def change_password(): id = request.args(0) form = SQLFORM.factory( Field('password', 'password', requires=db.auth_user['password'].requires), Field('password_again', 'password', requires=IS_EQUAL_TO( request.vars.password, error_message=T('Passwords do not match.')))) if form.accepts(request.vars, session): dbutils.log_event(db, user_id=auth.user.id, item_id=id, table_name='auth_user', access='change password', details='') db.auth_user[id] = dict(password=form.vars.password) session.flash = T('Password successfully changed.') redirect(URL('read', args=id)) return dict(form=form)
def test_factory(self): factory_form = SQLFORM.factory( Field('field_one', 'string', IS_NOT_EMPTY()), Field('field_two', 'string')) self.assertEqual( factory_form.xml(), b'<form action="#" enctype="multipart/form-data" method="post"><table><tr id="no_table_field_one__row"><td class="w2p_fl"><label class="" for="no_table_field_one" id="no_table_field_one__label">Field One: </label></td><td class="w2p_fw"><input class="string" id="no_table_field_one" name="field_one" type="text" value="" /></td><td class="w2p_fc"></td></tr><tr id="no_table_field_two__row"><td class="w2p_fl"><label class="" for="no_table_field_two" id="no_table_field_two__label">Field Two: </label></td><td class="w2p_fw"><input class="string" id="no_table_field_two" name="field_two" type="text" value="" /></td><td class="w2p_fc"></td></tr><tr id="submit_record__row"><td class="w2p_fl"></td><td class="w2p_fw"><input type="submit" value="Submit" /></td><td class="w2p_fc"></td></tr></table></form>' )
def myform(): form = SQLFORM.factory(Field("first_name", "string"), Field("last_name", "string")) def onvalidation(form): pass if form.process(session=application.session, onvaliidation=onvalidation).accepted: redirect(URL()) return dict(form=form)
def file_upload(): form = SQLFORM.factory(Field('file', 'upload', uploadfolder=application.config.upload_folder, requires=IS_IMAGE(extensions=('jpg', 'jpeg'))), _action=URL()) if form.process().accepted: redirect(URL()) return {'form': form}
def myform(): form = SQLFORM.factory(Field('first_name', 'string'), Field('last_name', 'string')) def onvalidation(form): pass if form.process(session=application.session, onvaliidation=onvalidation).accepted: redirect(URL()) return dict(form=form)
def reports(): response.subtitle = T("Report templates") response.view='nas/reports.html' response.cmd_back = ui.control.get_mobil_button(label=T("Account"), href=URL("account",**{'user_signature': True}), icon="back", ajax="false", theme="a", mini="true") nas_reports= ntool.getReportFiles(os.path.join(ns.request.folder,'static/resources/report')) frm_filter = SQLFORM.factory( Field('database', db.databases, requires = IS_IN_DB(db((db.databases.deleted==False)), db.databases.id, '%(alias)s'), label=T('Database')), Field('reptype', "string", label=T('Rep.type'), requires = IS_EMPTY_OR(IS_IN_SET(nas_reports["types"]))), Field('label', "string", label=T('Group'), requires = IS_EMPTY_OR(IS_IN_SET(nas_reports["labels"]))), Field('repname', type='string', length=50, label=T('Name/Description')), Field('install', type='boolean', label=T('Installed')), submit_button=T("Load"), table_name="filter", _id="frm_filter" ) if request.post_vars.has_key("report_labels"): if ns.local.setEngine(database=db.databases(id=request.post_vars["database"]).alias, check_ndi=False, created=False, createdb=False): for label_id in request.post_vars.keys(): if label_id not in("report_labels","database"): row_id = ns.connect.updateData("ui_message", values={"id":label_id,"msg":request.post_vars[label_id]}, validate=False, insert_row=False) if not row_id: response.flash = str(ns.error_message) ns.db.commit() if session.frm_filter: frm_filter.vars = session.frm_filter else: response.flash = str(ns.error_message) if request.post_vars.has_key("ins_cmd"): if ns.local.setEngine(database=db.databases(id=request.post_vars["ins_database"]).alias, check_ndi=False, created=False, createdb=False): if request.post_vars["ins_cmd"]=="delete": try: report_id = ns.db.ui_report(reportkey=request.post_vars["ins_reportkey"])["id"] ns.db(ns.db.ui_reportfields.report_id==report_id).delete() ns.db(ns.db.ui_reportsources.report_id==report_id).delete() ns.db((ns.db.ui_message.secname.like(request.post_vars["ins_reportkey"]+"%"))).delete() ns.db(ns.db.ui_report.id==report_id).delete() ns.db.commit() except Exception, err: response.flash = str(err) else: load = dbtool.loadReport(fileName=request.post_vars["ins_reportkey"]+".xml") if load != "OK": response.flash = load if session.frm_filter: frm_filter.vars = session.frm_filter else: response.flash = str(ns.error_message)
def edit(): form = SQLFORM.factory( Field('first_name', 'string', requires=IS_NOT_EMPTY(error_message='Please enter first name')), Field('last_name', 'string', requires=IS_NOT_EMPTY(error_message='Please enter last name')), _action=URL('experiments', 'default', 'edit') ) if form.process(session=application.session).accepted: redirect(URL()) return {'form': form}
def qrgen(): "Create QR codes" image = IMG(_src=URL('static/images', 'none.png'), _alt="none") form = SQLFORM.factory( Field('message', requires=IS_NOT_EMPTY()) ) if form.accepts(request.vars, session): msg=request.vars.message session.msg=request.vars.message image = IMG(_src=URL('qrcode',vars={'message':msg})) return dict(form=form,image=image) else: return dict(form=form,image=image)
def edit(): form = SQLFORM.factory( Field('first_name', 'string', requires=IS_NOT_EMPTY(error_message='Please enter first name')), Field('last_name', 'string', requires=IS_NOT_EMPTY(error_message='Please enter last name')), _action=URL('experiments', 'default', 'edit')) if form.process(session=application.session).accepted: redirect(URL()) return {'form': form}
def test_factory_applies_default_validators(self): from gluon import current factory_form = SQLFORM.factory(Field('a_date', type='date'), ) # Fake user input current.request.post_vars.update({ '_formname': 'no_table/create', 'a_date': '2018-09-14', '_formkey': '123', }) # Fake the formkey current.session['_formkey[no_table/create]'] = ['123'] self.assertTrue(factory_form.process().accepted) self.assertIsInstance(factory_form.vars.a_date, datetime.date)
def file_upload(): form = SQLFORM.factory( Field( "file", "upload", uploadfolder=application.config.upload_folder, requires=IS_IMAGE(extensions=("jpg", "jpeg")), ), _action=URL(), ) if form.process().accepted: redirect(URL()) return {"form": form}
def create_form(self): """ Build form for subscription settings """ T = current.T db = current.db response = current.response user = current.auth.user.pe_id stable = current.s3db.pr_subscription formstyle = current.deployment_settings.get_ui_formstyle() query = (stable.pe_id == user) & \ (stable.deleted != True) row = db(query).select(stable.id, stable.frequency, stable.email_format, limitby=(0, 1)) messages = Storage( ERROR = T("Error: could not update subscription settings"), SUCCESS = T("Settings updated"), ) if row: # Subscription exists, build form freq_field = stable.frequency format_field = stable.email_format freq_field.default = row[0].frequency format_field.default = row[0].email_format form = SQLFORM.factory(freq_field, format_field, formstyle = formstyle) if form.accepts(current.request.post_vars, current.session, keepvalues=True): formvars = form.vars from templates.SSF.config import TaskSubscriptions sub = TaskSubscriptions() sub.subscription["frequency"] = formvars.frequency sub.subscription["email_format"] = formvars.email_format if sub.update_subscription(): response.confirmation = messages.SUCCESS else: response.error = messages.ERROR return form else: return None
