def create_officeconnector_url_json(self, payload): self.request.response.setHeader('Content-Type', 'application/json') url = create_oc_url(self.request, self.context, payload) if url: return json.dumps(dict(url=url)) # Fail per default self.request.response.setStatus(500) message = _( u'error_oc_url_too_long', default=( u"Unfortunately it's not currently possible to attach this " u'many documents. Please try again with fewer documents ' u'selected.' ), ) return json.dumps(dict( error=dict( message=translate( message, context=self.request, ) ) ))
def test_officeconnector_reauth_does_not_checkout(self, browser): api.portal.set_registry_record( 'direct_checkout_and_edit_enabled', True, interface=IOfficeConnectorSettings) transaction.commit() # We cannot freeze time due to the test browser being threaded oc_url = create_oc_url( self.doc1.REQUEST, self.doc1, {'action': 'checkout'}) decoded_oc_url = jwt.decode(oc_url.split(':')[-1], verify=False) redirector_js = browser.login().open( self.doc1, view='checkout_documents' '?_authenticator={}&mode=external&reauth=1' .format(createToken()), ).css('script.redirector')[0].text tokens_from_js = [token for token in redirector_js.split("\'") if 'oc:' in token] self.assertEqual(3, len(tokens_from_js)) parsed_oc_url = tokens_from_js[0] decoded_parsed_oc_url = jwt.decode( parsed_oc_url.split(':')[-1], verify=False) # Take out the timestamps del decoded_oc_url['exp'] del decoded_parsed_oc_url['exp'] self.assertEqual(decoded_oc_url, decoded_parsed_oc_url) self.assertFalse(self.get_manager(self.doc1).is_checked_out_by_current_user())
def __call__(self): if not self.is_allowed(): raise NotFound() self.settings = OrderedDict(( ("KeepConnector", "true"), ("CreateConnectorResult", "true"), ("CreateConnectorResultOnError", "true"), )) self.commands = OrderedDict(( ("DefaultProcess", (("start", "false"), )), ("ConvertToDocument", tuple()), ("SaveAs", ( ("Overwrite", "true"), ("CreateFolder", "true"), ("AllowUpdateDocumentPart", "false"), ("Filename", ""), )), ("InvokeProcess", ( ("Name", "OfficeConnector"), ("Arguments", create_oc_url(self.request, self.context, {"action": "checkout"})), )), )) self.document_properties = getMultiAdapter((self.context, self.request), IDocProperties).get_properties() self.request.RESPONSE.setHeader("Content-type", "application/xml") return self.generate_xml()
def render(self): payloads = self.get_base_payloads() for payload in payloads: # A permission check to verify the user is also able to upload authorized = api.user.has_permission( 'Modify portal content', obj=payload['document'], ) if authorized: document = payload['document'] checkout_token = create_oc_url(self.request, document, {"action": "checkout"}) payload['checkout-url'] = checkout_token payload['filename'] = IAnnotations(document).get("filename") del payload['document'] payload['connect-xml'] = '@@oneoffix_connect_xml' else: # Fail per default raise Forbidden self.request.response.setHeader('Content-type', 'application/json') return json.dumps(payloads)
def test_officeconnector_reauth_does_not_checkout(self, browser): api.portal.set_registry_record( 'direct_checkout_and_edit_enabled', True, interface=IOfficeConnectorSettings) transaction.commit() # We cannot freeze time due to the test browser being threaded oc_url = create_oc_url( self.doc1.REQUEST, self.doc1, {'action': 'checkout'}) decoded_oc_url = jwt.decode( oc_url.split(':')[-1], verify=False, algorithms=('HS256',)) redirector_js = browser.login().open( self.doc1, view='checkout_documents' '?_authenticator={}&mode=external&reauth=1' .format(createToken()), ).css('script.redirector')[0].text tokens_from_js = [token for token in redirector_js.split("\'") if 'oc:' in token] self.assertEqual(3, len(tokens_from_js)) parsed_oc_url = tokens_from_js[0] decoded_parsed_oc_url = jwt.decode( parsed_oc_url.split(':')[-1], verify=False, algorithms=('HS256',)) # Take out the timestamps del decoded_oc_url['exp'] del decoded_parsed_oc_url['exp'] self.assertEqual(decoded_oc_url, decoded_parsed_oc_url) self.assertFalse(self.get_manager(self.doc1).is_checked_out_by_current_user())
