Exemplo n.º 1
0
def wsgibase(environ, responder):
    """
    The gluon wsgi application. The first function called when a page
    is requested (static or dynamic). It can be called by paste.httpserver
    or by apache mod_wsgi (or any WSGI-compatible server).

      - fills request with info
      - the environment variables, replacing '.' with '_'
      - adds web2py path and version info
      - compensates for fcgi missing path_info and query_string
      - validates the path in url

    The url path must be either:

    1. for static pages:

      - /<application>/static/<file>

    2. for dynamic pages:

      - /<application>[/<controller>[/<function>[/<sub>]]][.<extension>]

    The naming conventions are:

      - application, controller, function and extension may only contain
        `[a-zA-Z0-9_]`
      - file and sub may also contain '-', '=', '.' and '/'
    """
    eget = environ.get
    current.__dict__.clear()
    request = Request(environ)
    response = Response()
    session = Session()
    env = request.env
    #env.web2py_path = global_settings.applications_parent
    env.web2py_version = web2py_version
    #env.update(global_settings)
    static_file = False
    http_response = None
    try:
        try:
            try:
                # ##################################################
                # handle fcgi missing path_info and query_string
                # select rewrite parameters
                # rewrite incoming URL
                # parse rewritten header variables
                # parse rewritten URL
                # serve file if static
                # ##################################################

                fixup_missing_path_info(environ)
                (static_file, version, environ) = url_in(request, environ)
                response.status = env.web2py_status_code or response.status

                if static_file:
                    if eget('QUERY_STRING', '').startswith('attachment'):
                        response.headers['Content-Disposition'] \
                            = 'attachment'
                    if version:
                        response.headers['Cache-Control'] = 'max-age=315360000'
                        response.headers[
                            'Expires'] = 'Thu, 31 Dec 2037 23:59:59 GMT'
                    response.stream(static_file, request=request)


                # ##################################################
                # fill in request items
                # ##################################################
                app = request.application  # must go after url_in!

                if not global_settings.local_hosts:
                    local_hosts = set(['127.0.0.1', '::ffff:127.0.0.1', '::1'])
                    if not global_settings.web2py_runtime_gae:
                        try:
                            fqdn = socket.getfqdn()
                            local_hosts.add(socket.gethostname())
                            local_hosts.add(fqdn)
                            local_hosts.update([
                                addrinfo[4][0] for addrinfo
                                in getipaddrinfo(fqdn)])
                            if env.server_name:
                                local_hosts.add(env.server_name)
                                local_hosts.update([
                                        addrinfo[4][0] for addrinfo
                                        in getipaddrinfo(env.server_name)])
                        except (socket.gaierror, TypeError):
                            pass
                    global_settings.local_hosts = list(local_hosts)
                else:
                    local_hosts = global_settings.local_hosts
                client = get_client(env)
                x_req_with = str(env.http_x_requested_with).lower()
                cmd_opts = global_settings.cmd_options

                request.update(
                    client = client,
                    folder = abspath('applications', app) + os.sep,
                    ajax = x_req_with == 'xmlhttprequest',
                    cid = env.http_web2py_component_element,
                    is_local = (env.remote_addr in local_hosts and
                                client == env.remote_addr),
                    is_shell = False,
                    is_scheduler = False,
                    is_https = env.wsgi_url_scheme in HTTPS_SCHEMES or \
                        request.env.http_x_forwarded_proto in HTTPS_SCHEMES \
                        or env.https == 'on'
                    )
                request.url = environ['PATH_INFO']

                # ##################################################
                # access the requested application
                # ##################################################

                disabled = pjoin(request.folder, 'DISABLED')
                if not exists(request.folder):
                    if app == rwthread.routes.default_application \
                            and app != 'welcome':
                        redirect(URL('welcome', 'default', 'index'))
                    elif rwthread.routes.error_handler:
                        _handler = rwthread.routes.error_handler
                        redirect(URL(_handler['application'],
                                     _handler['controller'],
                                     _handler['function'],
                                     args=app))
                    else:
                        raise HTTP(404, rwthread.routes.error_message
                                   % 'invalid request',
                                   web2py_error='invalid application')
                elif not request.is_local and exists(disabled):
                    raise HTTP(503, "<html><body><h1>Temporarily down for maintenance</h1></body></html>")

                # ##################################################
                # build missing folders
                # ##################################################

                create_missing_app_folders(request)

                # ##################################################
                # get the GET and POST data
                # ##################################################

                #parse_get_post_vars(request, environ)

                # ##################################################
                # expose wsgi hooks for convenience
                # ##################################################

                request.wsgi = LazyWSGI(environ, request, response)

                # ##################################################
                # load cookies
                # ##################################################

                if env.http_cookie:
                    for single_cookie in env.http_cookie.split(';'):
                        single_cookie = single_cookie.strip()
                        if single_cookie:
                            try:
                                request.cookies.load(single_cookie)
                            except Cookie.CookieError:
                                pass  # single invalid cookie ignore

                # ##################################################
                # try load session or create new session file
                # ##################################################

                if not env.web2py_disable_session:
                    session.connect(request, response)

                # ##################################################
                # run controller
                # ##################################################

                if global_settings.debugging and app != "admin":
                    import gluon.debug
                    # activate the debugger
                    gluon.debug.dbg.do_debug(mainpyfile=request.folder)

                serve_controller(request, response, session)
            except HTTP as hr:
                http_response = hr

                if static_file:
                    return http_response.to(responder, env=env)

                if request.body:
                    request.body.close()

                if hasattr(current, 'request'):

                    # ##################################################
                    # on success, try store session in database
                    # ##################################################
                    if not env.web2py_disable_session:
                        session._try_store_in_db(request, response)

                    # ##################################################
                    # on success, commit database
                    # ##################################################

                    if response.do_not_commit is True:
                        BaseAdapter.close_all_instances(None)
                    elif response.custom_commit:
                        BaseAdapter.close_all_instances(response.custom_commit)
                    else:
                        BaseAdapter.close_all_instances('commit')

                    # ##################################################
                    # if session not in db try store session on filesystem
                    # this must be done after trying to commit database!
                    # ##################################################
                    if not env.web2py_disable_session:
                        session._try_store_in_cookie_or_file(request, response)

                    # Set header so client can distinguish component requests.
                    if request.cid:
                        http_response.headers.setdefault(
                            'web2py-component-content', 'replace')

                    if request.ajax:
                        if response.flash:
                            http_response.headers['web2py-component-flash'] = \
                                urllib2.quote(xmlescape(response.flash).replace(b'\n', b''))
                        if response.js:
                            http_response.headers['web2py-component-command'] = \
                                urllib2.quote(response.js.replace('\n', ''))

                    # ##################################################
                    # store cookies in headers
                    # ##################################################

                    session._fixup_before_save()
                    http_response.cookies2headers(response.cookies)

                ticket = None

            except RestrictedError as e:

                if request.body:
                    request.body.close()

                # ##################################################
                # on application error, rollback database
                # ##################################################

                # log tickets before rollback if not in DB
                if not request.tickets_db:
                    ticket = e.log(request) or 'unknown'
                # rollback
                if response._custom_rollback:
                    response._custom_rollback()
                else:
                    BaseAdapter.close_all_instances('rollback')
                # if tickets in db, reconnect and store it in db
                if request.tickets_db:
                    ticket = e.log(request) or 'unknown'

                http_response = \
                    HTTP(500, rwthread.routes.error_message_ticket %
                         dict(ticket=ticket),
                         web2py_error='ticket %s' % ticket)

        except:

            if request.body:
                request.body.close()

            # ##################################################
            # on application error, rollback database
            # ##################################################

            try:
                if response._custom_rollback:
                    response._custom_rollback()
                else:
                    BaseAdapter.close_all_instances('rollback')
            except:
                pass
            e = RestrictedError('Framework', '', '', locals())
            ticket = e.log(request) or 'unrecoverable'
            http_response = \
                HTTP(500, rwthread.routes.error_message_ticket
                     % dict(ticket=ticket),
                     web2py_error='ticket %s' % ticket)

    finally:
        if response and hasattr(response, 'session_file') \
                and response.session_file:
            response.session_file.close()

    session._unlock(response)
    http_response, new_environ = try_rewrite_on_error(
        http_response, request, environ, ticket)
    if not http_response:
        return wsgibase(new_environ, responder)
    if global_settings.web2py_crontype == 'soft':
        newcron.softcron(global_settings.applications_parent).start()
    return http_response.to(responder, env=env)
Exemplo n.º 2
0
 def login_url(self, next="/"):
     raise HTTP(403, 'Login not allowed. No valid x509 crentials')
Exemplo n.º 3
0
def organisation():
    """
        Function to handle pagination for the org list on the homepage
    """

    request = current.request
    get_vars = request.get_vars
    representation = request.extension

    resource = current.s3db.resource("org_organisation")
    totalrows = resource.count()
    display_start = int(
        get_vars.iDisplayStart) if get_vars.iDisplayStart else 0
    display_length = int(
        get_vars.iDisplayLength) if get_vars.iDisplayLength else 10
    limit = 4 * display_length

    list_fields = ["id", "name"]
    default_orderby = orderby = "org_organisation.name asc"
    if representation == "aadata":
        query, orderby, left = resource.datatable_filter(list_fields, get_vars)
        if orderby is None:
            orderby = default_orderby

    data = resource.select(list_fields,
                           start=display_start,
                           limit=limit,
                           orderby=orderby,
                           count=True,
                           represent=True)
    filteredrows = data["numrows"]
    rfields = data["rfields"]
    data = data["rows"]

    dt = S3DataTable(rfields, data)
    dt.defaultActionButtons(resource)
    current.response.s3.no_formats = True

    if representation == "html":
        items = dt.html(
            totalrows,
            totalrows,
            "org_dt",
            dt_displayLength=display_length,
            dt_ajax_url=URL(
                c="default",
                f="organisation",
                extension="aadata",
                vars={"id": "org_dt"},
            ),
            dt_pagination="true",
        )
    elif representation == "aadata":
        if "sEcho" in request.vars:
            echo = int(request.vars.sEcho)
        else:
            echo = None
        items = dt.json(totalrows, filteredrows, "org_dt", echo)
    else:
        from gluon.http import HTTP
        raise HTTP(501, current.ERROR.BAD_FORMAT)
    return items
Exemplo n.º 4
0
def _newsfeed():
    """
        Custom Page
        - Filterable DataList of CMS Posts & a DataList of Events
    """

    #if not current.auth.is_logged_in():
    #    current.auth.permission.fail()

    T = current.T
    s3db = current.s3db
    request = current.request
    response = current.response
    s3 = response.s3

    # Ensure that filtered views translate into options which update the Widget
    get_vars = request.get_vars
    if "~.series_id$name" in get_vars:
        series_name = get_vars["~.series_id$name"]
        table = s3db.cms_series
        series = current.db(table.name == series_name).select(
            table.id, limitby=(0, 1)).first()
        if series:
            series_id = str(series.id)
            get_vars.pop("~.series_id$name")
            get_vars["~.series_id__belongs"] = series_id

    current.deployment_settings.customise_controller("cms_post")

    list_layout = s3.render_posts

    filter_widgets = [
        S3TextFilter(
            ["body"],
            label="",
            _class="filter-search",
            #_placeholder=T("Search").upper(),
        ),
        S3OptionsFilter(
            "series_id",
            label=T("Filter by Type"),
            represent="%(name)s",
            widget="multiselect",
            hidden=True,
        ),
        S3LocationFilter(
            "location_id",
            label=T("Filter by Location"),
            levels=("L1", "L2", "L3"),
            widget="multiselect",
            hidden=True,
        ),
        S3OptionsFilter(
            "created_by$organisation_id",
            label=T("Filter by Organization"),
            # Can't use this for integers, use field.represent instead
            #represent="%(name)s",
            widget="multiselect",
            hidden=True,
        ),
        S3DateFilter(
            "created_on",
            label=T("Filter by Date"),
            hide_time=True,
            hidden=True,
        ),
    ]

    s3db.configure(
        "cms_post",
        # We use a custom Advanced widget
        filter_advanced=False,
        filter_formstyle=filter_formstyle,
        filter_submit=(T("SEARCH"), "btn btn-primary"),
        filter_widgets=filter_widgets,
        list_layout=list_layout,
        # Create form comes via AJAX in a Modal
        insertable=False,
        notify_fields=[
            (T("Type"), "series_id"),
            (T("Date"), "date"),
            (T("Location"), "location_id"),
            (T("Description"), "body"),
        ],
        notify_template="notify_post",
    )

    s3.dl_pagelength = 6  # 5 forces an AJAX call

    old_args = request.args
    if "datalist_dl_post" in old_args:
        # DataList pagination or Ajax-deletion request
        request.args = ["datalist_f"]
        ajax = "list"
    elif "datalist_dl_filter" in old_args:
        # FilterForm options update request
        request.args = ["filter"]
        ajax = "filter"
    elif "validate.json" in old_args:
        # Inline component validation request
        request.args = []
        ajax = True
    elif current.auth.permission.format == "msg":
        # Subscription lookup request
        request.args = []
        ajax = True
    else:
        # Default
        request.args = ["datalist_f"]
        ajax = None

    def prep(r):
        if ajax == "list":
            r.representation = "dl"
        elif ajax == "filter":
            r.representation = "json"
        return True

    s3.prep = prep

    output = current.rest_controller(
        "cms",
        "post",
        list_ajaxurl=URL(f="index", args="datalist_dl_post"),
        filter_ajax_url=URL(f="index", args="datalist_dl_filter", vars={}),
    )

    request.args = old_args

    if ajax == "list":
        # Don't override view if this is an Ajax-deletion request
        if not "delete" in request.get_vars:
            response.view = "plain.html"
    elif not ajax:
        # Set Title & View after REST Controller, in order to override
        output["title"] = T("News Feed")
        view = path.join(request.folder, "modules", "templates", THEME,
                         "views", "newsfeed.html")
        try:
            # Pass view as file not str to work in compiled mode
            response.view = open(view, "rb")
        except IOError:
            from gluon.http import HTTP
            raise HTTP(404, "Unable to open Custom View: %s" % view)

        s3.js_global.append('''i18n.adv_search="%s"''' % T("Advanced Search"))
        s3.scripts.append("/%s/static/themes/%s/js/newsfeed.js" %
                          (request.application, THEME))

