuf._getOb('plugins') plugins.activatePlugin(IExtractionPlugin, 'borked') request = FauxRequest(form={ 'login': eu.getUserName(), 'password': eu._getPassword() }) user_ids = zcuf._extractUserIds(request=request, plugins=zcuf.plugins) self.assertEqual(len(user_ids), 1) self.assertEqual(user_ids[0][0], 'foo') PluggableAuthService.emergency_user = old_eu
def setUp(self): RequestTest.setUp(self) try: newSecurityManager(None, UnrestrictedUser('manager', '', ['Manager'], [])) self.root.manage_addProduct['CMFDefault'].manage_addCMFSite('cmf') self.site = self.root.cmf self.site.invokeFactory('File', id='file') self.site.portal_workflow.doActionFor(self.site.file, 'publish') self.site.invokeFactory('Image', id='image') self.site.portal_workflow.doActionFor(self.site.image, 'publish') self.site.invokeFactory('Folder', id='subfolder') self.subfolder = self.site.subfolder self.workflow = self.site.portal_workflow transaction.commit(1) # Make sure we have _p_jars except: self.tearDown() raise
def migrateImages322to400(article, out): ## looking for old images intImages = get322Contents(article, "__ordered_image_refs__", internal=True) extImages = get322Contents(article, "__ordered_image_refs__", internal=False) ## article ## images (ImageInnerContent) ## ImageInnerContentProxies (as many as images) ## attachedImage or ## referencedContent ## (image) -> just a computed field ## title ## description ## ## links ## files values = [] for image in intImages: value = { ## this are the fields of ImageInnerContentProxy "attachedImage": (image.getImage(), {}), "title": (image.Title(), {}), "description": (image.Description(), {}), "id": (generateUniqueId("imageProxy"), {}), } values.append(value) for image in extImages: value = { ## this are the fields of ImageInnerContentProxy "referencedContent": (image, {}), "title": (image.Title(), {}), "description": (image.Description(), {}), "id": (generateUniqueId("imageProxy"), {}), } values.append(value) # XXX Something make us loose right, but we are pragmatic current_user = getSecurityManager().getUser() newSecurityManager(None, UnrestrictedUser('manager', '', ['Manager'], [])) article.setImages(values) newSecurityManager(None, current_user)
def test__findEmergencyUser_no_plugins(self): from AccessControl.User import UnrestrictedUser from Products.PluggableAuthService import PluggableAuthService old_eu = PluggableAuthService.emergency_user eu = UnrestrictedUser('foo', 'bar', ('manage', ), ()) PluggableAuthService.emergency_user = eu plugins = self._makePlugins() zcuf = self._makeOne() zcuf._emergency_user = eu user = zcuf._findUser(plugins, 'foo') self.assertEqual(aq_base(zcuf._getEmergencyUser()), aq_base(user)) PluggableAuthService.emergency_user = old_eu
def unrestricted_apply(function, args=(), kw={}): # XXX-JPS: naming """Function to bypass all security checks This function is as dangerous as 'UnrestrictedMethod' decorator. Read its docstring for more information. Never use this, until you are 100% certain that you have no other way. """ security_manager = getSecurityManager() user = security_manager.getUser() anonymous = (user.getUserName() == 'Anonymous User') if user.getId() is None and not anonymous: # This is a special user, thus the user is not allowed to own objects. super_user = UnrestrictedUser(user.getUserName(), None, user.getRoles(), user.getDomains()) else: try: # XXX is it better to get roles from the parent (i.e. portal)? uf = user.aq_inner.aq_parent except AttributeError: # XXX: local imports are bad, getSite should be moved to ERP5Type. from Products.ERP5.ERP5Site import getSite uf = getSite().acl_users role_list = uf.valid_roles() if anonymous: # If the user is anonymous, use the id of the system user, # so that it would not be treated as an unauthorized user. user_id = str(system) else: user_id = user.getId() super_user = PrivilegedUser(user_id, None, role_list, user.getDomains()).__of__(uf) newSecurityManager(None, super_user) try: return apply(function, args, kw) finally: # Make sure that the original user is back. setSecurityManager(security_manager)
