def setUp(self):
unittest.TestCase.setUp(self)
self.username = "******"
self.password = "******"
ldap_connector = LdapConnector(username=self.username, password=self.password)
self.ldapcon = ldap_connector.get_connection()
self.ldmf = LdapModelFactory(self.ldapcon)
def setUp(self):
unittest.TestCase.setUp(self)
self.username = '******'
self.password = '******'
ldap_connector = LdapConnector(username=self.username,
password=self.password)
self.ldapcon = ldap_connector.get_connection()
self.ldmf = LdapModelFactory(self.ldapcon)
def doLogin(self, username=None, password=None):
try:
ParamChecker.checkUsername('username', param=True)
ParamChecker.checkPassword('password', 'password', param=True)
except InvalidParameterFormat as ipf:
return self.index(_('Invalid data'))
try:
ldap_connector = LdapConnector(username=username,
password=password)
except mematool.helpers.exceptions.InvalidCredentials:
return self.index(_('Invalid credentials'))
except mematool.helpers.exceptions.ServerError:
return self.index(_('Server error, please retry later'))
old_session_language = self.session.get('language', '')
self.session.regenerate()
self.session['username'] = username
self.session['password'] = encodeAES(password)
self.set_ldapcon(ldap_connector.get_connection())
self.session['groups'] = self.mf.getUserGroupList(username)
try:
user = self.mf.getUser(self.session['username'])
except:
return self.index(_('Server error, please retry later'))
self.session['user'] = user
if self.is_admin():
self.session[
'pendingMemberValidations'] = self.pendingMemberValidations()
uidNumber = user.uidNumber
language = self.db.query(Preferences).filter(
and_(Preferences.uidNumber == uidNumber,
Preferences.key == 'language')).one()
if language.value in self.languages:
self.session['language'] = language.value
elif not old_session_language == '':
self.session['language'] = old_session_language
else:
self.session['language'] = self.default_language
log.info(username + ' logged in')
if user.is_admin():
raise HTTPRedirect('/members/index')
else:
raise HTTPRedirect('/profile/index')
def doLogin(self, username=None, password=None):
try:
ParamChecker.checkUsername('username', param=True)
ParamChecker.checkPassword('password', 'password', param=True)
except InvalidParameterFormat as ipf:
return self.index(_('Invalid data'))
try:
ldap_connector = LdapConnector(username=username, password=password)
except mematool.helpers.exceptions.InvalidCredentials:
return self.index(_('Invalid credentials'))
except mematool.helpers.exceptions.ServerError:
return self.index(_('Server error, please retry later'))
old_session_language = self.session.get('language', '')
self.session.regenerate()
self.session['username'] = username
self.session['password'] = encodeAES(password)
self.set_ldapcon(ldap_connector.get_connection())
self.session['groups'] = self.mf.getUserGroupList(username)
try:
user = self.mf.getUser(self.session['username'])
except:
return self.index(_('Server error, please retry later'))
self.session['user'] = user
if self.is_admin():
self.session['pendingMemberValidations'] = self.pendingMemberValidations()
uidNumber = user.uidNumber
language = self.db.query(Preferences).filter(and_(Preferences.uidNumber == uidNumber, Preferences.key == 'language')).one()
if language.value in self.languages:
self.session['language'] = language.value
elif not old_session_language == '':
self.session['language'] = old_session_language
else:
self.session['language'] = self.default_language
log.info(username + ' logged in')
if user.is_admin():
raise HTTPRedirect('/members/index')
else:
raise HTTPRedirect('/profile/index')
def get_ldapcon(self):
#@todo: this is not enough ... ass a cherrypy before-handler
if self.session.get('username') is None or self.session.get('password') is None:
raise HTTPRedirect('/')
if self.ldapcon is None:
username = self.session.get('username')
password = decodeAES(self.session.get('password'))
self.ldapcon = LdapConnector(username, password).get_connection()
else:
try:
self.ldapcon.whoami_s()
except ldap.SERVER_DOWN:
#@todo make this cleaner refactor
username = self.session.get('username')
password = decodeAES(self.session.get('password'))
self.ldapcon = LdapConnector(username, password).get_connection()
return self.ldapcon
def get_ldapcon(self):
#@todo: this is not enough ... ass a cherrypy before-handler