        # Latest 5 Disasters
        resource = s3db.resource("event_event")
        layout = render_events
        list_id = "event_datalist"
        limit = 5
        orderby = "start_date desc"
        list_fields = [
            "name",
            "event_type_id$name",
            "start_date",
            "closed",
        ]
        output["disasters"] = latest_records(resource, layout, list_id, limit,
                                             list_fields, orderby)

    return output
Exemplo n.º 5
0
def run_view_in(environment):
    """
    Executes the view for the requested action.
    The view is the one specified in `response.view` or determined by the url
    or `view/generic.extension`
    It tries the pre-compiled views_controller_function.pyc before compiling it.
    """
    request = current.request
    response = current.response
    view = environment['response'].view
    folder = request.folder
    path = pjoin(folder, 'compiled')
    badv = 'invalid view (%s)' % view
    patterns = response.get('generic_patterns')
    if patterns:
        regex = re_compile('|'.join(map(fnmatch.translate, patterns)))
        short_action = '%(controller)s/%(function)s.%(extension)s' % request
        allow_generic = regex.search(short_action)
    else:
        allow_generic = False
    if not isinstance(view, str):
        ccode = parse_template(view,
                               pjoin(folder, 'views'),
                               context=environment)
        restricted(ccode, environment, 'file stream')
    else:
        filename = pjoin(folder, 'views', view)
        if os.path.exists(path):  # compiled views
            x = view.replace('/', '.')
            files = ['views.%s.pyc' % x]
            is_compiled = os.path.exists(pjoin(path, files[0]))
            # Don't use a generic view if the non-compiled view exists.
            if is_compiled or (not is_compiled
                               and not os.path.exists(filename)):
                if allow_generic:
                    files.append('views_generic.%s.pyc' % request.extension)
                # for backward compatibility
                if request.extension == 'html':
                    files.append('views_%s.pyc' % x[:-5])
                    if allow_generic:
                        files.append('views_generic.pyc')
                # end backward compatibility code
                for f in files:
                    compiled = pjoin(path, f)
                    if os.path.exists(compiled):
                        code = read_pyc(compiled)
                        restricted(code, environment, layer=compiled)
                        return
        if not os.path.exists(filename) and allow_generic:
            view = 'generic.' + request.extension
            filename = pjoin(folder, 'views', view)
        if not os.path.exists(filename):
            raise HTTP(404,
                       rewrite.THREAD_LOCAL.routes.error_message % badv,
                       web2py_error=badv)
        layer = filename
        if is_gae:
            ccode = getcfs(
                layer, filename, lambda: compile2(
                    parse_template(view,
                                   pjoin(folder, 'views'),
                                   context=environment), layer))
        else:
            ccode = parse_template(view,
                                   pjoin(folder, 'views'),
                                   context=environment)
        restricted(ccode, environment, layer)
Exemplo n.º 6
0
    def __call__(self):

        request = current.request
        response = current.response

        settings = current.deployment_settings
        response.title = settings.get_system_name()

        T = current.T
        s3 = response.s3
        appname = request.application

        project_items = project()()
        datatable_ajax_source = "/%s/default/index/project.aadata" % \
                                appname
        s3.actions = None
        project_box = DIV(H3(T("Projects")),
                          A(T("Add Project"),
                            _href=URL(c="project",
                                      f="project",
                                      args=["create"]),
                            _id="add-btn",
                            _class="action-btn",
                            _style="margin-right:10px;"),
                          project_items,
                          _id="org_box",
                          _class="menu_box fleft")

        # Login/Registration forms
        self_registration = settings.get_security_self_registration()
        registered = False
        login_form = None
        login_div = None
        register_form = None
        register_div = None
        roles = current.session.s3.roles
        auth = current.auth
        system_roles = auth.get_system_roles()
        AUTHENTICATED = system_roles.AUTHENTICATED
        if AUTHENTICATED not in roles:
            # This user isn't yet logged-in
            if request.cookies.has_key("registered"):
                # This browser has logged-in before
                registered = True

            if self_registration:
                # Provide a Registration box on front page
                register_form = auth.register()
                register_div = DIV(H3(T("Register")),
                                   P(XML(T("If you would like to add data, then please %(sign_up_now)s") % \
                                            dict(sign_up_now=B(T("sign-up now"))))))

                # Add client-side validation
                s3_register_validation()

                if request.env.request_method == "POST":
                    post_script = \
'''$('#register_form').removeClass('hide')
$('#login_form').addClass('hide')'''
                else:
                    post_script = ""
                register_script = \
'''$('#register-btn').attr('href','#register')
$('#login-btn').attr('href','#login')
%s
$('#register-btn').click(function(){
 $('#register_form').removeClass('hide')
 $('#login_form').addClass('hide')
})
$('#login-btn').click(function(){
 $('#register_form').addClass('hide')
 $('#login_form').removeClass('hide')
})''' % post_script
                s3.jquery_ready.append(register_script)

            # Provide a login box on front page
            request.args = ["login"]
            auth.messages.submit_button = T("Login")
            login_form = auth()
            login_div = DIV(H3(T("Login")),
                            P(XML(T("Registered users can %(login)s to access the system" % \
                                    dict(login=B(T("login")))))))

        view = path.join(request.folder, "private", "templates", "OCHA",
                         "views", "index.html")
        try:
            # Pass view as file not str to work in compiled mode
            response.view = open(view, "rb")
        except IOError:
            from gluon.http import HTTP
            raise HTTP("404", "Unable to open Custom View: %s" % view)

        return dict(
            title=response.title,
            project_box=project_box,
            r=None,  # Required for dataTable to work
            datatable_ajax_source=datatable_ajax_source,
            self_registration=self_registration,
            registered=registered,
            login_form=login_form,
            login_div=login_div,
            register_form=register_form,
            register_div=register_div)
Exemplo n.º 7
0
            raise HTTP(404, error_message, web2py_error='invalid file')
    else:
        fp.close()
    stat_file = os.stat(static_file)
    fsize = stat_file[stat.ST_SIZE]
    modified = stat_file[stat.ST_MTIME]
    mtime = time.strftime('%a, %d %b %Y %H:%M:%S GMT', time.gmtime(modified))
    headers.setdefault('Content-Type', contenttype(static_file))
    headers.setdefault('Last-Modified', mtime)
    headers.setdefault('Pragma', 'cache')
    headers.setdefault('Cache-Control', 'private')

    # if this is a normal response and not a respnse to an error page
    if status == 200:
        if request and request.env.http_if_modified_since == mtime:
            raise HTTP(304, **{'Content-Type': headers['Content-Type']})

        elif request and request.env.http_range:
            start_items = regex_start_range.findall(request.env.http_range)
            if not start_items:
                start_items = [0]
            stop_items = regex_stop_range.findall(request.env.http_range)
            if not stop_items or int(stop_items[0]) > fsize - 1:
                stop_items = [fsize - 1]
            part = (int(start_items[0]), int(stop_items[0]), fsize)
            bytes = part[1] - part[0] + 1
            try:
                stream = open(static_file, 'rb')
            except IOError, e:
                if e[0] in (errno.EISDIR, errno.EACCES):
                    raise HTTP(403)
Exemplo n.º 8
0
    def __call__(self):

        request = current.request
        response = current.response

        view = path.join(request.folder, "private", "templates", THEME,
                         "views", "contact.html")
        try:
            # Pass view as file not str to work in compiled mode
            response.view = open(view, "rb")
        except IOError:
            from gluon.http import HTTP
            raise HTTP(404, "Unable to open Custom View: %s" % view)

        if request.env.request_method == "POST":
            # Processs Form
            vars = request.post_vars
            result = current.msg.send_email(
                to=current.deployment_settings.get_mail_approver(),
                subject=vars.subject,
                message=vars.message,
                reply_to=vars.address,
            )
            if result:
                response.confirmation = "Thankyou for your message - we'll be in touch shortly"

        #T = current.T

        form = DIV(
            H1("Contact Us"),
            P("You can leave a message using the contact form below."),
            FORM(TABLE(
                TR(LABEL("Your name:", SPAN(" *", _class="req"), _for="name")),
                TR(
                    INPUT(_name="name",
                          _type="text",
                          _size=62,
                          _maxlength="255")),
                TR(
                    LABEL("Your e-mail address:",
                          SPAN(" *", _class="req"),
                          _for="address")),
                TR(
                    INPUT(_name="address",
                          _type="text",
                          _size=62,
                          _maxlength="255")),
                TR(LABEL("Subject:", SPAN(" *", _class="req"),
                         _for="subject")),
                TR(
                    INPUT(_name="subject",
                          _type="text",
                          _size=62,
                          _maxlength="255")),
                TR(LABEL("Message:", SPAN(" *", _class="req"), _for="name")),
                TR(
                    TEXTAREA(_name="message",
                             _class="resizable",
                             _rows=5,
                             _cols=62)),
                TR(INPUT(_type="submit", _value="Send e-mail")),
            ),
                 _id="mailform"))
        s3 = response.s3
        if s3.cdn:
            if s3.debug:
                s3.scripts.append(
                    "http://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.js"
                )
            else:
                s3.scripts.append(
                    "http://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.min.js"
                )

        else:
            if s3.debug:
                s3.scripts.append("/%s/static/scripts/jquery.validate.js" %
                                  request.application)
            else:
                s3.scripts.append("/%s/static/scripts/jquery.validate.min.js" %
                                  request.application)
        s3.jquery_ready.append('''$('#mailform').validate({
 errorClass:'req',
 rules:{
  name:{
   required:true
  },
  subject:{
   required:true
  },
  message:{
   required:true
  },
  name:{
   required:true
  },
  address: {
   required:true,
   email:true
  }
 },
 messages:{
  name:"Enter your name",
  subject:"Enter a subject",
  message:"Enter a message",
  address:{
   required:"Please enter a valid email address",
   email:"Please enter a valid email address"
  }
 },
 errorPlacement:function(error,element){
  error.appendTo(element.parents('tr').prev().children())
 },
 submitHandler:function(form){
  form.submit()
 }
})''')
        # @ToDo: Move to static
        s3.jquery_ready.append(
            '''$('textarea.resizable:not(.textarea-processed)').each(function() {
    // Avoid non-processed teasers.
    if ($(this).is(('textarea.teaser:not(.teaser-processed)'))) {
        return false;
    }
    var textarea = $(this).addClass('textarea-processed'), staticOffset = null;
    // When wrapping the text area, work around an IE margin bug. See:
    // http://jaspan.com/ie-inherited-margin-bug-form-elements-and-haslayout
    $(this).wrap('<div class="resizable-textarea"><span></span></div>')
    .parent().append($('<div class="grippie"></div>').mousedown(startDrag));
    var grippie = $('div.grippie', $(this).parent())[0];
    grippie.style.marginRight = (grippie.offsetWidth - $(this)[0].offsetWidth) +'px';
    function startDrag(e) {
        staticOffset = textarea.height() - e.pageY;
        textarea.css('opacity', 0.25);
        $(document).mousemove(performDrag).mouseup(endDrag);
        return false;
    }
    function performDrag(e) {
        textarea.height(Math.max(32, staticOffset + e.pageY) + 'px');
        return false;
    }
    function endDrag(e) {
        $(document).unbind("mousemove", performDrag).unbind("mouseup", endDrag);
        textarea.css('opacity', 1);
    }
});''')

        response.title = "Contact | NYC Prepared"
        return dict(form=form)
Exemplo n.º 9
0
def raiseHttp(code, msg, isJson=False):
    #print("raiseHttp: code {} msg {} isJson {}".format(code, msg, isJson))
    if isJson is True:
        msg = json.dumps(msg)

    raise HTTP(code, msg)
Exemplo n.º 10
0
    def __call__(self):