def setUp(self): self._trap_warning_output() self._oldSkindata = Skinnable.SKINDATA.copy() transaction.begin() app = self.app = makerequest(Zope2.app()) # Log in as a god :-) newSecurityManager(None, UnrestrictedUser('god', 'god', ['Manager'], '')) #app.manage_addProduct['CMFDefault'].manage_addCMFSite('CalendarTest') addConfiguredSite(app, 'CalendarTest', 'CMFDefault:default') self.Site = app.CalendarTest manage_addExternalMethod(app.CalendarTest, id='install_events', title="Install Events", module="CMFCalendar.Install", function="install") ExMethod = app.restrictedTraverse('/CalendarTest/install_events') ExMethod() self.Tool = app.CalendarTest.portal_calendar self.Site.clearCurrentSkin() self.Site.setupCurrentSkin(app.REQUEST) # sessioning setup if getattr(app, 'temp_folder', None) is None: temp_folder = MountedTemporaryFolder('temp_folder') app._setObject('temp_folder', temp_folder) if getattr(app.temp_folder, 'session_data', None) is None: session_data = TransientObjectContainer('session_data') app.temp_folder._setObject('session_data', session_data) app.REQUEST.set_lazy('SESSION', app.session_data_manager.getSessionData)
def setUp(self): get_transaction().begin() self.app = makerequest(Zope.app()) # Log in as a god :-) newSecurityManager(None, UnrestrictedUser('god', 'god', [], '')) app = self.app app.REQUEST.set('URL1','http://foo/sorcerertest/test') try: app._delObject('CalendarTest') except AttributeError: pass app.manage_addProduct['CMFDefault'].manage_addCMFSite('CalendarTest') self.Site = app.CalendarTest manage_addExternalMethod(app.CalendarTest, id='install_events', title="Install Events", module="CMFCalendar.Install", function="install") ExMethod = app.restrictedTraverse('/CalendarTest/install_events') ExMethod() self.Tool = app.restrictedTraverse('/CalendarTest/portal_calendar') # sessioning bodge until we find out how to do this properly self.have_session = hasattr( app, 'session_data_manager' ) if self.have_session: app.REQUEST.set_lazy( 'SESSION' , app.session_data_manager.getSessionData )
def setUp(self): PlacelessSetup.setUp(self) RequestTest.setUp(self) zcml.load_config('meta.zcml', Products.Five) zcml.load_config('configure.zcml', Products.GenericSetup) zcml.load_config('configure.zcml', Products.CMFCore) try: newSecurityManager( None, UnrestrictedUser('manager', '', ['Manager'], [])) factory = self.root.manage_addProduct[ 'CMFDefault'].addConfiguredSite factory('cmf', 'CMFDefault:default', snapshot=False) self.site = self.root.cmf self.site.invokeFactory('File', id='file') self.site.portal_workflow.doActionFor(self.site.file, 'publish') self.site.invokeFactory('Image', id='image') self.site.portal_workflow.doActionFor(self.site.image, 'publish') self.site.invokeFactory('Folder', id='subfolder') self.subfolder = self.site.subfolder self.workflow = self.site.portal_workflow transaction.commit(1) # Make sure we have _p_jars except: self.tearDown() raise
# NALLIMS Extract Script # 07/13/2020 # Paul VanderWeele from AccessControl import getSecurityManager from AccessControl.User import UnrestrictedUser from AccessControl.SecurityManagement import newSecurityManager from bika.lims import api from datetime import datetime portal = api.get_portal() me = UnrestrictedUser(getSecurityManager().getUser().getUserName(), '', ['LabManager'], '') me = me.__of__(portal.acl_users) newSecurityManager(None, me) #Open File file = open("/home/naladmin/NALLIMS_EXPORT.csv", "w", 1) #Write headers file.write("Status;\ Batch;\ Received Date;\ Received Time;\ Client ID;\ Client Name;\ Sample ID;\ Sample Name;\ Sample Type;\ Sample Location;\ Sampler;\ Sampling Date;\ Sampling Time;\
def afterSetUp(self): self.root = self.app newSecurityManager(None, UnrestrictedUser('god', '', ['Manager'], ''))