def create_form(self): """ Build form for subscription settings """ T = current.T db = current.db response = current.response user = current.auth.user.pe_id stable = current.s3db.pr_subscription formstyle = current.deployment_settings.get_ui_formstyle() query = (stable.pe_id == user) & \ (stable.deleted != True) row = db(query).select(stable.id, stable.frequency, stable.email_format, limitby=(0, 1)) messages = Storage( ERROR=T("Error: could not update subscription settings"), SUCCESS=T("Settings updated"), ) if row: # Subscription exists, build form freq_field = stable.frequency format_field = stable.email_format freq_field.default = row[0].frequency format_field.default = row[0].email_format form = SQLFORM.factory(freq_field, format_field, formstyle=formstyle) if form.accepts(current.request.post_vars, current.session, keepvalues=True): formvars = form.vars from templates.SSF.config import TaskSubscriptions sub = TaskSubscriptions() sub.subscription["frequency"] = formvars.frequency sub.subscription["email_format"] = formvars.email_format if sub.update_subscription(): response.confirmation = messages.SUCCESS else: response.error = messages.ERROR return form else: return None
def change_password(): id = request.args(0) form = SQLFORM.factory( Field('password', 'password', requires=db.auth_user['password'].requires), Field('password_again', 'password', requires=IS_EQUAL_TO(request.vars.password, error_message=T('Passwords do not match.')))) if form.accepts(request.vars, session): dbutils.log_event(db, user_id=auth.user.id, item_id=id, table_name='auth_user', access='change password', details='') db.auth_user[id] = dict(password=form.vars.password) session.flash = T('Password successfully changed.') redirect(URL('read', args=id)) return dict(form=form)
def create(): groups = db(db.auth_group.role != 'Admin').select( db.auth_group.id, db.auth_group.role, orderby=db.auth_group.role).json() form = SQLFORM.factory(db.auth_user, db.contact, Field('password_again', 'password', requires=IS_EQUAL_TO( request.vars.password, error_message='Passwords do not match.')), Field('is_active', 'boolean'), Field('groups', label='Search groups'), submit_button='Create User', hidden=dict(groups_new=None), table_name='user') form.element(_name='groups')['_onkeyup'] = "showgroups()" form.element(_name='groups')['_autocomplete'] = 'off' form.element( _name='contact_info')['_placeholder'] = 'insert contact details here' form.vars.is_active = 'on' if form.accepts(request.vars, session): if form.vars.is_active: form.vars.registration_key = '' else: form.vars.registration_key = 'blocked' id = db.auth_user.insert(**db.auth_user._filter_fields(form.vars)) form.vars.user_id = id db.contact.insert(**db.contact._filter_fields(form.vars)) if request.vars.groups_new: insert_groups(request.vars.groups_new.split(',')[:-1], id) dbutils.log_event(db, user_id=auth.user.id, item_id=id, table_name='auth_user', access='create') session.flash = T('User successfully added.') redirect(URL('index')) return dict(form=form, json=SCRIPT('var groups=%s' % groups))
def test_factory_applies_default_validators(self): from gluon import current factory_form = SQLFORM.factory( Field('a_date', type='date'), ) # Fake user input current.request.post_vars.update({ '_formname': 'no_table/create', 'a_date': '2018-09-14', '_formkey': '123', }) # Fake the formkey current.session['_formkey[no_table/create]'] = ['123'] self.assertTrue(factory_form.process().accepted) self.assertIsInstance(factory_form.vars.a_date, datetime.date)
def create(): groups = db(db.auth_group.role != 'Admin' ).select(db.auth_group.id, db.auth_group.role, orderby=db.auth_group.role).json() form = SQLFORM.factory(db.auth_user, db.contact, Field('password_again', 'password', requires=IS_EQUAL_TO(request.vars.password, error_message='Passwords do not match.')), Field('is_active', 'boolean'), Field('groups', label='Search groups'), submit_button='Create User', hidden=dict(groups_new=None), table_name='user') form.element(_name='groups')['_onkeyup'] = "showgroups()" form.element(_name='groups')['_autocomplete'] = 'off' form.element(_name='contact_info')['_placeholder'] = 'insert contact details here' form.vars.is_active = 'on' if form.accepts(request.vars, session): if form.vars.is_active: form.vars.registration_key = '' else: form.vars.registration_key = 'blocked' id = db.auth_user.insert(**db.auth_user._filter_fields(form.vars)) form.vars.user_id = id db.contact.insert(**db.contact._filter_fields(form.vars)) if request.vars.groups_new: insert_groups(request.vars.groups_new.split(',')[:-1], id) dbutils.log_event(db, user_id=auth.user.id, item_id=id, table_name='auth_user', access='create') session.flash = T('User successfully added.') redirect(URL('index')) return dict(form=form, json=SCRIPT('var groups=%s' % groups))
def reports(): response.subtitle = T("Report templates") response.view = 'nas/reports.html' response.cmd_back = ui.control.get_mobil_button( label=T("Account"), href=URL("account", **{'user_signature': True}), icon="back", ajax="false", theme="a", mini="true") nas_reports = ntool.getReportFiles( os.path.join(ns.request.folder, 'static/resources/report')) frm_filter = SQLFORM.factory( Field('database', db.databases, requires=IS_IN_DB(db((db.databases.deleted == False)), db.databases.id, '%(alias)s'), label=T('Database')), Field('reptype', "string", label=T('Rep.type'), requires=IS_EMPTY_OR(IS_IN_SET(nas_reports["types"]))), Field('label', "string", label=T('Group'), requires=IS_EMPTY_OR(IS_IN_SET(nas_reports["labels"]))), Field('repname', type='string', length=50, label=T('Name/Description')), Field('install', type='boolean', label=T('Installed')), submit_button=T("Load"), table_name="filter", _id="frm_filter") if request.post_vars.has_key("report_labels"): if ns.local.setEngine( database=db.databases(id=request.post_vars["database"]).alias, check_ndi=False, created=False, createdb=False): for label_id in request.post_vars.keys(): if label_id not in ("report_labels", "database"): row_id = ns.connect.updateData( "ui_message", values={ "id": label_id, "msg": request.post_vars[label_id] }, validate=False, insert_row=False) if not row_id: response.flash = str(ns.error_message) ns.db.commit() if session.frm_filter: frm_filter.vars = session.frm_filter else: response.flash = str(ns.error_message) if request.post_vars.has_key("ins_cmd"): if ns.local.setEngine(database=db.databases( id=request.post_vars["ins_database"]).alias, check_ndi=False, created=False, createdb=False): if request.post_vars["ins_cmd"] == "delete": try: report_id = ns.db.ui_report( reportkey=request.post_vars["ins_reportkey"])["id"] ns.db( ns.db.ui_reportfields.report_id == report_id).delete() ns.db(ns.db.ui_reportsources.report_id == report_id).delete() ns.db((ns.db.ui_message.secname.like( request.post_vars["ins_reportkey"] + "%"))).delete() ns.db(ns.db.ui_report.id == report_id).delete() ns.db.commit() except Exception, err: response.flash = str(err) else: load = dbtool.loadReport( fileName=request.post_vars["ins_reportkey"] + ".xml") if load != "OK": response.flash = load if session.frm_filter: frm_filter.vars = session.frm_filter else: response.flash = str(ns.error_message)