        T = current.T
        auth = current.auth
        db = current.db
        request = current.request
        appname = request.application
        response = current.response
        s3 = response.s3
        settings = current.deployment_settings

        view = path.join(request.folder, "private", "templates", "Delphi",
                         "views", "index.html")
        try:
            # Pass view as file not str to work in compiled mode
            response.view = open(view, "rb")
        except IOError:
            from gluon.http import HTTP
            raise HTTP("404", "Unable to open Custom View: %s" % view)

        title = settings.get_system_name()
        response.title = title

        # Check logged in AND permissions
        _s3 = current.session.s3
        AUTHENTICATED = _s3.system_roles.AUTHENTICATED
        roles = _s3.roles

        # Login/Registration forms
        self_registration = settings.get_security_self_registration()
        registered = False
        login_form = None
        login_div = None
        register_form = None
        register_div = None
        if AUTHENTICATED not in roles:
            # This user isn't yet logged-in
            if request.cookies.has_key("registered"):
                # This browser has logged-in before
                registered = True

            if self_registration:
                # Provide a Registration box on front page
                register_form = auth.s3_registration_form()
                register_div = DIV(H3(T("Register")),
                                   P(XML(T("If you would like to help, then please %(sign_up_now)s") % \
                                            dict(sign_up_now=B(T("sign-up now"))))))

                if request.env.request_method == "POST":
                    post_script = \
'''$('#register_form').removeClass('hide')
$('#login_form').addClass('hide')'''
                else:
                    post_script = ""
                register_script = \
'''$('#register-btn').attr('href','#register')
$('#login-btn').attr('href','#login')
%s
$('#register-btn').click(function(){
 $('#register_form').removeClass('hide')
 $('#login_form').addClass('hide')
})
$('#login-btn').click(function(){
 $('#register_form').addClass('hide')
 $('#login_form').removeClass('hide')
})''' % post_script
                s3.jquery_ready.append(register_script)

            # Provide a login box on front page
            request.args = ["login"]
            auth.messages.submit_button = T("Login")
            login_form = auth()
            login_div = DIV(H3(T("Login")),
                            P(XML(T("Registered users can %(login)s to access the system") % \
                                  dict(login=B(T("login"))))))

        return dict(title=title,
                    self_registration=self_registration,
                    registered=registered,
                    login_form=login_form,
                    login_div=login_div,
                    register_form=register_form,
                    register_div=register_div)
Exemplo n.º 11
0
                email = '%s.fakemail' %(user['id'])
            else:
                email = user['email']    

            return dict(first_name = user['name'],                        
                        username = username,
                        email = '%s' %(email), 
                        registration_id = 'f_' + user['id'] )

from gluon.http import HTTP


try:
    from linkedin.linkedin import LinkedInApplication
except ImportError:
    raise HTTP(400, "linkedin module not found")

from gluon.contrib.login_methods.oauth20_account import OAuthAccount
import hashlib
import random

# To configure linkedin apps go to https://www.linkedin.com/developer/apps/

class LinkedInAccount(OAuthAccount):
    TOKEN_URL="https://www.linkedin.com/uas/oauth2/accessToken"
    AUTH_URL="https://www.linkedin.com/uas/oauth2/authorization"
    linkedin_key=myconf.get('authkeys.linkedin_key')
    linkedin_secret=myconf.get('authkeys.linkedin_secret')

    def __init__(self):
        OAuthAccount.__init__(self, 'linkedin', self.linkedin_key, self.linkedin_secret,
Exemplo n.º 12
0
def deployment_page(r, **attr):
    """
        Custom Method for deployment page.
    """

    if r.http != "GET":
        r.error(405, current.ERROR.BAD_METHOD)

    db = current.db
    s3db = current.s3db
    output = {}

    output["deployment_name"] = r.record.name
    output["description"] = r.record.description

    # Query the organisation name
    otable = s3db.org_organisation
    query = (otable.id == r.record.organisation_id) & \
            (otable.deleted == False)

    rows = db(query).select(otable.name, limitby=(0, 1)).first()
    output["org_name"] = rows.name

    # Query the locations
    ltable = s3db.project_location
    gtable = s3db.gis_location
    query = (ltable.project_id == r.id) & \
            (ltable.location_id == gtable.id) & \
            (gtable.deleted == False)
    rows = db(query).select(gtable.name)
    output["locations"] = [row.name for row in rows]

    # Query the links
    dtable = s3db.doc_document
    query = (dtable.doc_id == r.record.doc_id) & \
            (dtable.url != "") & \
            (dtable.url != None) & \
            (dtable.deleted == False)
    rows = db(query).select(dtable.name, dtable.url)
    output["links"] = [(row.name, row.url) for row in rows]


    query = (dtable.doc_id == r.record.doc_id) & \
            (dtable.file != "") & \
            (dtable.file != None) & \
            (dtable.deleted == False)
    rows = db(query).select(dtable.name, dtable.file)
    output["files"] = [(row.name, row.file) for row in rows]

    # Set the custom view
    from os import path
    view = path.join(current.request.folder, "private", "templates", "SSF",
                     "views", "deployment_page.html")
    try:
        # Pass view as file not str to work in compiled mode
        current.response.view = open(view, "rb")
    except IOError:
        from gluon.http import HTTP
        raise HTTP(404, "Unable to open Custom View: %s" % view)

    return output
Exemplo n.º 13
0
    def __call__(self):

        auth = current.auth
        if auth.is_logged_in():
            # Redirect to Map
            redirect(URL(c="hms", f="hospital", args=["map"]))

        request = current.request
        response = current.response
        response.title = current.deployment_settings.get_system_name()

        T = current.T
        db = current.db
        s3db = current.s3db
        s3 = response.s3
        appname = request.application
        settings = current.deployment_settings

        # Check logged in and permissions
        roles = current.session.s3.roles
        system_roles = auth.get_system_roles()
        AUTHENTICATED = system_roles.AUTHENTICATED
        if AUTHENTICATED in roles and \
           auth.s3_has_permission("read", s3db.hms_hospital):
            hospital_items = self.hospital()
            datatable_ajax_source = "/%s/default/hospital.aadata" % \
                                    appname
            s3.actions = None
            hospital_box = DIV(H3(T("Hospitals")),
                               A(T("Add Hospital"),
                                 _href=URL(c="hms",
                                           f="hospital",
                                           args=["create"]),
                                 _id="add-btn",
                                 _class="action-btn",
                                 _style="margin-right:10px;"),
                               hospital_items,
                               _id="org_box",
                               _class="menu_box fleft")
        else:
            hospital_box = ""
            datatable_ajax_source = ""

        item = ""
        if settings.has_module("cms"):
            table = s3db.cms_post
            item = db(table.module == "default").select(table.body,
                                                        limitby=(0,
                                                                 1)).first()
            if item:
                item = DIV(XML(item.body))
            else:
                item = ""

        # Login/Registration forms
        self_registration = settings.get_security_self_registration()
        registered = False
        login_form = None
        login_div = None
        register_form = None
        register_div = None
        if AUTHENTICATED not in roles:
            # This user isn't yet logged-in
            if request.cookies.has_key("registered"):
                # This browser has logged-in before
                registered = True

            if self_registration:
                # Provide a Registration box on front page
                register_form = auth.s3_registration_form()
                register_div = DIV(H3(T("Register")),
                                   P(XML(T("If you would like to help, then please %(sign_up_now)s") % \
                                            dict(sign_up_now=B(T("sign-up now"))))))

                if request.env.request_method == "POST":
                    post_script = \
'''$('#register_form').removeClass('hide')
$('#login_form').addClass('hide')'''
                else:
                    post_script = ""
                register_script = \
'''$('#register-btn').attr('href','#register')
$('#login-btn').attr('href','#login')
%s
$('#register-btn').click(function(){
 $('#register_form').removeClass('hide')
 $('#login_form').addClass('hide')
})
$('#login-btn').click(function(){
 $('#register_form').addClass('hide')
 $('#login_form').removeClass('hide')
})''' % post_script
                s3.jquery_ready.append(register_script)

            # Provide a login box on front page
            request.args = ["login"]
            auth.messages.submit_button = T("Login")
            login_form = auth()
            login_div = DIV(H3(T("Login")),
                            P(XML(T("Registered users can %(login)s to access the system") % \
                                  dict(login=B(T("login"))))))

        if settings.frontpage.rss:
            s3.external_stylesheets.append(
                "http://www.google.com/uds/solutions/dynamicfeed/gfdynamicfeedcontrol.css"
            )
            s3.scripts.append(
                "http://www.google.com/jsapi?key=notsupplied-wizard")
            s3.scripts.append(
                "http://www.google.com/uds/solutions/dynamicfeed/gfdynamicfeedcontrol.js"
            )
            counter = 0
            feeds = ""
            for feed in settings.frontpage.rss:
                counter += 1
                feeds = "".join((feeds, "{title:'%s',\n" % feed["title"],
                                 "url:'%s'}" % feed["url"]))
                # Don't add a trailing comma for old IEs
                if counter != len(settings.frontpage.rss):
                    feeds += ",\n"
            # feedCycleTime: milliseconds before feed is reloaded (5 minutes)
            feed_control = "".join(('''
function LoadDynamicFeedControl(){
 var feeds=[
  ''', feeds, '''
 ]
 var options={
  feedCycleTime:300000,
  numResults:5,
  stacked:true,
  horizontal:false,
  title:"''', str(T("News")), '''"
 }
 new GFdynamicFeedControl(feeds,'feed-control',options)
}
google.load('feeds','1')
google.setOnLoadCallback(LoadDynamicFeedControl)'''))
            s3.js_global.append(feed_control)

        view = path.join(request.folder, "private", "templates", "Sandy",
                         "views", "index.html")
        try:
            # Pass view as file not str to work in compiled mode
            response.view = open(view, "rb")
        except IOError:
            from gluon.http import HTTP
            raise HTTP(404, "Unable to open Custom View: %s" % view)

        return dict(
            title=response.title,
            item=item,
            hospital_box=hospital_box,
            r=None,  # Required for dataTable to work
            datatable_ajax_source=datatable_ajax_source,
            self_registration=self_registration,
            registered=registered,
            login_form=login_form,
            login_div=login_div,
            register_form=register_form,
            register_div=register_div)
Exemplo n.º 14
0
            # ##################################################
            # on application error, rollback database
            # ##################################################

            try:
                if response._custom_rollback:
                    response._custom_rollback()
                else:
                    BaseAdapter.close_all_instances('rollback')
            except:
                pass
            e = RestrictedError('Framework', '', '', locals())
            ticket = e.log(request) or 'unrecoverable'
            http_response = \
                HTTP(500, rwthread.routes.error_message_ticket
                     % dict(ticket=ticket),
                     web2py_error='ticket %s' % ticket)

    finally:
        if response and hasattr(response, 'session_file') \
                and response.session_file:
            response.session_file.close()

    session._unlock(response)
    http_response, new_environ = try_rewrite_on_error(http_response, request,
                                                      environ, ticket)
    if not http_response:
        return wsgibase(new_environ, responder)
    if global_settings.web2py_crontype == 'soft':
        newcron.softcron(global_settings.applications_parent).start()
    return http_response.to(responder, env=env)
Exemplo n.º 15
0
def stream_file_or_304_or_206(static_file,
                              chunk_size=DEFAULT_CHUNK_SIZE,
                              request=None,
                              headers={},
                              status=200,
                              error_message=None):
    # FIX THIS
    # if error_message is None:
    #     error_message = rewrite.THREAD_LOCAL.routes.error_message % 'invalid request'
    try:
        if PY2:
            open_f = file  # this makes no sense but without it GAE cannot open files
        else:
            open_f = open
        fp = open_f(static_file, 'rb')
    except IOError as e:
        if e[0] == errno.EISDIR:
            raise HTTP(403, error_message, web2py_error='file is a directory')
        elif e[0] == errno.EACCES:
            raise HTTP(403, error_message, web2py_error='inaccessible file')
        else:
            raise HTTP(404, error_message, web2py_error='invalid file')
    else:
        fp.close()
    stat_file = os.stat(static_file)
    fsize = stat_file[stat.ST_SIZE]
    modified = stat_file[stat.ST_MTIME]
    mtime = time.strftime('%a, %d %b %Y %H:%M:%S GMT', time.gmtime(modified))
    headers.setdefault('Content-Type', contenttype(static_file))
    headers.setdefault('Last-Modified', mtime)
    headers.setdefault('Pragma', 'cache')
    headers.setdefault('Cache-Control', 'private')