def handleApply(self, actions): """ :param actions: :return: """ context = self.context data, errors = self.extractData() current_member = api.user.get_current() current_member_id = current_member.getId() portal = api.portal.get() events_obj = portal.get('events') date = data.get('date') or None if not date: api.portal.show_message(message="No date selected. Could not reserve the Club House.", request=self.request, type='warn') return date_string = date.strftime('%m-%d-%Y') today = getTodaysDate() today_string = today.strftime('%m-%d-%Y') if date_string == today_string: raise ActionExecutionError(Invalid(_(u"You may not reserve the Clubhouse on the same day as the event."))) logger.info("Datestring is %s" % date_string) date_dt = datetime.combine(date, datetime.min.time()) tz = pytz.timezone('America/Los_Angeles') date_tz_dt = tz.localize(date_dt) fullname = data.get('fullname') or getattr(self, 'member_fullname', 'Unknown Member') hoa_account = data.get('account') or getattr(self, 'management_trust_account', 'Unknown Management Trust Account') address = data.get('address') or getattr(self, 'address', 'Unknown Address') lot = data.get('lot') or getattr(self, 'lot', 'Unknown Lot') division = data.get('division') or getattr(self, 'division', 'Unknown Division') phone = data.get('phone') or 'Unknown Phone' email = data.get('email') or getattr(self, 'member_email', '') member_type = data.get('member_type') or getattr(self, 'member_type', 'Unknown Member Type') accept_rental_agreement = data.get('accept_rental_agreement') initials = data.get('initials') or 'Unknown Initials' sm = getSecurityManager() role = 'Manager' tmp_user = BaseUnrestrictedUser(sm.getUser().getId(), '', [role], '') portal = api.portal.get() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) try: event_id = 'club-house-event-%s' % date_string new_event_obj = createContent('docent.hoa.clubhouse.clubhouse_event', id=event_id, title='Private Event') events_obj._setObject(event_id, new_event_obj) start_date = date_tz_dt + timedelta(hours=10) end_date = date_tz_dt + timedelta(hours=22) event_obj = events_obj.get(event_id, None) setattr(event_obj, 'start', start_date) setattr(event_obj, 'end', end_date) setattr(event_obj, 'renter_id', current_member_id) setattr(event_obj, 'location', 'Clubhouse') setattr(event_obj, 'contact_name', fullname) setattr(event_obj, 'contact_email', email) setattr(event_obj, 'contact_phone', phone) event_obj.reindexObject() setSecurityManager(sm) except Exception as e: setSecurityManager(sm) logger.warn("CLUBHOUSE RENTAL FORM ERROR: COULD NOT SAVE EVENT: %s" % e) #send emails email_contacts = getattr(context, 'email_contacts', []) or [] subject = "The Meadows Clubhouse Rental Request %s" % date_string msg = u"Hi %s,\n\n" % fullname msg += u"Your clubhouse rental is confirmed for %s.\n\n" % date_string msg += u"Your rental period is from 10 am to 10 pm for guests. To get ready for your event, you may enter the clubhouse the day before your event and before 10 am day of the event.\n" msg += u"\n=========================\n\n" msg += u"TO ENSURE YOUR RESERVATION ISN’T CANCELED, PLEASE ENSURE YOU HAVE COMPLETED THE FOLLOWING. (Note: These actions should have been completed during your reservation. If you have completed them, no action is required.)\n\n" msg += u" 1) Ensure you've made your payment: https://www.paydici.com/tmt/pay\n" msg += u" 2) Send the signed paper agreement (http://themeadowsofredmond.org/amenities/clubhouse-rental-agreement.pdf) to our property manager ([email protected])\n\n" msg += u"For your reference, these are details collected during your reservation\n\n" msg += u"Fullname: %s\n" % fullname msg += u"HOA Account: %s\n" % hoa_account msg += u"Address: %s\n" % address msg += u"Div/Lot: %s_%s\n" % (division, lot) msg += u"Phone: %s\n" % phone msg += u"Email: %s\n" % email or "Unknown Email" msg += u"Member Type: %s\n" % member_type msg += u"Rental Data: %s\n" % date_string msg += u"Accept Rental Agreement: %s\n" % accept_rental_agreement msg += u"Initials: %s\n" % initials msg += u"\nWe hope you have a great event.