def update_permission(group, user, perm, value): pathname = get_pathname(group) if not get_access(pathname).get("admin"): raise frappe.PermissionError permission = frappe.get_doc("Website Route Permission", { "website_route": pathname, "user": user }) permission.set(perm, int(value)) permission.save(ignore_permissions=True) # send email if perm == "admin" and int(value): group_title = frappe.db.get_value("Website Route", pathname, "page_title") subject = "You have been made Administrator of Group " + group_title send(recipients=[user], subject=subject, add_unsubscribe_link=False, message="""<h3>Group Notification<h3>\ <p>%s</p>\ <p style="color: #888">This is just for your information.</p>""" % subject)
def update_description(group, description): if not get_access(get_pathname(group)).get("admin"): raise frappe.PermissionError group = frappe.get_doc("Website Group", group) group.group_description = description group.save(ignore_permissions=True)
def add_post(group, content, picture, picture_name, title=None, parent_post=None, assigned_to=None, status=None, event_datetime=None): access = get_access(get_pathname(group)) if not access.get("write"): raise frappe.PermissionError if parent_post: if frappe.db.get_value("Post", parent_post, "parent_post"): frappe.throw(_("Cannot reply to a reply")) group = frappe.get_doc("Website Group", group) post = frappe.get_doc({ "doctype": "Post", "title": (title or "").title(), "content": content, "website_group": group.name, "parent_post": parent_post or None }) if not parent_post: if group.group_type == "Tasks": post.is_task = 1 post.assigned_to = assigned_to elif group.group_type == "Events": post.is_event = 1 post.event_datetime = event_datetime post.ignore_permissions = True post.insert() if picture_name and picture: process_picture(post, picture_name, picture) # send email if parent_post: post.run_method("send_email_on_reply") return post.parent_post or post.name
def add_website_group(group, new_group, public_read, public_write, group_type="Forum"): if not get_access(get_pathname(group)).get("admin"): raise frappe.PermissionError parent_website_route = frappe.db.get_value("Website Route", { "ref_doctype": "Website Group", "docname": group }) frappe.get_doc({ "doctype": "Website Group", "group_name": group + "-" + new_group, "group_title": new_group, "parent_website_route": parent_website_route, "group_type": group_type, "public_read": int(public_read), "public_write": int(public_write) }).insert(ignore_permissions=True)
def save_post(post, content, picture=None, picture_name=None, title=None, assigned_to=None, status=None, event_datetime=None): post = frappe.get_doc("Post", post) access = get_access(get_pathname(post.website_group)) if not access.get("write"): raise frappe.PermissionError # TODO improve error message if frappe.session.user != post.owner: for fieldname in ("title", "content"): if post.get(fieldname) != locals().get(fieldname): frappe.throw(_("Cannot change {0}").format(fieldname)) if picture and picture_name: frappe.throw(_("Cannot change picture")) post.update({ "title": (title or "").title(), "content": content, "assigned_to": assigned_to, "status": status, "event_datetime": event_datetime }) post.ignore_permissions = True post.save() if picture_name and picture: process_picture(post, picture_name, picture) return post.parent_post or post.name
def add_sitemap_permission(group, user): pathname = get_pathname(group) if not get_access(pathname).get("admin"): raise frappe.PermissionError permission = frappe.get_doc({ "doctype": "Website Route Permission", "website_route": pathname, "user": user, "read": 1 }) permission.insert(ignore_permissions=True) user = permission.as_dict() user.update( frappe.db.get_value( "User", user.user, ["name", "first_name", "last_name", "user_image", "location"], as_dict=True)) return frappe.get_template( "templates/includes/sitemap_permission.html").render({"user": user})
def suggest_user(term, group): pathname = get_pathname(group) if not get_access(pathname).get("admin"): raise frappe.PermissionError users = frappe.db.sql("""select pr.name, pr.first_name, pr.last_name, pr.user_image, pr.location from `tabUser` pr where (pr.first_name like %(term)s or pr.last_name like %(term)s) and pr.user_type = "Website User" and pr.user_image is not null and pr.enabled=1 and not exists(select wsp.name from `tabWebsite Route Permission` wsp where wsp.website_route=%(group)s and wsp.user=pr.name)""", { "term": "%{}%".format(term), "group": pathname }, as_dict=True) template = frappe.get_template("templates/includes/user_display.html") return [{ "value": "{} {}".format(pr.first_name or "", pr.last_name or ""), "user_html": template.render({"user": pr}), "user": pr.name } for pr in users]