def __call__(self): output = {} T = current.T request = current.request response = current.response s3 = response.s3 # Check logged in and permissions auth = current.auth settings = current.deployment_settings roles = current.session.s3.roles system_roles = auth.get_system_roles() AUTHENTICATED = system_roles.AUTHENTICATED # Login/Registration forms self_registration = settings.get_security_registration_visible() registered = False login_form = None login_div = None register_form = None register_div = None # Project Links project_links = DIV(_class="title-links hide-for-small") project_description = settings.get_frontpage("project_description") if project_description: project_links.append(A(ICON("link"), T("Project Description"), _class = "action-lnk", _href = project_description, _target = "_blank", )) project_links.append(A(ICON("link"), T("User Manual"), _class = "action-lnk", _href = URL(c="default", f="index", args = ["docs"], vars = {"name": "UserManual"}, ), _target = "_blank", )) mailing_list = settings.get_frontpage("mailing_list") if mailing_list: project_links.append(A(ICON("link"), T("Mailing List"), _class = "action-lnk", _href = mailing_list, _target = "_blank", )) # Contact Form request_email = settings.get_frontpage("request_email") if request_email: from s3dal import Field from gluon.validators import IS_NOT_EMPTY from gluon.sqlhtml import SQLFORM fields = [Field("name", label="Your name", requires=IS_NOT_EMPTY(), ), Field("address", label="Your e-mail address", requires=IS_NOT_EMPTY(), ), Field("subject", label="Subject", requires=IS_NOT_EMPTY(), ), Field("message", "text", label="Message", requires=IS_NOT_EMPTY(), ), ] from s3 import s3_mark_required labels, required = s3_mark_required(fields) s3.has_required = required response.form_label_separator = "" contact_form = SQLFORM.factory(formstyle = settings.get_ui_formstyle(), submit_button = T("Submit"), labels = labels, separator = "", table_name = "contact", # Dummy table name _id="mailform", *fields ) if contact_form.accepts(request.post_vars, current.session, formname="contact_form", keepvalues=False, hideerror=False): # Processs Contact Form form_vars = contact_form.vars sender = "%s <%s>" % (form_vars.name, form_vars.address) result = current.msg.send_email(to=request_email, sender=sender, subject=form_vars.subject, message=form_vars.message, reply_to=form_vars.address, ) if result: response.confirmation = "Thank you for your message - we'll be in touch shortly" if s3.cdn: if s3.debug: s3.scripts.append("http://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.js") else: s3.scripts.append("http://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.min.js") else: if s3.debug: s3.scripts.append("/%s/static/scripts/jquery.validate.js" % request.application) else: s3.scripts.append("/%s/static/scripts/jquery.validate.min.js" % request.application) validation_script = ''' $('#mailform').validate({ errorClass:'req', rules:{ name:{ required:true }, address: { required:true, email:true }, subject:{ required:true }, message:{ required:true } }, messages:{ name:"Enter your name", subject:"Enter a subject", message:"Enter a message", address:{ required:"Please enter a valid email address", email:"Please enter a valid email address" } }, errorPlacement:function(error,element){ error.appendTo(element.parents('div.controls')) }, submitHandler:function(form){ form.submit() } })''' s3.jquery_ready.append(validation_script) else: contact_form = "" if AUTHENTICATED not in roles: login_buttons = DIV(A(T("Login"), _id="show-login", _class="tiny secondary button"), _id="login-buttons" ) script = ''' $('#show-mailform').click(function(e){ e.preventDefault() $('#login_box').fadeOut(function(){$('#intro').fadeIn()}) }) $('#show-login').click(function(e){ e.preventDefault() $('#login_form').show() $('#register_form').hide() $('#intro').fadeOut(function(){$('#login_box').fadeIn()}) })''' s3.jquery_ready.append(script) # This user isn't yet logged-in if request.cookies.has_key("registered"): # This browser has logged-in before registered = True if self_registration is True: # Provide a Registration box on front page login_buttons.append(A(T("Register"), _id="show-register", _class="tiny secondary button", _style="margin-left:5px")) script = ''' $('#show-register').click(function(e){ e.preventDefault() $('#login_form').hide() $('#register_form').show() $('#intro').fadeOut(function(){$('#login_box').fadeIn()}) })''' s3.jquery_ready.append(script) register_form = auth.register() register_div = DIV(H3(T("Register")), P(XML(T("If you would like to help, then please %(sign_up_now)s") % \ dict(sign_up_now=B(T("sign-up now")))))) register_script = ''' $('#register-btn').click(function(e){ e.preventDefault() $('#login_form').fadeOut(function(){$('#register_form').fadeIn()}) }) $('#login-btn').click(function(e){ e.preventDefault() $('#register_form').fadeOut(function(){$('#login_form').fadeIn()}) })''' s3.jquery_ready.append(register_script) # Provide a login box on front page auth.messages.submit_button = T("Login") login_form = auth.login(inline=True) login_div = DIV(H3(T("Login")), P(XML(T("Registered users can %(login)s to access the system") % \ dict(login=B(T("login")))))) else: login_buttons = "" # Create output dict output = {"login_buttons": login_buttons, "self_registration": self_registration, "registered": registered, "login_div": login_div, "login_form": login_form, "register_div": register_div, "register_form": register_form, "contact_form": contact_form, "project_links": project_links, } # Count records (@todo: provide total/updated counters?) s3db = current.s3db db = current.db # Organisations table = s3db.org_organisation query = (table.deleted != True) count = table.id.count() row = db(query).select(count).first() output["total_organisations"] = row[count] # Service Locations (@todo) #table = s3db.org_service_location #query = (table.deleted != True) #count = table.id.count() #row = db(query).select(count).first() output["total_services"] = 0 #row[count] # Needs lists table = s3db.req_organisation_needs query = (table.deleted != True) count = table.id.count() row = db(query).select(count).first() output["total_needs"] = row[count] # Frontpage Feed Control if settings.frontpage.rss: s3.external_stylesheets.append("http://www.google.com/uds/solutions/dynamicfeed/gfdynamicfeedcontrol.css") s3.scripts.append("http://www.google.com/jsapi?key=notsupplied-wizard") s3.scripts.append("http://www.google.com/uds/solutions/dynamicfeed/gfdynamicfeedcontrol.js") counter = 0 feeds = "" for feed in settings.frontpage.rss: counter += 1 feeds = "".join((feeds, "{title:'%s',\n" % feed["title"], "url:'%s'}" % feed["url"])) # Don't add a trailing comma for old IEs if counter != len(settings.frontpage.rss): feeds += ",\n" # feedCycleTime: milliseconds before feed is reloaded (5 minutes) feed_control = "".join((''' function LoadDynamicFeedControl(){ var feeds=[ ''', feeds, ''' ] var options={ feedCycleTime:300000, numResults:5, stacked:true, horizontal:false, title:"''', str(T("News")), '''" } new GFdynamicFeedControl(feeds,'feed-control',options) } google.load('feeds','1') google.setOnLoadCallback(LoadDynamicFeedControl)''')) s3.js_global.append(feed_control) s3.stylesheets.append("../themes/RW/homepage.css") self._view(TEMPLATE, "index.html") return output
def read(): if len(request.args) == 0 or not request.args(0).isdigit(): redirect(URL('index')) message = db( db.msg.id == int(request.args(0))).select().first() or redirect( URL('index')) contacts = db(db.contact.user_id == auth.user.id).select() groups_query = db(db.msg_group.msg_id == message.id)._select( db.msg_group.group_id) not_groups = db(~db.auth_group.id.belongs(groups_query) & (db.auth_group.role != 'Admin')).select( db.auth_group.id, db.auth_group.role).json() groups = db(db.msg_group.msg_id == message.id).select( db.msg_group.id, db.msg_group.group_id, distinct=True) tags_query = db(db.msg_tag.msg_id == message.id)._select(db.msg_tag.tag_id) not_tags = db(~db.tag.id.belongs(tags_query) & (db.tag.name != 'Late')).select(db.tag.id, db.tag.name).json() tags = db(db.msg_tag.msg_id == message.id).select(db.msg_tag.id, db.msg_tag.tag_id, distinct=True) attachments = db(db.msg_attachment.msg_id == message.id).select( orderby=db.msg_attachment.attach_time) attachs = [] for attachment in attachments: attach = {} attach['attachment'] = attachment file_type = attachment.attachment[attachment.attachment.rindex('.') + 1:] if file_type in file_types: attach['src'] = URL('static', 'images/' + file_type + '.png') elif file_type in ['png', 'jpg', 'jpg', 'gif', 'bmp']: attach['src'] = URL('default', 'download', args=attachment.attachment) else: attach['src'] = URL('static', 'images/binary.png') attachs.append(attach) db.msg.subject.writable = db.msg.subject.readable = False form = SQLFORM.factory(db.msg, submit_button='Post comment') if form.accepts(request.vars, session): contact = get_contact(auth.user) form.vars.created_by = contact.id form.vars.parent_msg = message.id form.vars.subject = 'Re:' msg_id = db.msg.insert(**db.msg._filter_fields(form.vars)) late = db(db.tag.name == 'Late').select().first() db((db.msg_tag.msg_id == message.id) & (db.msg_tag.tag_id == late.id)).delete() dbutils.log_event(db, user_id=auth.user.id, item_id=msg_id, table_name='msg', access='create') response.flash = T('Comment successfully created.') replies = db(db.msg.parent_msg == message.id).select( orderby=db.msg.create_time) update_time = replies.last().create_time if replies else 0 return dict(message=message, form=form, groups=groups, tags=tags, attachs=attachs, update_time=update_time, contacts=contacts, json=SCRIPT('var tags=%s; var groups=%s' % (not_tags, not_groups)), id=message.id, replies=replies)
