def _flush(cls):
# retrieves the dictionary of bundles currently
# enabled in the data source
bundles_d = cls.bundles_d()
# iterates over the complete set of locale data pairs
# in the bundles dictionary to set these bundles (locales)
for (locale, context), data_j in appier.legacy.iteritems(bundles_d):
appier.get_app()._register_bundle(data_j, locale, context = context)
def _flush(cls):
# retrieves the dictionary of bundles currently
# enabled in the data source
bundles_d = cls.bundles_d()
# iterates over the complete set of locale data pairs
# in the bundles dictionary to set these bundles (locales)
for (locale, context), data_j in appier.legacy.iteritems(bundles_d):
appier.get_app()._register_bundle(data_j, locale, context=context)
def _resolve_view(cls, view, resolve_name = "view_r", owner = None):
# tries to retrieve the reference to the owner of the current
# context or uses the global one otherwise (fallback)
owner = owner or appier.get_app()
# in case the value for the view is a string like
# value then it's considered to be the model from
# which the view resolver should be used to retrieve the
# concrete map based view
if appier.legacy.is_str(view):
view_cls = owner.get_model(view)
view = getattr(view_cls, resolve_name) if\
hasattr(view_cls, resolve_name) else None
# in case the view value is a class then the view is
# re-converted with the resolver method, to be called
is_class = inspect.isclass(view)
if is_class:
view = getattr(view, resolve_name) if\
hasattr(view, resolve_name) else None
# in case the view is a callable value then calls it
# to retrieve the concrete view (should be a map)
is_callable = hasattr(view, "__call__")
if is_callable:
view = view(target = cls, owner = owner)
# returns the "final" view value after the complete
# resolution process has been finished
return view
def list_30x12_url(cls, view = None, context = None, absolute = False):
return appier.get_app().url_for(
"label.list_30x12",
view = view,
context = context,
absolute = absolute
)
def send_email_g(cls, owner, *args, **kwargs):
owner = owner or appier.get_app()
sender = appier.conf("SENDER_EMAIL", "Appier <*****@*****.**>")
base_url = appier.conf("BASE_URL", "http://appier.hive.pt")
bulk = appier.conf("BULK_EMAIL", False, cast = bool)
unsubscribe = appier.conf("UNSUBSCRIBE_EMAIL", False, cast = bool)
logo = appier.conf("LOGO_EMAIL", False, cast = bool)
inline = appier.conf("INLINE_EMAIL", False, cast = bool)
sender = kwargs.pop("sender", sender)
base_url = kwargs.pop("base_url", base_url)
bulk = kwargs.pop("bulk", bulk)
unsubscribe = kwargs.pop("unsubscribe", unsubscribe)
logo = kwargs.pop("logo", logo)
inline = kwargs.pop("inline", inline)
kwargs["owner"] = owner
settings = dict(
bulk = bulk,
unsubscribe = unsubscribe,
logo = logo
)
headers = dict()
if bulk: headers["Auto-Submitted"] = "auto-generated"
if bulk: headers["Precedence"] = "bulk"
if unsubscribe: headers["List-Unsubscribe"] = "<" + base_url + "/unsubscribe>"
html_handler = lambda html: cls._inlinify(html)
html_handler = html_handler if inline else None
owner.email(
sender = sender,
base_url = base_url,
settings = settings,
headers = headers,
html_handler = html_handler,
*args,
**kwargs
)
def apply_views(cls, object, owner = None):
# tries to retrieve the reference to the owner of the current
# context or uses the global one otherwise (fallback)
owner = owner or appier.get_app()
# verifies if there are any view defined under the current
# session if that's not the case returns immediately as there's
# nothing left to be filtered, otherwise retrieves the views to
# be used to filter the current object context
if not "views" in owner.session: return object
views = owner.session["views"]
# creates a copy of the object so that it does not get modified
# by the operation to be applied to it (avoids possible issues)
object = dict(object)
# iterates over the complete set of views defined under the current
# session to be able to update the object accordingly, constraining
# the context of resolution of that object (less results)
for view in views:
if appier.legacy.is_str(view):
view_cls = owner.get_model(view)
view = view_cls.view_r
is_class = inspect.isclass(view)