def setup_external_edit_redirect(self, request, action='checkout'): redirector = IRedirector(request) if action == "checkout": if is_officeconnector_checkout_feature_enabled(): redirector.redirect(create_oc_url( request, self, dict(action=action), )) else: redirector.redirect( '%s/external_edit' % self.absolute_url(), target='_self', timeout=1000) elif action == "oneoffixx" and is_oneoffixx_feature_enabled(): redirector.redirect(create_oc_url( request, self, dict(action=action), ))
def setup_external_edit_redirect(self, request, action='checkout'): redirector = IRedirector(request) if action == "checkout": if is_officeconnector_checkout_feature_enabled(): redirector.redirect( create_oc_url( request, self, dict(action=action), )) else: redirector.redirect('%s/external_edit' % self.absolute_url(), target='_self', timeout=1000) elif action == "oneoffixx" and is_oneoffixx_feature_enabled(): redirector.redirect( create_oc_url( request, self, dict(action=action), ))
def create_officeconnector_url_json(self, payload): self.request.response.setHeader('Content-Type', 'application/json') url = create_oc_url(self.request, self.context, payload) if url: return json.dumps(dict(url=url)) else: self.request.response.setStatus(500) message = _(u'error_oc_url_too_long', default=u"Unfortunately it's not currently possible " "to attach this many documents. Please try again with " "fewer documents selected.") return json.dumps(dict(error=dict(message=translate(message))))
def checkout_and_get_office_connector_url(self): """Checkout the document and return an office connector url. With the officeconnector checkout feature enabled, the checkout happens when the link is used. """ if is_officeconnector_checkout_feature_enabled(): return create_oc_url(self.REQUEST, self, {'action': 'checkout'}) else: checkout_manager = getMultiAdapter((self, self.REQUEST), ICheckinCheckoutManager) if not checkout_manager.is_checked_out_by_current_user(): checkout_manager.checkout() return '{}/external_edit'.format(self.absolute_url())
def render(self): # check whether we have paths or not paths = self.request.get('paths') # using "paths" is mandantory on any objects except for a document if not paths and not IDocumentSchema.providedBy(self.context): msg = _(u'You have not selected any documents.') IStatusMessage(self.request).addStatusMessage( msg, type='error') # we assume the request came from the tabbed_view "documents" # tab on the dossier return self.request.RESPONSE.redirect( '%s#documents' % self.context.absolute_url()) elif paths: # lookup the objects to be handled using the catalog catalog = getToolByName(self.context, 'portal_catalog') objects = [] for path in paths: query = dict(path={'query': path, 'depth': 0}) obj = catalog(query)[0].getObject() objects.append(obj) else: # the context is the document objects = [self.context] # now, lets checkout every document for obj in objects: if not IDocumentSchema.providedBy(obj): # notify the user. we have a no-checkoutable object msg = _( u'Could not check out object: ${title}, ' 'it is not a document.', mapping={'title': obj.Title().decode('utf-8')}) IStatusMessage( self.request).addStatusMessage(msg, type='error') continue self.checkout(obj) # lets register a redirector for starting external # editor - if requested external_edit = self.request.get('mode') == 'external' if len(objects) == 1 and external_edit: redirector = IRedirector(self.request) if not is_officeconnector_checkout_feature_enabled(): redirector.redirect( '%s/external_edit' % objects[0].absolute_url(), target='_self', timeout=1000) else: redirector.redirect(create_oc_url( self.request, self.context, dict(action='checkout'), )) # now lets redirect to an appropriate target.. if len(objects) == 1: return self.request.RESPONSE.redirect( objects[0].absolute_url()) else: return self.request.RESPONSE.redirect( '%s#documents' % self.context.absolute_url())