\n" msg += u"\nThe Meadows Board\n" msg += u"[email protected]\n" send_to = email_contacts[:] if email: send_to.append(email) for ec in send_to: try: api.portal.send_email(recipient=ec, subject=subject, body=msg, immediate=True) api.portal.show_message(message="Club House Reserved. Please complete the important steps below.", request=self.request, type='info') except Exception as e: logger.warn("Could Not Send Clubhouse Registration Emails.") api.portal.show_message(message="An error occured, could not send reservation emails. Please confirm your" "reservation with the property manager.", request=self.request, type='warn') return self.request.response.redirect('%s?form_action=thanks&rental_date=%s' % (context.absolute_url(), date_string))
def updateFields(self): super(RentClubHousesForm, self).updateFields() current_member = api.user.get_current() member_fullname = current_member.getProperty('fullname') management_trust_account = current_member.getProperty('management_trust_account') member_email = current_member.getProperty('email') member_id = current_member.getId() member_groups = api.group.get_groups(user=current_member) owner_group = [True for i in member_groups if i.id == 'home_owners'] renter_group = [True for i in member_groups if i.id == 'renters'] member_type = "Unknown" if renter_group: member_type = "Resident" if owner_group: member_type = "Owner" self.member_fullname = member_fullname self.management_trust_account = management_trust_account self.member_email = member_email self.member_id = member_id self.member_type = member_type sm = getSecurityManager() role = 'Manager' tmp_user = BaseUnrestrictedUser(sm.getUser().getId(), '', [role], '') portal = api.portal.get() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) street_number = '' street_address = '' division = '' lot = '' try: catalog = api.portal.get_tool('portal_catalog') query_owner_one = {"portal_type": "hoa_house",} home_brains = catalog.searchResults(query_owner_one) member_homes = [i for i in home_brains if i.owner_one == member_id or i.owner_two == member_id or i.resident_one == member_id or i.resident_two == member_id] if member_homes: if len(member_homes) > 1: api.portal.show_message(message="%s, We show multiple homes for you. Please contact Meadows " "Management." % member_fullname, request=self.request, type='warn') member_home = member_homes[0] street_number = member_home.street_number street_address = member_home.street_address member_home_id = member_home.id division, lot = member_home_id.split('_') self.fields['fullname'].field.default = member_fullname self.fields['account'].field.default = management_trust_account self.fields['address'].field.default = u'%s %s' % (street_number, street_address) self.fields['division'].field.default = division self.fields['lot'].field.default = lot self.fields['email'].field.default = member_email self.fields['member_type'].field.default = member_type else: self.fields['address'].mode = interfaces.INPUT_MODE self.fields['division'].mode = interfaces.INPUT_MODE self.fields['lot'].mode = interfaces.INPUT_MODE self.fields['fullname'].field.default = member_fullname self.fields['account'].field.default = management_trust_account self.fields['email'].field.default = member_email self.fields['member_type'].field.default = member_type setSecurityManager(sm) except Exception as e: setSecurityManager(sm) logger.warn("CLUBHOUSE RENTAL FORM ERROR: %s" % e) self.street_number = street_number self.street_address = street_address self.address = u'%s %s' % (street_number, street_address) self.division = division self.lot = lot self.div_lot = u"%s_%s" % (division, lot)