if is_class:
view = view.view_r
is_callable = hasattr(view, "__call__")
if is_callable:
view = view(target = cls, owner = owner)
if not view: continue
object.update(view)
# returns the final object to the caller method so that it can be
# used to constrain contexts according to the current session views
return object
def checker_url(cls, view = None, context = None, absolute = False):
return appier.get_app().url_for(
"order.checker",
view = view,
context = context,
absolute = absolute
)
def send_email_g(cls, owner, *args, **kwargs):
owner = owner or appier.get_app()
sender = appier.conf("SENDER_EMAIL",
"Appier <*****@*****.**>")
base_url = appier.conf("BASE_URL", "http://appier.hive.pt")
bulk = appier.conf("BULK_EMAIL", False, cast=bool)
unsubscribe = appier.conf("UNSUBSCRIBE_EMAIL", False, cast=bool)
logo = appier.conf("LOGO_EMAIL", False, cast=bool)
inline = appier.conf("INLINE_EMAIL", False, cast=bool)
sender = kwargs.pop("sender", sender)
base_url = kwargs.pop("base_url", base_url)
bulk = kwargs.pop("bulk", bulk)
unsubscribe = kwargs.pop("unsubscribe", unsubscribe)
logo = kwargs.pop("logo", logo)
inline = kwargs.pop("inline", inline)
engine = kwargs.pop("engine", None)
settings = dict(bulk=bulk, unsubscribe=unsubscribe, logo=logo)
headers = dict()
if bulk: headers["Auto-Submitted"] = "auto-generated"
if bulk: headers["Precedence"] = "bulk"
if unsubscribe:
headers["List-Unsubscribe"] = "<" + base_url + "/unsubscribe>"
html_handler = (lambda data: cls._inlinify(data, engine=engine)
) if engine else cls._inlinify
html_handler = html_handler if inline else None
owner.email(sender=sender,
base_url=base_url,
settings=settings,
headers=headers,
html_handler=html_handler,
*args,
**kwargs)
def apply_views(cls, object, owner=None):
# tries to retrieve the reference to the owner of the current
# context or uses the global one otherwise (fallback)
owner = owner or appier.get_app()
# verifies if there are any view defined under the current
# session if that's not the case returns immediately as there's
# nothing left to be filtered, otherwise retrieves the views to
# be used to filter the current object context
if not "views" in owner.session: return object
views = owner.session["views"]
# creates a copy of the object so that it does not get modified
# by the operation to be applied to it (avoids possible issues)
object = dict(object)
# iterates over the complete set of views defined under the current
# session to be able to update the object accordingly, constraining
# the context of resolution of that object (less results)
for view in views:
if appier.legacy.is_str(view):
view_cls = owner.get_model(view)
view = view_cls.view_r
is_class = inspect.isclass(view)
if is_class:
view = view.view_r
is_callable = hasattr(view, "__call__")
if is_callable:
view = view(target=cls, owner=owner)
if not view: continue
object.update(view)
# returns the final object to the caller method so that it can be
# used to constrain contexts according to the current session views
return object
def send(self, owner=None):
owner = owner or appier.get_app()
# determines the right template so be used for the email
# generation taking into account if this is just a test
# email or a "real" one and if the inline engine is active
if self.contents:
file_name = "base.inline.html.tpl" if self.inline else "base.html.tpl"
else:
file_name = "test.html.tpl"
kwargs = dict()
if self.sender: kwargs["sender"] = self.sender
appier_extras.admin.Base.send_email_g(owner,
"email/%s" % file_name,
receivers=self.receivers,
inline=self.inline,
style=self.style or "base",
mode=self.mode or "markdown",
subject=self.subject
or "Test email",
title=self.title or self.subject
or "Test email",
subtitle=self.subtitle,
contents=self.contents,
copyright=self.copyright,
logo_url=self.logo_url or None,
**kwargs)
def retrieve_url(self, absolute = False):
return appier.get_app().url_for(
"package.retrieve",
absolute = absolute,
name = self.package.name,
version = self.version
)
def list_parts(self):
app = appier.get_app()
parts = app.get_parts()
return self.template(
"parts.html.tpl",
section = "status",
parts = parts
)
def list_libraries(self):
app = appier.get_app()
