def collections(self, req, form): """Collections statistics page""" argd = wash_urlargd(form, {'collection': (str, "All"), 'timespan': (str, "this month"), 's_date': (str, ""), 'f_date': (str, ""), 'format': (str, "flot"), 'ln': (str, CFG_SITE_LANG)}) ln = argd['ln'] user_info = collect_user_info(req) (auth_code, auth_msg) = acc_authorize_action(user_info, 'runwebstatadmin') if auth_code: return page_not_authorized(req, navtrail=self.navtrail % {'ln_link': (ln != CFG_SITE_LANG and '?ln=' + ln) or ''}, navmenuid='collections', text=auth_msg, ln=ln) if collection_restricted_p(argd['collection']): (auth_code_coll, auth_msg_coll) = acc_authorize_action(user_info, VIEWRESTRCOLL, collection=argd['collection']) if auth_code_coll: return page_not_authorized(req, navmenuid='collections', text=auth_msg_coll, ln=ln) return page(title="Statistics of %s" % argd['collection'], body=perform_display_stats_per_coll(argd, req, ln=ln), navtrail="""<a class="navtrail" href="%s/stats/%s">Statistics</a>""" % \ (CFG_SITE_URL, (ln != CFG_SITE_LANG and '?ln=' + ln) or ''), description="CDS, Statistics, Collection %s" % argd['collection'], keywords="CDS, statistics, %s" % argd['collection'], req=req, lastupdated=__lastupdated__, navmenuid='collections', language=ln)
def display(self, req, form): """Display search history page. A misnomer.""" argd = wash_urlargd(form, {'p': (str, "n") }) uid = getUid(req) # load the right language _ = gettext_set_language(argd['ln']) if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "%s/youralerts/display" % \ (CFG_SITE_URL,), navmenuid="youralerts") elif uid == -1 or isGuestUser(uid): return redirect_to_url(req, "%s/youraccount/login%s" % ( CFG_SITE_SECURE_URL, make_canonical_urlargd({ 'referer' : "%s/youralerts/display%s" % ( CFG_SITE_URL, make_canonical_urlargd(argd, {})), "ln" : argd['ln']}, {}))) user_info = collect_user_info(req) if not user_info['precached_usealerts']: return page_not_authorized(req, "../", \ text = _("You are not authorized to use alerts.")) if argd['p'] == 'y': _title = _("Popular Searches") else: _title = _("Your Searches") # register event in webstat if user_info['email']: user_str = "%s (%d)" % (user_info['email'], user_info['uid']) else: user_str = "" try: register_customevent("alerts", ["display", "", user_str]) except: register_exception(suffix="Do the webstat tables exists? Try with 'webstatadmin --load-config'") return page(title=_title, body=webalert.perform_display(argd['p'], uid, ln=argd['ln']), navtrail= """<a class="navtrail" href="%(sitesecureurl)s/youraccount/display?ln=%(ln)s">%(account)s</a>""" % { 'sitesecureurl' : CFG_SITE_SECURE_URL, 'ln': argd['ln'], 'account' : _("Your Account"), }, description=_("%s Personalize, Display searches") % CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME), keywords=_("%s, personalize") % CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME), uid=uid, language=argd['ln'], req=req, lastupdated=__lastupdated__, navmenuid='youralerts', secure_page_p=1)
def write(self, req, form): """ write(): interface for message composing @param msg_reply_id: if this message is a reply to another, id of the other @param msg_to: if this message is not a reply, nickname of the user it must be delivered to. @param msg_to_group: name of group to send message to @param ln: language @return: the compose page """ argd = wash_urlargd(form, {'msg_reply_id': (int, 0), 'msg_to': (str, ""), 'msg_to_group': (str, ""), 'msg_subject' : (str, ""), 'msg_body' : (str, "")}) # Check if user is logged uid = getUid(req) _ = gettext_set_language(argd['ln']) if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "%s/yourmessages/write" % \ (CFG_SITE_URL,), navmenuid="yourmessages") elif uid == -1 or isGuestUser(uid): return redirect_to_url(req, "%s/youraccount/login%s" % ( CFG_SITE_SECURE_URL, make_canonical_urlargd({ 'referer' : "%s/yourmessages/write%s" % ( CFG_SITE_SECURE_URL, make_canonical_urlargd(argd, {})), "ln" : argd['ln']}, {}))) user_info = collect_user_info(req) if not user_info['precached_usemessages']: return page_not_authorized(req, "../", \ text = _("You are not authorized to use messages.")) # Request the composing page body = perform_request_write( uid=uid, msg_reply_id=argd['msg_reply_id'], msg_to=argd['msg_to'], msg_to_group=argd['msg_to_group'], msg_subject=argd['msg_subject'], msg_body=argd['msg_body'], ln=argd['ln']) title = _("Write a message") return page(title = title, body = body, navtrail = get_navtrail(argd['ln'], title), uid = uid, lastupdated = __lastupdated__, req = req, language = argd['ln'], navmenuid = "yourmessages", secure_page_p=1)
def write(self, req, form): """ write(): interface for message composing @param msg_reply_id: if this message is a reply to another, id of the other @param msg_to: if this message is not a reply, nickname of the user it must be delivered to. @param msg_to_group: name of group to send message to @param ln: language @return: the compose page """ argd = wash_urlargd(form, {'msg_reply_id': (int, 0), 'msg_to': (str, ""), 'msg_to_group': (str, ""), 'msg_subject' : (str, ""), 'msg_body' : (str, "")}) # Check if user is logged uid = getUid(req) _ = gettext_set_language(argd['ln']) if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "%s/yourmessages/write" % \ (CFG_SITE_URL,), navmenuid="yourmessages") elif uid == -1 or isGuestUser(uid): return redirect_to_url(req, "%s/youraccount/login%s" % ( CFG_SITE_SECURE_URL, make_canonical_urlargd({ 'referer' : "%s/yourmessages/write%s" % ( CFG_SITE_URL, make_canonical_urlargd(argd, {})), "ln" : argd['ln']}, {}))) user_info = collect_user_info(req) if not user_info['precached_usemessages']: return page_not_authorized(req, "../", \ text = _("You are not authorized to use messages.")) # Request the composing page body = perform_request_write( uid=uid, msg_reply_id=argd['msg_reply_id'], msg_to=argd['msg_to'], msg_to_group=argd['msg_to_group'], msg_subject=argd['msg_subject'], msg_body=argd['msg_body'], ln=argd['ln']) title = _("Write a message") return page(title = title, body = body, navtrail = get_navtrail(argd['ln'], title), uid = uid, lastupdated = __lastupdated__, req = req, language = argd['ln'], navmenuid = "yourmessages", secure_page_p=1)
def update(self, req, form): argd = wash_urlargd( form, { "name": (str, None), "freq": (str, None), "notif": (str, None), "idb": (int, None), "idq": (int, None), "old_idb": (int, None), }, ) uid = getUid(req) if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "%s/youralerts/update" % (CFG_SITE_SECURE_URL,), navmenuid="youralerts") elif uid == -1 or isGuestUser(uid): return redirect_to_url( req, "%s/youraccount/login%s" % ( CFG_SITE_SECURE_URL, make_canonical_urlargd( { "referer": "%s/youralerts/update%s" % (CFG_SITE_SECURE_URL, make_canonical_urlargd(argd, {})), "ln": argd["ln"], }, {}, ), ), ) # load the right language _ = gettext_set_language(argd["ln"]) user_info = collect_user_info(req) if not user_info["precached_usealerts"]: return page_not_authorized(req, "../", text=_("You are not authorized to use alerts.")) try: html = webalert.perform_update_alert( argd["name"], argd["freq"], argd["notif"], argd["idb"], argd["idq"], argd["old_idb"], uid, ln=argd["ln"] ) except webalert.AlertError, msg: return page( title=_("Error"), body=webalert_templates.tmpl_errorMsg(ln=argd["ln"], error_msg=msg), navtrail="""<a class="navtrail" href="%(sitesecureurl)s/youraccount/display?ln=%(ln)s">%(account)s</a>""" % {"sitesecureurl": CFG_SITE_SECURE_URL, "ln": argd["ln"], "account": _("Your Account")}, description=_("%s Personalize, Set a new alert") % CFG_SITE_NAME_INTL.get(argd["ln"], CFG_SITE_NAME), keywords=_("%s, personalize") % CFG_SITE_NAME_INTL.get(argd["ln"], CFG_SITE_NAME), uid=uid, language=argd["ln"], req=req, lastupdated=__lastupdated__, navmenuid="youralerts", )
