def restore_backrefs(portal, obj): """Restore backreferences stored in the attribute _backrefs. """ intids = getUtility(IIntIds) uid_catalog = getToolByName(portal, 'uid_catalog') try: backrefobjs = [uuidToObject(uuid) for uuid in obj._backrefs] for backrefobj in backrefobjs: # Dexterity and if IDexterityContent.providedBy(backrefobj): relitems = getattr(backrefobj, 'relatedItems', None) if not relitems: backrefobj.relatedItems = PersistentList() elif not isinstance(obj.relatedItems, PersistentList): backrefobj.relatedItems = PersistentList( obj.relatedItems ) to_id = intids.getId(obj) backrefobj.relatedItems.append(RelationValue(to_id)) # Archetypes elif IATContentType.providedBy(backrefobj): # reindex UID so we are able to set the reference path = '/'.join(obj.getPhysicalPath()) uid_catalog.catalog_object(obj, path) backrefobj.setRelatedItems(obj) logger.info( 'Restored BackRelation from %s to %s' % (backrefobj, obj)) except AttributeError: pass
def restore_backrefs(portal, obj): """Restore backreferences stored in the attribute _backrefs. """ intids = getUtility(IIntIds) uid_catalog = getToolByName(portal, 'uid_catalog') try: backrefobjs = [uuidToObject(uuid) for uuid in obj._backrefs] for backrefobj in backrefobjs: # Dexterity and if IDexterityContent.providedBy(backrefobj): relitems = getattr(backrefobj, 'relatedItems', None) if not relitems: backrefobj.relatedItems = PersistentList() elif not isinstance(obj.relatedItems, PersistentList): backrefobj.relatedItems = PersistentList(obj.relatedItems) to_id = intids.getId(obj) backrefobj.relatedItems.append(RelationValue(to_id)) # Archetypes elif IATContentType.providedBy(backrefobj): # reindex UID so we are able to set the reference path = '/'.join(obj.getPhysicalPath()) uid_catalog.catalog_object(obj, path) backrefobj.setRelatedItems(obj) logger.info('Restored BackRelation from %s to %s' % (backrefobj, obj)) except AttributeError: pass
def __init__(self, context, request, brain): self.context = context self.request = request self.brain = brain self.has_protection_enabled = False self.is_protected = False portal_types = self.context.portal_types portal_type = self.brain.portal_type behaviors = getattr(portal_types[portal_type], 'behaviors', None) if (behaviors and 'collective_folderprotection.behaviors.interfaces.IPasswordProtected' in behaviors): self.has_protection_enabled = True ob = self.brain.getObject() passwordprotected = IPasswordProtected(ob) if passwordprotected.is_password_protected(): self.is_protected = True else: ob = self.brain.getObject() if IATContentType.providedBy(ob) and\ IATPasswordProtected.providedBy(ob): self.has_protection_enabled = True ob = self.brain.getObject() adapter = queryAdapter(ob, IATPasswordProtected) if adapter.is_password_protected(): self.is_protected = True
def set_text(item, text, ref=""): if ref: text = text.format(uid=ref) if HAS_ARCHETYPES: if IATContentType.providedBy(item): item.setText(text, mimetype="text/html") else: item.text = RichTextValue(text, "text/html", "text/html")
def can_enable_at_pw_protection(self): can_enable = False if IATContentType.providedBy(self.context): if not IATPasswordProtected.providedBy(self.context): pm = self.context.portal_membership roles = pm.getAuthenticatedMember().getRolesInContext(self.context) if ('Manager' in roles or 'Owner' in roles): can_enable = True return can_enable
def traverse(self, path, response=None, validated_hook=None): object = self.__old_traverse(path, response, validated_hook) context = aq_parent(object) if (context is None or not IATContentType.providedBy(context) or getSecurityManager().checkPermission(permissions.ModifyPortalContent, context)): return object languageTool = getToolByName(context, 'portal_languages', None) if languageTool.getPreferredLanguage() in context.Schema()['language_constraint'].get(context): return object return getMultiAdapter((context, self), name='notavailable')
def languages_vocabulary_factory(context): parent = aq_parent(context) if IATContentType.providedBy(parent): selected = parent.Schema()['language_constraint'].get(parent) languages = languages_vocabulary_factory(parent) filtered = [] for term in languages: if not term.value in selected: continue filtered.append(term) return vocabulary.SimpleVocabulary(filtered) return getUtility(IVocabularyFactory, 'plone.app.vocabularies.SupportedContentLanguages')(parent)