libraries = app.get_libraries()
return self.template(
"libraries.html.tpl",
section = "status",
libraries = libraries
)
def _get_avatar_url_g(cls, username, absolute=True, owner=None):
owner = owner or appier.get_app()
if not hasattr(owner, "admin_part"): return None
model = None if cls._is_master() else cls._name()
return owner.url_for("admin.avatar_account",
username=username,
cls=model,
absolute=absolute)
def import_shelve_s(cls, file):
_file_name, _mime_type, data = file
app = appier.get_app()
shelve_path = app.scheduler.easypay.path
shelve_path = os.path.abspath(shelve_path)
file = open(shelve_path, "wb")
try: file.write(data)
finally: file.close()
def _set_avatar_d(self, image = "avatar.png", mime = "image/png"):
app = appier.get_app()
file = open(app.static_path + "/images/" + image, "rb")
try: data = file.read()
finally: file.close()
file_t = (image, mime, data)
self.avatar = appier.File(file_t)
def _get_avatar_url_g(cls, username, absolute = True, owner = None):
owner = owner or appier.get_app()
if not hasattr(owner, "admin_part"): return None
model = None if cls._is_master() else cls._name()
return owner.url_for(
"admin.avatar_account",
username = username,
cls = model,
absolute = absolute
)
def _build(cls, model, map):
super(Search, cls)._build(model, map)
target_cls = model["target_cls"]
target_id = model["target_id"]
model["url"] = appier.get_app().url_for(
"admin.show_entity",
model = target_cls.lower(),
_id = target_id
)
return model
def _build(cls, model, map):
super(Search, cls)._build(model, map)
owner = appier.get_app()
target_cls = model["target_cls"]
target_id = model["target_id"]
target = owner.get_model(target_cls)
model["url"] = owner.url_for("admin.show_entity",
model=target._under(),
_id=target_id)
return model
def email_recover(self, owner = None):
owner = owner or appier.get_app()
account = self.reload(rules = False, meta = True)
base.Base.send_email_g(
owner,
"admin/email/account/recover.html.tpl",
receivers = [self.email_f],
subject = "Recover account",
title = "Recover account",
account = account
)
def _build(cls, model, map):
super(Search, cls)._build(model, map)
owner = appier.get_app()
target_cls = model["target_cls"]
target_id = model["target_id"]
target = owner.get_model(target_cls)
model["url"] = owner.url_for(
"admin.show_entity",
model = target._under(),
_id = target_id
)
return model
def email_new(self, password = None, owner = None):
owner = owner or appier.get_app()
account = self.reload(rules = False, meta = True)
base.Base.send_email_g(
owner,
"admin/email/account/new.html.tpl",
receivers = [self.email_f],
subject = "New account",
title = "New account",
account = account,
account_password = password
)
def send(self, owner = None):
owner = owner or appier.get_app()
file_name = "base.html.tpl" if self.contents else "test.html.tpl"
appier_extras.admin.Base.send_email_g(
owner,
"email/%s" % file_name,
receivers = self.receivers,
subject = self.subject or "Test email",
title = self.title or self.subject or "Test email",
contents = self.contents,
copyright = self.copyright
)
def email_test(self, owner = None):
owner = owner or appier.get_app()
email = self.field("email", None)
if not email: raise appier.OperationalError(
message = "No email defined"
)
appier_extras.admin.Base.send_email_g(
owner,
"email/test.html.tpl",
receivers = [email],
subject = self.to_locale("Shopdesk test email")
)
return dict(email = email)
def notify(self, arguments = {}, delay = True, owner = None):
delay_s = ("a delayed" if delay else "an immediate")
logger = appier.get_logger()
logger.debug(
"Notifying handler '%s' for '%s' in %s fashion ..." %\
(self.handler, self.name, delay_s)
)
owner = owner or appier.get_app()
method = getattr(self, "notify_" + self.handler)
arguments_m = dict(self.arguments)
arguments_m.update(arguments)
arguments_m.update(event = self.name, handler = self.handler)
kwargs = dict(arguments = arguments_m)
if delay: owner.delay(method, kwargs = kwargs)
else: method(arguments, **kwargs)
def _filter_scope_g(cls, scope, account = None, owner = None):
"""
Filters the provided sequence of tokens for the scope, so
that only the ones allowed for the requested account are used.