def _index(req, c, ln, doctype, act, startPg, access, mainmenu, fromdir, nextPg, nbPg, curpage, step, mode): auth_args = {} if doctype: auth_args['doctype'] = doctype if act: auth_args['act'] = act uid = getUid(req) if uid == -1 or CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "direct", navmenuid='submit') if CFG_CERN_SITE: ## HACK BEGIN: this is a hack for CMS and ATLAS draft user_info = collect_user_info(req) if doctype == 'CMSPUB' and act == "" and 'cds-admin [CERN]' not in user_info['group'] and not user_info['email'].lower() == '*****@*****.**': if isGuestUser(uid): return redirect_to_url(req, "%s/youraccount/login%s" % ( CFG_SITE_SECURE_URL, make_canonical_urlargd({'referer' : CFG_SITE_SECURE_URL + req.unparsed_uri, 'ln' : args['ln']}, {})) , norobot=True) if 'cms-publication-committee-chair [CERN]' not in user_info['group']: return page_not_authorized(req, "../submit", text="In order to access this submission interface you need to be member of the CMS Publication Committee Chair.", navmenuid='submit') elif doctype == 'ATLPUB' and 'cds-admin [CERN]' not in user_info['group'] and not user_info['email'].lower() == '*****@*****.**': if isGuestUser(uid): return redirect_to_url(req, "%s/youraccount/login%s" % ( CFG_SITE_SECURE_URL, make_canonical_urlargd({'referer' : CFG_SITE_SECURE_URL + req.unparsed_uri, 'ln' : args['ln']}, {})) , norobot=True) if 'atlas-gen [CERN]' not in user_info['group']: return page_not_authorized(req, "../submit", text="In order to access this submission interface you need to be member of ATLAS.", navmenuid='submit') ## HACK END if doctype == "": catalogues_text, at_least_one_submission_authorized, submission_exists = makeCataloguesTable(req, ln=CFG_SITE_LANG) if not at_least_one_submission_authorized and submission_exists: if isGuestUser(uid): return redirect_to_url(req, "%s/youraccount/login%s" % ( CFG_SITE_SECURE_URL, make_canonical_urlargd({'referer' : CFG_SITE_SECURE_URL + req.unparsed_uri, 'ln' : args['ln']}, {})) , norobot=True) else: return page_not_authorized(req, "../submit", uid=uid, navmenuid='submit') return home(req, catalogues_text, c, ln) elif act == "": return action(req, c, ln, doctype) elif int(step)==0: return interface(req, c, ln, doctype, act, startPg, access, mainmenu, fromdir, nextPg, nbPg, curpage) else: return endaction(req, c, ln, doctype, act, startPg, access, mainmenu, fromdir, nextPg, nbPg, curpage, step, mode)
def _index(req, c, ln, doctype, act, startPg, access, mainmenu, fromdir, nextPg, nbPg, curpage, step, mode): uid = getUid(req) if isGuestUser(uid): return redirect_to_url( req, "%s/youraccount/login%s" % ( CFG_SITE_SECURE_URL, make_canonical_urlargd({"referer": CFG_SITE_URL + req.unparsed_uri, "ln": args["ln"]}, {}), ), norobot=True, ) if uid == -1 or CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "../submit", navmenuid="submit") if CFG_CERN_SITE: ## HACK BEGIN: this is a hack for CMS and ATLAS draft from invenio.webuser import collect_user_info user_info = collect_user_info(req) if ( doctype == "CMSPUB" and "cds-admin [CERN]" not in user_info["group"] and not user_info["email"].lower() == "*****@*****.**" ): if "cms-publication-committee-chair [CERN]" not in user_info["group"]: return page_not_authorized( req, "../submit", text="In order to access this submission interface you need to be member of the CMS Publication Committee Chair.", navmenuid="submit", ) elif ( doctype == "ATLPUB" and "cds-admin [CERN]" not in user_info["group"] and not user_info["email"].lower() == "*****@*****.**" ): if "atlas-gen [CERN]" not in user_info["group"]: return page_not_authorized( req, "../submit", text="In order to access this submission interface you need to be member of ATLAS.", navmenuid="submit", ) ## HACK END if doctype == "": return home(req, c, ln) elif act == "": return action(req, c, ln, doctype) elif int(step) == 0: return interface(req, c, ln, doctype, act, startPg, access, mainmenu, fromdir, nextPg, nbPg, curpage) else: return endaction( req, c, ln, doctype, act, startPg, access, mainmenu, fromdir, nextPg, nbPg, curpage, step, mode )
def __call__(self, req, form): argd = wash_search_urlargd(form) argd['recid'] = self.recid if self.format is not None: argd['of'] = self.format req.argd = argd uid = getUid(req) if uid == -1: return page_not_authorized(req, "../", text="You are not authorized to view this record.", navmenuid='search') elif uid > 0: pref = get_user_preferences(uid) try: if not form.has_key('rg'): # fetch user rg preference only if not overridden via URL argd['rg'] = int(pref['websearch_group_records']) except (KeyError, ValueError): pass # Check if the record belongs to a restricted primary # collection. If yes, redirect to the authenticated URL. user_info = collect_user_info(req) (auth_code, auth_msg) = check_user_can_view_record(user_info, self.recid) if argd['rg'] > CFG_WEBSEARCH_MAX_RECORDS_IN_GROUPS and acc_authorize_action(req, 'runbibedit')[0] != 0: argd['rg'] = CFG_WEBSEARCH_MAX_RECORDS_IN_GROUPS #check if the user has rights to set a high wildcard limit #if not, reduce the limit set by user, with the default one if CFG_WEBSEARCH_WILDCARD_LIMIT > 0 and (argd['wl'] > CFG_WEBSEARCH_WILDCARD_LIMIT or argd['wl'] == 0): if acc_authorize_action(req, 'runbibedit')[0] != 0: argd['wl'] = CFG_WEBSEARCH_WILDCARD_LIMIT # only superadmins can use verbose parameter for obtaining debug information if not isUserSuperAdmin(user_info): argd['verbose'] = 0 if auth_code and user_info['email'] == 'guest': cookie = mail_cookie_create_authorize_action(VIEWRESTRCOLL, {'collection' : guess_primary_collection_of_a_record(self.recid)}) target = CFG_SITE_SECURE_URL + '/youraccount/login' + \ make_canonical_urlargd({'action': cookie, 'ln' : argd['ln'], 'referer' : CFG_SITE_SECURE_URL + req.unparsed_uri}, {}) return redirect_to_url(req, target, norobot=True) elif auth_code: return page_not_authorized(req, "../", \ text=auth_msg, \ navmenuid='search') # mod_python does not like to return [] in case when of=id: out = perform_request_search(req, **argd) if isinstance(out, intbitset): return out.fastdump() elif out == []: return str(out) else: return out