def traverse(self, path, response=None, validated_hook=None): object = self.__old_traverse(path, response, validated_hook) context = aq_parent(object) if (context is None or not IATContentType.providedBy(context) or getSecurityManager().checkPermission( permissions.ModifyPortalContent, context)): return object languageTool = getToolByName(context, 'portal_languages', None) if languageTool.getPreferredLanguage() in context.Schema( )['language_constraint'].get(context): return object return getMultiAdapter((context, self), name='notavailable')
def __call__(self): if IATContentType.providedBy(self.context) and\ IATPasswordProtected.providedBy(self.context): pm = self.context.portal_membership roles = pm.getAuthenticatedMember().getRolesInContext(self.context) if not ('Manager' in roles or 'Owner' in roles): raise Unauthorized("You are not authorized to disable password protection for this item") noLongerProvides(self.context, IATPasswordProtected) messages = IStatusMessage(self.request) messages.add(_(u"Password protection has been disabled"), type=u"info") self.request.response.redirect(self.context.absolute_url())
def restoreReferences(portal): """ iterate over all Dexterity Objs and restore es Dexterity Reference. """ out = '' catalog = getToolByName(portal, "portal_catalog") # Seems that these newly created objs are not reindexed catalog.clearFindAndRebuild() intids = getUtility(IIntIds) results = catalog.searchResults( object_provides=IDexterityContent.__identifier__) for brain in results: obj = brain.getObject() # refs try: if not getattr(obj, 'relatedItems', None): obj.relatedItems = PersistentList() elif type(obj.relatedItems) != type(PersistentList()): obj.relatedItems = PersistentList(obj.relatedItems) for uuid in obj._relatedItems: to_obj = uuidToObject(uuid) to_id = intids.getId(to_obj) obj.relatedItems.append(RelationValue(to_id)) out += str('Restore Relation from %s to %s \n' % (obj, to_obj)) del obj._relatedItems except AttributeError: pass # backrefs try: backrefobjs = [uuidToObject(uuid) for uuid in obj._backrefs] for backrefobj in backrefobjs: # Dexterity and if IDexterityContent.providedBy(backrefobj): if not getattr(backrefobj, 'relatedItems', None): backrefobj.relatedItems = PersistentList() elif type(backrefobj.relatedItems) != type(PersistentList()): backrefobj.relatedItems = PersistentList( obj.relatedItems) to_id = intids.getId(obj) backrefobj.relatedItems.append(RelationValue(to_id)) # Archetypes elif IATContentType.providedBy(backrefobj): backrefobj.setRelatedItems(obj) out += str( 'Restore BackRelation from %s to %s \n' % (backrefobj, obj)) del obj._backrefs except AttributeError: pass return out
def save(self): """Save the image""" context, request, form = self.context, self.request, self.request.form check(self.request) # raise an error if not authenficated if not "image" in form: raise Exception("invalid request") data = self.fetch(form["image"]) if not data: raise Exception("image download fails") if IATImage.providedBy(self.context): self.at_store(self.context, data) parent = aq_parent(self.context) if IATContentType.providedBy(parent): self.at_store(parent, data, self.context.id())
def get_infos_for(self, context): data = {'embedded_images' : False, 'contexts_info' : []} contexts_info = data['contexts_info'] if IATImage.providedBy(self.context): contexts_info.append({'c':self.context, 'type': 'image'}) if IATContentType.providedBy(self.context): for f in self.context.schema.keys(): field = self.context.schema[f] if 'image' == field.type: data['embedded_images'] = True contexts_info.append( {'c':field.get(self.context), 'type': 'atimage'} ) for context_info in contexts_info: request = self.request adapters = getAdapters((context_info['c'], request), provided=i.IExternalImageEditor) context_info['infos'] = [] for name, a in adapters: if a.enabled: context_info['infos'].append(a.link_infos) return data
def _adjustFields(context=None, fields=None): remove =[ 'target_collection', 'show_footer', 'show_leadimage', 'alternate_footer_link', 'feeds', 'reverse_feed', 'header', 'limit', 'show_dates', 'show_location' ] if context: for i in aq_chain(context): if IATContentType.providedBy(i): portal_catalog = getToolByName(i, "portal_catalog") indexes = portal_catalog.indexes() for (field, index) in [ ('query_research_areas', 'department_research_areas'), ('query_counties', 'Counties'), ('query_programs', 'Topics'), ('query_topics', 'Subtopiocs'), ('query_courses', 'Courses'), ('query_public_tags', 'Tags'), ('query_plone_tags', 'Subject'), ('limit_radius', 'zip_code'), ]: if index not in indexes: remove.append(field) break return _getFields(fields=fields, order=['title', 'show_header', 'cache_timeout', 'items_shown',], remove=remove)
