def chamber_id(self): """Vocabularies in the forms get the chamber id from the context, this property returns the id of the chamber the currently logged in user is a member of """ chamber = utils.get_user_chamber(utils.get_login_user()) return chamber.group_id
def getDefaultVocabularyValue(self): user = get_login_user() try: self.context.vocabulary.getTerm(user.user_id) except LookupError: return None return user.user_id
def handle_publish(self, action, data): self.generated_content = self.generateContent(data) if IWorkspaceScheduling.providedBy(self.request): if not hasattr(self.context, "group_id"): context_group_id = ISchedulingContext(self.context).group_id else: context_group_id = self.context.group_id else: #get the chamber id context_group_id = get_chamber_for_context( self.context).parliament_id report = domain.Report( title=self.title, start_date=self.start_date, end_date=self.end_date, body=self.generated_content, owner_id=get_login_user().user_id, # !+GROUP_AS_OWNER language=self.language, group_id=context_group_id) session = Session() session.add(report) session.flush() notify(ObjectCreatedEvent(report)) self.status = _(u"Report has been processed and saved") return self.template()
def handle_publish(self, action, data): self.generated_content = self.generate_content(data) if IWorkspaceScheduling.providedBy(self.request): if not hasattr(self.context, "group_id"): context_group_id = ISchedulingContext(self.context).group_id else: context_group_id = self.context.group_id else: # get the chamber id context_group_id = get_chamber_for_context(self.context).group_id report = domain.Report( title=self.title, start_date=self.start_date, end_date=self.end_date, body=self.generated_content, owner_id=get_login_user().user_id, # !+GROUP_AS_OWNER language=self.language, group_id=context_group_id ) session = Session() session.add(report) session.flush() # requires self db id to have been updated report.on_create() notify(ObjectCreatedEvent(report)) self.status = _(u"Report has been processed and saved") return self.template()
def checkEmail(self): session = Session() users = session.query(User).filter(User.email==self.email) message = _("error_profile_email_taken", "Email already taken!") if users.count() > 1: raise interface.Invalid(message,"email") if users.count() == 1 and users.first().user_id != get_login_user().user_id: raise interface.Invalid(message,"email")
def is_consented_signatory(self, user=None): user = user or model_utils.get_login_user() if user: return user.user_id in [ sgn.user_id for sgn in filter( lambda cs:cs.status in SIGNATORY_CONSENTED_STATES, self.signatories) ] return False
def __init__(self, context): self.context = context chamber = utils.get_user_chamber(utils.get_login_user()) if chamber: self.object_type = chamber.type self.oid = chamber.group_id else: self.object_type = None self.oid = None
def is_consented_signatory(self, user=None): user = user or model_utils.get_login_user() if user: return user.user_id in [ sgn.user_id for sgn in filter( lambda cs: cs.status in SIGNATORY_CONSENTED_STATES, self.signatories) ] return False
def checkEmail(self): session = Session() users = session.query(User).filter(User.email == self.email) message = _("error_profile_email_taken", "Email already taken!") if users.count() > 1: raise interface.Invalid(message, "email") if users.count( ) == 1 and users.first().user_id != get_login_user().user_id: raise interface.Invalid(message, "email")
def get_document_groups(): """Get Document Groups - order by group id """ group_options = [("", "-")] user = model_utils.get_login_user() groups = [ g for g in model_utils.get_user_groups(user) ] group_values = [ (g.group_id, IDCDescriptiveProperties(g).short_title) for g in groups ] group_options += sorted(group_values) return group_options
def get_document_groups(): """Get Document Groups - order by group id """ group_options = [("", "-")] user = model_utils.get_login_user() groups = [g for g in model_utils.get_user_groups(user)] group_values = [(g.group_id, IDCDescriptiveProperties(g).short_title) for g in groups] group_options += sorted(group_values) return group_options