def __call__(self, req, form): argd = wash_search_urlargd(form) argd['recid'] = self.recid if self.format is not None: argd['of'] = self.format req.argd = argd uid = getUid(req) user_info = collect_user_info(req) if uid == -1: return page_not_authorized(req, "../", text="You are not authorized to view this record.", navmenuid='search') elif uid > 0: pref = get_user_preferences(uid) try: if not form.has_key('rg'): # fetch user rg preference only if not overridden via URL argd['rg'] = int(pref['websearch_group_records']) except (KeyError, ValueError): pass if argd['rg'] > CFG_WEBSEARCH_MAX_RECORDS_IN_GROUPS and acc_authorize_action(req, 'runbibedit')[0] != 0: argd['rg'] = CFG_WEBSEARCH_MAX_RECORDS_IN_GROUPS #check if the user has rights to set a high wildcard limit #if not, reduce the limit set by user, with the default one if CFG_WEBSEARCH_WILDCARD_LIMIT > 0 and (argd['wl'] > CFG_WEBSEARCH_WILDCARD_LIMIT or argd['wl'] == 0): if acc_authorize_action(req, 'runbibedit')[0] != 0: argd['wl'] = CFG_WEBSEARCH_WILDCARD_LIMIT # only superadmins can use verbose parameter for obtaining debug information if not isUserSuperAdmin(user_info): argd['verbose'] = 0 record_primary_collection = guess_primary_collection_of_a_record(self.recid) if collection_restricted_p(record_primary_collection): (auth_code, dummy) = acc_authorize_action(user_info, VIEWRESTRCOLL, collection=record_primary_collection) if auth_code: return page_not_authorized(req, "../", text="You are not authorized to view this record.", navmenuid='search') # Keep all the arguments, they might be reused in the # record page itself to derivate other queries req.argd = argd # mod_python does not like to return [] in case when of=id: out = perform_request_search(req, **argd) if isinstance(out, intbitset): return out.fastdump() elif out == []: return str(out) else: return out
def index(self, req, form): """Index page.""" argd = wash_urlargd(form, {'page': (int, 1), 'format': (str, "rc"), 'order_by': (str, "lcf"), 'per_page': (str, "all"), }) # TODO: support also "reviews", by adding new option to show/hide them if needed uid = getUid(req) # load the right language _ = gettext_set_language(argd['ln']) # Is site ready to accept comments? if not CFG_WEBCOMMENT_ALLOW_COMMENTS or CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "%s/yourcomments" % \ (CFG_SITE_SECURE_URL,), text="Comments are currently disabled on this site", navmenuid="yourcomments") elif uid == -1 or isGuestUser(uid): return redirect_to_url(req, "%s/youraccount/login%s" % ( CFG_SITE_SECURE_URL, make_canonical_urlargd({ 'referer' : "%s/yourcomments%s" % ( CFG_SITE_SECURE_URL, make_canonical_urlargd(argd, {})), "ln" : argd['ln']}, {}))) user_info = collect_user_info(req) if not user_info['precached_sendcomments']: # Maybe we should still authorize if user submitted # comments in the past? return page_not_authorized(req, "../", \ text = _("You are not authorized to use comments.")) return page(title=_("Your Comments"), body=perform_display_your_comments(user_info, page_number=argd['page'], selected_order_by_option=argd['order_by'], selected_display_number_option=argd['per_page'], selected_display_format_option=argd['format'], ln=argd['ln']), navtrail= """<a class="navtrail" href="%(sitesecureurl)s/youraccount/display?ln=%(ln)s">%(account)s</a>""" % { 'sitesecureurl' : CFG_SITE_SECURE_URL, 'ln': argd['ln'], 'account' : _("Your Account"), }, description=_("%s View your previously submitted comments") % CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME), keywords=_("%s, personalize") % CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME), uid=uid, language=argd['ln'], req=req, lastupdated=__lastupdated__, navmenuid='youralerts', secure_page_p=1)
def display(self, req, form): """ Displays all loans of a given user @param ln: language @return the page for inbox """ argd = wash_urlargd(form, { 'barcode': (str, ""), 'borrower_id': (int, 0), 'request_id': (int, 0) }) # Check if user is logged uid = getUid(req) if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "%s/yourloans/display" % \ (CFG_SITE_URL,), navmenuid="yourloans") elif uid == -1 or isGuestUser(uid): return redirect_to_url( req, "%s/youraccount/login%s" % (CFG_SITE_SECURE_URL, make_canonical_urlargd( { 'referer': "%s/yourloans/display%s" % (CFG_SITE_URL, make_canonical_urlargd(argd, {})), "ln": argd['ln'] }, {})), norobot=True) _ = gettext_set_language(argd['ln']) user_info = collect_user_info(req) if not user_info['precached_useloans']: return page_not_authorized(req, "../", \ text = _("You are not authorized to use loans.")) body = perform_borrower_loans(uid=uid, barcode=argd['barcode'], borrower_id=argd['borrower_id'], request_id=argd['request_id'], ln=argd['ln']) return page(title=_("Your Loans"), body=body, uid=uid, lastupdated=__lastupdated__, req=req, language=argd['ln'], navmenuid="yourloans", secure_page_p=1)
def display_msg(self, req, form): """ Display a message @param msgid: id of message @param ln: languae @return: page """ argd = wash_urlargd(form, { 'msgid': (int, -1), }) # Check if user is logged uid = getUid(req) if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "%s/yourmessages/display_msg" % \ (CFG_SITE_URL,), navmenuid="yourmessages") elif uid == -1 or isGuestUser(uid): return redirect_to_url( req, "%s/youraccount/login%s" % (CFG_SITE_SECURE_URL, make_canonical_urlargd( { 'referer': "%s/yourmessages/display_msg%s" % (CFG_SITE_URL, make_canonical_urlargd(argd, {})), "ln": argd['ln'] }, {}))) _ = gettext_set_language(argd['ln']) user_info = collect_user_info(req) if not user_info['precached_usemessages']: return page_not_authorized(req, "../", \ text = _("You are not authorized to use messages.")) # Generate content (body, errors, warnings) = perform_request_display_msg(uid, argd['msgid'], argd['ln']) title = _("Read a message") return page(title=title, body=body, navtrail=get_navtrail(argd['ln'], title), uid=uid, lastupdated=__lastupdated__, req=req, language=argd['ln'], errors=errors, warnings=warnings, navmenuid="yourmessages", secure_page_p=1)
def list(self, req, form): argd = wash_urlargd(form, {}) uid = getUid(req) if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "%s/youralerts/list" % (CFG_SITE_SECURE_URL,), navmenuid="youralerts") elif uid == -1 or isGuestUser(uid): return redirect_to_url( req, "%s/youraccount/login%s" % ( CFG_SITE_SECURE_URL, make_canonical_urlargd( { "referer": "%s/youralerts/list%s" % (CFG_SITE_SECURE_URL, make_canonical_urlargd(argd, {})), "ln": argd["ln"], }, {}, ), ), ) # load the right language _ = gettext_set_language(argd["ln"]) user_info = collect_user_info(req) if not user_info["precached_usealerts"]: return page_not_authorized(req, "../", text=_("You are not authorized to use alerts.")) # register event in webstat if user_info["email"]: user_str = "%s (%d)" % (user_info["email"], user_info["uid"]) else: user_str = "" try: register_customevent("alerts", ["list", "", user_str]) except: register_exception(suffix="Do the webstat tables exists? Try with 'webstatadmin --load-config'") return page( title=_("Your Alerts"), body=webalert.perform_list_alerts(uid, ln=argd["ln"]), navtrail="""<a class="navtrail" href="%(sitesecureurl)s/youraccount/display?ln=%(ln)s">%(account)s</a>""" % {"sitesecureurl": CFG_SITE_SECURE_URL, "ln": argd["ln"], "account": _("Your Account")}, description=_("%s Personalize, Display alerts") % CFG_SITE_NAME_INTL.get(argd["ln"], CFG_SITE_NAME), keywords=_("%s, personalize") % CFG_SITE_NAME_INTL.get(argd["ln"], CFG_SITE_NAME), uid=uid, language=argd["ln"], req=req, lastupdated=__lastupdated__, navmenuid="youralerts", )
def delete_all(self, req, form): """ Empty user's inbox @param confimed: 1 if message is confirmed @param ln: language \return page """ argd = wash_urlargd(form, { 'confirmed': (int, 0), }) # Check if user is logged uid = getUid(req) if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "%s/yourmessages/delete_all" % \ (CFG_SITE_URL,), navmenuid="yourmessages") elif uid == -1 or isGuestUser(uid): return redirect_to_url( req, "%s/youraccount/login%s" % (CFG_SITE_SECURE_URL, make_canonical_urlargd( { 'referer': "%s/yourmessages/delete_all%s" % (CFG_SITE_URL, make_canonical_urlargd(argd, {})), "ln": argd['ln'] }, {}))) _ = gettext_set_language(argd['ln']) user_info = collect_user_info(req) if not user_info['precached_usemessages']: return page_not_authorized(req, "../", \ text = _("You are not authorized to use messages.")) # Generate content (body, errors, warnings) = perform_request_delete_all(uid, argd['confirmed'], argd['ln']) return page(title=_("Your Messages"), body=body, navtrail=get_navtrail(argd['ln']), uid=uid, lastupdated=__lastupdated__, req=req, language=argd['ln'], errors=errors, warnings=warnings, navmenuid="yourmessages", secure_page_p=1)