def afterSetUp(self): newSecurityManager(None, UnrestrictedUser('god', '', ['Manager'], '')) # sessioning setup sdm = self.app.session_data_manager self.app.REQUEST.set_lazy('SESSION', sdm.getSessionData)
def handle_buy_action(self, action, data): """Buys a cart. """ putils = getToolByName(self.context, "plone_utils") # add order om = IOrderManagement(self.context) new_order = om.addOrder() # Set message to shop owner new_order.setMessage(self.context.request.get("form.message", "")) # process payment result = IPaymentProcessing(new_order).process() # Need error for payment methods for which the customer has to pay at # any case The order process should not go on if the customer is not # able to pay. if result.code == ERROR: om.deleteOrder(new_order.id) putils.addPortalMessage(result.message, type=u"error") ICheckoutManagement( self.context).redirectToNextURL("ERROR_PAYMENT") return "" else: cm = ICartManagement(self.context) # Decrease stock IStockManagement(self.context).removeCart(cm.getCart()) # Delete cart cm.deleteCart() # Set order to pending (Mails will be sent) wftool = getToolByName(self.context, "portal_workflow") wftool.doActionFor(new_order, "submit") putils.addPortalMessage(MESSAGES["ORDER_RECEIVED"]) if result.code == PAYED: # Set order to payed (Mails will be sent) wftool = getToolByName(self.context, "portal_workflow") # We need a new security manager here, because this transaction # should usually just be allowed by a Manager except here. old_sm = getSecurityManager() tmp_user = UnrestrictedUser(old_sm.getUser().getId(), '', ['Manager'], '') portal = getToolByName(self.context, 'portal_url').getPortalObject() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) wftool.doActionFor(new_order, "pay_not_sent") ## Reset security manager setSecurityManager(old_sm) # Redirect customer = \ ICustomerManagement(self.context).getAuthenticatedCustomer() selected_payment_method = \ IPaymentInformationManagement(customer).getSelectedPaymentMethod() if not IAsynchronPaymentMethod.providedBy(selected_payment_method): ICheckoutManagement(self.context).redirectToNextURL("BUYED_ORDER")
def afterSetUp(self): setSite(self.app.site) self.app.site.setupCurrentSkin(self.app.REQUEST) newSecurityManager(None, UnrestrictedUser('god', '', ['Manager'], ''))
def loginUnrestricted(): """ """ noSecurityManager() god = UnrestrictedUser('god', 'god', [], '') newSecurityManager(None, god) return god
def handleApply(self, action): data, errors = self.extractData() if errors: self.status = self.formErrorsMessage return # Do something with valid data here context = self.context current_member_data = api.user.get_current() current_member_id = current_member_data.getUser() club_title = data.get('title', u'') booster_organization = data.get('booster_organization', u'') club_president = data.get('club_president', u'') club_secretary = data.get('club_secretary', u'') club_treasurer = data.get('club_treasurer', u'') club_advisor = data.get('club_advisor', u'') #agreement_file = data.get('agreement_file', None) dedicated_checking = data.get('dedicated_checking', False) review_officers = data.get('review_officers', False) review_revenue = data.get('review_revenue', False) review_officer_one = data.get('review_officer_one', u'') review_officer_two = data.get('review_officer_two', u'') agreement_bool = data.get('agreement_bool', False) #create a temporary security manage sm = getSecurityManager() role = 'Manager' tmp_user = BaseUnrestrictedUser(sm.getUser().getId(), '', [role], '') portal = api.portal.get() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) exception_caught = False try: #create a new club in container proposed_club_obj = api.content.create(container=context, type='booster_club', title=club_title, safe_id=True) #set attributes setattr(proposed_club_obj, 'booster_organization', booster_organization) setattr(proposed_club_obj, 