def publishTraverse(self, request, name): # Shortcut for current user workspace if name == u"profile": user = get_login_user() if user is not None: user.__parent__ = self.context user.__name__ = "profile" return user else: return NotFound(self.context, name, request) return super(ProfileTraverser, self).publishTraverse(request, name)
def publishTraverse(self, request, name): if name == "current": return get_login_user() trusted = removeSecurityProxy(self.context) view = component.queryMultiAdapter((trusted, request), name=name) if view: return view ob = trusted.get(name) if ob: return ob raise NotFound(self.context, name)
def sign_document(self, context): """Sign context for current user if they have not already signed. Called from ui.forms.common.SignOpenDocumentForm.handle_sign_document(). """ user = get_login_user() signatory = get_signatory(context, user) if not signatory: signatory = new_signatory(user.user_id, context.doc_id) else: if not signatory.status == SIGNATORY_CONSENTED_STATE: wfc = IWorkflowController(signatory) wfc.state_controller.set_status(SIGNATORY_CONSENTED_STATE) return signatory
def __call__(self): request = self.request context = self.context user_id = get_login_user().user_id signatories = context.signatories _filters = {"user_id": user_id} _signatories = signatories.query(**_filters) if len(_signatories) == 1: signatory = _signatories[0] _signatory = signatories.get(signatory.signatory_id) review_url = "/".join((url.absoluteURL(_signatory, request), u"workflow")) return request.response.redirect(review_url)
def __call__(self): request = self.request context = self.context user_id = get_login_user().user_id signatories = context.signatories _filters = {"user_id": user_id} _signatories = signatories.query(**_filters) if len(_signatories) == 1: signatory = _signatories[0] _signatory = signatories.get(signatory.signatory_id) review_url = "/".join( (url.absoluteURL(_signatory, request), u"workflow") ) return request.response.redirect(review_url)
def getter(item, formatter): state_title = get_wf_state(item) request = common.get_request() state_title = translate(state_title, domain="bungeni", context=request) # !+MY_LISTING_ROWS(mr, aug-2012) the following is a (exploratory) # mechanism to add a distinction between what rows are owned by the # current user and others. Here it is added only to "status" columns # but a generic "row-level" means to mark such rows as different # from the others may be a useful feature. if IWorkspaceSectionLayer.providedBy(request) and IOwned.providedBy(item): # !+delegation? if item.owner == get_login_user(): state_title = "<b>%s</b> *" % (state_title) return state_title
def handle_authorize_app(self, action, data): session = Session() authorization = domain.OAuthAuthorization() authorization.user_id = get_login_user().user_id app = session.query(domain.OAuthApplication).filter( domain.OAuthApplication.identifier == data["client_id"]).one() authorization.application_id = app.application_id authorization.active = True session.add(authorization) authorization_token = self.get_authorization_token(authorization) session.add(authorization_token) session.flush() redirect_uri = self.get_redirect_uri(authorization_token, data["state"]) self.request.response.redirect(redirect_uri, trusted=True)
def is_type_workspaced(self, type_key): """Is this type workspaced for this !+workspace context (for user)? !+WORKSPACE_GROUP_CONTEXTS should be refined further to specific groups, not just be WorkspaceContainer-wide (for all groups)! """ ti = capi.get_type_info(type_key) workspace_feature = ti.workflow.get_feature("workspace") if workspace_feature is not None: group_names = workspace_feature.get_param("group_names") if group_names: user = utils.get_login_user() for group in utils.get_user_groups(user): if group.conceptual_name in group_names: return True return False
def getter(item, formatter): state_title = get_wf_state(item) request = common.get_request() state_title = translate(state_title, domain="bungeni", context=request) # !+MY_LISTING_ROWS(mr, aug-2012) the following is a (exploratory) # mechanism to add a distinction between what rows are owned by the # current user and others. Here it is added only to "status" columns # but a generic "row-level" means to mark such rows as different # from the others may be a useful feature. if IWorkspaceSectionLayer.providedBy(request) and IOwned.providedBy( item): # !+delegation? if item.owner == get_login_user(): state_title = "<b>%s</b> *" % (state_title) return state_title