def getfile(req, form): args = wash_urlargd(form, websubmit_templates.files_default_urlargd) ln = args["ln"] _ = gettext_set_language(ln) uid = getUid(req) user_info = collect_user_info(req) verbose = args["verbose"] if verbose >= 1 and not isUserSuperAdmin(user_info): # Only SuperUser can see all the details! verbose = 0 if uid == -1 or CFG_ACCESS_CONTROL_LEVEL_SITE > 1: return page_not_authorized(req, "/%s/%s" % (CFG_SITE_RECORD, self.recid), navmenuid="submit") if record_exists(self.recid) < 1: msg = "<p>%s</p>" % _("Requested record does not seem to exist.") return warningMsg(msg, req, CFG_SITE_NAME, ln) if record_empty(self.recid): msg = "<p>%s</p>" % _("Requested record does not seem to have been integrated.") return warningMsg(msg, req, CFG_SITE_NAME, ln) (auth_code, auth_message) = check_user_can_view_record(user_info, self.recid) if auth_code and user_info["email"] == "guest": cookie = mail_cookie_create_authorize_action( VIEWRESTRCOLL, {"collection": guess_primary_collection_of_a_record(self.recid)} ) target = "/youraccount/login" + make_canonical_urlargd( {"action": cookie, "ln": ln, "referer": CFG_SITE_URL + user_info["uri"]}, {} ) return redirect_to_url(req, target, norobot=True) elif auth_code: return page_not_authorized(req, "../", text=auth_message) readonly = CFG_ACCESS_CONTROL_LEVEL_SITE == 1 # From now on: either the user provided a specific file # name (and a possible version), or we return a list of # all the available files. In no case are the docids # visible. try: bibarchive = BibRecDocs(self.recid) except InvenioWebSubmitFileError, e: register_exception(req=req, alert_admin=True) msg = "<p>%s</p><p>%s</p>" % ( _("The system has encountered an error in retrieving the list of files for this document."), _("The error has been logged and will be taken in consideration as soon as possible."), ) return warningMsg(msg, req, CFG_SITE_NAME, ln)
def display_msg(self, req, form): """ Display a message @param msgid: id of message @param ln: languae @return: page """ argd = wash_urlargd(form, {"msgid": (int, -1)}) # Check if user is logged uid = getUid(req) if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "%s/yourmessages/display_msg" % (CFG_SITE_URL,), navmenuid="yourmessages") elif uid == -1 or isGuestUser(uid): return redirect_to_url( req, "%s/youraccount/login%s" % ( CFG_SITE_SECURE_URL, make_canonical_urlargd( { "referer": "%s/yourmessages/display_msg%s" % (CFG_SITE_URL, make_canonical_urlargd(argd, {})), "ln": argd["ln"], }, {}, ), ), ) _ = gettext_set_language(argd["ln"]) user_info = collect_user_info(req) if not user_info["precached_usemessages"]: return page_not_authorized(req, "../", text=_("You are not authorized to use messages.")) # Generate content (body, errors, warnings) = perform_request_display_msg(uid, argd["msgid"], argd["ln"]) title = _("Read a message") return page( title=title, body=body, navtrail=get_navtrail(argd["ln"], title), uid=uid, lastupdated=__lastupdated__, req=req, language=argd["ln"], errors=errors, warnings=warnings, navmenuid="yourmessages", )
def modify(self, req, form): argd = wash_urlargd(form, {'idq': (int, None), 'old_idb': (int, None), 'name': (str, ""), 'freq': (str, "week"), 'notif': (str, "y"), 'idb': (int, 0), 'error_msg': (str, ""), }) uid = getUid(req) if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "%s/youralerts/modify" % \ (CFG_SITE_URL,), navmenuid="youralerts") elif uid == -1 or isGuestUser(uid): return redirect_to_url(req, "%s/youraccount/login%s" % ( CFG_SITE_SECURE_URL, make_canonical_urlargd({ 'referer' : "%s/youralerts/modify%s" % ( CFG_SITE_URL, make_canonical_urlargd(argd, {})), "ln" : argd['ln']}, {}))) # load the right language _ = gettext_set_language(argd['ln']) user_info = collect_user_info(req) if not user_info['precached_usealerts']: return page_not_authorized(req, "../", \ text = _("You are not authorized to use alerts.")) try: html = webalert.perform_input_alert("update", argd['idq'], argd['name'], argd['freq'], argd['notif'], argd['idb'], uid, argd['old_idb'], ln=argd['ln']) except webalert.AlertError, msg: return page(title=_("Error"), body=webalert_templates.tmpl_errorMsg(ln=argd['ln'], error_msg=msg), navtrail= """<a class="navtrail" href="%(sitesecureurl)s/youraccount/display?ln=%(ln)s">%(account)s</a>""" % { 'sitesecureurl' : CFG_SITE_SECURE_URL, 'ln': argd['ln'], 'account' : _("Your Account"), }, description=_("%s Personalize, Set a new alert") % CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME), keywords=_("%s, personalize") % CFG_SITE_NAME_INTL.get(argd['ln'], CFG_SITE_NAME), uid=uid, language=argd['ln'], req=req, lastupdated=__lastupdated__, navmenuid='youralerts')
def user_authorization(req): """ Check user authorization to visit page """ user_info = collect_user_info(req) if user_info['email'] == 'guest': auth_code, auth_message = acc_authorize_action(req, 'runbatchuploader') referer = '/batchuploader/' return page_not_authorized(req=req, referer=referer, text=auth_message, navmenuid="batchuploader") else: auth_code, auth_message = acc_authorize_action(req, 'runbatchuploader') if auth_code != 0: referer = '/batchuploader/' return page_not_authorized(req=req, referer=referer, text=auth_message, navmenuid="batchuploader")
def delete_all(self, req, form): """ Empty user's inbox @param confimed: 1 if message is confirmed @param ln: language \return page """ argd = wash_urlargd(form, {"confirmed": (int, 0)}) # Check if user is logged uid = getUid(req) if CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "%s/yourmessages/delete_all" % (CFG_SITE_URL,), navmenuid="yourmessages") elif uid == -1 or isGuestUser(uid): return redirect_to_url( req, "%s/youraccount/login%s" % ( CFG_SITE_SECURE_URL, make_canonical_urlargd( { "referer": "%s/yourmessages/delete_all%s" % (CFG_SITE_URL, make_canonical_urlargd(argd, {})), "ln": argd["ln"], }, {}, ), ), ) _ = gettext_set_language(argd["ln"]) user_info = collect_user_info(req) if not user_info["precached_usemessages"]: return page_not_authorized(req, "../", text=_("You are not authorized to use messages.")) # Generate content (body, errors, warnings) = perform_request_delete_all(uid, argd["confirmed"], argd["ln"]) return page( title=_("Your Messages"), body=body, navtrail=get_navtrail(argd["ln"]), uid=uid, lastupdated=__lastupdated__, req=req, language=argd["ln"], errors=errors, warnings=warnings, navmenuid="yourmessages", )
def format_template_show_short_doc(req, ln=CFG_SITE_LANG, search_doc_pattern=""): """ Prints the format elements documentation in a brief way. To be included inside Format template editor. @param req: the request object @param ln: language @param search_doc_pattern: a search pattern that specified which elements to display @return: a web page """ ln = wash_language(ln) _ = gettext_set_language(ln) try: uid = getUid(req) except: return error_page('Error', req) (auth_code, auth_msg) = check_user(req, 'cfgbibformat') if not auth_code: search_doc_pattern = wash_url_argument(search_doc_pattern, 'str') return bibformatadminlib.perform_request_format_template_show_short_doc( ln=ln, search_doc_pattern=search_doc_pattern) else: return page_not_authorized(req=req, text=auth_msg)