if self.session.get('username') is None or self.session.get(
'password') is None:
raise HTTPRedirect('/')
if self.ldapcon is None:
username = self.session.get('username')
password = decodeAES(self.session.get('password'))
self.ldapcon = LdapConnector(username, password).get_connection()
else:
try:
self.ldapcon.whoami_s()
except ldap.SERVER_DOWN:
#@todo make this cleaner refactor
username = self.session.get('username')
password = decodeAES(self.session.get('password'))
self.ldapcon = LdapConnector(username,
password).get_connection()
return self.ldapcon
class BaseController(object):
def __init__(self):
templateRoot = Config.get('mako', 'templateroot')
collectionSize = Config.get('mako', 'collectionsize')
outputEncoding = Config.get('mako', 'outputencoding')
self._mylookup = TemplateLookup(directories=[templateRoot],
module_directory=Config.basePath + '/tmp',
output_encoding=outputEncoding,
encoding_errors='replace',
imports=['from mematool.helpers.i18ntool import ugettext as _'])
self.ldapcon = None
self.sidebar = []
self.languages = Config.get('mematool', 'languages', [])
self._debug = Config.get_boolean('mematool', 'debug', False)
def _sidebar(self):
pass
def render(self, template_name, template_context=None, **kwargs):
template = self._mylookup.get_template(template_name)
if template_context is None:
c = TemplateContext()
else:
c = template_context
c.pendingMemberValidations = self.pendingMemberValidations()
c.is_admin = self.is_admin()
self._sidebar()
return template.render(session=cherrypy.session, c=c, sidebar=self.sidebar, **kwargs)
@property
def debug(self):
return self._debug
@property
def session(self):
return cherrypy.session
@property
def db(self):
return cherrypy.request.db
@property
def request(self):
return cherrypy.request
def set_ldapcon(self, ldapcon):
self.ldapcon = ldapcon
def get_ldapcon(self):
#@todo: this is not enough ... ass a cherrypy before-handler
if self.session.get('username') is None or self.session.get('password') is None:
raise HTTPRedirect('/')
if self.ldapcon is None:
username = self.session.get('username')
password = decodeAES(self.session.get('password'))
self.ldapcon = LdapConnector(username, password).get_connection()
else:
try:
self.ldapcon.whoami_s()
except ldap.SERVER_DOWN:
#@todo make this cleaner refactor
username = self.session.get('username')
password = decodeAES(self.session.get('password'))
self.ldapcon = LdapConnector(username, password).get_connection()
return self.ldapcon
def get_ldapMF(self):
return LdapModelFactory(self.get_ldapcon())
@property
def mf(self):
return self.get_ldapMF()
def is_in_group(self, group):
if not group == '' and 'user' in self.session and self.session.get('user').is_in_group(group):
return True
return False
def is_in_vgroup(self, group):
if not group == '' and 'user' in self.session:
for vgroup in Config.get('mematool', 'vgroup_{0}'.format(group), []):
if vgroup in self.session.get('user').groups:
return True
return False
@staticmethod
def needAdmin(f):
def new_f(self, *args, **kwargs):
if 'user' in self.session and self.session['user'].is_admin():
return f(self, *args, **kwargs)
raise HTTPError(403, _('You are not allowed to view this ressource'))
return new_f
@staticmethod
def needFinanceAdmin(f):
def new_f(self, *args, **kwargs):
if 'user' in self.session and self.session['user'].is_finance_admin():
return f(self, *args, **kwargs)
raise HTTPError(403, _('You are not allowed to view this ressource'))
return new_f
@staticmethod
def needGroup(group):
def wrap_f(f):
def new_f(self, *args, **kwargs):
if self.is_in_group(group) or self.is_in_vgroup(group):
return f(self, *args, **kwargs)
raise HTTPError(403, _('You are not allowed to view this ressource'))
return new_f
return wrap_f
def is_finance_admin(self):
if 'user' in self.session and self.session['user'].is_finance_admin():
return True
return False
def is_admin(self):
if 'user' in self.session and self.session['user'].is_admin():
return True
return False
def avatarUrl(self, uid, size=20):
try:
member = self.mf.getUser(uid)
if not member.jpegPhoto is None:
return '/profile/getAvatar/?member_id=' + uid
else:
return member.getGravatar(size=size)
except:
pass
return ''
def pendingMemberValidations(self):
return self.db.query(TmpMember).count()
def sendMail(self, to_, subject, body, from_=''):
msg = MIMEText(body)