def can_schedule(type_key, workflow): """Determine if the current user can schedule this document type. i.e. if they have the global workflow permission to schedule a document. """ allow = False schedulable_states = get_schedulable_states(type_key) scheduled_states = get_scheduled_states(type_key) if schedulable_states and scheduled_states: transitions = workflow.get_transitions_from(schedulable_states[0]) transitions = [ trans for trans in transitions if trans.destination == scheduled_states[0] ] if transitions: allow = checkPermission( transitions[0].permission, get_user_chamber(get_login_user())) return allow
def handle_authorize_app(self, action, data): session = Session() authorization = domain.OAuthAuthorization() authorization.user_id = get_login_user().user_id app = session.query(domain.OAuthApplication ).filter(domain.OAuthApplication.identifier == data["client_id"] ).one() authorization.application_id = app.application_id authorization.active = True session.add(authorization) authorization_token = self.get_authorization_token(authorization) session.add(authorization_token) session.flush() redirect_uri = self.get_redirect_uri(authorization_token, data["state"]) self.request.response.redirect(redirect_uri, trusted=True)
def can_schedule(type_key, workflow): """Determine if the current user can schedule this document type. i.e. if they have the global workflow permission to schedule a document. """ allow = False schedulable_states = get_schedulable_states(type_key) scheduled_states = get_scheduled_states(type_key) if schedulable_states and scheduled_states: transitions = workflow.get_transitions_from(schedulable_states[0]) transitions = [ trans for trans in transitions if trans.destination == scheduled_states[0] ] if transitions: allow = checkPermission(transitions[0].permission, get_user_chamber(get_login_user())) return allow
def check_authorization(self): session = Session() client_id = self.request.form.get("client_id", None) user = get_login_user() if client_id: try: authorization = session.query(domain.OAuthAuthorization ).join(domain.OAuthApplication ).filter(sa.and_( domain.OAuthApplication.identifier == client_id, domain.OAuthAuthorization.user_id == user.user_id) ).one() authorization_token = self.get_authorization_token( authorization) session.add(authorization_token) return authorization_token except NoResultFound: return None return None
def check_authorization(self): session = Session() client_id = self.request.form.get("client_id", None) user = get_login_user() if client_id: try: authorization = session.query(domain.OAuthAuthorization).join( domain.OAuthApplication).filter( sa.and_( domain.OAuthApplication.identifier == client_id, domain.OAuthAuthorization.user_id == user.user_id)).one() authorization_token = self.get_authorization_token( authorization) session.add(authorization_token) return authorization_token except NoResultFound: return None return None
def _query(self, **kw): results = [] session = Session() user = utils.get_login_user() #status = self.item_status_filter(kw) reverse = True if (kw.get("sort_dir", "desc") == "desc") else False query = session.query(domain.Group).join(domain.GroupMember).filter( expression.and_( domain.GroupMember.user_id == user.user_id, domain.GroupMember.active_p == True, #domain.Group.status.in_(status) )) query = self.filter_title(query, domain.Group, kw) query = self.filter_type(query, domain.Group, kw) query = self.filter_status_date(query, domain.Group, kw) query = self.order_query(query, domain.Group, kw, reverse) results = query.all() count = query.count() return (results, count)