def test_factory(self): factory_form = SQLFORM.factory(Field('field_one', 'string', IS_NOT_EMPTY()), Field('field_two', 'string')) self.assertEqual(factory_form.xml()[:5], b'<form')
def index(): """ This method has two functionalities: 1. Asks the user if he permits that a 3rd party app access his data 2. Receives the user's answer and redirect the user to the 3rd party correspondant URI In case of error, it redirects to the 'error' controller. Of course, you can modify this behavior. For instance, you may want return a JSON or HTTP error instead. The request MUST be like this: http://[your_server]{:port}/[your_application]/auth? client_id=[your_client_id]& redirect_uri=[your_callback_uri]& response_type=code& access_type=online NOTE: You can pass a "scope" parameter, but you need to configure it at the OAuth2 object constructor. """ from oauth.storage import web2pyStorage as storage # change to MongoStorage if you aren't using DAL storage = storage() storage.connect() oauth = OAuth2(storage) # Validates GET parameters params = dict() success = False # try: params = oauth.validate_authorize_params(request.get_vars) # except Exception as ex: # redirect(URL(c='error', vars=dict(msg=ex))) error = [] client_id = params.get("client_id", error.append("No client_id")) redirect_uri = params.get("redirect_uri", error.append("No redirect_uri")) scope = params.get("scope", None) response_type = params.get("response_type", error.append("No response_type")) access_type = params.get("access_type", error.append("No access_type")) """ if error: print 'KeyError(s): {0}'.format(', '.join(error)) """ approval_form = SQLFORM.factory(submit_button="Yes") approval_form.add_button("No", redirect_uri + "#error=access_denied") if approval_form.process().accepted: user_id = "501faa19a34feb05890005c9" # Change to `auth.user` for web2py code = oauth.storage.add_code(client_id, user_id, oauth.config[oauth.CONFIG_CODE_LIFETIME]) redirect(redirect_uri + "?code={code}".format(code=code)) url = "?client_id={client_id}&redirect_uri={redirect_uri}" url += "&response_type={response_type}&access_type={access_type}" url = url.format( client_id=client_id, redirect_uri=redirect_uri, response_type=response_type, access_type=access_type ) return locals()
def test_factory(self): factory_form = SQLFORM.factory( Field('field_one', 'string', IS_NOT_EMPTY()), Field('field_two', 'string')) self.assertEqual(factory_form.xml()[:5], b'<form')
def read(): user = db.auth_user(request.args(0)) or redirect(URL('index')) groups = db(db.auth_membership.user_id == user.id).select() contacts = db(db.contact.user_id == user.id).select() for field in db.auth_user.fields: db.auth_user[field].default = user[field] groups_query = db(db.auth_membership.user_id == user.id)._select( db.auth_membership.group_id) not_groups = db(~db.auth_group.id.belongs(groups_query) & (db.auth_group.role != ('Admin'))).select( db.auth_group.id, db.auth_group.role).json() groups = db(db.auth_membership.user_id == user.id).select( db.auth_membership.id, db.auth_membership.group_id, distinct=True) groups.exclude(lambda row: row.group_id.role == 'Admin') db.auth_user.username.writable = False db.auth_user.password.writable = False form = SQLFORM.factory(db.auth_user, Field('groups'), Field('is_active', 'boolean'), submit_button='Update User', hidden=dict(groups_new=None)) form.element(_name='groups')['_autocomplete'] = 'off' if user.registration_key == '': form.vars.is_active = 'on' else: form.vars.is_active = 'off' if form.accepts(request.vars, session, keepvalues=True): last_name = request.vars.last_name first_name = request.vars.first_name if form.vars.is_active: form.vars.registration_key = '' else: form.vars.registration_key = 'blocked' details = [] if last_name != user.last_name: details.append('last name changed from ' + user.last_name + ' to ' + last_name) if first_name != user.first_name: details.append('first name changed from ' + user.first_name + ' to ' + first_name) if form.vars.registration_key != user.registration_key: if form.vars.registration_key == '': details.append('User status changed from blocked to active.') else: details.append('User status changed from active to blocked.') if len(details) != 0: details = ', '.join(details) dbutils.log_event(db, details=details, user_id=auth.user.id, item_id=user.id, table_name='auth_user', access='update') db(db.auth_user.id == user.id).update( **db.auth_user._filter_fields(form.vars)) request.flash = T('User successfully updated.') return dict(form=form, groups=groups, id=user.id, contacts=contacts, json=SCRIPT('var groups=%s' % not_groups))
def test_factory(self): factory_form = SQLFORM.factory(Field('field_one', 'string', IS_NOT_EMPTY()), Field('field_two', 'string')) self.assertEqual(factory_form.xml(), b'<form action="#" enctype="multipart/form-data" method="post"><table><tr id="no_table_field_one__row"><td class="w2p_fl"><label class="" for="no_table_field_one" id="no_table_field_one__label">Field One: </label></td><td class="w2p_fw"><input class="string" id="no_table_field_one" name="field_one" type="text" value="" /></td><td class="w2p_fc"></td></tr><tr id="no_table_field_two__row"><td class="w2p_fl"><label class="" for="no_table_field_two" id="no_table_field_two__label">Field Two: </label></td><td class="w2p_fw"><input class="string" id="no_table_field_two" name="field_two" type="text" value="" /></td><td class="w2p_fc"></td></tr><tr id="submit_record__row"><td class="w2p_fl"></td><td class="w2p_fw"><input type="submit" value="Submit" /></td><td class="w2p_fc"></td></tr></table></form>')
LABEL("check1", _width="65%"), TEXTAREA("hola!", _name='mytextarea', _width="100%"), "hola3!", INPUT(_type='submit', _name='submit'), ) elif '--sqlform' in sys.argv: form = SQLFORM.factory( Field("test", "string", requires=IS_NOT_EMPTY(), comment="some data"), Field("test1", "string", requires=IS_NOT_EMPTY(), comment="some data"), Field("test2", "string", requires=IS_NOT_EMPTY(), comment="some data"), Field("test3", "string", requires=IS_NOT_EMPTY(), comment="some data"), formname=None, ) elif '--object' in sys.argv: form = OBJECT(TAG.PARAM(_name='label', _value='"test"'), TAG.PARAM(_name='name', _value='"btnTest"'), _class="Button", _width="100%", _height="80%")