def backrefs(portal, obj): intids = getUtility(IIntIds) uid_catalog = getToolByName(portal, 'uid_catalog') out = '' try: backrefobjs = [uuidToObject(uuid) for uuid in obj._backrefs] for backrefobj in backrefobjs: # Dexterity and if IDexterityContent.providedBy(backrefobj): relitems = getattr(backrefobj, 'relatedItems', None) if not relitems: backrefobj.relatedItems = PersistentList() elif type(relitems) != type(PersistentList()): backrefobj.relatedItems = PersistentList( obj.relatedItems ) to_id = intids.getId(obj) backrefobj.relatedItems.append(RelationValue(to_id)) # Archetypes elif IATContentType.providedBy(backrefobj): # reindex UID so we are able to set the reference path = '/'.join(obj.getPhysicalPath()) uid_catalog.catalog_object(obj, path) backrefobj.setRelatedItems(obj) out += str( 'Restore BackRelation from %s to %s \n' % ( backrefobj, obj ) ) del obj._backrefs except AttributeError: pass return out
def allowed(self): obj_is_protected = False authorized = False # First we check if the current context has the password protection enabled try: # This will be true if DX and pw-protected enabled IPasswordProtected(self.context) obj_is_protected = True except TypeError: if HAS_AT: # This will be true if AT and pw-protected enabled if IATContentType.providedBy(self.context) and\ IATPasswordProtected.providedBy(self.context): obj_is_protected = True if obj_is_protected: # Only allow to set password to Manager or Owner pm = self.context.portal_membership roles = pm.getAuthenticatedMember().getRolesInContext(self.context) if ('Manager' in roles or 'Owner' in roles): authorized = True return authorized
def run(self): """Download cart content. Before downloading items are packed into a zip archive (only the items that are files are included). """ cart_view = self.context.restrictedTraverse('cart') request = self.context.REQUEST cart = cart_view.cart if not cart: api.portal.show_message(message=u"Can't download, no items found.", request=request, type="error") request.response.redirect(self.context.absolute_url() + '/@@cart') output = StringIO() zf = zipfile.ZipFile(output, mode='w') try: for obj_uuid in cart: # make sure obj exists obj = api.content.get(UID=obj_uuid) if obj is None: continue # check if this is a document and potentially has a pdf set if obj.portal_type == "Document" and obj.restrictedTraverse( 'pdf', None): data = obj.restrictedTraverse('pdf')() if obj.REQUEST.response.status != 200: if obj.REQUEST.response.status == 302: del obj.REQUEST.response.headers['location'] obj.REQUEST.response.status = 200 # ignore and continue - showing a portal message here is # useless as we probably won't return html continue data = data.read() filename = '%s.pdf' % obj.getId() else: # make sure obj is a file by checking if filename is set if IATContentType.providedBy(obj): filename = obj.getFilename() if not filename: continue data = obj.data else: blobfile = obj.file filename = blobfile.filename data = blobfile.data zf.writestr(filename, data) finally: zf.close() if zf.filelist: request.response.setHeader("Content-Type", "application/zip") now = datetime.now() zipfilename = "download-%s-%s-%s.zip" % (now.year, now.month, now.day) request.response.setHeader('Content-Disposition', "attachment; filename=%s" % zipfilename) return output.getvalue() else: api.portal.show_message( message="There are no downloadable items in your cart.", request=request, type="warning") portal = api.portal.get() request.response.redirect(portal.absolute_url() + '/@@cart')
try: editor.save() except Exception, e: ret = 'An error occured during image record: %s' % e ret = 'image updated' else: ret = 'No edit session!' if invalid: if not ret: ret = 'Invalid edit proxy request!' logger.info(ret) if IATImage.providedBy(self.context): context_url += "/view" parent = aq_parent(self.context) if (IATContentType.providedBy(parent) and IOFSImage.providedBy(self.context)): context_url = parent.absolute_url() if service not in ['aviary']: self.request.response.redirect(context_url) return ret class Edit(BrowserView): """Redirect to a specific edit service""" interface.implements(IEdit) def __call__(self, *args): islocalhost = (self.request.URL.startswith('http://localhost') or self.request.URL.startswith('127.0.0.1')) if self.request.method == 'GET' and not islocalhost:
def run(self): """Download cart content. Before downloading items are packed into a zip archive (only the items that are files are included). """ cart_view = self.context.restrictedTraverse('cart') request = self.context.REQUEST cart = cart_view.cart if not cart: api.portal.show_message( message=u"Can't download, no items found.", request=request, type="error" ) request.response.redirect(self.context.absolute_url() + '/@@cart') output = StringIO() zf = zipfile.ZipFile(output, mode='w') try: for obj_uuid in cart: # make sure obj exists obj = api.content.get(UID=obj_uuid) if obj is None: continue # check if this is a document and potentially has a pdf set if obj.portal_type == "Document" and obj.restrictedTraverse('pdf', None): data = obj.restrictedTraverse('pdf')() if obj.REQUEST.response.status != 200: if obj.REQUEST.response.status == 302: del obj.REQUEST.response.headers['location'] obj.REQUEST.response.status = 200 # ignore and continue - showing a portal message here is # useless as we probably won't return html continue data = data.read() filename = '%s.pdf' % obj.getId() else: # make sure obj is a file by checking if filename is set if IATContentType.providedBy(obj): filename = obj.getFilename() if not filename: continue data = obj.data else: blobfile = obj.file filename = blobfile.filename data = blobfile.data zf.writestr(filename, data) finally: zf.close() if zf.filelist: request.response.setHeader( "Content-Type", "application/zip" ) now = datetime.now() zipfilename = "download-%s-%s-%s.zip" % (now.year, now.month, now.day) request.response.setHeader( 'Content-Disposition', "attachment; filename=%s" % zipfilename ) return output.getvalue() else: api.portal.show_message( message="There are no downloadable items in your cart.", request=request, type="warning") portal = api.portal.get() request.response.redirect(portal.absolute_url() + '/@@cart')
def __call__(self): if self.request.get('submit', False): # The password was submitted passw = self.request.get('password', '') passw_hash = md5(passw).hexdigest() password_protected = None context = self.context try: # This will be true if DX and pw-protected enabled password_protected = IPasswordProtected(context) except TypeError: if HAS_AT: # This will be true if AT and pw-protected enabled if IATContentType.providedBy(context) and\ IATPasswordProtected.providedBy(context): password_protected = queryAdapter(context, IATPasswordProtected) if not password_protected: # It could be that this is the default view for the protected parent, so let's try that parent_dp = context.aq_parent.getDefaultPage() if parent_dp == context.id: context = context.aq_parent try: # This will be true if DX and pw-protected enabled password_protected = IPasswordProtected(context) except TypeError: if HAS_AT: # This will be true if AT and pw-protected enabled if IATContentType.providedBy(context) and \ IATPasswordProtected.providedBy(context): password_protected = queryAdapter(context, IATPasswordProtected) if password_protected: if password_protected.is_password_protected(): # If this is not true, means the Manager has not set a password # for this resource yet, then do not authenticate... # If there's no came_from, then just go to the object itself came_from = self.request.get('came_from', context.absolute_url()) if passw_hash == password_protected.passw_hash: # The user has entered a valid password, then we store a # random hash with a TTL so we know he already authenticated ann = IAnnotations(context) hashes = ann.get(HASHES_ANNOTATION_KEY, {}) random_hash = md5(str(random())).hexdigest() while random_hash in hashes: # This would be *REALLY* hard to happen, but just in case... random_hash = md5(str(random())).hexdigest() hashes[random_hash] = datetime.now() + TIME_TO_LIVE # Store the hash in the annotation ann[HASHES_ANNOTATION_KEY] = hashes if context is not self.context: # Also store the hash in the default view object, if that's the case ann = IAnnotations(self.context) ann[HASHES_ANNOTATION_KEY] = hashes # Save the hash in a cookie path = context.getPhysicalPath() virtual_path = self.request.physicalPathToVirtualPath(path) options = {'path': '/'.join(('',)+virtual_path), 'expires': (DateTime("GMT") + 5).rfc822()} self.request.response.setCookie(HASH_COOKIE_KEY, random_hash, **options) # Now that we have our cookie set, go to the original url self.request.response.redirect(came_from) return else: # Invalid password, stay here, but mantain the "came_from" self.request.set('came_from', came_from) self.request.response.setStatus(401, lock=True) return self.index()