    # if this is a normal response and not a respnse to an error page
    if status == 200:
        if request and request.env.http_if_modified_since == mtime:
            raise HTTP(304, **{'Content-Type': headers['Content-Type']})

        elif request and request.env.http_range:
            start_items = regex_start_range.findall(request.env.http_range)
            if not start_items:
                start_items = [0]
            stop_items = regex_stop_range.findall(request.env.http_range)
            if not stop_items or int(stop_items[0]) > fsize - 1:
                stop_items = [fsize - 1]
            part = (int(start_items[0]), int(stop_items[0]), fsize)
            bytes = part[1] - part[0] + 1
            try:
                stream = open(static_file, 'rb')
            except IOError as e:
                if e[0] in (errno.EISDIR, errno.EACCES):
                    raise HTTP(403)
                else:
                    raise HTTP(404)
            stream.seek(part[0])
            headers['Content-Range'] = 'bytes %i-%i/%i' % part
            headers['Content-Length'] = '%i' % bytes
            status = 206
    # in all the other cases (not 304, not 206, but 200 or error page)
    if status != 206:
        enc = request.env.http_accept_encoding
        if enc and 'gzip' in enc and not 'Content-Encoding' in headers:
            gzipped = static_file + '.gz'
            if os.path.isfile(
                    gzipped) and os.path.getmtime(gzipped) >= modified:
                static_file = gzipped
                fsize = os.path.getsize(gzipped)
                headers['Content-Encoding'] = 'gzip'
                headers['Vary'] = 'Accept-Encoding'
        try:
            stream = open(static_file, 'rb')
        except IOError as e:
            # this better does not happer when returning an error page ;-)
            if e[0] in (errno.EISDIR, errno.EACCES):
                raise HTTP(403)
            else:
                raise HTTP(404)
        headers['Content-Length'] = fsize
        bytes = None
    if request and request.env.web2py_use_wsgi_file_wrapper:
        wrapped = request.env.wsgi_file_wrapper(stream, chunk_size)
    else:
        wrapped = streamer(stream, chunk_size=chunk_size, bytes=bytes)
    raise HTTP(status, wrapped, **headers)
Exemplo n.º 16
0
    def __call__(self):

        request = current.request
        response = current.response

        response.title = current.deployment_settings.get_system_name()

        T = current.T
        db = current.db
        auth = current.auth
        s3db = current.s3db
        s3 = response.s3
        appname = request.application
        settings = current.deployment_settings

        has_module = settings.has_module
        if has_module("cr"):
            table = s3db.cr_shelter
            SHELTERS = s3.crud_strings["cr_shelter"].title_list
        else:
            SHELTERS = ""

        # Menu Boxes
        menu_btns = [  #div, label, app, function
            #["col1", T("Staff"), "hrm", "staff"],
            #["col1", T("Volunteers"), "vol", "volunteer"],
            ["col1", T("Projects"), "project", "project"],
            ["col1", T("Vehicles"), "vehicle", "vehicle"],
            ["col2", T("Assets"), "asset", "asset"],
            ["col2", T("Inventory Items"), "inv", "inv_item"],
            #["facility", T("Facilities"), "org", "facility"],
            ["facility", T("Hospitals"), "hms", "hospital"],
            ["facility", T("Offices"), "org", "office"],
            ["facility", SHELTERS, "cr", "shelter"],
            ["facility", T("Transport"), "transport", "index"],
            ["facility", T("Warehouses"), "inv", "warehouse"],
        ]

        menu_divs = {
            "col1":
            DIV(_id="menu_div_col1", _class="menu_div"),
            "col2":
            DIV(_id="menu_div_col2", _class="menu_div"),
            "facility":
            DIV(H3(T("Facilities")), _id="facility_box", _class="menu_box"),
        }

        for div, label, app, function in menu_btns:
            if has_module(app):
                # @ToDo: Also check permissions (e.g. for anonymous users)
                menu_divs[div].append(
                    A(DIV(label, _class="menu-btn-r"),
                      _class="menu-btn-l",
                      _href=URL(app, function)))

        cols_box = DIV(
            H3(T("Humanitarian Projects")),
            DIV(_id="menu_div_col0"),
            menu_divs["col1"],
            menu_divs["col2"],
            _id="cols_box",
            #_class="menu_box fleft swidth"
            _class="menu_box")
        facility_box = menu_divs["facility"]
        facility_box.append(A(IMG(_src="/%s/static/img/map_icon_128.png" % \
                                        appname),
                              _href = URL(c="gis", f="index"),
                              _title = T("Map")
                              )
                            )

        datatable_ajax_source = ""

        # Check logged in AND permissions
        roles = current.session.s3.roles
        system_roles = auth.get_system_roles()
        AUTHENTICATED = system_roles.AUTHENTICATED
        table = s3db.org_organisation
        has_permission = auth.s3_has_permission
        if AUTHENTICATED in roles and \
           has_permission("read", table):
            org_items = self.organisation()
            datatable_ajax_source = "/%s/default/organisation.aadata" % \
                                    appname
            s3.actions = None
            permit = auth.permission
            permit.controller = "org"
            permit.function = "site"
            permitted_facilities = auth.permitted_facilities(
                redirect_on_error=False)
            if permitted_facilities:
                facilities = s3db.org_SiteRepresent().bulk(
                    permitted_facilities)
                facility_list = [(fac, facilities[fac]) for fac in facilities]
                facility_list = sorted(facility_list, key=lambda fac: fac[1])
                facility_opts = [
                    OPTION(fac[1], _value=fac[0]) for fac in facility_list
                ]
                manage_facility_box = DIV(
                    H3(T("Manage Your Facilities")),
                    SELECT(_id="manage_facility_select",
                           _style="max-width:400px;",
                           *facility_opts),
                    A(
                        T("Go"),
                        _href=URL(c="default",
                                  f="site",
                                  args=[facility_list[0][0]]),
                        #_disabled = "disabled",
                        _id="manage_facility_btn",
                        _class="action-btn"),
                    _id="manage_facility_box",
                    _class="menu_box fleft")
                s3.jquery_ready.append(
                    '''$('#manage_facility_select').change(function(){
 $('#manage_facility_btn').attr('href',S3.Ap.concat('/default/site/',$('#manage_facility_select').val()))
})''')
            else:
                manage_facility_box = ""

            if has_permission("create", table):
                create = A(T("Add Organization"),
                           _href=URL(c="org",
                                     f="organisation",
                                     args=["create"]),
                           _id="add-btn",
                           _class="action-btn",
                           _style="margin-right: 10px;")
            else:
                create = ""
            org_box = DIV(H3(T("Organizations")),
                          create,
                          org_items,
                          _id="org_box",
                          _class="menu_box fleft")
        else:
            manage_facility_box = ""
            org_box = ""

        # Login/Registration forms
        self_registration = settings.get_security_self_registration()
        registered = False
        login_form = None
        login_div = None
        register_form = None
        register_div = None
        if AUTHENTICATED not in roles:
            # This user isn't yet logged-in
            if request.cookies.has_key("registered"):
                # This browser has logged-in before
                registered = True

            if self_registration:
                # Provide a Registration box on front page
                register_form = auth.s3_registration_form()
                register_div = DIV(H3(T("Register")),
                                   P(XML(T("If you would like to help, then please %(sign_up_now)s") % \
                                            dict(sign_up_now=B(T("sign-up now"))))))

                if request.env.request_method == "POST":
                    post_script = \
'''$('#register_form').removeClass('hide')
$('#login_form').addClass('hide')'''
                else:
                    post_script = ""
                register_script = \
'''$('#register-btn').attr('href','#register')
$('#login-btn').attr('href','#login')
%s
$('#register-btn').click(function(){
 $('#register_form').removeClass('hide')
 $('#login_form').addClass('hide')
})
$('#login-btn').click(function(){
 $('#register_form').addClass('hide')
 $('#login_form').removeClass('hide')
})''' % post_script
                s3.jquery_ready.append(register_script)

            # Provide a login box on front page
            request.args = ["login"]
            auth.messages.submit_button = T("Login")
            login_form = auth()
            login_div = DIV(H3(T("Login")),
                            P(XML(T("Registered users can %(login)s to access the system") % \
                                  dict(login=B(T("login"))))))

        if settings.frontpage.rss:
            s3.external_stylesheets.append(
                "http://www.google.com/uds/solutions/dynamicfeed/gfdynamicfeedcontrol.css"
            )
            s3.scripts.append(
                "http://www.google.com/jsapi?key=notsupplied-wizard")
            s3.scripts.append(
                "http://www.google.com/uds/solutions/dynamicfeed/gfdynamicfeedcontrol.js"
            )
            counter = 0
            feeds = ""
            for feed in settings.frontpage.rss:
                counter += 1
                feeds = "".join((feeds, "{title:'%s',\n" % feed["title"],
                                 "url:'%s'}" % feed["url"]))
                # Don't add a trailing comma for old IEs
                if counter != len(settings.frontpage.rss):
                    feeds += ",\n"
            # feedCycleTime: milliseconds before feed is reloaded (5 minutes)
            feed_control = "".join(('''
function LoadDynamicFeedControl(){
 var feeds=[
  ''', feeds, '''
 ]
 var options={
  feedCycleTime:300000,
  numResults:5,
  stacked:true,
  horizontal:false,
  title:"''', str(T("News")), '''"
 }
 new GFdynamicFeedControl(feeds,'feed-control',options)
}
google.load('feeds','1')
google.setOnLoadCallback(LoadDynamicFeedControl)'''))
            s3.js_global.append(feed_control)

        view = path.join(request.folder, "private", "templates", "EUROSHA",
                         "views", "index.html")
        try:
            # Pass view as file not str to work in compiled mode
            response.view = open(view, "rb")
        except IOError:
            from gluon.http import HTTP
            raise HTTP(404, "Unable to open Custom View: %s" % view)

        return dict(
            title=response.title,
            cols_box=cols_box,
            facility_box=facility_box,
            manage_facility_box=manage_facility_box,
            org_box=org_box,
            r=None,  # Required for dataTable to work
            datatable_ajax_source=datatable_ajax_source,
            self_registration=self_registration,
            registered=registered,
            login_form=login_form,
            login_div=login_div,
            register_form=register_form,
            register_div=register_div)
Exemplo n.º 17
0
    def __call__(self):

        request = current.request
        response = current.response

        view = path.join(request.folder, "modules", "templates", THEME,
                         "views", "contact.html")
        try:
            # Pass view as file not str to work in compiled mode
            response.view = open(view, "rb")
        except IOError:
            from gluon.http import HTTP
            raise HTTP(404, "Unable to open Custom View: %s" % view)

        if request.env.request_method == "POST":
            # Processs Form
            vars = request.post_vars
            result = current.msg.send_email(
                #to=current.deployment_settings.get_mail_approver(),
                to="*****@*****.**",
                subject=vars.subject,
                message=vars.message,
                reply_to=vars.address,
            )
            if result:
                response.confirmation = "Thankyou for your message - we'll be in touch shortly"

        #T = current.T

        # form = FORM(TABLE(
        # TR(LABEL("Your name:",
        # SPAN(" *", _class="req"),
        # _for="name")),
        # TR(INPUT(_name="name", _type="text", _size=62, _maxlength="255")),
        # TR(LABEL("Your e-mail address:",
        # SPAN(" *", _class="req"),
        # _for="address")),
        # TR(INPUT(_name="address", _type="text", _size=62, _maxlength="255")),
        # TR(LABEL("Subject:",
        # SPAN(" *", _class="req"),
        # _for="subject")),
        # TR(INPUT(_name="subject", _type="text", _size=62, _maxlength="255")),
        # TR(LABEL("Message:",
        # SPAN(" *", _class="req"),
        # _for="name")),
        # TR(TEXTAREA(_name="message", _class="resizable", _rows=5, _cols=62)),
        # TR(INPUT(_type="submit", _value="Send e-mail")),
        # ),
        # _id="contact-form"
        # )
        s3 = response.s3
        if s3.cdn:
            if s3.debug:
                s3.scripts.append(
                    "http://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.js"
                )
            else:
                s3.scripts.append(
                    "http://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.min.js"
                )

        else:
            if s3.debug:
                s3.scripts.append("/%s/static/scripts/jquery.validate.js" %
                                  request.application)
            else:
                s3.scripts.append("/%s/static/scripts/jquery.validate.min.js" %
                                  request.application)
        s3.jquery_ready.append('''$('#contact-form').validate({
 errorClass:'req',
 rules:{
  name:{
   required:true
  },
  subject:{
   required:true
  },
  message:{
   required:true
  },
  name:{
   required:true
  },
  address: {
   required:true,
   email:true
  }
 },
 messages:{
  name:"Enter your name",
  subject:"Enter a subject",
  message:"Enter a message",
  address:{
   required:"Please enter a valid email address",
   email:"Please enter a valid email address"
  }
 },
 errorPlacement:function(error,element){
  error.appendTo(element.parents('tr').prev().children())
 },
 submitHandler:function(form){
  form.submit()
 }
})''')

        response.title = "Contact | DRR Project Portal"
        return dict(
            #form=form
        )
Exemplo n.º 18
0
    def organisation():
        """
            Function to handle pagination for the org list on the homepage
        """

        request = current.request
        get_vars = request.get_vars

        resource = current.s3db.resource("org_organisation")
        totalrows = resource.count()
        if "iDisplayLength" in get_vars:
            display_length = int(get_vars["iDisplayLength"])
        else:
            display_length = 10
        limit = 4 * display_length

        list_fields = ["id", "name"]
        filter, orderby, left = resource.datatable_filter(
            list_fields, get_vars)
        resource.add_filter(filter)

        data = resource.select(list_fields,
                               start=0,
                               limit=limit,
                               orderby=orderby,
                               left=left,
                               count=True,
                               represent=True)
        filteredrows = data["numrows"]
        rfields = data["rfields"]
        rows = data["rows"]

        dt = S3DataTable(rfields, rows)
        dt_id = "org_dt"

        if request.extension == "html":
            dt.defaultActionButtons(resource)
            current.response.s3.no_formats = True
            items = dt.html(
                totalrows,
                filteredrows,
                dt_id,
                dt_displayLength=display_length,
                dt_ajax_url=URL(
                    c="default",
                    f="organisation",
                    extension="aadata",
                    vars={"id": dt_id},
                ),
                dt_pagination="true",
            )
        elif request.extension == "aadata":
            if "sEcho" in get_vars:
                echo = int(get_vars.sEcho)
            else:
                echo = None
            items = dt.json(totalrows, filteredrows, dt_id, echo)
            current.response.headers["Content-Type"] = "application/json"
        else:
            from gluon.http import HTTP
            raise HTTP(501, current.ERROR.BAD_FORMAT)
        return items
Exemplo n.º 19
0
def _newsfeed():
    """
        Custom Page
        - Filterable DataList of CMS Posts & a DataList of Events
    """

