def update_description(group, description): if not get_access(get_pathname(group)).get("admin"): raise frappe.PermissionError group = frappe.get_doc("Website Group", group) group.group_description = description group.save(ignore_permissions=True)
def suggest_user(term, group): pathname = get_pathname(group) if not get_access(pathname).get("admin"): raise frappe.PermissionError users = frappe.db.sql( """select pr.name, pr.first_name, pr.last_name, pr.user_image, pr.location from `tabUser` pr where (pr.first_name like %(term)s or pr.last_name like %(term)s) and pr.user_type = "Website User" and pr.user_image is not null and pr.enabled=1 and not exists(select wsp.name from `tabWebsite Route Permission` wsp where wsp.website_route=%(group)s and wsp.user=pr.name)""", {"term": "%{}%".format(term), "group": pathname}, as_dict=True, ) template = frappe.get_template("templates/includes/user_display.html") return [ { "value": "{} {}".format(pr.first_name or "", pr.last_name or ""), "user_html": template.render({"user": pr}), "user": pr.name, } for pr in users ]
def save_post(post, content, picture=None, picture_name=None, title=None, assigned_to=None, status=None, event_datetime=None): post = frappe.get_doc("Post", post) access = get_access(get_pathname(post.website_group)) if not access.get("write"): raise frappe.PermissionError # TODO improve error message if frappe.session.user != post.owner: for fieldname in ("title", "content"): if post.get(fieldname) != locals().get(fieldname): frappe.throw(_("Cannot change {0}").format(fieldname)) if picture and picture_name: frappe.throw(_("Cannot change picture")) post.update({ "title": (title or "").title(), "content": content, "assigned_to": assigned_to, "status": status, "event_datetime": event_datetime }) post.ignore_permissions = True post.save() if picture_name and picture: process_picture(post, picture_name, picture) return post.parent_post or post.name
def update_permission(group, profile, perm, value): pathname = get_pathname(group) if not get_access(pathname).get("admin"): raise frappe.PermissionError permission = frappe.bean("Website Route Permission", { "website_route": pathname, "profile": profile }) permission.doc.fields[perm] = int(value) permission.save(ignore_permissions=True) # send email if perm == "admin" and int(value): group_title = frappe.db.get_value("Website Route", pathname, "page_title") subject = "You have been made Administrator of Group " + group_title send(recipients=[profile], subject=subject, add_unsubscribe_link=False, message="""<h3>Group Notification<h3>\ <p>%s</p>\ <p style="color: #888">This is just for your information.</p>""" % subject)
def add_website_group(group, new_group, public_read, public_write, group_type="Forum"): if not get_access(get_pathname(group)).get("admin"): raise frappe.PermissionError parent_website_route = frappe.db.get_value("Website Route", {"ref_doctype": "Website Group", "docname": group}) frappe.get_doc({ "doctype": "Website Group", "group_name": group + "-" + new_group, "group_title": new_group, "parent_website_route": parent_website_route, "group_type": group_type, "public_read": int(public_read), "public_write": int(public_write) }).insert(ignore_permissions=True)
def add_post(group, content, picture, picture_name, title=None, parent_post=None, assigned_to=None, status=None, event_datetime=None): access = get_access(get_pathname(group)) if not access.get("write"): raise frappe.PermissionError if parent_post: if frappe.db.get_value("Post", parent_post, "parent_post"): frappe.throw("Cannot reply to a reply") group = frappe.doc("Website Group", group) post = frappe.bean({ "doctype": "Post", "title": (title or "").title(), "content": content, "website_group": group.name, "parent_post": parent_post or None }) if not parent_post: if group.group_type == "Tasks": post.doc.is_task = 1 post.doc.assigned_to = assigned_to elif group.group_type == "Events": post.doc.is_event = 1 post.doc.event_datetime = event_datetime post.ignore_permissions = True post.insert() if picture_name and picture: process_picture(post, picture_name, picture) # send email if parent_post: post.run_method("send_email_on_reply") return post.doc.parent_post or post.doc.name
def add_website_group(group, new_group, public_read, public_write, group_type="Forum"): if not get_access(get_pathname(group)).get("admin"): raise frappe.PermissionError parent_website_route = frappe.db.get_value("Website Route", {"ref_doctype": "Website Group", "docname": group}) frappe.get_doc( { "doctype": "Website Group", "group_name": group + "-" + new_group, "group_title": new_group, "parent_website_route": parent_website_route, "group_type": group_type, "public_read": int(public_read), "public_write": int(public_write), } ).insert(ignore_permissions=True)