def users(req, ln=CFG_SITE_LANG): """ View a list of all the users that have been reported, sorted by most reported @param req: request object to obtain user information @param ln: language """ ln = wash_language(ln) _ = gettext_set_language(ln) navtrail_previous_links = getnavtrail() navtrail_previous_links += ' > <a class="navtrail" href="%s/admin/webcomment/webcommentadmin.py/">' % CFG_SITE_URL navtrail_previous_links += _("WebComment Admin") + '</a>' try: uid = getUid(req) except Error: return page(title=_("Internal Error"), body = create_error_box(req, verbose=0, ln=ln), description="%s - Internal Error" % CFG_SITE_NAME, keywords="%s, Internal Error" % CFG_SITE_NAME, language=ln, req=req) (auth_code, auth_msg) = check_user(req,'cfgwebcomment') if (auth_code != 'false'): return page(title=_("View all reported users"), body=perform_request_users(ln=ln), uid=uid, language=ln, navtrail = navtrail_previous_links, lastupdated=__lastupdated__, req=req) else: return page_not_authorized(req=req, text=auth_msg, navtrail=navtrail_previous_links)
def new_ticket(self, req, form): """handle a edit/new_ticket request""" argd = wash_urlargd(form, {'ln': (str, CFG_SITE_LANG), 'recid': (int, 0)}) ln = argd['ln'] _ = gettext_set_language(ln) auth_code, auth_message = acc_authorize_action(req, 'runbibedit') if auth_code != 0: return page_not_authorized(req=req, referer="/edit", text=auth_message, navtrail=navtrail) uid = getUid(req) if argd['recid']: (errmsg, url) = perform_request_newticket(argd['recid'], uid) if errmsg: return page(title = _("Failed to create a ticket"), body = _("Error")+": "+errmsg, errors = [], warnings = [], uid = uid, language = ln, navtrail = navtrail, lastupdated = __lastupdated__, req = req) else: #redirect.. redirect_to_url(req, url)
def kb_add(req, ln=CFG_SITE_LANG, sortby="to", kbtype=""): """ Adds a new kb @param req the request @param ln language @param sortby to or from @param kbtype type of knowledge base. one of: "", taxonomy, dynamic """ ln = wash_language(ln) _ = gettext_set_language(ln) navtrail_previous_links = ''' > <a class="navtrail" href="%s/kb?ln=%s">%s</a>''' % (CFG_SITE_SECURE_URL, ln, _("Manage Knowledge Bases")) try: dummy = getUid(req) except: return error_page('Error', req) (auth_code, auth_msg) = check_user(req, 'cfgbibknowledge') if not auth_code: name = "Untitled" if kbtype == "taxonomy": name = "Untitled Taxonomy" if kbtype == "dynamic": name = "Untitled dynamic" kb_id = bibknowledge.add_kb(kb_name=name, kb_type=kbtype) redirect_to_url(req, "kb?ln=%(ln)s&action=attributes&kb=%(kb)s" % {'ln':ln, 'kb':kb_id, 'sortby':sortby}) else: navtrail_previous_links = ''' > <a class="navtrail" href="%s/kb?ln=%s">%s</a>''' % (CFG_SITE_SECURE_URL, ln, _("Manage Knowledge Bases")) return page_not_authorized(req=req, text=auth_msg, navtrail=navtrail_previous_links)
def modifycollectiontree(req, colID, ln=CFG_SITE_LANG, move_up='', move_down='', move_from='', move_to='', delete='', rtype='', callback='yes', confirm=0): navtrail_previous_links = wsc.getnavtrail() + """> <a class="navtrail" href="%s/admin/websearch/websearchadmin.py/">WebSearch Admin</a> """ % (CFG_SITE_URL) try: uid = getUid(req) except: return error_page('Error', req) auth = check_user(req,'cfgwebsearch') if not auth[0]: return page(title="WebSearch Admin", body=wsc.perform_modifycollectiontree(colID=colID, ln=ln, move_up=move_up, move_down=move_down, move_from=move_from, move_to=move_to, delete=delete, rtype=rtype, callback=callback, confirm=confirm), uid=uid, language=ln, req=req, navtrail = navtrail_previous_links, lastupdated=__lastupdated__) else: return page_not_authorized(req=req, text=auth[1], navtrail=navtrail_previous_links)
def modifyfieldvalue(req, colID, fldID, fldvID, ln=CFG_SITE_LANG, name='', value='', callback="yes", confirm=-1): navtrail_previous_links = wsc.getnavtrail() + """> <a class="navtrail" href="%s/admin/websearch/websearchadmin.py/">WebSearch Admin</a> """ % (CFG_SITE_URL) try: uid = getUid(req) except: return error_page('Error', req) auth = check_user(req,'cfgwebsearch') if not auth[0]: return page(title="Edit Collection", body=wsc.perform_modifyfieldvalue(colID=colID, fldID=fldID, fldvID=fldvID, ln=ln, name=name, value=value, callback=callback, confirm=confirm), uid=uid, language=ln, navtrail = navtrail_previous_links, req=req, lastupdated=__lastupdated__) else: return page_not_authorized(req=req, text=auth[1], navtrail=navtrail_previous_links)
def check_authorization_moderatelinkbacks(self, req, argd): """ Check if user has authorization moderate linkbacks @return if yes: nothing, if guest: login redirect, otherwise page_not_authorized """ # Check authorization uid = getUid(req) user_info = collect_user_info(req) (auth_code, auth_msg) = acc_authorize_action( req, 'moderatelinkbacks', collection=guess_primary_collection_of_a_record(self.recid)) if auth_code and user_info['email'] == 'guest': # Ask to login target = '/youraccount/login' + \ make_canonical_urlargd({'ln': argd['ln'], 'referer': CFG_SITE_URL + user_info['uri']}, {}) return redirect_to_url(req, target) elif auth_code: return page_not_authorized(req, referer="../", uid=uid, text=auth_msg, ln=argd['ln'])
def hot(req, ln=CFG_SITE_LANG, comments=1, top=10, collection=""): """ View most active comments/reviews @param req: request object to obtain user information @param ln: language @param comments: boolean enabled for comments, disabled for reviews @param top: number of results to be shown @param collection: filter results by collection """ ln = wash_language(ln) collection = wash_url_argument(collection, 'str') _ = gettext_set_language(ln) navtrail_previous_links = getnavtrail() navtrail_previous_links += ' > <a class="navtrail" href="%s/admin/webcomment/webcommentadmin.py/">' % CFG_SITE_URL navtrail_previous_links += _("WebComment Admin") + '</a>' user_info = collect_user_info(req) (auth_code, auth_msg) = acc_authorize_action(user_info, 'cfgwebcomment') if auth_code: return page_not_authorized(req=req, text=auth_msg, navtrail=navtrail_previous_links) return page(title=(comments=='0' and _("View most reviewed records") or _("View most commented records")), body=perform_request_hot(req, ln=ln, comments=comments, top=top, collection=collection), uid=user_info['uid'], language=ln, navtrail = navtrail_previous_links, lastupdated=__lastupdated__, req=req)
def sub(self, req, form): """DEPRECATED: /submit/sub is deprecated now, so raise email to the admin (but allow submission to continue anyway)""" args = wash_urlargd(form, {'password': (str, '')}) uid = getUid(req) if uid == -1 or CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "../sub/", navmenuid='submit') try: raise DeprecationWarning, 'submit/sub handler has been used. Please use submit/direct. e.g. "submit/sub?RN=123@SBIFOO" -> "submit/direct?RN=123&sub=SBIFOO"' except DeprecationWarning: register_exception(req=req, alert_admin=True) ln = args['ln'] _ = gettext_set_language(ln) #DEMOBOO_RN=DEMO-BOOK-2008-001&ln=en&password=1223993532.26572%40APPDEMOBOO params = dict(form) password = args['password'] if password: del params['password'] if "@" in password: params['access'], params['sub'] = password.split('@', 1) else: params['sub'] = password else: args = str(req.args).split('@') if len(args) > 1: params = {'sub': args[-1]} args = '@'.join(args[:-1]) params.update(cgi.parse_qs(args)) else: return warning_page(_("Sorry, invalid URL..."), req, ln=ln) url = "%s/submit/direct?%s" % (CFG_SITE_SECURE_URL, urlencode(params, doseq=True)) redirect_to_url(req, url)