if from_ == '':
from_ = Config.get('mematool', 'mail_default_from')
msg['Subject'] = subject
msg['From'] = from_
msg['To'] = to_
try:
s = smtplib.SMTP('localhost')
s.sendmail(from_, [to_], msg.as_string())
s.quit()
except:
if self.debug:
print 'Error sending mail'
else:
raise
class BaseController(object):
def __init__(self):
templateRoot = Config.get('mako', 'templateroot')
collectionSize = Config.get('mako', 'collectionsize')
outputEncoding = Config.get('mako', 'outputencoding')
self._mylookup = TemplateLookup(
directories=[templateRoot],
module_directory=Config.basePath + '/tmp',
output_encoding=outputEncoding,
encoding_errors='replace',
imports=['from mematool.helpers.i18ntool import ugettext as _'])
self.ldapcon = None
self.sidebar = []
self.languages = Config.get('mematool', 'languages', [])
self._debug = Config.get_boolean('mematool', 'debug', False)
def _sidebar(self):
pass
def render(self, template_name, template_context=None, **kwargs):
template = self._mylookup.get_template(template_name)
if template_context is None:
c = TemplateContext()
else:
c = template_context
c.pendingMemberValidations = self.pendingMemberValidations()
c.is_admin = self.is_admin()
self._sidebar()
return template.render(session=cherrypy.session,
c=c,
sidebar=self.sidebar,
**kwargs)
@property
def debug(self):
return self._debug
@property
def session(self):
return cherrypy.session
@property
def db(self):
return cherrypy.request.db
@property
def request(self):
return cherrypy.request
def set_ldapcon(self, ldapcon):
self.ldapcon = ldapcon
def get_ldapcon(self):
#@todo: this is not enough ... ass a cherrypy before-handler
if self.session.get('username') is None or self.session.get(
'password') is None:
raise HTTPRedirect('/')
if self.ldapcon is None:
username = self.session.get('username')
password = decodeAES(self.session.get('password'))
self.ldapcon = LdapConnector(username, password).get_connection()
else:
try:
self.ldapcon.whoami_s()
except ldap.SERVER_DOWN:
#@todo make this cleaner refactor
username = self.session.get('username')
password = decodeAES(self.session.get('password'))
self.ldapcon = LdapConnector(username,
password).get_connection()
return self.ldapcon
def get_ldapMF(self):
return LdapModelFactory(self.get_ldapcon())
@property
def mf(self):
return self.get_ldapMF()
def is_in_group(self, group):
if not group == '' and 'user' in self.session and self.session.get(
'user').is_in_group(group):
return True
return False
def is_in_vgroup(self, group):
if not group == '' and 'user' in self.session:
for vgroup in Config.get('mematool', 'vgroup_{0}'.format(group),
[]):
if vgroup in self.session.get('user').groups:
return True
return False
@staticmethod
def needAdmin(f):
def new_f(self, *args, **kwargs):
if 'user' in self.session and self.session['user'].is_admin():
return f(self, *args, **kwargs)
raise HTTPError(403,
_('You are not allowed to view this ressource'))
return new_f
@staticmethod
def needFinanceAdmin(f):
def new_f(self, *args, **kwargs):
if 'user' in self.session and self.session[
'user'].is_finance_admin():
return f(self, *args, **kwargs)
raise HTTPError(403,
_('You are not allowed to view this ressource'))
return new_f
@staticmethod
def needGroup(group):
def wrap_f(f):
def new_f(self, *args, **kwargs):
if self.is_in_group(group) or self.is_in_vgroup(group):
return f(self, *args, **kwargs)
raise HTTPError(
403, _('You are not allowed to view this ressource'))
return new_f
return wrap_f
def is_finance_admin(self):
if 'user' in self.session and self.session['user'].is_finance_admin():
return True
return False
def is_admin(self):
if 'user' in self.session and self.session['user'].is_admin():
return True
return False
def avatarUrl(self, uid, size=20):
try:
member = self.mf.getUser(uid)
if not member.jpegPhoto is None:
return '/profile/getAvatar/?member_id=' + uid
else:
return member.getGravatar(size=size)
except:
pass
return ''
def pendingMemberValidations(self):
return self.db.query(TmpMember).count()
def sendMail(self, to_, subject, body, from_=''):
msg = MIMEText(body)
if from_ == '':
from_ = Config.get('mematool', 'mail_default_from')
msg['Subject'] = subject
msg['From'] = from_
msg['To'] = to_
try:
s = smtplib.SMTP('localhost')
s.sendmail(from_, [to_], msg.as_string())
s.quit()
except:
if self.debug:
print 'Error sending mail'
else:
raise
