def __init__(self, context, request, page_title=None):
self.settings = dict(get_settings(context))
self.settings.update(self.config_settings)
self.site = site = find_site(context)
self.context = context
self.request = request
self.userid = authenticated_userid(request)
self.app_url = app_url = request.application_url
self.profile_url = app_url + '/profiles/%s' % self.userid
self.here_url = self.context_url = resource_url(context, request)
self.view_url = resource_url(context, request, request.view_name)
self.read_only = not is_normal_mode(request.registry)
self.static_url = get_static_url(request)
self.resource_devel_mode = is_resource_devel_mode()
self.browser_upgrade_url = request.registry.settings.get(
'browser_upgrade_url', '')
# this data will be provided for the client javascript
self.karl_client_data = {}
# Provide a setting in the INI to fully control the entire URL
# to the static. This is when the proxy runs a different port
# number, or to "pipeline" resources on a different URL path.
full_static_path = self.settings.get('full_static_path', False)
if full_static_path:
if '%d' in full_static_path:
# XXX XXX note self._start_time is needed... and not _start_time
# XXX XXX since this was a trivial bug, there is chance that
# XXX XXX this actually never runs! TODO testing???
full_static_path = full_static_path % self._start_time
self.static_url = full_static_path
self.page_title = page_title
self.system_name = self.title = self.settings.get('title', 'KARL')
self.user_is_admin = 'group.KarlAdmin' in effective_principals(request)
self.can_administer = has_permission('administer', site, request)
self.can_email = has_permission('email', site, request)
self.admin_url = resource_url(site, request, 'admin.html')
date_format = get_user_date_format(context, request)
self.karl_client_data['date_format'] = date_format
# XXX XXX XXX This will never work from peoples formish templates
# XXX XXX XXX (edit_profile and derivates) because, in those form
# XXX XXX XXX controllers, the api is instantiated from __init__,
# XXX XXX XXX where request.form is still unset!!! (From all other
# XXX XXX XXX formcontrollers the api is instantiated from __call__,
# XXX XXX XXX which is why this works. A chicken-and-egg problem, really.
if hasattr(request, 'form') and getattr(request.form, 'errors', False):
# This is a failed form submission request, specify an error message
self.error_message = u'Please correct the indicated errors.'
self.site_announcements = getattr(self.site, "site_announcements", [])
profiles = find_profiles(self.site)
profile = profiles is not None and profiles.get(self.userid,
None) or None
self.unseen_site_announcements = []
if profile is not None and hasattr(profile, "_seen_announcements") \
and hasattr(site, "site_announcements"):
for item in site.site_announcements:
if item['hash'] not in profile._seen_announcements:
self.unseen_site_announcements.append(item)
def __init__(self, md):
self.md = md
settings = get_settings()
white_list_fn = settings.get("mail_white_list", None)
if white_list_fn:
with open(white_list_fn) as f:
self.white_list = set(self._normalize(line) for line in f.readlines())
else:
self.white_list = None
def __init__(self, context, request, page_title=None):
self.settings = dict(get_settings(context))
self.settings.update(self.config_settings)
self.site = site = find_site(context)
self.context = context
self.request = request
self.userid = authenticated_userid(request)
self.app_url = app_url = request.application_url
self.profile_url = app_url + "/profiles/%s" % self.userid
self.here_url = self.context_url = resource_url(context, request)
self.view_url = resource_url(context, request, request.view_name)
self.read_only = not is_normal_mode(request.registry)
self.static_url = get_static_url(request)
self.resource_devel_mode = is_resource_devel_mode()
self.browser_upgrade_url = request.registry.settings.get("browser_upgrade_url", "")
# this data will be provided for the client javascript
self.karl_client_data = {}
# Provide a setting in the INI to fully control the entire URL
# to the static. This is when the proxy runs a different port
# number, or to "pipeline" resources on a different URL path.
full_static_path = self.settings.get("full_static_path", False)
if full_static_path:
if "%d" in full_static_path:
# XXX XXX note self._start_time is needed... and not _start_time
# XXX XXX since this was a trivial bug, there is chance that
# XXX XXX this actually never runs! TODO testing???
full_static_path = full_static_path % self._start_time
self.static_url = full_static_path
self.page_title = page_title
self.system_name = self.title = self.settings.get("title", "KARL")
self.user_is_admin = "group.KarlAdmin" in effective_principals(request)
self.can_administer = has_permission("administer", site, request)
self.can_email = has_permission("email", site, request)
self.admin_url = resource_url(site, request, "admin.html")
date_format = get_user_date_format(context, request)
self.karl_client_data["date_format"] = date_format
# XXX XXX XXX This will never work from peoples formish templates
# XXX XXX XXX (edit_profile and derivates) because, in those form
# XXX XXX XXX controllers, the api is instantiated from __init__,
# XXX XXX XXX where request.form is still unset!!! (From all other
# XXX XXX XXX formcontrollers the api is instantiated from __call__,
# XXX XXX XXX which is why this works. A chicken-and-egg problem, really.
if hasattr(request, "form") and getattr(request.form, "errors", False):
# This is a failed form submission request, specify an error message
self.error_message = u"Please correct the indicated errors."
