def login(self): _ = self.request.translate browser_error = checkBrowser(self.request) device_error = checkDevice(self.request) login = '' if self.request.method == 'POST': if self.request.POST.get('login') \ and self.request.POST.get('password') \ and self.request.POST.get('login').strip() != '' \ and self.request.POST.get('password').strip() != '': login = self.request.POST.get('login') password = self.request.POST.get('password') user = DBSession.query(User).filter(User.username==login).first() if ( user is not None and user.active and user.validate_password(password, user.password)): headers = security.remember(self.request, user.id) self.request.session.flash(_(u"Welcome, ${username}! You are logged in.", mapping={'username':user.username}), 'success') userLogin = UserLogin(user_id = user.id, ip = self.request.client_addr, user_agent = self.request.user_agent) DBSession.add(userLogin) DBSession.flush() self.request.session['user_login_id'] = userLogin.id if userhelpers.checkUserPasswordChangeNeed(self.request, user): return HTTPFound(location='/settings/me/edit/', headers=headers) return HTTPFound(location='/', headers=headers) self.request.session.flash(_(u"Login failed."), 'error') else: self.request.session.flash(_(u"Login failed. Please provide username and password."), 'error') return {'login':login, 'browser_error':browser_error, 'device_error':device_error}
def settings_organization_club_edit(self): if self.request.redirect_forbidden: return HTTPFound(location='/forbidden/') elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location='/settings/me/edit/') _ = self.request.translate tmp_club = { 'name':'', 'short_name':'', 'leader_id':'', 'subunit_id':0, 'club_code':'', } club_id = self.request.matchdict['club_id'] club = DBSession.query(Club).filter(Club.id==club_id).first() if club.id: tmp_club = { 'name':club.name, 'short_name':club.short_name, 'leader_id':club.leader_id, 'subunit_id':club.subunit_id, 'club_code':club.club_code } if self.request.method == 'POST': tmp_club['name'] = self.request.POST.get('name').strip() tmp_club['short_name'] = self.request.POST.get('short_name').strip() #tmp_club['leader_id'] = self.request.POST.get('leader_id').strip() tmp_club['leader_id'] = 0 tmp_club['subunit_id'] = self.request.POST.get('subunit_id').strip() tmp_club['club_code'] = self.request.POST.get('club_code').strip() if tmp_club['name']: club.name = tmp_club['name'] club.short_name = tmp_club['short_name'] club.leader_id = tmp_club['leader_id'] club.subunit_id = tmp_club['subunit_id'] club.club_code = tmp_club['club_code'] DBSession.add(club) DBSession.flush() userAudit = UserAudit(self.request.user.id) userAudit.model = 'Club' userAudit.model_id = club.id userAudit.action = 'Update' userAudit.revision = club.metadata_revision DBSession.add(userAudit) DBSession.flush() self.request.session.flash(_(u"Club saved."), 'success') return HTTPFound(location='/settings/organization/') else: self.request.session.flash(_(u"Please provide club name."), 'error') subunits = DBSession.query(SubUnit).all() self.request.bread.append({'url':'/settings/', 'text':_('Settings')}) self.request.bread.append({'url':'/settings/organization/', 'text':_('Organization')}) self.request.bread.append({'url':'/settings/organization/club_edit/'+club_id+'/', 'text':_('Edit club')}) return {'club':tmp_club, 'subunits':subunits}
def settings_groups_view(self): if self.request.redirect_forbidden: return HTTPFound(location='/forbidden/') elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location='/settings/me/edit/') _ = self.request.translate group_id = self.request.matchdict['group_id'] group = DBSession.query(Group).filter(Group.id==group_id).first() if group.id: # privilege_ids = [privilege.id for privilege in group.privileges] tmp_group = { 'id':group.id, 'name':group.name, 'leader_id':group.leader_id, 'privileges':group.privileges } privileges = DBSession.query(Privilege).all() self.request.bread.append({'url':'/settings/', 'text':_('Settings')}) self.request.bread.append({'url':'/settings/groups/', 'text':_('Groups')}) self.request.bread.append({'url':'/settings/groups/view/'+str(group.id)+'/', 'text':_('View') + ' ' + helpers.decodeString(group.name)}) return {'group':tmp_group, 'privileges':privileges} else: return HTTPFound(location='/settings/groups/')