    #if not current.auth.is_logged_in():
    #    current.auth.permission.fail()

    T = current.T
    s3db = current.s3db
    request = current.request
    response = current.response
    s3 = response.s3

    current.deployment_settings.ui.customize_cms_post()

    list_layout = s3.render_posts

    filter_widgets = [S3TextFilter(["body"],
                                   label="",
                                   _class="filter-search",
                                   #_placeholder=T("Search").upper(),
                                   ),
                      S3OptionsFilter("series_id",
                                      label=T("Filter by Type"),
                                      represent="%(name)s",
                                      widget="multiselect",
                                      cols=3,
                                      hidden=True,
                                      ),
                      S3LocationFilter("location_id",
                                       label=T("Filter by Location"),
                                       levels=["L1", "L2", "L3"],
                                       widget="multiselect",
                                       cols=3,
                                       hidden=True,
                                       ),
                      S3OptionsFilter("created_by$organisation_id",
                                      label=T("Filter by Organization"),
                                      represent="%(name)s",
                                      widget="multiselect",
                                      cols=3,
                                      hidden=True,
                                      ),
                      S3DateFilter("created_on",
                                   label=T("Filter by Date"),
                                   hide_time=True,
                                   hidden=True,
                                   ),
                      ]

    s3db.configure("cms_post",
                   # We use a custom Advanced widget
                   filter_advanced = False,
                   filter_formstyle = filter_formstyle,
                   filter_submit = (T("SEARCH"), "btn btn-primary"),
                   filter_widgets = filter_widgets,
                   list_layout = list_layout,
                   # Create form comes via AJAX in a Modal
                   insertable = False,
                   notify_fields = [(T("Type"), "series_id"),
                                    (T("Date"), "date"),
                                    (T("Location"), "location_id"),
                                    (T("Description"), "body"),
                                   ]
                   )

    s3.dl_pagelength = 6  # 5 forces an AJAX call

    if "datalist_dl_post" in request.args:
        # DataList pagination or Ajax-deletion request
        request.args = ["datalist_f"]
        ajax = "list"
    elif "datalist_dl_filter" in request.args:
        # FilterForm options update request
        request.args = ["filter"]
        ajax = "filter"
    elif "validate.json" in request.args:
        # Inline component validation request
        request.args = []
        ajax = True
    elif current.auth.permission.format == "msg":
        # Subscription lookup request
        request.args = []
        ajax = True
    else:
        # Default
        request.args = ["datalist_f"]
        ajax = None

    def prep(r):
        if ajax == "list":
            r.representation = "dl"
        elif ajax == "filter":
            r.representation = "json"
        return True
    s3.prep = prep

    output = current.rest_controller("cms", "post",
                                     list_ajaxurl = URL(f="index",
                                                        args="datalist_dl_post"),
                                     filter_ajax_url = URL(f="index",
                                                           args="datalist_dl_filter",
                                                           vars={}))

    if ajax == "list":
        # Don't override view if this is an Ajax-deletion request
        if not "delete" in request.get_vars:
            response.view = "plain.html"
    elif not ajax:
        # Set Title & View after REST Controller, in order to override
        output["title"] = T("News Feed")
        view = path.join(request.folder, "private", "templates",
                         THEME, "views", "newsfeed.html")
        try:
            # Pass view as file not str to work in compiled mode
            response.view = open(view, "rb")
        except IOError:
            from gluon.http import HTTP
            raise HTTP("404", "Unable to open Custom View: %s" % view)

        scripts = []
        sappend = scripts.append
        # Style the Search TextFilter widget
        sappend('''$('#post-cms_post_body-text-filter__row').addClass('input-append').append('<span class="add-on"><i class="icon-search"></i></span>')''')
        # Button to toggle Advanced Form
        sappend('''$('#list-filter').append('<a class="accordion-toggle"><i class="icon-reorder"></i> %s</a>')''' % T("Advanced Search"))
        sappend('''$('.accordion-toggle').click(function(){$('.advanced').toggle()})''')
        s3.jquery_ready.append('''\n'''.join(scripts))
        
        # Latest 5 Disasters
        resource = s3db.resource("event_event")
        list_fields = ["name",
                       "event_type_id$name",
                       "zero_hour",
                       "closed",
                       ]
        orderby = resource.get_config("list_orderby",
                                      ~resource.table.created_on)
        datalist, numrows, ids = resource.datalist(fields=list_fields,
                                                   start=None,
                                                   limit=5,
                                                   listid="event_datalist",
                                                   orderby=orderby,
                                                   layout=render_events)
        if numrows == 0:
            # Empty table or just no match?
            table = resource.table
            if "deleted" in table:
                available_records = current.db(table.deleted != True)
            else:
                available_records = current.db(table._id > 0)
            if available_records.select(table._id,
                                        limitby=(0, 1)).first():
                msg = DIV(S3CRUD.crud_string(resource.tablename,
                                             "msg_no_match"),
                          _class="empty")
            else:
                msg = DIV(S3CRUD.crud_string(resource.tablename,
                                             "msg_list_empty"),
                          _class="empty")
            data = msg
        else:
            # Render the list
            dl = datalist.html()
            data = dl
        output["disasters"] = data

    return output
Exemplo n.º 20
0
def run_controller_in(controller, function, environment):
    """
    Runs the controller.function() (for the app specified by
    the current folder).
    It tries pre-compiled controller.function.pyc first before compiling it.
    """
    # if compiled should run compiled!
    folder = current.request.folder
    cpath = pjoin(folder, 'compiled')
    badc = 'invalid controller (%s/%s)' % (controller, function)
    badf = 'invalid function (%s/%s)' % (controller, function)
    if exists(cpath):
        filename = pjoin(cpath,
                         'controllers.%s.%s.pyc' % (controller, function))
        try:
            ccode = getcfs(filename, filename, lambda: read_pyc(filename))
        except IOError:
            raise HTTP(404,
                       rewrite.THREAD_LOCAL.routes.error_message % badf,
                       web2py_error=badf)
    elif function == '_TEST':
        # TESTING: adjust the path to include site packages
        paths = (global_settings.gluon_parent,
                 abspath('site-packages',
                         gluon=True), abspath('gluon', gluon=True), '')
        [add_path_first(path) for path in paths]
        # TESTING END

        filename = pjoin(folder, 'controllers/%s.py' % controller)
        if not exists(filename):
            raise HTTP(404,
                       rewrite.THREAD_LOCAL.routes.error_message % badc,
                       web2py_error=badc)
        environment['__symbols__'] = list(environment.keys())
        code = read_file(filename)
        code += TEST_CODE
        ccode = compile2(code, filename)
    else:
        filename = pjoin(folder, 'controllers/%s.py' % controller)
        try:
            code = getcfs(filename, filename, lambda: read_file(filename))
        except IOError:
            raise HTTP(404,
                       rewrite.THREAD_LOCAL.routes.error_message % badc,
                       web2py_error=badc)
        exposed = find_exposed_functions(code)
        if function not in exposed:
            raise HTTP(404,
                       rewrite.THREAD_LOCAL.routes.error_message % badf,
                       web2py_error=badf)
        code = "%s\nresponse._vars=response._caller(%s)" % (code, function)
        layer = "%s:%s" % (filename, function)
        ccode = getcfs(layer, filename, lambda: compile2(code, filename))

    restricted(ccode, environment, layer=filename)
    response = environment["response"]
    vars = response._vars
    if response.postprocessing:
        vars = reduce(lambda vars, p: p(vars), response.postprocessing, vars)
    if isinstance(vars, unicodeT):
        vars = to_native(vars)
    elif hasattr(vars, 'xml') and callable(vars.xml):
        vars = vars.xml()
    return vars
Exemplo n.º 21
0
def wsgibase(environ, responder):
    """
    The gluon wsgi application. The first function called when a page
    is requested (static or dynamic). It can be called by paste.httpserver
    or by apache mod_wsgi (or any WSGI-compatible server).

      - fills request with info
      - the environment variables, replacing '.' with '_'
      - adds web2py path and version info
      - compensates for fcgi missing path_info and query_string
      - validates the path in url

    The url path must be either:

    1. for static pages:

      - /<application>/static/<file>

    2. for dynamic pages:

      - /<application>[/<controller>[/<function>[/<sub>]]][.<extension>]

    The naming conventions are:

      - application, controller, function and extension may only contain
        `[a-zA-Z0-9_]`
      - file and sub may also contain '-', '=', '.' and '/'
    """
    eget = environ.get
    current.__dict__.clear()
    request = Request(environ)
    response = Response()
    session = Session()
    env = request.env
    # env.web2py_path = global_settings.applications_parent
    env.web2py_version = web2py_version
    # env.update(global_settings)
    static_file = False
    http_response = None
    try:
        try:
            try:
                # ##################################################
                # handle fcgi missing path_info and query_string
                # select rewrite parameters
                # rewrite incoming URL
                # parse rewritten header variables
                # parse rewritten URL
                # serve file if static
                # ##################################################

                fixup_missing_path_info(environ)
                (static_file, version, environ) = url_in(request, environ)
                response.status = env.web2py_status_code or response.status

                if static_file:
                    if eget('QUERY_STRING', '').startswith('attachment'):
                        response.headers['Content-Disposition'] \
                            = 'attachment'
                    if version:
                        response.headers['Cache-Control'] = 'max-age=315360000'
                        response.headers[
                            'Expires'] = 'Thu, 31 Dec 2037 23:59:59 GMT'
                    response.stream(static_file, request=request)

                # ##################################################
                # fill in request items
                # ##################################################
                app = request.application  # must go after url_in!

                if not global_settings.local_hosts:
                    local_hosts = set(['127.0.0.1', '::ffff:127.0.0.1', '::1'])
                    if not global_settings.web2py_runtime_gae:
                        try:
                            fqdn = socket.getfqdn()
                            local_hosts.add(socket.gethostname())
                            local_hosts.add(fqdn)
                            local_hosts.update([
                                addrinfo[4][0] for addrinfo
                                in getipaddrinfo(fqdn)])
                            if env.server_name:
                                local_hosts.add(env.server_name)
                                local_hosts.update([
                                        addrinfo[4][0] for addrinfo
                                        in getipaddrinfo(env.server_name)])
                        except (socket.gaierror, TypeError):
                            pass
                    global_settings.local_hosts = list(local_hosts)
                else:
                    local_hosts = global_settings.local_hosts
                client = get_client(env)
                x_req_with = str(env.http_x_requested_with).lower()
                cmd_opts = global_settings.cmd_options

                request.update(
                    client=client,
                    folder=abspath('applications', app),
                    ajax=x_req_with == 'xmlhttprequest',
                    cid=env.http_web2py_component_element,
                    is_local=(env.remote_addr in local_hosts and client == env.remote_addr),
                    is_shell=False,
                    is_scheduler=False,
                    is_https=env.wsgi_url_scheme in HTTPS_SCHEMES or
                             request.env.http_x_forwarded_proto in HTTPS_SCHEMES or env.https == 'on'
                    )
                request.url = environ['PATH_INFO']

                # ##################################################
                # access the requested application
                # ##################################################

                disabled = pjoin(request.folder, 'DISABLED')
                if not exists(request.folder):
                    if app == rwthread.routes.default_application \
                            and app != 'welcome':
                        redirect(URL('welcome', 'default', 'index'))
                    elif rwthread.routes.error_handler:
                        _handler = rwthread.routes.error_handler
                        redirect(URL(_handler['application'],
                                     _handler['controller'],
                                     _handler['function'],
                                     args=app))
                    else:
                        raise HTTP(404, rwthread.routes.error_message
                                   % 'invalid request',
                                   web2py_error='invalid application')
                elif not request.is_local and exists(disabled):
                    five0three = os.path.join(request.folder, 'static', '503.html')
                    if os.path.exists(five0three):
                        raise HTTP(503, open(five0three, 'r').read())
                    else:
                        raise HTTP(503, "<html><body><h1>Temporarily down for maintenance</h1></body></html>")

                # ##################################################
                # build missing folders
                # ##################################################

                create_missing_app_folders(request)

                # ##################################################
                # get the GET and POST data
                # ##################################################

                # parse_get_post_vars(request, environ)

                # ##################################################
                # expose wsgi hooks for convenience
                # ##################################################

                request.wsgi = LazyWSGI(environ, request, response)

                # ##################################################
                # load cookies
                # ##################################################

                if env.http_cookie:
                    for single_cookie in env.http_cookie.split(';'):
                        single_cookie = single_cookie.strip()
                        if single_cookie:
                            try:
                                request.cookies.load(single_cookie)
                            except Cookie.CookieError:
                                pass  # single invalid cookie ignore