This avoid security issues like someone requesting values
for a token that is for which the user is not allowed.
:type scope: List
:param scope: The list of tokens to be filtered.
:type account: Account
:param account: The account that is going to be used for the
filtering of the values, in case none is provided the current
account in session is used.
:rtype: List
:return: The resulting filtering list containing only the
tokens for which the provided account is capable.
"""
# defaults the provided owner value to the global registered
# app to be used if required for account defaulting
owner = owner or appier.get_app()
# builds the list that is going to be used to store the
# result of the scope filtering (ACL verification)
result = []
# retrieves the complete set of tokens from the account
# and then converts them into the map version of them
account = account or owner.admin_part.account_c.from_session()
tokens = account.tokens()
tokens_m = appier.to_tokens_m(tokens)
# iterates over each token of the scope to validate it
# according to the ACL of the associated account
for token in scope:
valid = appier.check_token(None, token, tokens_m = tokens_m)
if not valid: continue
result.append(token)
# returns the final result that contains only the scope
# tokens for which the account is entitle to register
return result
def _filter_scope_g(cls, scope, account = None, owner = None):
"""
Filters the provided sequence of tokens for the scope, so
that only the ones allowed for the requested account are used.
This avoid security issues like someone requesting values
for a token that is for which the user is not allowed.
:type scope: List
:param scope: The list of tokens to be filtered.
:type account: Account
:param account: The account that is going to be used for the
filtering of the values, in case none is provided the current
account in session is used.
:rtype: List
:return: The resulting filtering list containing only the
tokens for which the provided account is capable.
"""
# defaults the provided owner value to the global registered
# app to be used if required for account defaulting
owner = owner or appier.get_app()
# builds the list that is going to be used to store the
# result of the scope filtering (ACL verification)
result = []
# retrieves the complete set of tokens from the account
# and then converts them into the map version of them
account = account or owner.admin_part.account_c.from_session()
tokens = account.tokens()
tokens_m = appier.to_tokens_m(tokens)
# iterates over each token of the scope to validate it
# according to the ACL of the associated account
for token in scope:
valid = appier.check_token(None, token, tokens_m = tokens_m)
if not valid: continue
result.append(token)
# returns the final result that contains only the scope
# tokens for which the account is entitle to register
return result
def test_email(self):
receiver = appier.conf("TEST_EMAIL", None)
receiver = self.field("email", receiver)
receiver = self.field("receiver", receiver)
if not receiver: raise appier.OperationalError(
message = "No test email defined"
)
models.Base.send_email_g(
appier.get_app(),
"admin/email/test.html.tpl",
receivers = [receiver],
subject = "Test email",
title = "Test email"
)
return self.redirect(
self.url_for(
"admin.operations",
message = "Test email sent"
)
)
def reuse_s(cls, redirect_uri, scope, oauth_client, account = None, owner = None):
# defaults the provided owner value to the global registered
# app to be used if required for account defaulting
owner = owner or appier.get_app()
# retrieves the current account from session and then
# normalizes the provided scope list to convert it to
# tokens (filters on account permissions) then tries to
# retrieve an already existing compatible OAuth token
account = account or owner.admin_part.account_c.from_session()
tokens = cls._filter_scope_g(scope, account = account)
oauth_token = cls.get_e(
redirect_uri = redirect_uri,
username = account.username,
scope = scope,
tokens = tokens,