def index(req, p=""): auth_code, auth_message = acc_authorize_action(req, 'runsearchuser') if auth_code != 0: return page_not_authorized(req=req, text=auth_message) users = [] if p: users = run_sql( "SELECT id, nickname, email, last_login FROM user WHERE email<>'' AND nickname LIKE %s OR email LIKE %s ORDER BY email LIMIT 100", ('%%%s%%' % p, '%%%s%%' % p)) body = """ <form> <label for="searchuser">Search user:</label> <input name="p" id="searchuser" value="%s" /></input><input type="submit" value="Search" /> </form> """ % escape(p, True) if users: body += """<h2>Users found</h2> <p>This is the list of the first 100 users found matching the criteria.</p> <table border="1"> <thead><tr><th>ID</th><th>Nickname</th><th>Email</th><th>Last login</th></tr></thead> <tbody> """ for user in users: body += """<tr><td>%s</td><td>%s</td><td>%s</td><td>%s</td></tr>""" % ( user[0], escape(user[1]), escape(user[2]), escape(str( user[3]))) body += """ </tbody> </table> """ return page(req=req, title="Search users", body=body)
def modifysynonymkb(req, idxID, ln=CFG_SITE_LANG, idxKB='', idxMATCH='', callback='yes', confirm=-1): navtrail_previous_links = bic.getnavtrail() navtrail_previous_links += """> <a class="navtrail" href="%s/admin/bibindex/bibindexadmin.py/index">Manage Indexes</a>""" % (CFG_SITE_URL) try: uid = getUid(req) except: return error_page('Error', req) auth = bic.check_user(req,'cfgbibindex') if not auth[0]: return page(title="Edit Index", body=bic.perform_modifysynonymkb(idxID=idxID, ln=ln, idxKB=idxKB, idxMATCH=idxMATCH, callback=callback, confirm=confirm), uid=uid, language=ln, req=req, navtrail = navtrail_previous_links, lastupdated=__lastupdated__) else: return page_not_authorized(req=req, text=auth[1], navtrail=navtrail_previous_links)
def format_element_show_dependencies(req, bfe, ln=CFG_SITE_LANG): """ Shows format element dependencies @param req: the request object @param req: the request object @param bfe: the name of the bfe to show @param ln: language @return: a web page """ ln = wash_language(ln) _ = gettext_set_language(ln) navtrail_previous_links = bibformatadminlib.getnavtrail(''' > <a class="navtrail" href="%s/admin/bibformat/bibformatadmin.py/format_elements_doc?ln=%s">%s</a>''' % (CFG_SITE_SECURE_URL, ln , _("Format Elements Documentation"))) try: uid = getUid(req) except: return error_page('Error', req) (auth_code, auth_msg) = check_user(req, 'cfgbibformat') if not auth_code: bfe = wash_url_argument(bfe, 'str') return page(title=_("Format Element %s Dependencies" % bfe), body=bibformatadminlib.perform_request_format_element_show_dependencies(bfe=bfe, ln=ln), uid=uid, language=ln, navtrail = navtrail_previous_links, lastupdated=__lastupdated__, req=req) else: return page_not_authorized(req=req, text=auth_msg, navtrail=navtrail_previous_links)
def modifyindextranslations(req, idxID, ln=CFG_SITE_LANG, sel_type='', trans=[], confirm=-1): navtrail_previous_links = bic.getnavtrail( ) + """> <a class="navtrail" href="%s/admin/bibindex/bibindexadmin.py/index">Manage Indexes</a> """ % ( CFG_SITE_URL) try: uid = getUid(req) except: return error_page('Error', req) auth = bic.check_user(req, 'cfgbibindex') if not auth[0]: return page(title="Edit Index", body=bic.perform_modifyindextranslations(idxID=idxID, ln=ln, sel_type=sel_type, trans=trans, confirm=confirm), uid=uid, language=ln, req=req, navtrail=navtrail_previous_links, lastupdated=__lastupdated__) else: return page_not_authorized(req=req, text=auth[1], navtrail=navtrail_previous_links)
def addcollectiontotree(req, colID, ln=CFG_SITE_LANG, add_dad='', add_son='', rtype='', mtype='', callback='yes', confirm=-1): navtrail_previous_links = wsc.getnavtrail() + """> <a class="navtrail" href="%s/admin/websearch/websearchadmin.py/">WebSearch Admin</a> """ % (CFG_SITE_URL) try: uid = getUid(req) except: return error_page('Error', req) auth = check_user(req,'cfgwebsearch') if not auth[0]: return page(title="WebSearch Admin", body=wsc.perform_addcollectiontotree(colID=colID, ln=CFG_SITE_LANG, add_dad=add_dad, add_son=add_son, rtype=rtype, callback=callback, confirm=confirm), uid=uid, language=ln, navtrail = navtrail_previous_links, req=req, lastupdated=__lastupdated__) else: return page_not_authorized(req=req, text=auth[1], navtrail=navtrail_previous_links)
def removeindexfield(req, idxID, fldID, ln=CFG_SITE_LANG, callback="yes", confirm=-1): navtrail_previous_links = bic.getnavtrail( ) + """> <a class="navtrail" href="%s/admin/bibindex/bibindexadmin.py/index">Manage Indexes</a> """ % ( CFG_SITE_URL) try: uid = getUid(req) except: return error_page('Error', req) auth = bic.check_user(req, 'cfgbibindex') if not auth[0]: return page(title="Edit Index", body=bic.perform_removeindexfield(idxID=idxID, fldID=fldID, ln=ln, callback=callback, confirm=confirm), uid=uid, language=ln, navtrail=navtrail_previous_links, req=req, lastupdated=__lastupdated__) else: return page_not_authorized(req=req, text=auth[1], navtrail=navtrail_previous_links)
def modifyportalbox(req, colID, ln=CFG_SITE_LANG, pbxID=-1, score='', position='', sel_ln='', title='', body='', callback='yes', confirm=-1): navtrail_previous_links = wsc.getnavtrail() + """> <a class="navtrail" href="%s/admin/websearch/websearchadmin.py/">WebSearch Admin</a> """ % (CFG_SITE_URL) try: uid = getUid(req) except: return error_page('Error', req) auth = check_user(req,'cfgwebsearch') if not auth[0]: return page(title="Edit Collection", body=wsc.perform_modifyportalbox(colID=colID, ln=ln, pbxID=pbxID, score=score, position=position, sel_ln=sel_ln, title=title, body=body, callback=callback, confirm=confirm), uid=uid, language=ln, req=req, navtrail = navtrail_previous_links, lastupdated=__lastupdated__) else: return page_not_authorized(req=req, text=auth[1], navtrail=navtrail_previous_links)
def format_template_add(req, ln=CFG_SITE_LANG): """ Adds a new format template @param req: the request object @param ln: language @return: a web page (or redirection to a web page) """ ln = wash_language(ln) _ = gettext_set_language(ln) try: uid = getUid(req) except: return error_page('Error', req) (auth_code, auth_msg) = check_user(req, 'cfgbibformat') if not auth_code: bft = bibformatadminlib.add_format_template() redirect_to_url( req, "format_template_show_attributes?ln=%(ln)s&bft=%(bft)s&new=1" % { 'ln': ln, 'bft': bft }) else: return page_not_authorized(req=req, text=auth_msg)
def remoteserverinfos(self, req, form): ''' This method handle the /bibsword/remoteserverinfos call ''' argd = wash_urlargd(form, {'ln': (str, ''), 'id': (str, '')}) #authentication (auth_code, auth_message) = self.check_credential(req) if auth_code != 0: return page_not_authorized(req=req, referer='/bibsword', text=auth_message, navtrail='') body = perform_display_server_infos(argd['id']) navtrail = ''' > <a class="navtrail" ''' \ '''href="%(CFG_SITE_URL)s/bibsword">''' \ '''SWORD Interface</a>''' % \ {'CFG_SITE_URL' : CFG_SITE_URL} # return of all the updated informations to be display return page( title='Remote server infos', body=body, navtrail=navtrail, #uid = uid, lastupdated=__lastupdated__, req=req, language=argd['ln'], errors='', warnings='', navmenuid="yourmessages")