                # ##################################################
                # try load session or create new session file
                # ##################################################

                if not env.web2py_disable_session:
                    session.connect(request, response)

                # ##################################################
                # run controller
                # ##################################################

                if global_settings.debugging and app != "admin":
                    import gluon.debug
                    # activate the debugger
                    gluon.debug.dbg.do_debug(mainpyfile=request.folder)

                serve_controller(request, response, session)
            except HTTP as hr:
                http_response = hr

                if static_file:
                    return http_response.to(responder, env=env)

                if request.body:
                    request.body.close()

                if hasattr(current, 'request'):

                    # ##################################################
                    # on success, try store session in database
                    # ##################################################
                    if not env.web2py_disable_session:
                        session._try_store_in_db(request, response)

                    # ##################################################
                    # on success, commit database
                    # ##################################################

                    if response.do_not_commit is True:
                        BaseAdapter.close_all_instances(None)
                    elif response.custom_commit:
                        BaseAdapter.close_all_instances(response.custom_commit)
                    else:
                        BaseAdapter.close_all_instances('commit')

                    # ##################################################
                    # if session not in db try store session on filesystem
                    # this must be done after trying to commit database!
                    # ##################################################
                    if not env.web2py_disable_session:
                        session._try_store_in_cookie_or_file(request, response)

                    # Set header so client can distinguish component requests.
                    if request.cid:
                        http_response.headers.setdefault(
                            'web2py-component-content', 'replace')

                    if request.ajax:
                        if response.flash:
                            http_response.headers['web2py-component-flash'] = \
                                urllib_quote(xmlescape(response.flash).replace(b'\n', b''))
                        if response.js:
                            http_response.headers['web2py-component-command'] = \
                                urllib_quote(response.js.replace('\n', ''))

                    # ##################################################
                    # store cookies in headers
                    # ##################################################

                    session._fixup_before_save()
                    http_response.cookies2headers(response.cookies)

                ticket = None

            except RestrictedError as e:

                if request.body:
                    request.body.close()

                # ##################################################
                # on application error, rollback database
                # ##################################################

                # log tickets before rollback if not in DB
                if not request.tickets_db:
                    ticket = e.log(request) or 'unknown'
                # rollback
                if response._custom_rollback:
                    response._custom_rollback()
                else:
                    BaseAdapter.close_all_instances('rollback')
                # if tickets in db, reconnect and store it in db
                if request.tickets_db:
                    ticket = e.log(request) or 'unknown'

                http_response = \
                    HTTP(500, rwthread.routes.error_message_ticket %
                         dict(ticket=ticket),
                         web2py_error='ticket %s' % ticket)

        except:

            if request.body:
                request.body.close()

            # ##################################################
            # on application error, rollback database
            # ##################################################

            try:
                if response._custom_rollback:
                    response._custom_rollback()
                else:
                    BaseAdapter.close_all_instances('rollback')
            except:
                pass
            e = RestrictedError('Framework', '', '', locals())
            ticket = e.log(request) or 'unrecoverable'
            http_response = \
                HTTP(500, rwthread.routes.error_message_ticket
                     % dict(ticket=ticket),
                     web2py_error='ticket %s' % ticket)

    finally:
        if response and hasattr(response, 'session_file') \
                and response.session_file:
            response.session_file.close()

    session._unlock(response)
    http_response, new_environ = try_rewrite_on_error(
        http_response, request, environ, ticket)
    if not http_response:
        return wsgibase(new_environ, responder)
    if global_settings.web2py_crontype == 'soft':
        newcron.softcron(global_settings.applications_parent).start()
    return http_response.to(responder, env=env)
Exemplo n.º 22
0
def user():
    """ Auth functions based on arg. See gluon/tools.py """

    arg = request.args(0)
    auth.settings.on_failed_authorization = URL(f="error")

    auth.configure_user_fields()
    auth.settings.register_onvalidation = register_validation

    _table_user = auth.settings.table_user

    auth.settings.profile_onaccept = auth.s3_user_profile_onaccept

    self_registration = settings.get_security_self_registration()
    login_form = register_form = None

    if request.args:
        arg = request.args(0)
    else:
        arg = None

    if arg == "login":
        # @ToDo: move this code to /modules/s3/s3aaa.py:def login?
        auth.messages.submit_button = T("Login")
        form = auth()
        #form = auth.login()
        login_form = form
        if s3.crud.submit_style:
            form[0][-1][1][0]["_class"] = s3.crud.submit_style
    elif arg == "register":
        # @ToDo: move this code to /modules/s3/s3aaa.py:def register?
        if not self_registration:
            session.error = T("Registration not permitted")
            redirect(URL(f="index"))

        form = auth.register()
        register_form = form
        # Add client-side validation
        s3base.s3_register_validation()
    elif arg == "change_password":
        form = auth()
    elif arg == "profile":
        form = auth.profile()
    else:
        # Retrieve Password / Logout
        form = auth()

    # Use Custom Ext views
    # Best to not use an Ext form for login: can't save username/password in browser & can't hit 'Enter' to submit!
    #if request.args(0) == "login":
    #    response.title = T("Login")
    #    response.view = "auth/login.html"

    if settings.get_template() != "default":
        # Try a Custom View
        view = os.path.join(request.folder, "private", "templates",
                            settings.get_template(), "views", "user.html")
        if os.path.exists(view):
            try:
                # Pass view as file not str to work in compiled mode
                response.view = open(view, "rb")
            except IOError:
                from gluon.http import HTTP
                raise HTTP("404", "Unable to open Custom View: %s" % view)

    return dict(form=form,
                login_form=login_form,
                register_form=register_form,
                self_registration=self_registration)
Exemplo n.º 23
0
def run_controller_in(controller, function, environment):
    """
    Runs the controller.function() (for the app specified by
    the current folder).
    It tries pre-compiled controller_function.pyc first before compiling it.
    """

    # if compiled should run compiled!
    folder = current.request.folder
    path = pjoin(folder, 'compiled')
    badc = 'invalid controller (%s/%s)' % (controller, function)
    badf = 'invalid function (%s/%s)' % (controller, function)
    if os.path.exists(path):
        filename = pjoin(path,
                         'controllers.%s.%s.pyc' % (controller, function))
        if not os.path.exists(filename):
            ### for backward compatibility
            filename = pjoin(path,
                             'controllers_%s_%s.pyc' % (controller, function))
            ### end for backward compatibility
            if not os.path.exists(filename):
                raise HTTP(404,
                           rewrite.THREAD_LOCAL.routes.error_message % badf,
                           web2py_error=badf)
        restricted(read_pyc(filename), environment, layer=filename)
    elif function == '_TEST':
        # TESTING: adjust the path to include site packages
        from settings import global_settings
        from admin import abspath, add_path_first
        paths = (global_settings.gluon_parent,
                 abspath('site-packages',
                         gluon=True), abspath('gluon', gluon=True), '')
        [add_path_first(path) for path in paths]
        # TESTING END

        filename = pjoin(folder, 'controllers/%s.py' % controller)
        if not os.path.exists(filename):
            raise HTTP(404,
                       rewrite.THREAD_LOCAL.routes.error_message % badc,
                       web2py_error=badc)
        environment['__symbols__'] = environment.keys()
        code = read_file(filename)
        code += TEST_CODE
        restricted(code, environment, layer=filename)
    else:
        filename = pjoin(folder, 'controllers/%s.py' % controller)
        if not os.path.exists(filename):
            raise HTTP(404,
                       rewrite.THREAD_LOCAL.routes.error_message % badc,
                       web2py_error=badc)
        code = read_file(filename)
        exposed = find_exposed_functions(code)
        if not function in exposed:
            raise HTTP(404,
                       rewrite.THREAD_LOCAL.routes.error_message % badf,
                       web2py_error=badf)
        code = "%s\nresponse._vars=response._caller(%s)\n" % (code, function)
        if is_gae:
            layer = filename + ':' + function
            code = getcfs(layer, filename, lambda: compile2(code, layer))
        restricted(code, environment, filename)
    response = current.response
    vars = response._vars
    if response.postprocessing:
        vars = reduce(lambda vars, p: p(vars), response.postprocessing, vars)
    if isinstance(vars, unicode):
        vars = vars.encode('utf8')
    elif hasattr(vars, 'xml') and callable(vars.xml):
        vars = vars.xml()
    return vars
Exemplo n.º 24
0
def about():
    """
        The About page provides details on the software dependencies and
        versions available to this instance of Sahana Eden.
    """

    response.title = T("About")
    if settings.get_template() != "default":
        # Try a Custom View
        view = os.path.join(request.folder, "private", "templates",
                            settings.get_template(), "views", "about.html")
        if os.path.exists(view):
            try:
                # Pass view as file not str to work in compiled mode
                response.view = open(view, "rb")
            except IOError:
                from gluon.http import HTTP
                raise HTTP("404", "Unable to open Custom View: %s" % view)

    import sys
    import subprocess
    import string

    python_version = sys.version
    web2py_version = open(apath("../VERSION"), "r").read()[8:]
    sahana_version = open(os.path.join(request.folder, "VERSION"), "r").read()
    # Database
    sqlite_version = None
    mysql_version = None
    mysqldb_version = None
    pgsql_version = None
    psycopg_version = None
    if db_string[0].find("sqlite") != -1:
        try:
            import sqlite3
            sqlite_version = sqlite3.version
        except:
            sqlite_version = T("Unknown")
    elif db_string[0].find("mysql") != -1:
        try:
            import MySQLdb
            mysqldb_version = MySQLdb.__revision__
        except:
            mysqldb_version = T("Not installed or incorrectly configured.")
            mysql_version = T("Unknown")
        else:
            #mysql_version = (subprocess.Popen(["mysql", "--version"], stdout=subprocess.PIPE).communicate()[0]).rstrip()[10:]
            con = MySQLdb.connect(host=settings.database.get("host", "localhost"),
                                  port=settings.database.get("port", None) or 3306,
                                  db=settings.database.get("database", "sahana"),
                                  user=settings.database.get("username", "sahana"),
                                  passwd=settings.database.get("password", "password")
                                  )
            cur = con.cursor()
            cur.execute("SELECT VERSION()")
            mysql_version = cur.fetchone()
    else:
        # Postgres
        try:
            import psycopg2
            psycopg_version = psycopg2.__version__
        except:
            psycopg_version = T("Not installed or incorrectly configured.")
            pgsql_version = T("Unknown")
        else:
            #pgsql_reply = (subprocess.Popen(["psql", "--version"], stdout=subprocess.PIPE).communicate()[0])
            #pgsql_version = string.split(pgsql_reply)[2]
            con = psycopg2.connect(host=settings.database.get("host", "localhost"),
                                   port=settings.database.get("port", None) or 5432,
                                   database=settings.database.get("database", "sahana"),
                                   user=settings.database.get("username", "sahana"),
                                   password=settings.database.get("password", "password")
                                   )
            cur = con.cursor()
            cur.execute("SELECT version()")
            pgsql_version = cur.fetchone()

    # Libraries
    try:
        import reportlab
        reportlab_version = reportlab.Version
    except:
        reportlab_version = T("Not installed or incorrectly configured.")
    try:
        import xlwt
        xlwt_version = xlwt.__VERSION__
    except:
        xlwt_version = T("Not installed or incorrectly configured.")
    return dict(
                python_version=python_version,
                sahana_version=sahana_version,
                web2py_version=web2py_version,
                sqlite_version=sqlite_version,
                mysql_version=mysql_version,
                mysqldb_version=mysqldb_version,
                pgsql_version=pgsql_version,
                psycopg_version=psycopg_version,
                reportlab_version=reportlab_version,
                xlwt_version=xlwt_version
                )
Exemplo n.º 25
0
 def login_form(self, **args):
     raise HTTP(403, 'Login not allowed. No valid x509 crentials')
Exemplo n.º 26
0
class Cache(object):
    """
    Sets up generic caching, creating an instance of both CacheInRam and
    CacheOnDisk.
    In case of GAE will make use of gluon.contrib.gae_memcache.

    - self.ram is an instance of CacheInRam
    - self.disk is an instance of CacheOnDisk
    """

    autokey = ':%(name)s:%(args)s:%(vars)s'

    def __init__(self, request):
        """
        Args:
            request: the global request object
        """
        # GAE will have a special caching
        if have_settings and settings.global_settings.web2py_runtime_gae:
            from gluon.contrib.gae_memcache import MemcacheClient
            self.ram = self.disk = MemcacheClient(request)
        else:
            # Otherwise use ram (and try also disk)
            self.ram = CacheInRam(request)
            try:
                self.disk = CacheOnDisk(request)
            except IOError:
                logger.warning('no cache.disk (IOError)')
            except AttributeError:
                # normally not expected anymore, as GAE has already
                # been accounted for
                logger.warning('no cache.disk (AttributeError)')

    def action(self,
               time_expire=DEFAULT_TIME_EXPIRE,
               cache_model=None,
               prefix=None,
               session=False,
               vars=True,
               lang=True,
               user_agent=False,
               public=True,
               valid_statuses=None,
               quick=None):
        """Better fit for caching an action

        Warning:
            Experimental!