def getPeoplePresenceCounts(dt, club=0, subunit=0, village=0, subcamp=0, village_kitchen=0): report = DBSession.query(Participant.id) if club != 0: report = report.filter(Participant.club_id == club) if subunit != 0: report = report.filter(Participant.subunit_id == subunit) if village != 0: report = report.filter(Participant.village_id == village) if subcamp != 0: report = report.filter(Participant.subcamp_id == subcamp) if village_kitchen != 0: village_kitchen = DBSession.query(VillageKitchen).get(village_kitchen) if village_kitchen != None: village_ids = [] if len(village_kitchen.villages) > 0: for village in village_kitchen.villages: village_ids.append(village.id) report = report.filter(Participant.village_id.in_(village_ids)) report = report.filter(Participant.active == True) report = report.filter(Participant.latest_status_key != 200) report = report.join(ParticipantPresence).filter( ParticipantPresence.presence_starts <= dt, ParticipantPresence.presence_ends >= dt ) participants_count = report.count() return participants_count
def medical_settings_reasons_new(self): if self.request.redirect_forbidden: return HTTPFound(location='/forbidden/') elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location='/settings/me/edit/') _ = self.request.translate reason = MedicalReason() if self.request.method == 'POST': reason.title = self.request.POST.get('title').strip() reason.description = self.request.POST.get('description').strip() if reason.title != '': DBSession.add(reason) DBSession.flush() self.request.session.flash(_(u"Reason created."), 'success') return HTTPFound(location='/medical/settings/') else: self.request.session.flash(_(u"Please provide title."), 'error') self.request.bread.append({'url':'/medical/', 'text':_('Medical')}) self.request.bread.append({'url':'/medical/settings/', 'text':_('Settings')}) self.request.bread.append({'url':'/medical/settings/reasons/new/', 'text':_('New reason')}) return {'reason':reason}
def medical_settings_methodofarrivals_edit(self): if self.request.redirect_forbidden: return HTTPFound(location='/forbidden/') elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location='/settings/me/edit/') _ = self.request.translate methodofarrival_id = self.request.matchdict['methodofarrival_id'] methodofarrival = DBSession.query(MedicalMethodOfArrival).filter(MedicalMethodOfArrival.id==methodofarrival_id).first() if self.request.method == 'POST': methodofarrival.title = self.request.POST.get('title').strip() methodofarrival.description = self.request.POST.get('description').strip() if methodofarrival.title != '': DBSession.add(methodofarrival) DBSession.flush() self.request.session.flash(_(u"MethodOfArrival saved."), 'success') return HTTPFound(location='/medical/settings/') else: self.request.session.flash(_(u"Please provide title."), 'error') self.request.bread.append({'url':'/medical/', 'text':_('Medical')}) self.request.bread.append({'url':'/medical/settings/', 'text':_('Settings')}) self.request.bread.append({'url':'/medical/settings/methodofarrivals/new/', 'text':_('Edit methodofarrival')}) return {'methodofarrival':methodofarrival}
def medical_settings_treatmenttypes_edit(self): if self.request.redirect_forbidden: return HTTPFound(location='/forbidden/') elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location='/settings/me/edit/') _ = self.request.translate treatmenttype_id = self.request.matchdict['treatmenttype_id'] treatmenttype = DBSession.query(MedicalTreatmentType).filter(MedicalTreatmentType.id==treatmenttype_id).first() if self.request.method == 'POST': treatmenttype.title = self.request.POST.get('title').strip() treatmenttype.description = self.request.POST.get('description').strip() if treatmenttype.title != '': DBSession.add(treatmenttype) DBSession.flush() self.request.session.flash(_(u"Treatmenttype saved."), 'success') return HTTPFound(location='/medical/settings/') else: self.request.session.flash(_(u"Please provide title."), 'error') self.request.bread.append({'url':'/medical/', 'text':_('Medical')}) self.request.bread.append({'url':'/medical/settings/', 'text':_('Settings')}) self.request.bread.append({'url':'/medical/settings/treatmenttypes/new/', 'text':_('Edit treatmenttype')}) return {'treatmenttype':treatmenttype}