self.site_announcements = getattr(self.site, "site_announcements", [])
profiles = find_profiles(self.site)
profile = profiles is not None and profiles.get(self.userid, None) or None
self.unseen_site_announcements = []
if profile is not None and hasattr(profile, "_seen_announcements") and hasattr(site, "site_announcements"):
for item in site.site_announcements:
if item["hash"] not in profile._seen_announcements:
self.unseen_site_announcements.append(item)
def __init__(self, md):
self.md = md
settings = get_settings()
white_list_fn = settings.get("mail_white_list", None)
if white_list_fn:
with open(white_list_fn) as f:
self.white_list = set(
self._normalize(line) for line in f.readlines())
else:
self.white_list = None
def generate_stats(args, instance):
root, closer = args.get_root(instance)
settings = get_settings()
folder = settings.get('statistics_folder')
if folder is None:
return
log.info("Generating stats for %s" % instance)
if not os.path.exists(folder):
os.makedirs(folder)
generate_reports(root, folder)
def generate_stats(args, instance):
root, closer = args.get_root(instance)
settings = get_settings()
folder = settings.get('statistics_folder')
if folder is None:
return
log.info("Generating stats for %s" % instance)
if not os.path.exists(folder):
os.makedirs(folder)
generate_reports(root, folder)
def mail_delivery_factory(os=os): # accepts 'os' for unit test purposes
"""Factory method for creating an instance of repoze.sendmail.IDelivery
for use by this application.
"""
settings = get_settings()
# If settings utility not present, we are probably testing and should
# suppress sending mail. Can also be set explicitly in environment
# variable
suppress_mail = boolean(os.environ.get('SUPPRESS_MAIL', ''))
if not settings or suppress_mail:
return FakeMailDelivery()
md = KarlMailDelivery(settings)
if settings.get("mail_white_list", None):
md = WhiteListMailDelivery(md)
return md
def mail_delivery_factory(os=os): # accepts 'os' for unit test purposes
"""Factory method for creating an instance of repoze.sendmail.IDelivery
for use by this application.
"""
settings = get_settings()
# If settings utility not present, we are probably testing and should
# suppress sending mail. Can also be set explicitly in environment
# variable
suppress_mail = boolean(os.environ.get('SUPPRESS_MAIL', ''))
if not settings or suppress_mail:
return FakeMailDelivery()
md = KarlMailDelivery(settings)
if settings.get("mail_white_list", None):
md = WhiteListMailDelivery(md)
return md
def update(self, profile):
objectEventNotify(ObjectWillBeModifiedEvent(profile))
if profile.security_state == 'active':
element = self.element
login = self._element_value(element, 'username')
username = profile.__name__
groups = self._groups(element)
# Don't clobber user's community memberships
users = find_users(profile)
info = users.get_by_id(username)
if info is not None:
prev_groups = info['groups']
community_groups = [
g for g in prev_groups if g.startswith('group.community')
]
groups = groups | set(community_groups)
if info is not None:
# keep old password
password = info['password']
users.remove(username)
users.add(username, login, password, groups, encrypted=True)
else:
# can it be that we have a new user here?
password = get_random_password()
users.add(username, login, password, groups, encrypted=False)
user = users.get_by_id(username)
request = get_current_request()
settings = get_settings()
app_url = settings.get('script_app_url')
request_password_reset(user, profile, request, app_url=app_url)
self._populate(profile)
reset_security_workflow(profile)
objectEventNotify(ObjectModifiedEvent(profile))
def __init__(self, context, request, page_title=None):
self.settings = get_settings() or {}
self.site = site = find_site(context)
self.context = context
self.request = request
self.userid = authenticated_userid(request)
self.app_url = app_url = request.application_url
self.profile_url = app_url + '/profiles/%s' % self.userid
self.here_url = self.context_url = resource_url(context, request)
self.view_url = resource_url(context, request, request.view_name)
self.js_devel_mode = self.settings.get('js_devel_mode', None)
self.read_only = self.settings.get('read_only', False)
self.static_url = '%s/static/%s' % (
app_url, request.registry.settings.get('static_rev'))