        Currently only HTTP 1.1 compliant
        reference : http://code.google.com/p/doctype-mirror/wiki/ArticleHttpCaching

        Args:
            time_expire(int): same as @cache
            cache_model(str): same as @cache
            prefix(str): add a prefix to the calculated key
            session(bool): adds response.session_id to the key
            vars(bool): adds request.env.query_string
            lang(bool): adds T.accepted_language
            user_agent(bool or dict): if True, adds is_mobile and is_tablet to the key.
                Pass a dict to use all the needed values (uses str(.items()))
                (e.g. user_agent=request.user_agent()). Used only if session is
                not True
            public(bool): if False forces the Cache-Control to be 'private'
            valid_statuses: by default only status codes starting with 1,2,3 will be cached.
                pass an explicit list of statuses on which turn the cache on
            quick: Session,Vars,Lang,User-agent,Public:
                fast overrides with initials, e.g. 'SVLP' or 'VLP', or 'VLP'
        """
        from gluon import current
        from gluon.http import HTTP

        def wrap(func):
            def wrapped_f():
                if current.request.env.request_method != 'GET':
                    return func()
                if time_expire:
                    cache_control = 'max-age=%(time_expire)s, s-maxage=%(time_expire)s' % dict(
                        time_expire=time_expire)
                    if quick:
                        session_ = True if 'S' in quick else False
                        vars_ = True if 'V' in quick else False
                        lang_ = True if 'L' in quick else False
                        user_agent_ = True if 'U' in quick else False
                        public_ = True if 'P' in quick else False
                    else:
                        session_, vars_, lang_, user_agent_, public_ = session, vars, lang, user_agent, public
                    if not session_ and public_:
                        cache_control += ', public'
                        expires = (current.request.utcnow +
                                   datetime.timedelta(seconds=time_expire)
                                   ).strftime('%a, %d %b %Y %H:%M:%S GMT')
                    else:
                        cache_control += ', private'
                        expires = 'Fri, 01 Jan 1990 00:00:00 GMT'
                if cache_model:
                    #figure out the correct cache key
                    cache_key = [
                        current.request.env.path_info, current.response.view
                    ]
                    if session_:
                        cache_key.append(current.response.session_id)
                    elif user_agent_:
                        if user_agent_ is True:
                            cache_key.append("%(is_mobile)s_%(is_tablet)s" %
                                             current.request.user_agent())
                        else:
                            cache_key.append(str(user_agent_.items()))
                    if vars_:
                        cache_key.append(current.request.env.query_string)
                    if lang_:
                        cache_key.append(current.T.accepted_language)
                    cache_key = hashlib.md5('__'.join(cache_key)).hexdigest()
                    if prefix:
                        cache_key = prefix + cache_key
                    try:
                        #action returns something
                        rtn = cache_model(cache_key,
                                          lambda: func(),
                                          time_expire=time_expire)
                        http, status = None, current.response.status
                    except HTTP, e:
                        #action raises HTTP (can still be valid)
                        rtn = cache_model(cache_key,
                                          lambda: e.body,
                                          time_expire=time_expire)
                        http, status = HTTP(e.status, rtn,
                                            **e.headers), e.status
                    else:
                        #action raised a generic exception
                        http = None
                else:
                    #no server-cache side involved
                    try:
                        #action returns something
                        rtn = func()
                        http, status = None, current.response.status
                    except HTTP, e:
                        #action raises HTTP (can still be valid)
                        status = e.status
                        http = HTTP(e.status, e.body, **e.headers)
Exemplo n.º 27
0
def contact():
    """
        Give the user options to contact the site admins.
        Either:
            An internal Support Requests database
        or:
            Custom View
    """

    if auth.is_logged_in() and settings.has_module("support"):
        # Provide an internal Support Requests ticketing system.
        prefix = "support"
        resourcename = "req"
        tablename = "%s_%s" % (prefix, resourcename)
        table = s3db[tablename]

        # Pre-processor
        def prep(r):
            if r.interactive:
                # Only Admins should be able to update ticket status
                status = table.status
                actions = table.actions
                if not auth.s3_has_role(ADMIN):
                    status.writable = False
                    actions.writable = False
                if r.method != "update":
                    status.readable = False
                    status.writable = False
                    actions.readable = False
                    actions.writable = False
            return True

        s3.prep = prep

        output = s3_rest_controller(prefix, resourcename)
        return output

    template = settings.get_template()
    if template != "default":
        # Try a Custom Page
        controller = "applications.%s.private.templates.%s.controllers" % \
                            (appname, template)
        try:
            exec("import %s as custom" % controller) in globals(), locals()
        except ImportError, e:
            # No Custom Page available, try a custom view
            pass
        else:
            if "contact" in custom.__dict__:
                output = custom.contact()()
                return output

        # Try a Custom View
        view = os.path.join(request.folder, "private", "templates", template,
                            "views", "contact.html")
        if os.path.exists(view):
            try:
                # Pass view as file not str to work in compiled mode
                response.view = open(view, "rb")
            except IOError:
                from gluon.http import HTTP
                raise HTTP("404", "Unable to open Custom View: %s" % view)

            response.title = T("Contact us")
            return dict()
Exemplo n.º 28
0
    def __call__(self):

        request = current.request
        response = current.response

        view = path.join(request.folder, "modules", "templates", THEME,
                         "views", "register.html")
        try:
            # Pass view as file not str to work in compiled mode
            response.view = open(view, "rb")
        except IOError:
            from gluon.http import HTTP
            raise HTTP(404, "Unable to open Custom View: %s" % view)

        T = current.T
        auth = current.auth
        _settings = auth.settings

        # Default the profile language to the one currently active
        table = _settings.table_user
        table.language.default = T.accepted_language

        # Combo box for Organisation
        table.organisation_id.widget = S3OrganisationAutocompleteWidget()
        table.organisation_id.requires = IS_COMBO_BOX(
            "org_organisation", current.s3db.org_organisation_id.attr.requires)

        # Custom onaccept to process custom fields
        _settings.register_onaccept = register_onaccept

        # Build the registration form
        form = auth.register(js_validation=False)

        # Set the formstyle
        # @ToDo: Update to the fact that Auth now uses formstyle & use s3_addrow to add new rows
        _form = form[0]
        _form[-1] = TR(TD(_class="w2p_fl"),
                       TD(_class="w2p_fc"),
                       TD(INPUT(_type="submit", _value=T("Register")),
                          _class="w2p_fw"),
                       _id="submit_record_row")
        _form[0] = TR(TD(SPAN(" *", _class="req"), _class="w2p_fl"),
                      TD(LABEL(DIV("%s: " % T("First Name")),
                               _id="auth_user_first_name__label",
                               _for="auth_user_first_name"),
                         _class="w2p_fc"),
                      TD(INPUT(_id="auth_user_first_name",
                               _class="string",
                               _type="text",
                               _name="first_name",
                               _size="62"),
                         _class="w2p_fw"),
                      _id="auth_user_first_name_row")
        _form[1] = TR(TD(SPAN(" *", _class="req"), _class="w2p_fl"),
                      TD(LABEL(DIV("%s: " % T("Last Name")),
                               _id="auth_user_last_name__label",
                               _for="auth_user_last_name"),
                         _class="w2p_fc"),
                      TD(INPUT(_id="auth_user_last_name",
                               _class="string",
                               _type="text",
                               _name="last_name",
                               _size="62"),
                         _class="w2p_fw"),
                      _id="auth_user_last_name_row")
        _form[2] = TR(TD(_class="w2p_fl"),
                      TD(LABEL(DIV("%s: " % T("Organization")),
                               _id="auth_user_organisation_id__label",
                               _for="auth_user_organisation_id"),
                         _class="w2p_fc"),
                      TD(form.custom.widget.organisation_id, _class="w2p_fw"),
                      _id="auth_user_organisation_id_row")
        _form[3] = TR(TD(SPAN(" *", _class="req"), _class="w2p_fl"),
                      TD(LABEL(DIV("%s: " % T("E-Mail")),
                               _id="auth_user_email__label",
                               _for="auth_user_email"),
                         _class="w2p_fc"),
                      TD(INPUT(_id="auth_user_email",
                               _class="string",
                               _type="text",
                               _name="email",
                               _size="62"),
                         _class="w2p_fw"),
                      _id="auth_user_email_row")
        _form[4] = TR(TD(SPAN(" *", _class="req"), _class="w2p_fl"),
                      TD(LABEL(DIV("%s: " % T("Password")),
                               _id="auth_user_password__label",
                               _for="auth_user_password"),
                         _class="w2p_fc"),
                      TD(INPUT(
                          _id="auth_user_password",
                          _type="password",
                          _name="password",
                          _class="password",
                      ),
                         _class="w2p_fw"),
                      _id="auth_user_password_row")
        _form[5] = TR(TD(SPAN(" *", _class="req"), _class="w2p_fl"),
                      TD(LABEL(DIV("%s: " % T("Verify Password")),
                               _id="auth_user_password_two__label",
                               _for="auth_user_password_two"),
                         _class="w2p_fc"),
                      TD(INPUT(
                          _id="auth_user_password_two",
                          _type="password",
                          _name="password_two",
                          _class="password",
                      ),
                         _class="w2p_fw"),
                      _id="auth_user_password_two_row")

        # Add custom fields
        append = _form[2].append
        append(
            TR(TD(SPAN(" *", _class="req"), _class="w2p_fl"),
               TD(LABEL(DIV("%s: " % T("Role")),
                        _id="auth_user_position__label",
                        _for="auth_user_position"),
                  _class="w2p_fc"),
               TD(SELECT(OPTION(_value=""),
                         OPTION(T("Practitioner"), _value="1"),
                         OPTION(T("Consultant"), _value="2"),
                         OPTION(T("Researcher"), _value="3"),
                         OPTION(T("Academic"), _value="4"),
                         OPTION(T("Student"), _value="5"),
                         _name="position",
                         _id="auth_user_position",
                         _class="integer"),
                  _class="w2p_fw"),
               _id="auth_user_position_row"))
        append(
            TR(TD(
                SPAN(" *", _class="req"),
                DIV(_rel=
                    "If you do not specify an organisation, please enter your reason for using the DRR Project Portal.",
                    _class="labeltip"),
                _class="w2p_fl"),
               TD(LABEL(DIV("%s: " % T("Reason")),
                        _id="auth_user_reason__label",
                        _for="auth_user_reason"),
                  _class="w2p_fc"),
               TD(TEXTAREA(
                   _id="auth_user_reason",
                   _class="text",
                   _name="reason",
                   _rows="10",
                   _cols="50",
               ),
                  _class="w2p_fw"),
               _id="auth_user_reason_row"))

        # Add client-side validation
        s3 = response.s3
        appname = request.application
        if s3.debug:
            s3.scripts.append("/%s/static/scripts/jquery.pstrength.2.1.0.js" %
                              appname)
            s3.scripts.append("/%s/static/scripts/jquery.validate.js" %
                              appname)
        else:
            s3.scripts.append(
                "/%s/static/scripts/jquery.pstrength.2.1.0.min.js" % appname)
            s3.scripts.append("/%s/static/scripts/jquery.validate.min.js" %
                              appname)
        # @ToDo: s3_unicode if site being used with i18n
        s3.jquery_ready.append("".join(
            ('''
$('.auth_register').validate({
 errorClass:'req',
 rules:{
  first_name:{
   required:true
  },
  last_name:{
   required:true
  },
  position:{
   required:true,
  },
  reason:{
   required:true,
  },
  email:{
   required:true,
   email:true
  },
  password:{
   required:true
  },
  password_two:{
   required:true,
   equalTo:'.password:first'
  }
 },
 messages:{
  first_name:"''', str(T("Enter your first name")), '''",
  last_name:"''', str(T("Enter your last name")), '''",
  position:"''', str(T("Select your role")), '''",
  reason:"''', str(T("Enter a reason")), '''",
  password:{
   required:"''', str(T("Provide a password")), '''"
  },
  password_two:{
   required:"''', str(T("Repeat your password")), '''",
   equalTo:"''', str(T("Enter the same password as above")), '''"
  },
  email:{
   required:"''', str(T("Please enter a valid email address")), '''",
   email:"''', str(T("Please enter a valid email address")), '''"
  }
 },
 errorPlacement:function(error,element){
  error.appendTo(element.parent())
 },
 submitHandler:function(form){
  form.submit()
 }
})
$('.password:first').pstrength({minchar:''',
             str(_settings.password_min_length), ''',minchar_label:"''',
             str(T("The minimum number of characters is ")), '''"})
$('.labeltip').cluetip({activation:'hover',position:'mouse',sticky:false,showTitle:false,local:true})'''
             )))

        response.title = T("DRRPP - Register")

        return dict(form=form)
Exemplo n.º 29
0
def user():
    """ Auth functions based on arg. See gluon/tools.py """

    auth_settings = auth.settings
    utable = auth_settings.table_user

    arg = request.args(0)
    if arg == "verify_email":
        # Ensure we use the user's language
        key = request.args[-1]
        query = (utable.registration_key == key)
        user = db(query).select(utable.language, limitby=(0, 1)).first()
        if not user:
            redirect(auth_settings.verify_email_next)
        session.s3.language = user.language

    auth_settings.on_failed_authorization = URL(f="error")

    auth.configure_user_fields()
    auth_settings.profile_onaccept = auth.s3_user_profile_onaccept
    auth_settings.register_onvalidation = register_validation

    self_registration = settings.get_security_self_registration()
    login_form = register_form = None