def create(): import os form = SQLFORM.factory(db.msg, Field('attachment', 'upload', uploadfolder=os.path.join( request.folder, 'uploads')), Field('tags', label='Search tags'), Field('groups', label='Search groups'), hidden=dict(tags_new=None, groups_new=None), table_name='msg_attachment') form.element(_name='tags')['_onkeyup'] = "showtags()" form.element(_name='tags')['_autocomplete'] = 'off' form.element(_name='groups')['_onkeyup'] = "showgroups()" form.element(_name='groups')['_autocomplete'] = 'off' tags = db(db.tag.name != 'Late').select(db.tag.id, db.tag.name).json() groups = db().select(db.auth_group.id, db.auth_group.role).json() if form.accepts(request.vars, session): contact = get_contact(auth.user) form.vars.created_by = contact.id msg_id = db.msg.insert(**db.msg._filter_fields(form.vars)) form.vars.msg_id = msg_id subject = form.vars.subject if request.vars.attachment != '': db.msg_attachment.msg_id.default = msg_id db.msg_attachment.attach_by.default = contact.id filename = request.vars.attachment.filename form.vars.filename = filename form.vars.attachment_type = filename[filename.rindex('.') + 1:] msg_attachment_id = db.msg_attachment.insert( **db.msg_attachment._filter_fields(form.vars)) dbutils.log_event(db, user_id=auth.user.id, item_id=msg_attachment_id, table_name='msg_attachment', access='create', details=','.join([subject, filename, ` msg_id `])) if request.vars.tags_new: select_tags = request.vars.tags_new.split(',')[:-1] for tag in select_tags: id = db.msg_tag.insert(msg_id=msg_id, tag_id=int(tag[4:])) tag_id = int(tag[4:]) tag = db.tag[tag_id].name dbutils.log_event(db, user_id=auth.user.id, item_id=id, table_name='msg_tag', access='create', details=','.join([subject, tag])) if request.vars.groups_new: select_groups = request.vars.groups_new.split(',')[:-1] for group in select_groups: id = db.msg_group.insert(msg_id=msg_id, group_id=int(group[4:]), assigned_by=auth.user.id) dbutils.log_event(db, user_id=auth.user.id, item_id=id, table_name='msg_group', access='create', details=','.join([subject, group])) dbutils.log_event(db, user_id=auth.user.id, item_id=msg_id, table_name='msg', access='create') session.flash = T('Message successfully created.') redirect(URL('index')) return dict(form=form, json=SCRIPT('var tags=%s; var groups=%s' % (tags, groups)))
def __call__(self): output = {} T = current.T request = current.request response = current.response s3 = response.s3 # Check logged in and permissions auth = current.auth settings = current.deployment_settings roles = current.session.s3.roles system_roles = auth.get_system_roles() AUTHENTICATED = system_roles.AUTHENTICATED # Login/Registration forms self_registration = current.deployment_settings.get_security_self_registration( ) registered = False login_form = None login_div = None register_form = None register_div = None # Contact Form request_email = settings.get_frontpage("request_email") if request_email: from gluon.dal import Field from gluon.validators import IS_NOT_EMPTY from gluon.sqlhtml import SQLFORM fields = [ Field( "name", label="Your name", requires=IS_NOT_EMPTY(), ), Field( "address", label="Your e-mail address", requires=IS_NOT_EMPTY(), ), Field( "subject", label="Subject", requires=IS_NOT_EMPTY(), ), Field( "message", "text", label="Message", requires=IS_NOT_EMPTY(), ), ] from s3 import s3_mark_required labels, required = s3_mark_required(fields) s3.has_required = required response.form_label_separator = "" contact_form = SQLFORM.factory( formstyle=settings.get_ui_formstyle(), submit_button=T("Submit"), labels=labels, separator="", table_name="contact", # Dummy table name _id="mailform", *fields) if contact_form.accepts(request.post_vars, current.session, formname="contact_form", keepvalues=False, hideerror=False): # Processs Contact Form form_vars = contact_form.vars sender = "%s <%s>" % (form_vars.name, form_vars.address) result = current.msg.send_email( to=request_email, sender=sender, subject=form_vars.subject, message=form_vars.message, reply_to=form_vars.address, ) if result: response.confirmation = "Thank you for your message - we'll be in touch shortly" if s3.cdn: if s3.debug: s3.scripts.append( "http://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.js" ) else: s3.scripts.append( "http://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.min.js" ) else: if s3.debug: s3.scripts.append("/%s/static/scripts/jquery.validate.js" % request.application) else: s3.scripts.append( "/%s/static/scripts/jquery.validate.min.js" % request.application) validation_script = ''' $('#mailform').validate({ errorClass:'req', rules:{ name:{ required:true }, address: { required:true, email:true }, subject:{ required:true }, message:{ required:true } }, messages:{ name:"Enter your name", subject:"Enter a subject", message:"Enter a message", address:{ required:"Please enter a valid email address", email:"Please enter a valid email address" } }, errorPlacement:function(error,element){ error.appendTo(element.parents('div.controls')) }, submitHandler:function(form){ form.submit() } })''' s3.jquery_ready.append(validation_script) else: contact_form = "" if AUTHENTICATED not in roles: login_buttons = DIV(A(T("Login"), _id="show-login", _class="tiny secondary button"), _id="login-buttons") script = ''' $('#show-mailform').click(function(e){ e.preventDefault() $('#intro').slideDown(400, function() { $('#login_box').hide() }); }) $('#show-login').click(function(e){ e.preventDefault() $('#login_form').show() $('#register_form').hide() $('#login_box').show() $('#intro').slideUp() })''' s3.jquery_ready.append(script) # This user isn't yet logged-in if request.cookies.has_key("registered"): # This browser has logged-in before registered = True if self_registration is True: # Provide a Registration box on front page login_buttons.append( A(T("Register"), _id="show-register", _class="tiny secondary button", _style="margin-left:5px")) script = ''' $('#show-register').click(function(e){ e.preventDefault() $('#login_form').hide() $('#register_form').show() $('#login_box').show() $('#intro').slideUp() })''' s3.jquery_ready.append(script) register_form = auth.register() register_div = DIV(H3(T("Register")), P(XML(T("If you would like to help, then please %(sign_up_now)s") % \ dict(sign_up_now=B(T("sign-up now")))))) register_script = ''' $('#register-btn').click(function(e){ e.preventDefault() $('#register_form').show() $('#login_form').hide() }) $('#login-btn').click(function(e){ e.preventDefault() $('#register_form').hide() $('#login_form').show() })''' s3.jquery_ready.append(register_script) # Provide a login box on front page auth.messages.submit_button = T("Login") login_form = auth.login(inline=True) login_div = DIV(H3(T("Login")), P(XML(T("Registered users can %(login)s to access the system") % \ dict(login=B(T("login")))))) else: login_buttons = "" output["login_buttons"] = login_buttons output["self_registration"] = self_registration output["registered"] = registered output["login_div"] = login_div output["login_form"] = login_form output["register_div"] = register_div output["register_form"] = register_form output["contact_form"] = contact_form # Slick slider if s3.debug: s3.scripts.append("/%s/static/scripts/slick.js" % request.application) else: s3.scripts.append("/%s/static/scripts/slick.min.js" % request.application) script = ''' $(document).ready(function(){ $('#title-image').slick({ autoplay:true, autoplaySpeed:5000, speed:1000, fade:true, cssEase:'linear' }); });''' s3.jquery_ready.append(script) self._view(TEMPLATE, "index.html") return output
def __call__(self): output = {} T = current.T request = current.request response = current.response s3 = response.s3 # Check logged in and permissions auth = current.auth settings = current.deployment_settings roles = current.session.s3.roles system_roles = auth.get_system_roles() AUTHENTICATED = system_roles.AUTHENTICATED # Login/Registration forms self_registration = settings.get_security_registration_visible() registered = False login_form = None login_div = None register_form = None register_div = None # Project Links project_links = DIV(_class="title-links hide-for-small") project_description = settings.get_frontpage("project_description") if project_description: project_links.append( A( ICON("link"), T("Project Description"), _class="action-lnk", _href=project_description, _target="_blank", )) project_links.append( A( ICON("link"), T("User Manual"), _class="action-lnk", _href=URL( c="default", f="index", args=["docs"], vars={"name": "UserManual"}, ), _target="_blank", )) mailing_list = settings.get_frontpage("mailing_list") if mailing_list: project_links.append( A( ICON("link"), T("Mailing List"), _class="action-lnk", _href=mailing_list, _target="_blank", )) # Contact Form request_email = settings.get_frontpage("request_email") if request_email: from s3dal import Field from gluon.validators import IS_NOT_EMPTY from gluon.sqlhtml import SQLFORM fields = [ Field( "name", label="Your