def format_templates_manage(req, ln=CFG_SITE_LANG, checking='0'): """ Main page for formats templates management. Check for authentication and print formats list. @param req: the request object @param ln: language @param checking: if 0, basic checking. Else perform extensive checking (time-consuming) @return: a web page """ ln = wash_language(ln) _ = gettext_set_language(ln) navtrail_previous_links = bibformatadminlib.getnavtrail() try: uid = getUid(req) except: return error_page('Error', req) (auth_code, auth_msg) = check_user(req, 'cfgbibformat') if not auth_code: checking_level = wash_url_argument(checking, 'int') return page( title=_("Manage Format Templates"), body=bibformatadminlib.perform_request_format_templates_management( ln=ln, checking=checking_level), uid=uid, language=ln, navtrail=navtrail_previous_links, lastupdated=__lastupdated__, req=req) else: return page_not_authorized(req=req, text=auth_msg, navtrail=navtrail_previous_links)
def compare_revisions(self, req, form): """Handle the compare revisions request""" argd = wash_urlargd(form, { \ 'ln': (str, CFG_SITE_LANG), \ 'rev1' : (str, ''), \ 'rev2' : (str, ''), \ 'recid': (int, 0)}) ln = argd['ln'] uid = getUid(req) _ = gettext_set_language(ln) # Checking if currently logged user has permission to perform this request auth_code, auth_message = acc_authorize_action(req, 'runbibedit') if auth_code != 0: return page_not_authorized(req=req, referer="/edit", text=auth_message, navtrail=navtrail) recid = argd['recid'] rev1 = argd['rev1'] rev2 = argd['rev2'] ln = argd['ln'] body, errors, warnings = perform_request_compare(ln, recid, rev1, rev2) return page(title = _("Comparing two record revisions"), body = body, errors = errors, warnings = warnings, uid = uid, language = ln, navtrail = navtrail, lastupdated = __lastupdated__, req = req)
def subscribe(self, req, form): """ Subscribe current user to receive email notification when new comments are added to current discussion. """ argd = wash_urlargd(form, {'referer': (str, None)}) uid = getUid(req) user_info = collect_user_info(req) (auth_code, auth_msg) = check_user_can_view_comments(user_info, self.recid) if isGuestUser(uid): cookie = mail_cookie_create_authorize_action( VIEWRESTRCOLL, { 'collection': guess_primary_collection_of_a_record( self.recid) }) target = '/youraccount/login' + \ make_canonical_urlargd({'action': cookie, 'ln' : argd['ln'], 'referer' : \ CFG_SITE_SECURE_URL + user_info['uri']}, {}) return redirect_to_url(req, target, norobot=True) elif auth_code: return page_not_authorized(req, "../", \ text = auth_msg) success = subscribe_user_to_discussion(self.recid, uid) display_url = "%s/%s/%s/comments/display?subscribed=%s&ln=%s" % \ (CFG_SITE_SECURE_URL, CFG_SITE_RECORD, self.recid, str(success), argd['ln']) redirect_to_url(req, display_url)
def index(self, req, form): """ The function called by default""" argd = wash_urlargd(form, { self._JSON_DATA_KEY: (str, ""), }) # load the right message language language = argd["ln"] _ = gettext_set_language(language) # check user credentials (auth_code, auth_msg) = acc_authorize_action(req, "runbibeditmulti") if 0 != auth_code: return page_not_authorized(req = req, ln = language, text = auth_msg) if argd[self._JSON_DATA_KEY]: return self._process_json_request(form, req) body = multi_edit_engine.perform_request_index(language) title = _("Multi-Record Editor") metaheaderadd = multi_edit_engine.get_scripts() metaheaderadd = metaheaderadd + multi_edit_engine.get_css() return page(title = title, metaheaderadd = metaheaderadd, body = body, req = req, language = language)
def format_elements_doc(req, ln=CFG_SITE_LANG): """ Main page for format elements documentation. Check for authentication and print format elements list. @param req: the request object @param ln: language @return: a web page """ ln = wash_language(ln) _ = gettext_set_language(ln) navtrail_previous_links = bibformatadminlib.getnavtrail() try: uid = getUid(req) except: return error_page('Error', req) (auth_code, auth_msg) = check_user(req, 'cfgbibformat') if not auth_code: return page(title=_("Format Elements Documentation"), body=bibformatadminlib. perform_request_format_elements_documentation(ln=ln), uid=uid, language=ln, navtrail=navtrail_previous_links, lastupdated=__lastupdated__, req=req) else: return page_not_authorized(req=req, text=auth_msg, navtrail=navtrail_previous_links)
def output_format_add(req, ln=CFG_SITE_LANG): """ Adds a new output format @param req: the request object @param ln: language @return: a web page (or redirection to a web page) """ ln = wash_language(ln) _ = gettext_set_language(ln) try: uid = getUid(req) except: return error_page('Error', req) (auth_code, auth_msg) = check_user(req, 'cfgbibformat') if not auth_code: bfo = bibformatadminlib.add_output_format() if bfo == None: return page(title=_("Cannot create output format"), body="""BibFormat cannot add an output format. Check output formats directory permissions.""", language=ln, lastupdated=__lastupdated__, req=req) redirect_to_url( req, "output_format_show_attributes?ln=%(ln)s&bfo=%(bfo)s" % { 'ln': ln, 'bfo': bfo }) else: return page_not_authorized(req=req, text=auth_msg)
def custom_summary(self, req, form): """Custom report page""" argd = wash_urlargd( form, { 'query': (str, ""), 'tag': (str, "909C4p"), 'title': (str, "Publications"), 'ln': (str, CFG_SITE_LANG) }) ln = argd['ln'] user_info = collect_user_info(req) (auth_code, auth_msg) = acc_authorize_action(user_info, 'runwebstatadmin') if auth_code: return page_not_authorized( req, navtrail=self.navtrail % {'ln_link': (ln != CFG_SITE_LANG and '?ln=' + ln) or ''}, text=auth_msg, navmenuid='custom query summary', ln=ln) return page(title="Custom query summary", body=perform_display_custom_summary(argd, ln=ln), navtrail="""<a class="navtrail" href="%s/stats/%s">Statistics</a>""" % \ (CFG_SITE_URL, (ln != CFG_SITE_LANG and '?ln=' + ln) or ''), description="CDS, Statistics, Custom Query Summary", keywords="CDS, statistics, custom query summary", req=req, lastupdated=__lastupdated__, navmenuid='custom query summary', language=ln)
def output_formats_manage(req, ln=CFG_SITE_LANG, sortby="code"): """ Main page for output formats management. Check for authentication and print output formats list. @param req: the request object @param ln: language @param sortby: the sorting crieteria (can be 'code' or 'name') @return: a web page """ ln = wash_language(ln) _ = gettext_set_language(ln) navtrail_previous_links = bibformatadminlib.getnavtrail() try: uid = getUid(req) except: return error_page('Error', req) (auth_code, auth_msg) = check_user(req, 'cfgbibformat') if not auth_code: sortby = wash_url_argument(sortby, 'str') return page( title=_("Manage Output Formats"), body=bibformatadminlib.perform_request_output_formats_management( ln=ln, sortby=sortby), uid=uid, language=ln, navtrail=navtrail_previous_links, lastupdated=__lastupdated__, req=req) else: return page_not_authorized(req=req, text=auth_msg, navtrail=navtrail_previous_links)