def default_reports(sitting, event): #!+REPORTS(mb, Feb-2013) add a publish_report action - remove this handler if "published" in sitting.status: sitting = removeSecurityProxy(sitting) report_type = "sitting_agenda" report_title = _("report_title_sitting_agenda", default=u"Sitting Agenda") if "minutes" in sitting.status: report_type = "sitting_minutes" report_title = _("report_title_votes_and_proceedings", default=u"Sitting Votes and Proceedings") sittings = [ExpandedSitting(sitting)] report = domain.Report() session = Session() # !+GROUP_AS_OWNER(mr, apr-2012) we assume for now that the "owner" of # the report is the currently logged in user. report.owner_id = get_login_user().user_id report.created_date = datetime.datetime.now() report.group_id = sitting.group_id # generate using html template in bungeni_custom vocab = vocabulary.report_xhtml_template_factory term = vocab.getTermByFileName(report_type) doc_template = term and term.value or vocab.terms[0].value generator = generators.ReportGeneratorXHTML(doc_template) generator.title = report_title report_title_i18n = translate(report_title, target_language=generator.language) report_context = ReportContext(sittings=sittings, title=report_title_i18n) generator.context = report_context report.title = report_title_i18n report.language = generator.language report.body = generator.generateReport() session.add(report) session.flush() notify(ObjectCreatedEvent(report)) sr = domain.SittingReport() sr.report = report sr.sitting = sitting session.add(sr) session.flush() notify(ObjectCreatedEvent(sr))
def get_body_css_class(self): # add custom css classes to the list below #!+SUB_TYPE chamber_conceptual_name chamber_type = "default" user = utils.get_login_user() if user: # IBungeniAuthenticatedSkin chamber = utils.get_user_chamber(user) #!+SUB_TYPE #if chamber and chamber.conceptual_name: # chamber_conceptual_name = chamber.conceptual_name if chamber and chamber.sub_type: chamber_type = chamber.sub_type classes = [ "yui-skin-sam", "section-bungeni-%s" % get_section_name(), #!+SUB_TYPE "chamber-%s" % chamber_conceptual_name "chamber-%s" % chamber_type ] return " ".join(classes)
def _query(self, **kw): results = [] session = Session() user = utils.get_login_user() #status = self.item_status_filter(kw) reverse = True if (kw.get("sort_dir", "desc") == "desc") else False query = session.query(domain.Group).join( domain.GroupMember).filter( expression.and_( domain.GroupMember.user_id == user.user_id, domain.GroupMember.active_p == True, #domain.Group.status.in_(status) )) query = self.filter_title(query, domain.Group, kw) query = self.filter_type(query, domain.Group, kw) query = self.filter_status_date(query, domain.Group, kw) query = self.order_query(query, domain.Group, kw, reverse) results = query.all() count = query.count() return (results, count)
def _query(self, **kw): session = Session() user = utils.get_login_user() reverse = True if (kw.get("sort_dir", "desc") == "desc") else False results = [] domain_status = self.item_status_filter(kw) for domain_class, status in domain_status.iteritems(): query = session.query(domain_class).filter( domain_class.status.in_(status)).enable_eagerloads(False).join( domain.UserSubscription).filter( domain.UserSubscription.user_id == user.user_id) query = self.filter_title(query, domain_class, kw) #filter on status_date query = self.filter_status_date(query, domain_class, kw) query = self.order_query(query, domain_class, kw, reverse) results.extend(query.all()) count = len(results) if (kw.get("sort_on", None) and kw.get("sort_dir", None)): results.sort(key=lambda x: getattr(x, str(kw.get("sort_on"))), reverse=reverse) return (results, count)
def handle_save(self, action, data): report = domain.Report() session = Session() report.body = data["body"] report.start_date = data["start_date"] report.end_date = data["end_date"] report.note = data["note"] report.short_name = data["short_name"] report.owner_id = get_login_user().user_id # !+GROUP_AS_OWNER report.language = get_default_language() report.created_date = datetime.datetime.now() if not hasattr(self.context, "group_id"): report.group_id = ISchedulingContext(self.context).group_id else: report.group_id = self.context.group_id session.add(report) session.flush() notify(ObjectCreatedEvent(report)) if "sittings" in data.keys(): try: ids = data["sittings"].split(",") for id_number in ids: sit_id = int(id_number) sitting = session.query(domain.Sitting).get(sit_id) sr = domain.SittingReport() sr.report = report sr.sitting = sitting session.add(sr) notify(ObjectCreatedEvent(report)) except: #if no sittings are present in report or some other error occurs pass session.flush() if ISitting.providedBy(self.context): back_link = "./schedule" else: back_link = "./" self.request.response.redirect(back_link)
