Пример #1
0
 def validateUserAndPassword(self, username, password):
     """
     Looks first if the user is configured in the configuration file,
     e.g. standard users like the "manager" account. If not the user
     databases, like "Member", are checked. The encrypted password is
     validated.
 """
     if (username, sha.new(password).hexdigest()) not in users:
         if len(username) >= 2:
             # which database to use for user authentification
             if username[:2].lower() == "mi":
                 user = Member.search(username[2:])
             else:
                 self.warning("wrong prefix for username '%s'" % username)
                 raise LoginError, "WrongUsername"
             # check user exist and unique
             if user.count() == 0:
                 self.warning("user '%s' not found" % username)
                 raise LoginError, "WrongUsername"
             elif user.count() > 1:
                 self.warning("User '%s' not unique" % username)
                 raise LoginError, "WrongUsername"
             else:
                 # check password
                 if user[0].passwordHash == sha.new(password).hexdigest():
                     # correct user from Member database
                     self.info("User '%s' authorized" % username)
                 else:
                     self.warning("Wrong password for user '%s' in Member database" % username)
                     raise LoginError, "WrongPassword"
         else:
             self.warning("Username '%s' to short" % username)
             raise LoginError, "WrongUsername"
Пример #2
0
 def getRolesOfUser(self, username):
     if username in roles:
         return roles[username]
     else:
         if len(username) >= 2:
             if username[:2].lower() == "mi":
                 user = Member.search(username[2:])
             else:
                 # wrong prefix of username
                 return []
             if user.count() == 1:
                 # get roles from database of user
                 return rolesTable[user[0].role]
             else:
                 # user not unique or doesn't exist
                 return []
         else:
             # wrong user name
             return []
Пример #3
0
  def writeContent(self, trans=None):
    '''
      this servlet changes member record
    '''

    # retrieving the required parameters
    accountNb = int(self.transaction.request().field('accountNb','0'))
    print "nb: %s" % accountNb
    firstName = self.transaction.request().field('firstName','')
    print "fn: %s" % firstName
    lastName = self.transaction.request().field('lastName','')
    if not accountNb:
        print "no accountNb"
    if not firstName:
        print "no firstname"
    if not lastName:
        print "no lastname"

    # if it is a new account, create a new record
    storeObjects = Member.search(str(accountNb))
    if storeObjects.count() == 0:
        print "create new member"
        member = Member(accountNb=accountNb,firstName=firstName,lastName=lastName)
        member.sync()

    # calculating and setting the dates for "membershipEndFrom"
    membershipKind = string.strip(self.transaction.request().field('membershipKind',''))
    membershipFrom = string.strip(self.transaction.request().field('membershipFrom',''))
    membershipEndFrom = string.strip(self.transaction.request().field('membershipEndFrom',''))
    endsAt = string.strip(self.transaction.request().field('endsAt',''))

    # if membershipEndFrom or membershipFrom are not set, they are equal
    if (not membershipEndFrom) and (membershipFrom):
        membershipEndFrom = membershipFrom
    if (membershipEndFrom) and (not membershipFrom):
        membershipFrom = membershipEndFrom
    if (endsAt) and (not membershipEndFrom):
        y =  DateTime.DateTimeFrom(endsAt)+DateTime.DateTimeDelta(1)
        membershipEndFrom = y.date
        
    # retrieve accountNb's of all family members
    accounts = []
    accountObjects = Member.search("%s_" % str(accountNb)[:-1])
    for x in accountObjects:
        accounts.append(x.accountNb)
        
    #
    # Update all records of the family
    #
    for record in accounts:
        errors = ''
        storeObjects = Member.search(str(record))
        member = storeObjects[0]
        # if austrittsdatum and not member.Austrittsdatum():
        #     member.setAustrittsdatum(DateTime.DateTimeFrom(austrittsdatum))
        #     member.setAustrittsgrund(string.strip(self.transaction.request().field('Austrittsgrund','')))
        
        #
        # personal part of the record is only updated for the target member
        #
        if record == accountNb:
            #
            # change member object
            #
            self.updateMemberFields(member)
            
        #
        # membership status is only maintained for the main member of a family
        #
        if str(record)[-1:] == "0":
            ms = self.getMemberships(member)
            membershipNb = 0
            if membershipEndFrom != '':
                for x in range(1,nbOfMemberships+1):
                    if (ms['membershipKind'+str(x)]) and (not ms['membershipEndFrom'+str(x)]):
                        ms['membershipEndFrom'+str(x)] = DateTime.DateTimeFrom(membershipEndFrom)
                        #
                        # fees with equal membershipFrom and membershipEndFrom could be overwritten
                        #
                        if ms['membershipFrom'+str(x)] == DateTime.DateTimeFrom(membershipEndFrom):
                            membershipNb = x - 1
                        else:
                            membershipNb = x
            elif membershipFrom:
                for x in range(1,nbOfMemberships+1):
                    if (not ms['membershipKind'+str(x)]) and (membershipNb == 0):
                        membershipNb = x - 1
            #
            # set new fee in the next free slot (2-5 and 1) respective slot 1, if no fee already exists
            #
            if membershipKind:
                ms['membershipKind'+str(membershipNb % nbOfMemberships + 1)] = membershipKind
                ms['membershipFrom'+str(membershipNb % nbOfMemberships + 1)] = DateTime.DateTimeFrom(membershipFrom)
                ms['membershipEndFrom'+str(membershipNb % nbOfMemberships + 1)] = None
                ms['membershipPayNextFrom'+str(membershipNb % nbOfMemberships + 1)] = DateTime.DateTimeFrom(membershipFrom)
                ms['membershipKind'+str((membershipNb + 1) % nbOfMemberships + 1)] = ""
                ms['membershipFrom'+str((membershipNb + 1) % nbOfMemberships + 1)] = None
                ms['membershipEndFrom'+str((membershipNb + 1) % nbOfMemberships + 1)] = None
                ms['membershipPayNextFrom'+str((membershipNb + 1) % nbOfMemberships + 1)] = None
            self.updateMemberships(member,ms)

        self.updateStandardFields(member,errors)
        #
        # store updates in database
        #
        member.sync()
        
    #
    # back to member page
    #
    self.transaction.response().sendRedirect('MemberView?accountNb=' + str(accountNb))
Пример #4
0
 def search(self, pattern='', context=''):
     return Member.search(pattern,context)
Пример #5
0
 def getAttrs(self, accountNb=''):
     if accountNb:
         records = Member.search(str(accountNb))
         return records[0].allAttrs()
     else:
         return None