    # Check for template-specific customisations
    customise = settings.customise_auth_user_controller
    if customise:
        customise(arg=arg)

    if arg == "login":
        title = response.title = T("Login")
        # @ToDo: move this code to /modules/s3/s3aaa.py:def login()?
        auth.messages.submit_button = T("Login")
        form = auth()
        #form = auth.login()
        login_form = form

    elif arg == "register":
        title = response.title = T("Register")
        # @ToDo: move this code to /modules/s3/s3aaa.py:def register()?
        if not self_registration:
            session.error = T("Registration not permitted")
            redirect(URL(f="index"))
        form = register_form = auth.s3_registration_form()

    elif arg == "change_password":
        title = response.title = T("Change Password")
        form = auth()
        # Add client-side validation
        if s3.debug:
            s3.scripts.append("/%s/static/scripts/jquery.pstrength.2.1.0.js" %
                              appname)
        else:
            s3.scripts.append(
                "/%s/static/scripts/jquery.pstrength.2.1.0.min.js" % appname)
        s3.jquery_ready.append("$('.password:eq(1)').pstrength()")

    elif arg == "retrieve_password":
        title = response.title = T("Retrieve Password")
        form = auth()

    elif arg == "profile":
        title = response.title = T("User Profile")
        form = auth.profile()

    elif arg == "options.s3json":
        # Used when adding organisations from registration form
        return s3_rest_controller(prefix="auth", resourcename="user")

    else:
        # logout or verify_email
        title = ""
        form = auth()

    if form:
        if s3.crud.submit_style:
            form[0][-1][1][0]["_class"] = s3.crud.submit_style
        elif settings.ui.formstyle == "bootstrap":
            form[0][-1][1][0]["_class"] = "btn btn-primary"

    # Use Custom Ext views
    # Best to not use an Ext form for login: can't save username/password in browser & can't hit 'Enter' to submit!
    #if request.args(0) == "login":
    #    response.title = T("Login")
    #    response.view = "auth/login.html"

    if settings.get_template() != "default":
        # Try a Custom View
        view = os.path.join(request.folder, "private", "templates",
                            settings.get_template(), "views", "user.html")
        if os.path.exists(view):
            try:
                # Pass view as file not str to work in compiled mode
                response.view = open(view, "rb")
            except IOError:
                from gluon.http import HTTP
                raise HTTP("404", "Unable to open Custom View: %s" % view)

    return dict(title=title,
                form=form,
                login_form=login_form,
                register_form=register_form,
                self_registration=self_registration)
Exemplo n.º 30
0
    def __call__(self):

        request = current.request
        response = current.response

        view = path.join(request.folder, "modules", "templates", THEME,
                         "views", "index.html")
        try:
            # Pass view as file not str to work in compiled mode
            response.view = open(view, "rb")
        except IOError:
            from gluon.http import HTTP
            raise HTTP(404, "Unable to open Custom View: %s" % view)

        # Show full width instead of login box if user is logged in
        if current.auth.is_logged_in():
            grid = "grid_12"
        else:
            grid = "grid_8"

        latest_projects = DIV(_id="front-latest-body",
                              _class="%s alpha" % grid)
        lappend = latest_projects.append

        db = current.db
        s3db = current.s3db
        table = s3db.project_project
        table_drrpp = s3db.project_drrpp
        query = (table.deleted != True) & \
                (table.approved_by != None)
        rows = db(query).select(
            table.id,
            table.name,
            table_drrpp.activities,
            table.organisation_id,
            table.start_date,
            left=table_drrpp.on(table.id == table_drrpp.project_id),
            limitby=(0, 3))
        project_ids = [r.project_project.id for r in rows]
        ltable = s3db.project_location
        gtable = s3db.gis_location
        query = (ltable.deleted != True) & \
                (ltable.project_id == table.id) & \
                (gtable.id == ltable.location_id) & \
                (gtable.level == "L0")
        locations = db(query).select(ltable.project_id, gtable.L0)
        odd = True
        for row in rows:
            countries = [
                l.gis_location.L0 for l in locations
                if l.project_location.project_id == row.project_project.id
            ]
            location = ", ".join(countries)
            if odd:
                _class = "front-latest-item odd %s alpha" % grid
            else:
                _class = "front-latest-item even %s alpha" % grid
            card = DIV(
                DIV(
                    A(row.project_project.name,
                      _href=URL(c="project",
                                f="project",
                                args=[row.project_project.id])),
                    _class="front-latest-title %s" % grid,
                ),
                DIV(
                    "Lead Organization: %s" % s3db.org_organisation_represent(
                        row.project_project.organisation_id),
                    _class="front-latest-desc %s" % grid,
                ),
                DIV(
                    SPAN("Start Date: %s" % row.project_project.start_date,
                         _class="front-latest-info-date"),
                    SPAN("Countries: %s" % location,
                         _class="front-latest-info-location"),
                    _class="front-latest-info %s" % grid,
                ),
                DIV(
                    row.project_drrpp.activities or "",
                    _class="front-latest-desc %s" % grid,
                ),
                _class=_class,
            )
            lappend(card)
            odd = False if odd else True

        login = current.auth.login(inline=True)

        appname = request.application
        s3 = response.s3
        if current.session.s3.debug:
            s3.scripts.append("/%s/static/themes/DRRPP/js/slides.jquery.js" %
                              appname)
        else:
            s3.scripts.append(
                "/%s/static/themes/DRRPP/js/slides.min.jquery.js" % appname)
        s3.jquery_ready.append('''
$('#slides').slides({
 play:8000,
 animationStart:function(current){
  $('.caption').animate({
   bottom:-35
  },100);
 },
 animationComplete:function(current){
  $('.caption').animate({
   bottom:0
  },200);
 },
 slidesLoaded:function() {
  $('.caption').animate({
   bottom:0
  },200);
 }
})''')

        return dict(
            title="Home",
            form=login,
            latest_projects=latest_projects,
        )
Exemplo n.º 31
0
            # ##################################################
            # on application error, rollback database
            # ##################################################

            try:
                if response._custom_rollback:
                    response._custom_rollback()
                else:
                    BaseAdapter.close_all_instances('rollback')
            except:
                pass
            e = RestrictedError('Framework', '', '', locals())
            ticket = e.log(request) or 'unrecoverable'
            http_response = \
                HTTP(500, rwthread.routes.error_message_ticket
                     % dict(ticket=ticket),
                     web2py_error='ticket %s' % ticket)

    finally:
        if response and hasattr(response, 'session_file') \
                and response.session_file:
            response.session_file.close()

    session._unlock(response)
    http_response, new_environ = try_rewrite_on_error(
        http_response, request, environ, ticket)
    if not http_response:
        return wsgibase(new_environ, responder)
    if global_settings.web2py_crontype == 'soft':
        newcron.softcron(global_settings.applications_parent).start()
    return http_response.to(responder, env=env)
Exemplo n.º 32
0
    def __call__(self):

        T = current.T
        auth = current.auth
        db = current.db
        request = current.request
        appname = request.application
        response = current.response
        s3 = response.s3
        settings = current.deployment_settings

        view = path.join(request.folder, "private", "templates", "RGIMS",
                         "views", "index.html")
        try:
            # Pass view as file not str to work in compiled mode
            response.view = open(view, "rb")
        except IOError:
            from gluon.http import HTTP
            raise HTTP("404", "Unable to open Custom View: %s" % view)

        title = settings.get_system_name()
        response.title = title

        # Menu Boxes
        menu_btns = [  #div, label, app, function
            ["sit", T("Request"), "req", "req"],
            ["dec", T("Send"), "inv", "send"],
            ["res", T("Receive"), "inv", "recv"]
        ]

        menu_divs = {
            "facility": DIV(H3("Map"), _id="facility_box", _class="menu_box"),
            "sit": DIV(_id="menu_div_sit", _class="menu_div"),
            "dec": DIV(_id="menu_div_dec", _class="menu_div"),
            "res": DIV(_id="menu_div_res", _class="menu_div"),
        }

        for div, label, app, function in menu_btns:
            if settings.has_module(app):
                # @ToDo: Also check permissions (e.g. for anonymous users)
                menu_divs[div].append(
                    A(DIV(label, _class="menu-btn-r"),
                      _class="menu-btn-l",
                      _href=URL(app, function)))

        div_arrow = DIV(IMG(_src = "/%s/static/img/arrow_blue_right.png" % \
                                     appname),
                        _class = "div_arrow")
        sit_dec_res_box = DIV(menu_divs["sit"],
                              div_arrow,
                              menu_divs["dec"],
                              div_arrow,
                              menu_divs["res"],
                              _id="sit_dec_res_box",
                              _class="menu_box fleft swidth"
                              #div_additional,
                              )
        facility_box = menu_divs["facility"]
        facility_box.append(A(IMG(_src = "/%s/static/img/map_icon_128.png" % \
                                           appname),
                              _href = URL(c="gis", f="index"),
                              _title = T("Map")
                              )
                            )

        # Check logged in AND permissions
        _s3 = current.session.s3
        AUTHENTICATED = _s3.system_roles.AUTHENTICATED
        roles = _s3.roles
        if AUTHENTICATED in roles and \
           auth.s3_has_permission("read", db.org_organisation):
            auth.permission.controller = "org"
            auth.permission.function = "site"
            permitted_facilities = auth.permitted_facilities(
                redirect_on_error=False)
            manage_facility_box = ""
            if permitted_facilities:
                facility_list = s3_represent_facilities(db,
                                                        permitted_facilities,
                                                        link=False)
                facility_list = sorted(facility_list, key=lambda fac: fac[1])
                facility_opts = [
                    OPTION(opt[1], _value=opt[0]) for opt in facility_list
                ]
                facility_opts.insert(0, OPTION("Please Select a Warehouse"))
                if facility_list:
                    manage_facility_box = DIV(
                        H3(T("Manage Your Warehouse")),
                        SELECT(_id="manage_facility_select",
                               _style="max-width:400px;",
                               *facility_opts),
                        A(
                            T("Go"),
                            _href=URL(c="default",
                                      f="site",
                                      args=[facility_list[0][0]]),
                            #_disabled = "disabled",
                            _id="manage_facility_btn",
                            _class="action-btn"),
                        _id="manage_facility_box",
                        _class="menu_box fleft")
                    s3.jquery_ready.append(
                        '''$('#manage_facility_select').change(function(){
 $('#manage_facility_btn').attr('href',S3.Ap.concat('/default/site/',$('#manage_facility_select').val()))
})''')
                else:
                    manage_facility_box = DIV()

        else:
            manage_facility_box = ""
        # Login/Registration forms
        self_registration = settings.get_security_self_registration()
        registered = False
        login_form = None
        login_div = None
        register_form = None
        register_div = None
        if AUTHENTICATED not in roles:
            # This user isn't yet logged-in
            if request.cookies.has_key("registered"):
                # This browser has logged-in before
                registered = True

            if self_registration:
                # Provide a Registration box on front page
                request.args = ["register"]
                if settings.get_terms_of_service():
                    auth.messages.submit_button = T(
                        "I accept. Create my account.")
                else:
                    auth.messages.submit_button = T("Register")
                register_form = auth()
                register_div = DIV(H3(T("Register")),
                                   P(XML(T("If you would like to help, then please %(sign_up_now)s") % \
                                            dict(sign_up_now=B(T("sign-up now"))))))

                # Add client-side validation
                s3_register_validation()

                if s3.debug:
                    s3.scripts.append("/%s/static/scripts/jquery.validate.js" %
                                      appname)
                else:
                    s3.scripts.append(
                        "/%s/static/scripts/jquery.validate.min.js" % appname)
                if request.env.request_method == "POST":
                    post_script = \
'''$('#register_form').removeClass('hide')
$('#login_form').addClass('hide')'''
                else:
                    post_script = ""
                register_script = \
'''$('#register-btn').attr('href','#register')
$('#login-btn').attr('href','#login')
%s
$('#register-btn').click(function(){
 $('#register_form').removeClass('hide')
 $('#login_form').addClass('hide')
})
$('#login-btn').click(function(){
 $('#register_form').addClass('hide')
 $('#login_form').removeClass('hide')
})''' % post_script
                s3.jquery_ready.append(register_script)

            # Provide a login box on front page
            request.args = ["login"]
            auth.messages.submit_button = T("Login")
            login_form = auth()
            login_div = DIV(H3(T("Login")),
                            P(XML(T("Registered users can %(login)s to access the system" % \
                                    dict(login=B(T("login")))))))

        return dict(title=title,
                    sit_dec_res_box=sit_dec_res_box,
                    facility_box=facility_box,
                    manage_facility_box=manage_facility_box,
                    self_registration=self_registration,
                    registered=registered,
                    login_form=login_form,
                    login_div=login_div,
                    register_form=register_form,
                    register_div=register_div)