client = oauth_client.id,
rules = False,
raise_e = False
)
# in case there's no valid equivalent token, returns the
# control flow immediately with an invalid value
if not oauth_token: return False, tokens, None
# in case the access token contained in the object is already
# expired then refreshes the access token so that it can live
# one more time for this request (refreshed re-usage scenario)
if oauth_token.is_expired(): oauth_token.refresh_access_token_s()
# in case there's an already existing OAuth token that
# has the same requirements (scope, client, redirect URL)
# of the one being requested, then a new authorization code
# is generated and the user agent is redirected immediately
# as there's no extra need for user interaction
oauth_token.set_code_s()
# returns a valid result indicating both the retrieved tokens
# and the OAuth token that can be used for re-usage
return True, tokens, oauth_token
def reuse_s(cls, redirect_uri, scope, oauth_client, account = None, owner = None):
# defaults the provided owner value to the global registered
# app to be used if required for account defaulting
owner = owner or appier.get_app()
# retrieves the current account from session and then
# normalizes the provided scope list to convert it to
# tokens (filters on account permissions) then tries to
# retrieve an already existing compatible OAuth token
account = account or owner.admin_part.account_c.from_session()
tokens = cls._filter_scope_g(scope, account = account)
oauth_token = cls.get_e(
redirect_uri = redirect_uri,
username = account.username,
scope = scope,
tokens = tokens,
client = oauth_client.id,
rules = False,
raise_e = False
)
# in case there's no valid equivalent token, returns the
# control flow immediately with an invalid value
if not oauth_token: return False, tokens, None
# in case the access token contained in the object is already
# expired then refreshes the access token so that it can live
# one more time for this request (refreshed re-usage scenario)
if oauth_token.is_expired(): oauth_token.refresh_access_token_s()
# in case there's an already existing OAuth token that
# has the same requirements (scope, client, redirect URL)
# of the one being requested, then a new authorization code
# is generated and the user agent is redirected immediately
# as there's no extra need for user interaction
oauth_token.set_code_s()
# returns a valid result indicating both the retrieved tokens
# and the OAuth token that can be used for re-usage
return True, tokens, oauth_token
def _get_url(cls, id):
app = appier.get_app()
return app.url_for("media_api.data", id = id, absolute = True)
def list_csv_url(cls, absolute=False):
return appier.get_app().url_for("admin.list_events_csv",
absolute=absolute)
def generate_mb(cls, absolute = False):
return appier.get_app().url_for(
"order.generate_mb_json",
absolute = absolute
)
def trigger_s(cls, app_id, event, data, persist = True):
state = appier.get_app().state
state.trigger(app_id, event, data, persist = persist)
def _is_master(cls, owner = None):
owner = owner or appier.get_app()
admin_part = owner.admin_part
return cls == admin_part.account_c
def apply_views(cls, object, views = None, owner = None):
"""
Applies the complete set of views (object, class or callables)
to the current "query like" object so that it can be used to
filter the query context according to session.
This operation does not change the query object passed as parameter
as a copy is created for the mutation.
:type object: Dictionary
:param object: The query object to be changed according to the
set of views defined in session.
:type views: List
:param views: The list of views to be used in the apply views
operation, if not provided the current set of views in sessions
are going to be used instead.
:type owner: App
:param owner: The owner application to be used in the retrieval
of the session, if not provided the global static app is used.
:rtype: Dictionary
:return: The final mutated object ready to be used for view like
queries.