def subscribe(self, req, form): """ Subscribe current user to receive email notification when new comments are added to current discussion. """ argd = wash_urlargd(form, {'referer': (str, None)}) uid = getUid(req) user_info = collect_user_info(req) (auth_code, auth_msg) = check_user_can_view_comments(user_info, self.recid) if isGuestUser(uid): cookie = mail_cookie_create_authorize_action(VIEWRESTRCOLL, {'collection' : guess_primary_collection_of_a_record(self.recid)}) target = '/youraccount/login' + \ make_canonical_urlargd({'action': cookie, 'ln' : argd['ln'], 'referer' : \ CFG_SITE_URL + user_info['uri']}, {}) return redirect_to_url(req, target, norobot=True) elif auth_code: return page_not_authorized(req, "../", \ text = auth_msg) success = subscribe_user_to_discussion(self.recid, uid) display_url = "%s/record/%s/comments/display?subscribed=%s&ln=%s" % \ (CFG_SITE_URL, self.recid, str(success), argd['ln']) redirect_to_url(req, display_url)
def format_templates_manage(req, ln=CFG_SITE_LANG, checking='0'): """ Main page for formats templates management. Check for authentication and print formats list. @param req: the request object @param ln: language @param checking: if 0, basic checking. Else perform extensive checking (time-consuming) @return: a web page """ ln = wash_language(ln) _ = gettext_set_language(ln) navtrail_previous_links = bibformatadminlib.getnavtrail() try: uid = getUid(req) except: return error_page('Error', req) (auth_code, auth_msg) = check_user(req, 'cfgbibformat') if not auth_code: checking_level = wash_url_argument(checking, 'int') return page(title=_("Manage Format Templates"), body=bibformatadminlib.perform_request_format_templates_management(ln=ln, checking=checking_level), uid=uid, language=ln, navtrail = navtrail_previous_links, lastupdated=__lastupdated__, req=req) else: return page_not_authorized(req=req, text=auth_msg, navtrail=navtrail_previous_links)
def format_template_show_dependencies(req, bft, ln=CFG_SITE_LANG): """ Show the dependencies (on elements) of the given format. @param req: the request object @param ln: language @param bft: the filename of the template to show @return: a web page """ ln = wash_language(ln) _ = gettext_set_language(ln) navtrail_previous_links = bibformatadminlib.getnavtrail(''' > <a class="navtrail" href="%s/admin/bibformat/bibformatadmin.py/format_templates_manage?ln=%s">%s</a>''' % (CFG_SITE_SECURE_URL, ln, _("Manage Format Templates"))) try: uid = getUid(req) except: return error_page('Error', req) (auth_code, auth_msg) = check_user(req, 'cfgbibformat') if not auth_code: format_template = wash_url_argument(bft, 'str') format_name = bibformat_engine.get_format_template_attrs(bft)['name'] return page(title=_("Format Template %s Dependencies" % format_name), body=bibformatadminlib.perform_request_format_template_show_dependencies(bft, ln=ln), uid=uid, language=ln, navtrail = navtrail_previous_links, lastupdated=__lastupdated__, req=req) else: return page_not_authorized(req=req, text=auth_msg)
def output_formats_manage(req, ln=CFG_SITE_LANG, sortby="code"): """ Main page for output formats management. Check for authentication and print output formats list. @param req: the request object @param ln: language @param sortby: the sorting crieteria (can be 'code' or 'name') @return: a web page """ ln = wash_language(ln) _ = gettext_set_language(ln) navtrail_previous_links = bibformatadminlib.getnavtrail() try: uid = getUid(req) except: return error_page('Error', req) (auth_code, auth_msg) = check_user(req, 'cfgbibformat') if not auth_code: sortby = wash_url_argument(sortby, 'str') return page(title=_("Manage Output Formats"), body=bibformatadminlib.perform_request_output_formats_management(ln=ln, sortby=sortby), uid=uid, language=ln, navtrail = navtrail_previous_links, lastupdated=__lastupdated__, req=req) else: return page_not_authorized(req=req, text=auth_msg, navtrail=navtrail_previous_links)
def sub(self, req, form): """DEPRECATED: /submit/sub is deprecated now, so raise email to the admin (but allow submission to continue anyway)""" args = wash_urlargd(form, {"password": (str, "")}) uid = getUid(req) if uid == -1 or CFG_ACCESS_CONTROL_LEVEL_SITE >= 1: return page_not_authorized(req, "../sub/", navmenuid="submit") try: raise DeprecationWarning, 'submit/sub handler has been used. Please use submit/direct. e.g. "submit/sub?RN=123@SBIFOO" -> "submit/direct?RN=123&sub=SBIFOO"' except DeprecationWarning: register_exception(req=req, alert_admin=True) ln = args["ln"] _ = gettext_set_language(ln) # DEMOBOO_RN=DEMO-BOOK-2008-001&ln=en&password=1223993532.26572%40APPDEMOBOO params = dict(form) password = args["password"] if password: del params["password"] if "@" in password: params["access"], params["sub"] = password.split("@", 1) else: params["sub"] = password else: args = str(req.args).split("@") if len(args) > 1: params = {"sub": args[-1]} args = "@".join(args[:-1]) params.update(cgi.parse_qs(args)) else: return warningMsg(_("Sorry, invalid URL..."), req, ln=ln) url = "%s/submit/direct?%s" % (CFG_SITE_URL, urlencode(params, doseq=True)) redirect_to_url(req, url)
def format_elements_doc(req, ln=CFG_SITE_LANG): """ Main page for format elements documentation. Check for authentication and print format elements list. @param req: the request object @param ln: language @return: a web page """ ln = wash_language(ln) _ = gettext_set_language(ln) navtrail_previous_links = bibformatadminlib.getnavtrail() try: uid = getUid(req) except: return error_page('Error', req) (auth_code, auth_msg) = check_user(req, 'cfgbibformat') if not auth_code: return page(title=_("Format Elements Documentation"), body=bibformatadminlib.perform_request_format_elements_documentation(ln=ln), uid=uid, language=ln, navtrail = navtrail_previous_links, lastupdated=__lastupdated__, req=req) else: return page_not_authorized(req=req, text=auth_msg, navtrail=navtrail_previous_links)
def modifyfieldtags(req, fldID, ln=CFG_SITE_LANG, callback='yes', confirm=-1): navtrail_previous_links = bic.getnavtrail( ) + """> <a class="navtrail" href="%s/admin/bibindex/bibindexadmin.py/field">Manage logical fields</a> """ % ( CFG_SITE_URL) try: uid = getUid(req) except: return error_page('Error', req) auth = bic.check_user(req, 'cfgbibindex') if not auth[0]: return page(title="Edit Logical Field", body=bic.perform_modifyfieldtags(fldID=fldID, ln=ln, callback=callback, confirm=confirm), uid=uid, language=ln, req=req, navtrail=navtrail_previous_links, lastupdated=__lastupdated__) else: return page_not_authorized(req=req, text=auth[1], navtrail=navtrail_previous_links)
def index(req, ln=CFG_SITE_LANG): """ Menu of admin options @param ln: language """ ln = wash_language(ln) _ = gettext_set_language(ln) navtrail_previous_links = getnavtrail() navtrail_previous_links +=' > <a class="navtrail" href="%s/admin/webcomment/webcommentadmin.py/">' % CFG_SITE_URL navtrail_previous_links += _("WebComment Admin") + '</a>' try: uid = getUid(req) except Error: return page(title=_("Internal Error"), body = create_error_box(req, verbose=0, ln=ln), description="%s - Internal Error" % CFG_SITE_NAME, keywords="%s, Internal Error" % CFG_SITE_NAME, language=ln, req=req) (auth_code, auth_msg) = check_user(req, 'cfgwebcomment') if (auth_code != 'false'): return page(title=_("WebComment Admin"), body=perform_request_index(ln=ln), uid=uid, language=ln, navtrail = navtrail_previous_links, lastupdated=__lastupdated__, req=req) else: return page_not_authorized(req=req, text=auth_msg, navtrail=navtrail_previous_links)