def test_staff(self):
staffer1 = C3sStaff(
login=u'staffer1',
password=u'stafferspassword'
)
staffer1.group = ['staff']
staffer2 = C3sStaff(
login=u'staffer2',
password=u'staffer2spassword',
)
staffer2.group = ['staff2']
self.session.add(staffer1)
self.session.add(staffer2)
self.session.flush()
_staffer2_id = staffer2.id
_staffer1_id = staffer1.id
self.assertTrue(staffer2.password is not '')
#print('by id: %s' % C3sStaff.get_by_id(_staffer1_id))
#print('by id: %s' % C3sStaff.get_by_id(_cashier1_id))
#print('by login: %s' % C3sStaff.get_by_login(u'staffer1'))
#print('by login: %s' % C3sStaff.get_by_login(u'cashier1'))
self.assertEqual(
C3sStaff.get_by_id(_staffer1_id),
C3sStaff.get_by_login(u'staffer1')
)
self.assertEqual(
C3sStaff.get_by_id(_staffer2_id),
C3sStaff.get_by_login(u'staffer2')
)
'''test get_all'''
res = C3sStaff.get_all()
self.assertEqual(len(res), 2)
'''test delete_by_id'''
C3sStaff.delete_by_id(1)
res = C3sStaff.get_all()
self.assertEqual(len(res), 1)
'''test check_user_or_None'''
res1 = C3sStaff.check_user_or_None(u'staffer2')
res2 = C3sStaff.check_user_or_None(u'staffer1')
#print res1
#print res2
self.assertTrue(res1 is not None)
self.assertTrue(res2 is None)
'''test check_password'''
#print(C3sStaff.check_password(cashier1, 'cashierspassword'))
C3sStaff.check_password(u'staffer2', u'staffer2spassword')
def staff_view(request):
"""
This view lets admins edit staff/cashier personnel:
who may act as cashier etc.?
"""
_staffers = C3sStaff.get_all()
class Staffer(colander.MappingSchema):
login = colander.SchemaNode(
colander.String(),
title='login',
)
password = colander.SchemaNode(
colander.String(),
title='passwort',
)
schema = Staffer()
stafferform = deform.Form(
schema,
buttons=[
deform.Button('new_staffer', 'save')
]
)
if 'action' in request.POST:
#print(request.POST['id'])
try:
_staffer = C3sStaff.get_by_id(int(request.POST['id']))
except:
# print("exception!")
return HTTPFound(location=request.route_url('staff'))
#print(request.POST['action'])
if request.POST['action'] == u'delete':
#print("will delete staff id %s" % _staffer.id)
C3sStaff.delete_by_id(_staffer.id)
#print("deleted staff id %s" % _staffer.id)
# send mail
encrypted = encrypt_with_gnupg('''hi,
%s was deleted from the backend by %s.
best,
your membership tool''' % (_staffer.login,
request.authenticated_userid))
message = Message(
subject='[C3S Yes] staff was deleted.',
sender='*****@*****.**',
recipients=[
request.registry.settings['c3smembership.mailaddr']],
body=encrypted
)
mailer = get_mailer(request)
mailer.send(message)
return HTTPFound(location=request.route_url('staff'))
elif request.POST['action'] == 'edit':
appstruct = {
'login': _staffer.login,
'password': '******',
}
stafferform.set_appstruct(appstruct)
if 'new_staffer' in request.POST:
#print "new staffer!"
controls = request.POST.items()
try:
appstruct = stafferform.validate(controls)
#print('validated!')
except ValidationFailure, e:
return {
'stafferform': e.render()
}
# XXX login must be unique!
existing = C3sStaff.get_by_login(appstruct['login'])
if existing is not None:
#print "that staffer exists!"
if u'_UNCHANGED_' in appstruct['password']:
pass
else:
existing.password = appstruct['password']
existing.last_password_change = datetime.now()
encrypted = encrypt_with_gnupg('''hi,
the password of %s was changed by %s.
best,
your membership tool''' % (existing.login,
request.authenticated_userid))
message = Message(
subject='[C3S Yes] staff password changed.',
sender='*****@*****.**',
recipients=[
request.registry.settings['c3smembership.mailaddr']],
body=encrypted
)
else: # create new entry
staffer = C3sStaff(
login=appstruct['login'],
password=appstruct['password'],
email=u'',
)
staffer.groups = [Group.get_staffers_group()]
#print "about to add user"
DBSession.add(staffer)
DBSession.flush()
print "added staffer"
# send mail
encrypted = encrypt_with_gnupg('''hi,
%s was added to the backend by %s.
best,
your membership tool''' % (staffer.login,
request.authenticated_userid))
message = Message(
subject='[C3S Yes] staff was added.',
sender='*****@*****.**',
recipients=[
request.registry.settings['c3smembership.mailaddr']],
body=encrypted
)
mailer = get_mailer(request)
mailer.send(message)
return HTTPFound(
request.route_url('staff')
)