'club_president', club_president) setattr(proposed_club_obj, 'club_secretary', club_secretary) setattr(proposed_club_obj, 'club_treasurer', club_treasurer) setattr(proposed_club_obj, 'club_advisor', club_advisor) #setattr(proposed_club_obj, 'agreement_file', agreement_file) setattr(proposed_club_obj, 'dedicated_checking', dedicated_checking) setattr(proposed_club_obj, 'review_officers', review_officers) setattr(proposed_club_obj, 'review_revenue', review_revenue) setattr(proposed_club_obj, 'review_officer_one', review_officer_one) setattr(proposed_club_obj, 'review_officer_two', review_officer_two) setattr(proposed_club_obj, 'agreement_bool', agreement_bool) #set ownership proposed_club_obj.changeOwnership(current_member_id, recursive=True) api.user.grant_roles(user=current_member_data, obj=proposed_club_obj, roles=[ 'Owner', ]) proposed_club_obj.reindexObject() proposed_club_obj.reindexObjectSecurity() #reset security manager! setSecurityManager(sm) except Exception as e: setSecurityManager(sm) exception_caught = True logger.warn( "BoosterClubProposal: There was an error creating a club proposal for: %s" % current_member_id) logger.warn("BoosterClubProposal: The error was: %s" % e.message) #all done! # Set status on this form page # (this status message is not bind to the session and does not go thru redirects) self.status = "" else: self.status = "Your proposal has been submitted." request = context.REQUEST response = request.response response.redirect(context.absolute_url()) if exception_caught: info_message = "There was a problem with your proposal, please contact the site administrator." else: info_message = "Your proposal for the club, %s, The Executive Board will review the " \ "proposal shortly." % club_title api.portal.show_message(message=info_message, request=request, type='info')
def site_login(self): newSecurityManager(None, UnrestrictedUser('god', '', ['Manager'], ''))
def handle_buy_action(self, action, data): """Buys a cart. """ putils = getToolByName(self.context, "plone_utils") # add order om = IOrderManagement(self.context) new_order = om.addOrder() # Set message to shop owner new_order.setMessage(self.context.request.get("form.message", "")) # process payment result = IPaymentProcessing(new_order).process() # Need error for payment methods for which the customer has to pay at # any case The order process should not go on if the customer is not # able to pay. if result.code == ERROR: om.deleteOrder(new_order.id) putils.addPortalMessage(result.message, type=u"error") ICheckoutManagement(self.context).redirectToNextURL("ERROR_PAYMENT") return "" else: cm = ICartManagement(self.context) # Decrease stock IStockManagement(self.context).removeCart(cm.getCart()) # Delete cart cm.deleteCart() # Set order to pending (Mails will be sent) wftool = getToolByName(self.context, "portal_workflow") wftool.doActionFor(new_order, "submit") putils.addPortalMessage(MESSAGES["ORDER_RECEIVED"]) if result.code == PAYED: # Set order to payed (Mails will be sent) wftool = getToolByName(self.context, "portal_workflow") # We need a new security manager here, because this transaction # should usually just be allowed by a Manager except here. old_sm = getSecurityManager() tmp_user = UnrestrictedUser( old_sm.getUser().getId(), '', ['Manager'], '' ) portal = getToolByName(self.context, 'portal_url').getPortalObject() tmp_user = tmp_user.__of__(portal.acl_users) newSecurityManager(None, tmp_user) wftool.doActionFor(new_order, "pay_not_sent") ## Reset security manager setSecurityManager(old_sm) # Redirect customer = \ ICustomerManagement(self.context).getAuthenticatedCustomer() selected_payment_method = \ IPaymentInformationManagement(customer).getSelectedPaymentMethod() if not IAsynchronPaymentMethod.providedBy(selected_payment_method): ICheckoutManagement(self.context).redirectToNextURL("BUYED_ORDER")