# this data will be provided for the client javascript
self.karl_client_data = {}
# Provide a setting in the INI to fully control the entire URL
# to the static. This is when the proxy runs a different port
# number, or to "pipeline" resources on a different URL path.
full_static_path = self.settings.get('full_static_path', False)
if full_static_path:
if '%d' in full_static_path:
# XXX XXX note self._start_time is needed... and not _start_time
# XXX XXX since this was a trivial bug, there is chance that
# XXX XXX this actually never runs! TODO testing???
full_static_path = full_static_path % self._start_time
self.static_url = full_static_path
self.page_title = page_title
self.system_name = self.settings.get('system_name', 'KARL')
self.user_is_admin = 'group.KarlAdmin' in effective_principals(request)
self.can_administer = has_permission('administer', site, request)
self.can_email = has_permission('email', site, request)
self.admin_url = resource_url(site, request, 'admin.html')
self.site_announcement = getattr(site, 'site_announcement', '')
date_format = get_user_date_format(context, request)
self.karl_client_data['date_format'] = date_format
# XXX XXX XXX This will never work from peoples formish templates
# XXX XXX XXX (edit_profile and derivates) because, in those form
# XXX XXX XXX controllers, the api is instantiated from __init__,
# XXX XXX XXX where request.form is still unset!!! (From all other
# XXX XXX XXX formcontrollers the api is instantiated from __call__,
# XXX XXX XXX which is why this works. A chicken-and-egg problem, really.
if hasattr(request, 'form') and getattr(request.form, 'errors', False):
# This is a failed form submission request, specify an error message
self.error_message = u'Please correct the indicated errors.'
if self.settings:
self.kaltura_info = dict(
enabled=self.settings.get('kaltura_enabled', False)
in ('true', 'True'),
partner_id=self.settings.get('kaltura_partner_id', ''),
sub_partner_id=self.settings.get('kaltura_sub_partner_id', ''),
admin_secret=self.settings.get('kaltura_admin_secret', ''),
user_secret=self.settings.get('kaltura_user_secret', ''),
kcw_uiconf_id=self.settings.get('kaltura_kcw_uiconf_id',
'1000741'),
player_uiconf_id=self.settings.get('kaltura_player_uiconf_id',
''),
player_cache_st=self.settings.get('kaltura_player_cache_st',
''),
local_user=self.userid,
)
if not self.settings.get('kaltura_client_session',
False) in ('true', 'True'):
# Secrets will not be sent to client, instead session is handled on the server.
self.kaltura_info[
'session_url'] = app_url + '/' + 'kaltura_create_session.json'
else:
self.kaltura_info = dict(enabled=False, )
# propagate the head data to the client
d = self.karl_client_data['kaltura'] = dict(self.kaltura_info)
# remove secrets if needed
if 'session_url' in d:
# server side session management, do not send secrets to client
del d['user_secret']
del d['admin_secret']
def __init__(self, context, request, page_title=None):
self.settings = get_settings() or {}
self.site = site = find_site(context)
self.context = context
self.request = request
self.userid = authenticated_userid(request)
self.app_url = app_url = request.application_url
self.profile_url = app_url + '/profiles/%s' % self.userid
self.here_url = self.context_url = resource_url(context, request)
self.view_url = resource_url(context, request, request.view_name)
self.js_devel_mode = self.settings.get('js_devel_mode', None)
self.read_only = self.settings.get('read_only', False)
self.static_url = '%s/static/%s' % (app_url, _get_static_rev())
# this data will be provided for the client javascript
self.karl_client_data = {}
# Provide a setting in the INI to fully control the entire URL
# to the static. This is when the proxy runs a different port
# number, or to "pipeline" resources on a different URL path.
full_static_path = self.settings.get('full_static_path', False)
if full_static_path:
if '%d' in full_static_path:
# XXX XXX note self._start_time is needed... and not _start_time
# XXX XXX since this was a trivial bug, there is chance that
# XXX XXX this actually never runs! TODO testing???
full_static_path = full_static_path % self._start_time
self.static_url = full_static_path
self.page_title = page_title
self.system_name = self.settings.get('system_name', 'KARL')
self.user_is_admin = 'group.KarlAdmin' in effective_principals(request)
self.can_administer = has_permission('administer', site, request)
self.can_email = has_permission('email', site, request)
self.admin_url = resource_url(site, request, 'admin.html')
self.site_announcement = getattr(site, 'site_announcement', '')
date_format = get_user_date_format(context, request)
self.karl_client_data['date_format'] = date_format
# XXX XXX XXX This will never work from peoples formish templates
# XXX XXX XXX (edit_profile and derivates) because, in those form
# XXX XXX XXX controllers, the api is instantiated from __init__,
# XXX XXX XXX where request.form is still unset!!! (From all other
# XXX XXX XXX formcontrollers the api is instantiated from __call__,
# XXX XXX XXX which is why this works. A chicken-and-egg problem, really.
if hasattr(request, 'form') and getattr(request.form, 'errors', False):
# This is a failed form submission request, specify an error message
self.error_message = u'Please correct the indicated errors.'