"""
# tries to retrieve the reference to the owner of the current
# context or uses the global one otherwise (fallback)
owner = owner or appier.get_app()
# in case no views are explicitly provided via parameter, then
# the views must be retrieved from the current session
if views == None:
# verifies if there are any views defined under the current
# session if that's not the case returns immediately as there's
# nothing left to be filtered, otherwise retrieves the views to
# be used to filter the current object context
if not "views" in owner.session: return object
views = owner.session["views"]
# creates a copy of the object so that it does not get modified
# by the operation to be applied to it (avoids possible issues)
object = dict(object)
# iterates over the complete set of views defined under the current
# session to be able to update the object accordingly, constraining
# the context of resolution of that object (less results)
for view in views:
# resolves the current view, obtaining the proper map
# object, ready to be used in the update process
view = cls._resolve_view(view, resolve_name = "view_r")
# in case there's no view (invalid value) then continues
# the loop as no modification should be applied to object
if not view: continue
# updates the (object) with the view map that has been
# resolved, effectively changing its behaviour
object.update(view)
# returns the final object to the caller method so that it can be
# used to constrain contexts according to the current session views
return object
def list_csv_url(cls, absolute = False):
return appier.get_app().url_for(
"admin.list_events_csv",
absolute = absolute
)
def ensure_views(cls, object, ensure_set = True, views = None, owner = None):
# tries to retrieve the reference to the owner of the current
# context or uses the global one otherwise (fallback)
owner = owner or appier.get_app()
# in case no views are explicitly provided via parameter, then
# the views must be retrieved from the current session
if views == None:
# verifies if there are any views defined under the current
# session if that's not the case returns immediately as there's
# nothing left to be filtered, otherwise retrieves the views to
# be used to filter the current object context
if not "views" in owner.session: return object
views = owner.session["views"]
# iterates over the complete set of views defined under the current
# session to be able to update the object accordingly, validating
# the context of resolution of that object (less results)
for view in views:
# resolves the current view, obtaining the proper map
# object, ready to be used in the update process
view = cls._resolve_view(view, resolve_name = "view_l")
# in case there's no view (invalid value) then continues
# the loop as no validation needed for the object
if not view: continue
# iterates over the complete set of views elements to
# make sure the associated model attributes are defined
# accordingly raising exceptions otherwise
for name, values in appier.legacy.iteritems(view):
# in case the element is not required to be set
# at the object and it's not set the skips the
# current iteration loop no verification needed
if not ensure_set and not name in object:
continue
appier.verify(
name in object,
message = "Attribute '%s' not set in object" % name,
exception = appier.SecurityError
)
# in case the defined value for the view attribute is not
# a sequence converts it to be able to run normalized operations
if not isinstance(values, (list, tuple)):
values = [values]
# computes the proper error message that is going to be sent
# as part of the security error to be raised
if appier.is_devel():
message = "Attribute '%s' ('%s') not valid according to view ('%s')" %\
(name, str(object[name]), str(values))
# in case the production mode is enable the message is defined
# as a simpler one, avoiding confidential data leak
else:
message = "Attribute '%s' not valid according to view" % name
# runs the verify operation that will raise a security error
# in case the attribute is not valid according to the view
appier.verify(
object[name] in values,
message = message,
exception = appier.SecurityError
)
def bundle_url(self, absolute=False):
return appier.get_app().url_for("admin.bundle_locale_json",
id=self.id,
absolute=absolute)
def bundle_url(self, absolute = False):
return appier.get_app().url_for(
"admin.bundle_locale_json",
id = self.id,
absolute = absolute
)
def compress_url(cls, absolute = False):
return appier.get_app().url_for(
"base.compress",
absolute = absolute
)
def export_shelve_url(cls, absolute = False):
return appier.get_app().url_for(
"admin.export_shelve",
absolute = absolute
)
def _is_master(cls, owner=None):
owner = owner or appier.get_app()
admin_part = owner.admin_part
return cls == admin_part.account_c
def get_currencies(cls, app = None):
app = app or appier.get_app()
if hasattr(app, "_currencies"): return app._currencies
currencies = cls.find(map = True)
app._currencies = dict([(value["iso"], value) for value in currencies])
return app._currencies
def json(self):
return appier.get_app().url_for("export.entity_json",
model=self.__class__._under(),
_id=self._id)
def export_url(cls, view=None, context=None, absolute=False):
return appier.get_app().url_for("admin.export_accounts_json",
view=view,
context=context,
absolute=absolute)
def zip_global(cls, view=None, context=None, absolute=False):
return appier.get_app().url_for("export.model_zip",
model=cls._under(),
view=view,
context=context,
absolute=absolute)
def list_csv_url(cls, view=None, context=None, absolute=False):
return appier.get_app().url_for("admin.list_locales_csv",
view=view,
context=context,
absolute=absolute)
def simple_csv_url(cls, absolute = False):
return appier.get_app().url_for(
"country_api.simple_csv",
absolute = absolute
)