name", requires=IS_NOT_EMPTY(), ), Field( "address", label="Your e-mail address", requires=IS_NOT_EMPTY(), ), Field( "subject", label="Subject", requires=IS_NOT_EMPTY(), ), Field( "message", "text", label="Message", requires=IS_NOT_EMPTY(), ), ] from s3 import s3_mark_required labels, required = s3_mark_required(fields) s3.has_required = required response.form_label_separator = "" contact_form = SQLFORM.factory( formstyle=settings.get_ui_formstyle(), submit_button=T("Submit"), labels=labels, separator="", table_name="contact", # Dummy table name _id="mailform", *fields) if contact_form.accepts(request.post_vars, current.session, formname="contact_form", keepvalues=False, hideerror=False): # Processs Contact Form form_vars = contact_form.vars sender = "%s <%s>" % (form_vars.name, form_vars.address) result = current.msg.send_email( to=request_email, sender=sender, subject=form_vars.subject, message=form_vars.message, reply_to=form_vars.address, ) if result: response.confirmation = "Thank you for your message - we'll be in touch shortly" if s3.cdn: if s3.debug: s3.scripts.append( "http://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.js" ) else: s3.scripts.append( "http://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.min.js" ) else: if s3.debug: s3.scripts.append("/%s/static/scripts/jquery.validate.js" % request.application) else: s3.scripts.append( "/%s/static/scripts/jquery.validate.min.js" % request.application) validation_script = ''' $('#mailform').validate({ errorClass:'req', rules:{ name:{ required:true }, address: { required:true, email:true }, subject:{ required:true }, message:{ required:true } }, messages:{ name:"Enter your name", subject:"Enter a subject", message:"Enter a message", address:{ required:"Please enter a valid email address", email:"Please enter a valid email address" } }, errorPlacement:function(error,element){ error.appendTo(element.parents('div.controls')) }, submitHandler:function(form){ form.submit() } })''' s3.jquery_ready.append(validation_script) else: contact_form = "" if AUTHENTICATED not in roles: login_buttons = DIV(A(T("Login"), _id="show-login", _class="tiny secondary button"), _id="login-buttons") script = ''' $('#show-mailform').click(function(e){ e.preventDefault() $('#login_box').fadeOut(function(){$('#intro').fadeIn()}) }) $('#show-login').click(function(e){ e.preventDefault() $('#login_form').show() $('#register_form').hide() $('#intro').fadeOut(function(){$('#login_box').fadeIn()}) })''' s3.jquery_ready.append(script) # This user isn't yet logged-in if request.cookies.has_key("registered"): # This browser has logged-in before registered = True if self_registration is True: # Provide a Registration box on front page login_buttons.append( A(T("Register"), _id="show-register", _class="tiny secondary button", _style="margin-left:5px")) script = ''' $('#show-register').click(function(e){ e.preventDefault() $('#login_form').hide() $('#register_form').show() $('#intro').fadeOut(function(){$('#login_box').fadeIn()}) })''' s3.jquery_ready.append(script) register_form = auth.register() register_div = DIV(H3(T("Register")), P(XML(T("If you would like to help, then please %(sign_up_now)s") % \ dict(sign_up_now=B(T("sign-up now")))))) register_script = ''' $('#register-btn').click(function(e){ e.preventDefault() $('#login_form').fadeOut(function(){$('#register_form').fadeIn()}) }) $('#login-btn').click(function(e){ e.preventDefault() $('#register_form').fadeOut(function(){$('#login_form').fadeIn()}) })''' s3.jquery_ready.append(register_script) # Provide a login box on front page auth.messages.submit_button = T("Login") login_form = auth.login(inline=True) login_div = DIV(H3(T("Login")), P(XML(T("Registered users can %(login)s to access the system") % \ dict(login=B(T("login")))))) else: login_buttons = "" # Create output dict output = { "login_buttons": login_buttons, "self_registration": self_registration, "registered": registered, "login_div": login_div, "login_form": login_form, "register_div": register_div, "register_form": register_form, "contact_form": contact_form, "project_links": project_links, } # Count records (@todo: provide total/updated counters?) s3db = current.s3db db = current.db # Organisations table = s3db.org_organisation query = (table.deleted != True) count = table.id.count() row = db(query).select(count).first() output["total_organisations"] = row[count] # Service Locations (@todo) #table = s3db.org_service_location #query = (table.deleted != True) #count = table.id.count() #row = db(query).select(count).first() output["total_services"] = 0 #row[count] # Needs lists table = s3db.req_organisation_needs query = (table.deleted != True) count = table.id.count() row = db(query).select(count).first() output["total_needs"] = row[count] # Frontpage Feed Control if settings.frontpage.rss: s3.external_stylesheets.append( "http://www.google.com/uds/solutions/dynamicfeed/gfdynamicfeedcontrol.css" ) s3.scripts.append( "http://www.google.com/jsapi?key=notsupplied-wizard") s3.scripts.append( "http://www.google.com/uds/solutions/dynamicfeed/gfdynamicfeedcontrol.js" ) counter = 0 feeds = "" for feed in settings.frontpage.rss: counter += 1 feeds = "".join((feeds, "{title:'%s',\n" % feed["title"], "url:'%s'}" % feed["url"])) # Don't add a trailing comma for old IEs if counter != len(settings.frontpage.rss): feeds += ",\n" # feedCycleTime: milliseconds before feed is reloaded (5 minutes) feed_control = "".join((''' function LoadDynamicFeedControl(){ var feeds=[ ''', feeds, ''' ] var options={ feedCycleTime:300000, numResults:5, stacked:true, horizontal:false, title:"''', str(T("News")), '''" } new GFdynamicFeedControl(feeds,'feed-control',options) } google.load('feeds','1') google.setOnLoadCallback(LoadDynamicFeedControl)''')) s3.js_global.append(feed_control) s3.stylesheets.append("../themes/RW/homepage.css") self._view(TEMPLATE, "index.html") return output
def __new__(cls, **kwargs): instance = super(PERSON_FORM, cls).__new__(cls) instance.person = kwargs.get('person') # PERSON type instance.readonly = kwargs.get('readonly') or False instance.readonly_fields = kwargs.get('readonly_fields') or [] my_logger.debug(message='instance.person:%s' % instance.person) my_logger.debug(message='instance.person.creator:%s' % instance.person.creator) if instance.person is not None: current.db.person.first_name.default = instance.person.first_name if 'first_name' in instance.readonly_fields: current.db.person.first_name.writable = False current.db.person.last_name.default = instance.person.last_name if 'last_name' in instance.readonly_fields: current.db.person.last_name.writable = False current.db.person.email.default = instance.person.email if 'email' in instance.readonly_fields: current.db.person.email.writable = False current.db.person.contact.default = instance.person.contact if 'contact' in instance.readonly_fields: current.db.person.contact.writable = False current.db.person.email.requires = [ IS_NOT_EMPTY(), IS_EMAIL(), IS_NOT_IN_DB( current.db(current.db.person.id != instance.person.id), current.db.person.email) ] # creator is a computed field and then not shown by web2py # we need to add it manually instance.form = SQLFORM.factory(Field('creator', 'string', writable=not 'creator' in instance.readonly_fields, label=cc.get_string("PERSON_CREATOR_LABEL"), default=instance.person.creator.email \ if instance.person.creator is not None \ else ''), # creator should exists - backward compatibility current.db.person, Field('is_all_entity', 'boolean', label=cc.get_string("PERSON_IS_ALL_ENTITY_LABEL"), comment=cc.get_string("PERSON_IS_ALL_ENTITY_COMMENT"), represent=lambda r: current.T(str(instance.person.is_all_entity())), # disabled if the user is not admin readable=current.auth.has_membership('all_entity') or \ current.auth.has_membership('admin_entity') or \ current.auth.has_permission('admin'), # admin_ENTITY: backward compatibility writable=(current.auth.has_membership('all_entity') or \ current.auth.has_membership('admin_entity') or \ current.auth.has_permission('admin')) and \ not 'custom_entity' in instance.readonly_fields, # for an update request, pre populating the widget if the user is in all entities default=instance.person.is_all_entity(), ), Field('custom_entity', 'list:reference entity', comment=cc.get_string("PERSON_ENTITY_COMMENT"), label=cc.get_string("PERSON_ENTITY_LABEL"), required=True, notnull=True, writable=not 'custom_entity' in instance.readonly_fields, # for an update request, pre populating the widget given the user entities default=[_entity.id for _entity in instance.person.entities] \ if instance.person.entities is not None \ else [], requires=[IS_IN_DB_AND_USER_ENTITY(current.db(current.db.entity.id > 0), current.db.entity.id, current.db.entity._format, multiple=True), IS_ONE_SELECTED(db=current.db, table=current.db.entity, table_set=~current.db.entity.role.like('user_%'))], represent=lambda r: XML(' <br/>'.join(['%s' % (e.name) \ for e in instance.person.entities])) \ if (not instance.person.is_all_entity() and instance.person.entities is not None) else 'X', widget=lambda field, value: SQLFORM.widgets.multiple.widget(field, value, _class='required')), Field('is_admin', 'boolean', label=cc.get_string("PERSON_IS_ADMIN_LABEL"), comment=cc.get_string("PERSON_IS_ADMIN_COMMENT"), represent=lambda r: current.T(str(instance.person.is_admin())), # disabled if the user is not admin readable=current.auth.has_permission('admin'), writable=current.auth.has_permission('admin') and not 'is_admin' in instance.readonly_fields, # for an update request, pre populating the widget if the user is admin default=instance.person.is_admin(), ), Field('custom_permission', 'string', # this does not matter given that we define our own permission widget label=cc.get_string("PERSON_ENTITY_PERMISSION_LABEL"), required=True, notnull=True, writable=not 'custom_permission' in instance.readonly_fields, # for an update request, pre populating the widget given the user permissions default=[_permission.name for _permission in instance.person.permissions], comment=cc.get_string("PERSON_ENTITY_PERMISSION_COMMENT"), requires=IS_CHIMITHEQUE_PERMISSION(), represent=lambda r: PermissionWidget.represent(r), widget=lambda field, value: PermissionWidget.widget(field, value, _class='required', auth_user_permissions=[_permission.name for _permission in PERSON_MAPPER().find_permissions(current.auth.user.id)] \ if not current.auth.has_permission('admin') \ else None)), readonly=instance.readonly, comments=not instance.readonly, next=URL(current.request.application, 'user', 'list'), submit_button=cc.get_string("SUBMIT") ) else: instance.form = SQLFORM.factory( Field('None', 'string', writable=False, readable=False)) return instance
def read(): if len(request.args) == 0 or not request.args(0).isdigit(): redirect(URL('index')) message = db(db.msg.id == int(request.args(0))).select().first() or redirect(URL('index')) contacts = db(db.contact.user_id == auth.user.id).select() groups_query = db(db.msg_group.msg_id == message.id )._select(db.msg_group.group_id) not_groups = db(~db.auth_group.id.belongs(groups_query) & (db.auth_group.role != 'Admin') ).select(db.auth_group.id, db.auth_group.role).json() groups = db(db.msg_group.msg_id == message.id ).select(db.msg_group.id, db.msg_group.group_id, distinct=True) tags_query = db(db.msg_tag.msg_id == message.id)._select(db.msg_tag.tag_id) not_tags = db(~db.tag.id.belongs(tags_query) & (db.tag.name != 'Late') ).select(db.tag.id, db.tag.name).json() tags = db(db.msg_tag.msg_id == message.id ).select(db.msg_tag.id, db.msg_tag.tag_id, distinct=True) attachments = db(db.msg_attachment.msg_id == message.id ).select(orderby=db.msg_attachment.attach_time) attachs = [] for attachment in attachments: attach = {} attach['attachment'] = attachment file_type = attachment.attachment[attachment.attachment.rindex('.') + 1:] if file_type in file_types: attach['src'] = URL('static', 'images/' + file_type + '.png') elif file_type in ['png', 'jpg', 'jpg', 'gif', 'bmp']: attach['src'] = URL('default', 'download', args=attachment.attachment) else: attach['src'] = URL('static', 'images/binary.png') attachs.append(attach) db.msg.subject.writable = db.msg.subject.readable = False form = SQLFORM.factory(db.msg, submit_button='Post comment') if form.accepts(request.vars, session): contact = get_contact(auth.user) form.vars.created_by = contact.id form.vars.parent_msg = message.id form.vars.subject = 'Re:' msg_id = db.msg.insert(**db.msg._filter_fields(form.vars)) late = db(db.tag.name == 'Late').select().first() db((db.msg_tag.msg_id == message.id) & (db.msg_tag.tag_id == late.id)).delete() dbutils.log_event(db, user_id=auth.user.id, item_id=msg_id, table_name='msg', access='create') response.flash = T('Comment successfully created.') replies = db(db.msg.parent_msg == message.id ).select(orderby=db.msg.create_time) update_time = replies.last().create_time if replies else 0 return dict(message=message, form=form, groups=groups, tags=tags, attachs=attachs, update_time=update_time, contacts=contacts, json=SCRIPT('var tags=%s; var groups=%s' % (not_tags, not_groups)), id=message.id, replies=replies)
def __call__(self): output = {} T = current.T request = current.request response = current.response s3 = response.s3 # Check logged in and permissions auth = current.auth settings = current.deployment_settings roles = current.session.s3.roles system_roles = auth.get_system_roles() AUTHENTICATED = system_roles.AUTHENTICATED # Login/Registration forms self_registration = current.deployment_settings.get_security_registration_visible() registered = False login_form = None login_div = None register_form = None register_div = None # Contact Form request_email = settings.get_frontpage("request_email") if request_email: from s3dal import Field from gluon.validators import IS_NOT_EMPTY from gluon.sqlhtml import SQLFORM fields = [Field("name", label="Your name", requires=IS_NOT_EMPTY(), ), Field("address", label="Your e-mail address", requires=IS_NOT_EMPTY(), ), Field("subject", label="Subject", requires=IS_NOT_EMPTY(), ), Field("message", "text", label="Message", requires=IS_NOT_EMPTY(), ), ] from s3 import s3_mark_required labels, required = s3_mark_required(fields) s3.has_required = required response.form_label_separator = "" contact_form = SQLFORM.factory(formstyle = settings.get_ui_formstyle(), submit_button = T("Submit"), labels = labels, separator = "", table_name = "contact", # Dummy table name _id="mailform", *fields ) if contact_form.accepts(request.post_vars, current.session, formname="contact_form", keepvalues=False, hideerror=False): # Processs Contact Form form_vars = contact_form.vars sender = "%s <%s>" % (form_vars.name, form_vars.address) result = current.msg.send_email(to=request_email, sender=sender, subject=form_vars.subject, message=form_vars.message, reply_to=form_vars.address, ) if result: response.confirmation = "Thank you for your message - we'll be in touch shortly" if s3.cdn: if s3.debug: s3.scripts.append("http://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.js") else: s3.scripts.append("http://ajax.aspnetcdn.com/ajax/jquery.validate/1.9/jquery.validate.min.js") else: if s3.debug: s3.scripts.append("/%s/static/scripts/jquery.validate.js" % request.application) else: s3.scripts.append("/%s/static/scripts/jquery.validate.min.js" % request.application) validation_script = ''' $('#mailform').validate({ errorClass:'req', rules:{ name:{ required:true }, address: { required:true, email:true }, subject:{ required:true }, message:{ required:true } }, messages:{ name:"Enter your name", subject:"Enter a subject", message:"Enter a message", address:{ required:"Please enter a valid email address", email:"Please enter a valid email address" } }, errorPlacement:function(error,element){ error.appendTo(element.parents('div.controls')) }, submitHandler:function(form){ form.submit() } })''' s3.jquery_ready.append(validation_script) else: contact_form = "" if AUTHENTICATED not in roles: login_buttons = DIV(A(T("Login"), _id="show-login", _class="tiny secondary button"), _id="login-buttons" ) script = ''' $('#show-mailform').click(function(e){ e.preventDefault() $('#intro').slideDown(400, function() { $('#login_box').hide() }); }) $('#show-login').click(function(e){ e.preventDefault() $('#login_form').show() $('#register_form').hide() $('#login_box').show() $('#intro').slideUp() })''' s3.jquery_ready.append(script) # This user isn't yet logged-in if request.cookies.has_key("registered"): # This browser has logged-in before registered = True if self_registration is True: # Provide a Registration box on front page login_buttons.append(A(T("Register"), _id="show-register", _class="tiny secondary button", _style="margin-left:5px")) script = ''' $('#show-register').click(function(e){ e.preventDefault() $('#login_form').hide() $('#register_form').show() $('#login_box').show() $('#intro').slideUp() })''' s3.jquery_ready.append(script) register_form = auth.register() register_div = DIV(H3(T("Register")), P(XML(T("If you would like to help, then please %(sign_up_now)s") % \ dict(sign_up_now=B(T("sign-up now")))))) register_script = ''' $('#register-btn').click(function(e){ e.preventDefault() $('#register_form').show() $('#login_form').hide() }) $('#login-btn').click(function(e){ e.preventDefault() $('#register_form').hide() $('#login_form').show() })''' s3.jquery_ready.append(register_script) # Provide a login box on front page auth.messages.submit_button = T("Login") login_form = auth.login(inline=True) login_div = DIV(H3(T("Login")), P(XML(T("Registered users can %(login)s to access the system") % \ dict(login=B(T("login")))))) else: login_buttons = "" output["login_buttons"] = login_buttons output["self_registration"] = self_registration output["registered"] = registered output["login_div"] = login_div output["login_form"] = login_form output["register_div"] = register_div output["register_form"] = register_form output["contact_form"] = contact_form # Slick slider if s3.debug: s3.scripts.append("/%s/static/scripts/slick.js" % request.application) else: s3.scripts.append("/%s/static/scripts/slick.min.js" % request.application) script = ''' $(document).ready(function(){ $('#title-image').slick({ autoplay:true, autoplaySpeed:5000, speed:1000, fade:true, cssEase:'linear' }); });''' s3.jquery_ready.append(script) self._view(TEMPLATE, "index.html") return output
def read(): user = db.auth_user(request.args(0)) or redirect(URL('index')) groups = db(db.auth_membership.user_id == user.id).select() contacts = db(db.contact.user_id == user.id).select() for field in db.auth_user.fields: db.auth_user[field].default = user[field] groups_query = db(db.auth_membership.user_id == user.id )._select(db.auth_membership.group_id) not_groups = db(~db.auth_group.id.belongs(groups_query) & (db.auth_group.role != ('Admin')) ).select(db.auth_group.id, db.auth_group.role).json() groups = db(db.auth_membership.user_id == user.id ).select(db.auth_membership.id, db.auth_membership.group_id, distinct=True) groups.exclude(lambda row: row.group_id.role == 'Admin') db.auth_user.username.writable = False db.auth_user.password.writable = False form = SQLFORM.factory(db.auth_user, Field('groups'), Field('is_active', 'boolean'), submit_button='Update User', hidden=dict(groups_new=None)) form.element(_name='groups')['_autocomplete'] = 'off' if user.registration_key == '': form.vars.is_active = 'on' else: form.vars.is_active = 'off' if form.accepts(request.vars, session, keepvalues=True): last_name = request.vars.last_name first_name = request.vars.first_name if form.vars.is_active: form.vars.registration_key = '' else: form.vars.registration_key = 'blocked' details = [] if last_name != user.last_name: details.append('last name changed from ' + user.last_name + ' to ' + last_name) if first_name != user.first_name: details.append('first name changed from ' + user.first_name + ' to ' + first_name) if form.vars.registration_key != user.registration_key: if form.vars.registration_key == '': details.append('User status changed from blocked to active.') else: details.append('User status changed from active to blocked.') if len(details) != 0: details = ', '.join(details) dbutils.log_event(db, details=details, user_id=auth.user.id, item_id=user.id, table_name='auth_user', access='update') db(db.auth_user.id == user.id ).update(**db.auth_user._filter_fields(form.vars)) request.flash = T('User successfully updated.') return dict(form=form, groups=groups, id=user.id, contacts=contacts, json=SCRIPT('var groups=%s' % not_groups))
def create(): import os form = SQLFORM.factory(db.msg, Field('attachment', 'upload', uploadfolder=os.path.join(request.folder, 'uploads')), Field('tags', label='Search tags'), Field('groups', label='Search groups'), hidden=dict(tags_new=None, groups_new=None), table_name='msg_attachment') form.element(_name='tags')['_onkeyup'] = "showtags()" form.element(_name='tags')['_autocomplete'] = 'off' form.element(_name='groups')['_onkeyup'] = "showgroups()" form.element(_name='groups')['_autocomplete'] = 'off' tags = db(db.tag.name != 'Late').select(db.tag.id, db.tag.name).json() groups = db().select(db.auth_group.id, db.auth_group.role).json() if form.accepts(request.vars, session): contact = get_contact(auth.user) form.vars.created_by = contact.id msg_id = db.msg.insert(**db.msg._filter_fields(form.vars)) form.vars.msg_id = msg_id subject = form.vars.subject if request.vars.attachment != '': db.msg_attachment.msg_id.default = msg_id db.msg_attachment.attach_by.default = contact.id filename = request.vars.attachment.filename form.vars.filename = filename form.vars.attachment_type = filename[filename.rindex('.') + 1:] msg_attachment_id = db.msg_attachment.insert( **db.msg_attachment._filter_fields(form.vars)) dbutils.log_event(db, user_id=auth.user.id, item_id=msg_attachment_id, table_name='msg_attachment', access='create', details=','.join([subject, filename, `msg_id`])) if request.vars.tags_new: select_tags = request.vars.tags_new.split(',')[:-1] for tag in select_tags: id = db.msg_tag.insert(msg_id=msg_id, tag_id=int(tag[4:])) tag_id = int(tag[4:]) tag = db.tag[tag_id].name dbutils.log_event(db, user_id=auth.user.id, item_id=id, table_name='msg_tag', access='create', details=','.join([subject, tag])) if request.vars.groups_new: select_groups = request.vars.groups_new.split(',')[:-1] for group in select_groups: id = db.msg_group.insert(msg_id=msg_id, group_id=int(group[4:]), assigned_by=auth.user.id) dbutils.log_event(db, user_id=auth.user.id, item_id=id, table_name='msg_group', access='create', details=','.join([subject, group])) dbutils.log_event(db, user_id=auth.user.id, item_id=msg_id, table_name='msg', access='create') session.flash = T('Message successfully created.') redirect(URL('index')) return dict(form=form, json=SCRIPT('var tags=%s; var groups=%s' % (tags, groups)))
LABEL("check1", _width="65%"), LABEL("", _width="25%"), INPUT(_type="checkbox", _name="myvar", _width="10%"), LABEL("check1", _width="65%"), LABEL("", _width="25%"), INPUT(_type="checkbox", _name="myvar", _width="10%"), LABEL("check1", _width="65%"), TEXTAREA("hola!", _name="mytextarea", _width="100%"), "hola3!", INPUT(_type="submit", _name="submit"), ) elif "--sqlform" in sys.argv: form = SQLFORM.factory( Field("test", "string", requires=IS_NOT_EMPTY(), comment="some data"), Field("test1", "string", requires=IS_NOT_EMPTY(), comment="some data"), Field("test2", "string", requires=IS_NOT_EMPTY(), comment="some data"), Field("test3", "string", requires=IS_NOT_EMPTY(), comment="some data"), formname=None, ) elif "--object" in sys.argv: form = OBJECT( TAG.PARAM(_name="label", _value='"test"'), TAG.PARAM(_name="name", _value='"btnTest"'), _class="Button", _width="100%", _height="80%", ) else: raise RuntimeError("please use\npython forms_example.py --login, --form or --sqlform") form_xml = BODY(