if self.settings:
self.kaltura_info = dict(
enabled = self.settings.get(
'kaltura_enabled', False) in ('true', 'True'),
partner_id = self.settings.get('kaltura_partner_id', ''),
sub_partner_id = self.settings.get(
'kaltura_sub_partner_id', ''),
admin_secret = self.settings.get('kaltura_admin_secret', ''),
user_secret = self.settings.get('kaltura_user_secret', ''),
kcw_uiconf_id = self.settings.get(
'kaltura_kcw_uiconf_id', '1000741'),
player_uiconf_id = self.settings.get(
'kaltura_player_uiconf_id', ''),
player_cache_st = self.settings.get(
'kaltura_player_cache_st', ''),
local_user = self.userid,
)
if not self.settings.get(
'kaltura_client_session', False) in ('true', 'True'):
# Secrets will not be sent to client, instead session is handled on the server.
self.kaltura_info['session_url'] = app_url + '/' + 'kaltura_create_session.json'
else:
self.kaltura_info = dict(
enabled = False,
)
# propagate the head data to the client
d = self.karl_client_data['kaltura'] = dict(self.kaltura_info)
# remove secrets if needed
if 'session_url' in d:
# server side session management, do not send secrets to client
del d['user_secret']
del d['admin_secret']
def __init__(self, context, request, page_title=None):
self.settings = get_settings() or {}
site = find_site(context)
self.context = context
self.request = request
self.userid = authenticated_userid(request)
self.app_url = app_url = request.application_url
self.profile_url = app_url + "/profiles/%s" % self.userid
self.here_url = self.context_url = resource_url(context, request)
self.view_url = resource_url(context, request, request.view_name)
self.js_devel_mode = self.settings.get("js_devel_mode", None)
self.read_only = self.settings.get("read_only", False)
self.static_url = "%s/static/%s" % (app_url, _get_static_rev())
# this data will be provided for the client javascript
self.karl_client_data = {}
# Provide a setting in the INI to fully control the entire URL
# to the static. This is when the proxy runs a different port
# number, or to "pipeline" resources on a different URL path.
full_static_path = self.settings.get("full_static_path", False)
if full_static_path:
if "%d" in full_static_path:
# XXX XXX note self._start_time is needed... and not _start_time
# XXX XXX since this was a trivial bug, there is chance that
# XXX XXX this actually never runs! TODO testing???
full_static_path = full_static_path % self._start_time
self.static_url = full_static_path
self.page_title = page_title
self.system_name = self.settings.get("system_name", "KARL")
self.user_is_admin = "group.KarlAdmin" in effective_principals(request)
self.can_administer = has_permission("administer", site, request)
self.can_email = has_permission("email", site, request)
self.admin_url = resource_url(site, request, "admin.html")
self.site_announcement = getattr(site, "site_announcement", "")
# XXX XXX XXX This will never work from peoples formish templates
# XXX XXX XXX (edit_profile and derivates) because, in those form
# XXX XXX XXX controllers, the api is instantiated from __init__,
# XXX XXX XXX where request.form is still unset!!! (From all other
# XXX XXX XXX formcontrollers the api is instantiated from __call__,
# XXX XXX XXX which is why this works. A chicken-and-egg problem, really.
if hasattr(request, "form") and getattr(request.form, "errors", False):
# This is a failed form submission request, specify an error message
self.error_message = u"Please correct the indicated errors."
if self.settings:
self.kaltura_info = dict(
enabled=self.settings.get("kaltura_enabled", False) in ("true", "True"),
partner_id=self.settings.get("kaltura_partner_id", ""),
sub_partner_id=self.settings.get("kaltura_sub_partner_id", ""),
admin_secret=self.settings.get("kaltura_admin_secret", ""),
user_secret=self.settings.get("kaltura_user_secret", ""),
kcw_uiconf_id=self.settings.get("kaltura_kcw_uiconf_id", "1000741"),
player_uiconf_id=self.settings.get("kaltura_player_uiconf_id", ""),
player_cache_st=self.settings.get("kaltura_player_cache_st", ""),
local_user=self.userid,
)
if not self.settings.get("kaltura_client_session", False) in ("true", "True"):
# Secrets will not be sent to client, instead session is handled on the server.
self.kaltura_info["session_url"] = app_url + "/" + "kaltura_create_session.json"
else:
self.kaltura_info = dict(enabled=False)
# propagate the head data to the client
d = self.karl_client_data["kaltura"] = dict(self.kaltura_info)
# remove secrets if needed
if "session_url" in d:
# server side session management, do not send secrets to client
del d["user_secret"]
del d["admin_secret"]
