Exemplo n.º 1
0
def main(argv=sys.argv):
    if len(argv) != 2:
        usage(argv)
    config_uri = argv[1]
    setup_logging(config_uri)
    settings = get_appsettings(config_uri)
    engine = engine_from_config(settings, 'sqlalchemy.')
    DBSession.configure(bind=engine)
    Base.metadata.create_all(engine)
    with transaction.manager:
        sudo_user = User('superadmin', '')
        sudo_user.set_password('password')
        sudo_user.needs_password_change = True
        sudo_user.language = 'fi_FI'
        DBSession.add(sudo_user)
        DBSession.flush()
        
        sudo_group = Group('superadmin')
        sudo_group.set_leader_id(sudo_user.id)
        DBSession.add(sudo_group)
        DBSession.flush()

        sudo_user.groups = [sudo_group]
        DBSession.add(sudo_user)
        DBSession.flush()
        
        for setting_key, setting_value in initial_settings.items():
            tmp_setting = Setting(setting_key, setting_value, True)
            DBSession.add(tmp_setting)
            DBSession.flush()
        
        for permission in sorted(permissions_list):
            tmp_privilege = Privilege(permission)
            DBSession.add(tmp_privilege)
            DBSession.flush()
        
        print ''
        print 'login variables: superadmin / password'
        print ''
    def settings_users_new(self):
        if self.request.redirect_forbidden:
            return HTTPFound(location='/forbidden/')
        elif userhelpers.checkUserPasswordChangeNeed(self.request):
            return HTTPFound(location='/settings/me/edit/')
        _ = self.request.translate
        
        use_mailer = self.request.registry.settings['leirirekkari.use_mailer']

        tmp_user = {
            'firstname':'',
            'lastname':'',
            'email':'',
            'title':'',
            'login':'',
            'language':'',
            'groups':'',
            'privileges':'',
        }
        
        if security.has_permission("settings_users_modify_groups", self.request.context, self.request):
            groups = DBSession.query(Group).all()
        else:
            groups = {}
        if security.has_permission("settings_users_modify_permissions", self.request.context, self.request):
            privileges = DBSession.query(Privilege).all()
        else:
            privileges = {}

        if self.request.method == 'POST':
            tmp_user['firstname'] = self.request.POST.get('firstname').strip()
            tmp_user['lastname'] = self.request.POST.get('lastname').strip()
            tmp_user['email'] = self.request.POST.get('email').strip()
            tmp_user['login'] = self.request.POST.get('account_login').strip()
            tmp_user['language'] = self.request.POST.get('language').strip()
            tmp_user['title'] = self.request.POST.get('title').strip()
            if tmp_user['login'] and tmp_user['email']:
                login = tmp_user['login']
                if self.request.POST.get('account_password') != None:
                    password1 = self.request.POST.get('account_password').strip()
                else:
                    password1 = ''
                if self.request.POST.get('account_password_again') != None:
                    password2 = self.request.POST.get('account_password_again').strip()
                else:
                    password2 = ''

                if not self.checkIfUsernameExists(login):
                    if password1 == '':
                        password1 = self.nicepass(8,4)
                    elif len(password1) < 12:
                        self.request.session.flash(_(u"Passwords too short, must be at least 12 characters long."), 'error')
                        return {'user':tmp_user, 'groups':groups, 'privileges':privileges, 'use_mailer':use_mailer}
                    elif not self.checkIfPasswordsMatch(password1, password2):
                        self.request.session.flash(_(u"Passwords didn't match."), 'error')
                        return {'user':tmp_user, 'groups':groups, 'privileges':privileges, 'use_mailer':use_mailer}

                    user = User(login, tmp_user['email'])
                    user.set_password(password1)
                    user.active = 1
                    user.firstname = tmp_user['firstname']
                    user.lastname = tmp_user['lastname']
                    user.title = tmp_user['title']
                    user.language = tmp_user['language']
                    if security.has_permission("settings_users_modify_groups", self.request.context, self.request):
                        if len(self.request.POST.getall('groups'))>0:
                            user.groups = DBSession.query(Group).filter(Group.id.in_(self.request.POST.getall('groups'))).all()
                        else:
                            user.groups = []
                    if security.has_permission("settings_users_modify_permissions", self.request.context, self.request):
                        privileges_list = ''
                        if len(self.request.POST.getall('privileges')) > 0:
                            for privilege in DBSession.query(Privilege).filter(Privilege.id.in_(self.request.POST.getall('privileges'))).all():
                                privileges_list += '|'+privilege.name + '|'
                        else:
                            privileges_list = ''
                        user.privileges = privileges_list
                    user.metadata_modified = datetime.now()
                    if self.request.POST.get('send_login_details') != None and self.request.POST.get('send_login_details').strip() == '1':
                        user.needs_password_change = 1
                    elif self.request.POST.get('require_password_change') != None and self.request.POST.get('require_password_change').strip() == '1':
                        user.needs_password_change = 1
                    else:
                        user.needs_password_change = 0
                    
                    DBSession.add(user)
                    DBSession.flush()
                    self.request.session.flash(_(u"User created."), 'success')
                    userAudit = UserAudit(self.request.user.id)
                    userAudit.model = 'User'
                    userAudit.model_id = user.id
                    userAudit.action = 'Create'
                    userAudit.revision = user.metadata_revision
                    DBSession.add(userAudit)
                    DBSession.flush()
                
                    if user.id != '' and user.id != 0:
                        if self.request.registry.settings['leirirekkari.use_mailer'] == 'true':
                            if self.request.POST.get('send_login_details') != None and self.request.POST.get('send_login_details').strip() == '1':
                                mailer = get_mailer(self.request)

                            
                                setting_site_name = DBSession.query(Setting).filter(Setting.setting_key == 'site_name').first()
                                setting_mail_sent_from = DBSession.query(Setting).filter(Setting.setting_key == 'mail_sent_from').first()
                                setting_site_url = DBSession.query(Setting).filter(Setting.setting_key == 'site_url').first()
                            
                                message_subject = _(u"User account information for") + ' ' + setting_site_name.setting_value
                                message_body = _(u"Hi\n\nHere are your account details for ${site_name}.\n\nUsername: ${username}\n\nPassword: ${password}\n\nYou can login at ${site_url}\n\nRemember to behave and that all the personal data is classified and should be used and distributed carefully.", 
                                    mapping={'site_name':setting_site_name.setting_value, 'username':tmp_user['login'], 'password':password1, 'site_url':setting_site_url.setting_value})
                            
                                message = Message(subject=message_subject,
                                    sender=setting_mail_sent_from.setting_value,
                                    recipients=[tmp_user['email']],
                                    body=message_body)
                                mailer.send(message)
                            
                                              
                            
                        return HTTPFound(location='/settings/users/view/'+str(user.id))
                else:
                    self.request.session.flash(_(u"User with that username allready exists. Please choose another one."), 'error')
                    

        self.request.bread.append({'url':'/settings/', 'text':_('Settings')})
        self.request.bread.append({'url':'/settings/users/', 'text':_('Users')})
        self.request.bread.append({'url':'/settings/users/new/', 'text':_('New')})

        return {'user':tmp_user, 'groups':groups, 'privileges':privileges, 'use_mailer':use_mailer}