def add_sitemap_permission(group, user): pathname = get_pathname(group) if not get_access(pathname).get("admin"): raise frappe.PermissionError permission = frappe.get_doc( {"doctype": "Website Route Permission", "website_route": pathname, "user": user, "read": 1} ) permission.insert(ignore_permissions=True) user = permission.as_dict() user.update( frappe.db.get_value( "User", user.user, ["name", "first_name", "last_name", "user_image", "location"], as_dict=True ) ) return frappe.get_template("templates/includes/sitemap_permission.html").render({"user": user})
def add_sitemap_permission(group, user): pathname = get_pathname(group) if not get_access(pathname).get("admin"): raise frappe.PermissionError permission = frappe.get_doc({ "doctype": "Website Route Permission", "website_route": pathname, "user": user, "read": 1 }) permission.insert(ignore_permissions=True) user = permission.as_dict() user.update(frappe.db.get_value("User", user.user, ["name", "first_name", "last_name", "user_image", "location"], as_dict=True)) return frappe.get_template("templates/includes/sitemap_permission.html").render({ "user": user })
def suggest_user(term, group): pathname = get_pathname(group) if not get_access(pathname).get("admin"): raise frappe.PermissionError users = frappe.db.sql("""select pr.name, pr.first_name, pr.last_name, pr.user_image, pr.location from `tabUser` pr where (pr.first_name like %(term)s or pr.last_name like %(term)s) and pr.user_type = "Website User" and pr.user_image is not null and pr.enabled=1 and not exists(select wsp.name from `tabWebsite Route Permission` wsp where wsp.website_route=%(group)s and wsp.user=pr.name)""", {"term": "%{}%".format(term), "group": pathname}, as_dict=True) template = frappe.get_template("templates/includes/user_display.html") return [{ "value": "{} {}".format(pr.first_name or "", pr.last_name or ""), "user_html": template.render({"user": pr}), "user": pr.name } for pr in users]
def add_post(group, content, picture, picture_name, title=None, parent_post=None, assigned_to=None, status=None, event_datetime=None): access = get_access(get_pathname(group)) if not access.get("write"): raise frappe.PermissionError if parent_post: if frappe.db.get_value("Post", parent_post, "parent_post"): frappe.throw(_("Cannot reply to a reply")) group = frappe.get_doc("Website Group", group) post = frappe.get_doc({ "doctype":"Post", "title": (title or "").title(), "content": content, "website_group": group.name, "parent_post": parent_post or None }) if not parent_post: if group.group_type == "Tasks": post.is_task = 1 post.assigned_to = assigned_to elif group.group_type == "Events": post.is_event = 1 post.event_datetime = event_datetime post.ignore_permissions = True post.insert() if picture_name and picture: process_picture(post, picture_name, picture) # send email if parent_post: post.run_method("send_email_on_reply") return post.parent_post or post.name
def save_post(post, content, picture=None, picture_name=None, title=None, assigned_to=None, status=None, event_datetime=None): post = frappe.bean("Post", post) access = get_access(get_pathname(post.doc.website_group)) if not access.get("write"): raise frappe.PermissionError # TODO improve error message if frappe.session.user != post.doc.owner: for fieldname in ("title", "content"): if post.doc.fields.get(fieldname) != locals().get(fieldname): frappe.throw("You cannot change: {}".format(fieldname.title())) if picture and picture_name: frappe.throw("You cannot change: Picture") post.doc.fields.update({ "title": (title or "").title(), "content": content, "assigned_to": assigned_to, "status": status, "event_datetime": event_datetime }) post.ignore_permissions = True post.save() if picture_name and picture: process_picture(post, picture_name, picture) return post.doc.parent_post or post.doc.name
def update_permission(group, user, perm, value): pathname = get_pathname(group) if not get_access(pathname).get("admin"): raise frappe.PermissionError permission = frappe.get_doc("Website Route Permission", {"website_route": pathname, "user": user}) permission.set(perm, int(value)) permission.save(ignore_permissions=True) # send email if perm == "admin" and int(value): group_title = frappe.db.get_value("Website Route", pathname, "page_title") subject = "You have been made Administrator of Group " + group_title send( recipients=[user], subject=subject, add_unsubscribe_link=False, message="""<h3>Group Notification<h3>\ <p>%s</p>\ <p style="color: #888">This is just for your information.</p>""" % subject, )
def add_sitemap_permission(group, profile): pathname = get_pathname(group) if not get_access(pathname).get("admin"): raise frappe.PermissionError permission = frappe.bean({ "doctype": "Website Route Permission", "website_route": pathname, "profile": profile, "read": 1 }) permission.insert(ignore_permissions=True) profile = permission.doc.fields profile.update( frappe.db.get_value( "Profile", profile.profile, ["name", "first_name", "last_name", "user_image", "location"], as_dict=True)) return frappe.get_template( "templates/includes/sitemap_permission.html").render( {"profile": profile})