def __call__(self): session = Session() # Current logged in user id user = get_login_user() # Looking if there is appropriate object to store # currently editing document data currently_editing_document = session.query(CurrentlyEditingDocument)\ .filter(CurrentlyEditingDocument.user_id == user.user_id)\ .first() # If not creating one for the current user if not currently_editing_document: currently_editing_document = CurrentlyEditingDocument() currently_editing_document.user_id = user.user_id session.add(currently_editing_document) # Assigning current document id document_id = self.context.doc_id currently_editing_document.currently_editing_id = document_id # And the current date and time current_datetime = datetime.now() ago_datetime = current_datetime - timedelta(seconds=20) currently_editing_document.editing_date = current_datetime # Fetching amount of users that are being editing the document # taking into account that last time the ajax request was sent # no longer than 20 seconds ago count = session.query(CurrentlyEditingDocument)\ .filter(CurrentlyEditingDocument.currently_editing_id == document_id)\ .filter(CurrentlyEditingDocument.user_id != user.user_id)\ .filter(CurrentlyEditingDocument.editing_date.between(ago_datetime, current_datetime))\ .count() # Returning the amount, excluding current document editing return str(count)
def _query(self, **kw): session = Session() user = utils.get_login_user() reverse = True if (kw.get("sort_dir", "desc") == "desc") else False results = [] domain_status = self.item_status_filter(kw) for domain_class, status in domain_status.iteritems(): query = ( session.query(domain_class) .filter(domain_class.status.in_(status)) .enable_eagerloads(False) .join(domain.UserSubscription) .filter(domain.UserSubscription.user_id == user.user_id) ) query = self.filter_title(query, domain_class, kw) # filter on status_date query = self.filter_status_date(query, domain_class, kw) query = self.order_query(query, domain_class, kw, reverse) results.extend(query.all()) count = len(results) if kw.get("sort_on", None) and kw.get("sort_dir", None): results.sort(key=lambda x: getattr(x, str(kw.get("sort_on"))), reverse=reverse) return (results, count)
def is_owner(self): login_user = model_utils.get_login_user() return ( (model_utils.get_owner_for_context(self.context) == login_user) or (login_user == self.context.owner))
def is_signatory(self, user=None): user = user or model_utils.get_login_user() if user: return user.user_id in [ sgn.user_id for sgn in self.signatories ] return False
def default_reports(sitting, event): #!+REPORTS(mb, Feb-2013) - remove this handler for workflow events: # EITHER a publish_report action, maybe configure this as a workflow action # (so not hardwired to status/workflow event) # OR make it part of sitting feature options e.g. publish state and report # template. if "published" in sitting.status: sitting = removeSecurityProxy(sitting) report_type = "sitting_agenda" report_title = _("report_title_order_of_the_day", default=u"Order of the day") if "minutes" in sitting.status: report_type = "sitting_minutes" report_title = _("report_title_votes_and_proceedings", default=u"Votes and Proceedings") sittings = [ExpandedSitting(sitting)] report = domain.Report() session = Session() # !+GROUP_AS_OWNER(mr, apr-2012) we assume for now that the "owner" of # the report is the currently logged in user. report.owner_id = get_login_user().user_id report.created_date = datetime.datetime.now() report.group_id = sitting.group_id # !+ReportXHTMLTemplateFactory # generate using html template in bungeni_custom vocab = vocabulary.report_xhtml_template_factory(sitting) try: report_template_path = vocab.getTermByToken(report_type).value except LookupError: vtokens = [ t.token for t in vocab._terms ] # first check if we have any values in the reports vocab for this context if not vtokens: log.error("Sitting %s Workflow Transition Handler - " "entry for report type %r NOT found in EMPTY vocabulary: %s", sitting, report_type, vtokens) raise # ok, as a tmp workaround, pick off the first term value in the reports vocab log.warning("Sitting %s Workflow Transition Handler - " "entry for report type %r NOT found in vocabulary: %s - " "proceeding with the template for first entry found: %r ", sitting, report_type, vtokens, vtokens[0]) report_template_path = vocab._terms[0].value generator = generators.ReportGeneratorXHTML(report_template_path) generator.title = report_title report_title_i18n = translate(report_title, target_language=generator.language) report_context = ReportContext(sittings=sittings, title=report_title_i18n) generator.context = report_context report.title = report_title_i18n report.language = generator.language report.body = generator.generate_report(common.get_request()) session.add(report) session.flush() notify(ObjectCreatedEvent(report)) sr = domain.SittingReport() sr.report = report sr.sitting = sitting session.add(sr) session.flush() notify(ObjectCreatedEvent(sr))
def is_owner(self, context): return get_login_user() == context.owner
def generate_nonce(self, client_id, auth_time): data = "{0}:{1}:{2}".format( client_id, get_login_user().user_id, auth_time) return hmac.new(capi.oauth_hmac_key, data, hashlib.sha1).hexdigest()
def is_signatory(self, context, user=None): user = user or get_login_user() return (get_signatory(context, user) is not None)
def generate_nonce(self, client_id, auth_time): data = "{0}:{1}:{2}".format(client_id, get_login_user().user_id, auth_time) return hmac.new(capi.oauth_hmac_key, data, hashlib.sha1).hexdigest()
def __init__(self, *args, **kwargs): super(ChangePasswordForm, self).__init__(*args, **kwargs) self.user = get_login_user() # !+ self.context
def _object_changed( self, action, ob, date_active=None, note=None, procedure="a", ): """() -> domain.Change date_active: the UI for some changes allow the user to manually set the date_active -- this is what should be used as the *effective* date i.e. the date to be used for all intents and purposes other than for data auditing. When not user-modified, the value should be equal to date_audit. """ domain.assert_valid_change_action(action) user = utils.get_login_user() assert user is not None, "Audit error. No user logged in." # carry over a snapshot of head values def get_field_names_to_audit(kls): names_to_audit = [] table = self.audit_table for column in table.columns: # skip all fields starting with "audit_" if column.name.startswith("audit_"): continue # ok, column must therefore be a proper attribute from ob's class assert column.name in kls.__dict__, \ "Not in class: %s" % column.name # skip all primary keys (audit_head_id managed separately) if column.primary_key: continue names_to_audit.append(column.name) for vp_name, vp_type in kls.extended_properties: names_to_audit.append(vp_name) return names_to_audit def copy_field_values(head_cls, source, dest): for name in get_field_names_to_audit(head_cls): setattr(dest, name, getattr(source, name)) # ensure real head object, in case we are dealing with reversioning # off an Audit instance head_ob = ob if action == "version" and issubclass(ob.__class__, domain.Audit): # ob is an Audit instance, so need its head_ob head_ob = ob.audit_head # audit snapshot - done first, to ensure a valid audit_id... au = self.audit_class() au.audit_head = head_ob # attach audit log item to parent object copy_field_values(head_ob.__class__, ob, au) session = Session() session.add(au) # change/audit record # !+version Version instances are created as Change instances! ch = domain.Change() ch.seq = 0 # !+ reset below, to avoid sqlalchemy violates not-null constraint ch.audit = au # ensures ch.audit_id, ch.note.object_id ch.user_id = user.user_id ch.action = action ch.seq = self._get_seq(ch) # !+translate_seq(mr, feb-2013) this should be divided by language? # !+translate_action(mr, feb-2013) shoudl there be an action per # language e.g. translate-fr for translations to french (resolves the # noted translate_seq issue) ch.procedure = procedure ch.date_audit = datetime.now() if date_active: ch.date_active = date_active else: ch.date_active = ch.date_audit if note: ch.note = note # !+SUBITEM_CHANGES_PERMISSIONS(mr, jan-2012) permission on change # records for something like item[@draft]->file[@attached]->fileversion # need to remember also the root item's state, else when item later # becomes visible to clerk and others, the file itself will also become # visible to the clerk (CORRECT) but so will ALL changes on the file # while that file itself was @attached (WRONG!). May best be addressed # when change persistence is reworked along with single document table. session.flush() log.debug("AUDIT [%s] %s" % (au, au.__dict__)) log.debug("CHANGE [%s] %s" % (action, ch.__dict__)) return ch
