def staff_view(request): """ This view lets admins edit staff/cashier personnel: who may act as cashier etc.? """ _staffers = C3sStaff.get_all() class Staffer(colander.MappingSchema): login = colander.SchemaNode( colander.String(), title='login', ) password = colander.SchemaNode( colander.String(), title='passwort', ) schema = Staffer() stafferform = deform.Form( schema, buttons=[ deform.Button('new_staffer', 'save') ] ) if 'action' in request.POST: #print(request.POST['id']) try: _staffer = C3sStaff.get_by_id(int(request.POST['id'])) except: # print("exception!") return HTTPFound(location=request.route_url('staff')) #print(request.POST['action']) if request.POST['action'] == u'delete': #print("will delete staff id %s" % _staffer.id) C3sStaff.delete_by_id(_staffer.id) #print("deleted staff id %s" % _staffer.id) # send mail encrypted = encrypt_with_gnupg('''hi, %s was deleted from the backend by %s. best, your membership tool''' % (_staffer.login, request.authenticated_userid)) message = Message( subject='[C3S Yes] staff was deleted.', sender='*****@*****.**', recipients=[ request.registry.settings['c3smembership.mailaddr']], body=encrypted ) mailer = get_mailer(request) mailer.send(message) return HTTPFound(location=request.route_url('staff')) elif request.POST['action'] == 'edit': appstruct = { 'login': _staffer.login, 'password': '******', } stafferform.set_appstruct(appstruct) if 'new_staffer' in request.POST: #print "new staffer!" controls = request.POST.items() try: appstruct = stafferform.validate(controls) #print('validated!') except ValidationFailure, e: return { 'stafferform': e.render() } # XXX login must be unique! existing = C3sStaff.get_by_login(appstruct['login']) if existing is not None: #print "that staffer exists!" if u'_UNCHANGED_' in appstruct['password']: pass else: existing.password = appstruct['password'] existing.last_password_change = datetime.now() encrypted = encrypt_with_gnupg('''hi, the password of %s was changed by %s. best, your membership tool''' % (existing.login, request.authenticated_userid)) message = Message( subject='[C3S Yes] staff password changed.', sender='*****@*****.**', recipients=[ request.registry.settings['c3smembership.mailaddr']], body=encrypted ) else: # create new entry staffer = C3sStaff( login=appstruct['login'], password=appstruct['password'], email=u'', ) staffer.groups = [Group.get_staffers_group()] #print "about to add user" DBSession.add(staffer) DBSession.flush() print "added staffer" # send mail encrypted = encrypt_with_gnupg('''hi, %s was added to the backend by %s. best, your membership tool''' % (staffer.login, request.authenticated_userid)) message = Message( subject='[C3S Yes] staff was added.', sender='*****@*****.**', recipients=[ request.registry.settings['c3smembership.mailaddr']], body=encrypted ) mailer = get_mailer(request) mailer.send(message) return HTTPFound( request.route_url('staff') )
def test_group(self): #test_group = Group(name=u'testgroup') #self.session.add(test_group) result = Group.get_staffers_group() self.assertEquals(result.__str__(), 'group:staff')