def _can_review_signature(self, action): manager = ISignatoryManager(self.context) return manager.is_signatory(get_login_user())
def is_signatory(self, user=None): user = user or model_utils.get_login_user() if user: return user.user_id in [sgn.user_id for sgn in self.signatories] return False
def _object_changed(self, action, ob, date_active=None, note=None, procedure="a", ): """() -> domain.Change date_active: the UI for some changes allow the user to manually set the date_active -- this is what should be used as the *effective* date i.e. the date to be used for all intents and purposes other than for data auditing. When not user-modified, the value should be equal to date_audit. """ domain.assert_valid_change_action(action) user = utils.get_login_user() assert user is not None, "Audit error. No user logged in." # carry over a snapshot of head values def get_field_names_to_audit(kls): names_to_audit = [] table = self.audit_table for column in table.columns: # skip all fields starting with "audit_" if column.name.startswith("audit_"): continue # ok, column must therefore be a proper attribute from ob's class assert column.name in kls.__dict__, \ "Not in class: %s" % column.name # skip all primary keys (audit_head_id managed separately) if column.primary_key: continue names_to_audit.append(column.name) for vp_name, vp_type in kls.extended_properties: names_to_audit.append(vp_name) return names_to_audit def copy_field_values(head_cls, source, dest): for name in get_field_names_to_audit(head_cls): setattr(dest, name, getattr(source, name)) # ensure real head object, in case we are dealing with reversioning # off an Audit instance head_ob = ob if action == "version" and issubclass(ob.__class__, domain.Audit): # ob is an Audit instance, so need its head_ob head_ob = ob.audit_head # audit snapshot - done first, to ensure a valid audit_id... au = self.audit_class() au.audit_head = head_ob # attach audit log item to parent object copy_field_values(head_ob.__class__, ob, au) session = Session() session.add(au) # change/audit record # !+version Version instances are created as Change instances! ch = domain.Change() ch.seq = 0 # !+ reset below, to avoid sqlalchemy violates not-null constraint ch.audit = au # ensures ch.audit_id, ch.note.object_id ch.user_id = user.user_id ch.action = action ch.seq = self._get_seq(ch) # !+translate_seq(mr, feb-2013) this should be divided by language? # !+translate_action(mr, feb-2013) shoudl there be an action per # language e.g. translate-fr for translations to french (resolves the # noted translate_seq issue) ch.procedure = procedure ch.date_audit = datetime.now() if date_active: ch.date_active = date_active else: ch.date_active = ch.date_audit if note: ch.note = note # !+SUBITEM_CHANGES_PERMISSIONS(mr, jan-2012) permission on change # records for something like item[@draft]->file[@attached]->fileversion # need to remember also the root item's state, else when item later # becomes visible to clerk and others, the file itself will also become # visible to the clerk (CORRECT) but so will ALL changes on the file # while that file itself was @attached (WRONG!). May best be addressed # when change persistence is reworked along with single document table. session.flush() log.debug("AUDIT [%s] %s" % (au, au.__dict__)) log.debug("CHANGE [%s] %s" % (action, ch.__dict__)) return ch
def is_owner(self): login_user = model_utils.get_login_user() return ((model_utils.get_owner_for_context(self.context) == login_user) or (login_user == self.context.owner))
def is_consented_signatory(self, context, user=None): user = user or get_login_user() signatory = get_signatory(context, user) if signatory and (signatory.status in SIGNATORY_CONSENTED_STATES): return True return False
def handle_sign_document(self, action, data): user = get_login_user() manager = ISignatoryManager(self.context) manager.sign_document(user.user_id) self.request.response.redirect(self.nextURL())
def check_old_password(self): if not get_login_user().checkPassword(self.old_password): raise interface.Invalid(_("Old password incorrect"), "old_password")