def settings_organization_village_edit(self): if self.request.redirect_forbidden: return HTTPFound(location='/forbidden/') elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location='/settings/me/edit/') _ = self.request.translate tmp_village = { 'name':'', 'short_name':'', 'leader_id':'', 'subcamp_id':0, } village_id = self.request.matchdict['village_id'] village = DBSession.query(Village).filter(Village.id==village_id).first() subcamps = DBSession.query(Subcamp).all() if village.id: tmp_village = { 'name':village.name, 'short_name':village.short_name, 'leader_id':village.leader_id, 'subcamp_id':village.subcamp_id, } if self.request.method == 'POST': tmp_village['name'] = self.request.POST.get('name').strip() tmp_village['short_name'] = self.request.POST.get('short_name').strip() #tmp_village['leader_id'] = self.request.POST.get('leader_id').strip() tmp_village['leader_id'] = 0 tmp_village['subcamp_id'] = self.request.POST.get('subcamp_id').strip() if tmp_village['name']: village.name = tmp_village['name'] village.short_name = tmp_village['short_name'] village.leader_id = tmp_village['leader_id'] village.subcamp_id = tmp_village['subcamp_id'] DBSession.add(village) DBSession.flush() userAudit = UserAudit(self.request.user.id) userAudit.model = 'Village' userAudit.model_id = village.id userAudit.action = 'Update' userAudit.revision = village.metadata_revision DBSession.add(userAudit) DBSession.flush() self.request.session.flash(_(u"Village saved."), 'success') return HTTPFound(location='/settings/organization/') else: self.request.session.flash(_(u"Please provide village name."), 'error') self.request.bread.append({'url':'/settings/', 'text':_('Settings')}) self.request.bread.append({'url':'/settings/organization/', 'text':_('Organization')}) self.request.bread.append({'url':'/settings/organization/village_edit/'+village_id+'/', 'text':_('Edit village')}) return {'village':tmp_village, 'subcamps':subcamps}
def settings_groups_delete(self): _ = self.request.translate group_id = self.request.matchdict['group_id'] if group_id != 1: group = DBSession.query(Group).get(group_id) DBSession.delete(group) return HTTPFound(location='/settings/groups/')
def checkIfUsernameExists(self, username, skipId = None): if username == '': return True if skipId != None: users_count = DBSession.query(User).filter(User.username==username, User.id != skipId).count() else: users_count = DBSession.query(User).filter(User.username==username).count() if users_count > 0: return True return False
def checkIfGroupnameExists(self, groupname, skipId = None): if groupname == '': return True if skipId != None: groups_count = DBSession.query(Group).filter(Group.name==groupname, Group.id != skipId).count() else: groups_count = DBSession.query(Group).filter(Group.name==groupname).count() if groups_count > 0: return True return False
def settings_users_deactivate(self): if self.request.redirect_forbidden: return HTTPFound(location='/forbidden/') elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location='/settings/me/edit/') _ = self.request.translate user_id = self.request.matchdict['user_id'] if user_id != 1: user = DBSession.query(User).get(user_id) user.active = 0 user.metadata_modified = datetime.now() DBSession.add(user) DBSession.flush() userAudit = UserAudit(self.request.user.id) userAudit.model = 'User' userAudit.model_id = user.id userAudit.action = 'Deactivated' userAudit.revision = user.metadata_revision DBSession.add(userAudit) DBSession.flush() self.request.session.flash(_(u"User deactivated."), 'success') return HTTPFound(location='/settings/users/')
def security_shifts_logitem_delete(self): if self.request.redirect_forbidden: return HTTPFound(location="/forbidden/") elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location="/settings/me/edit/") _ = self.request.translate logitem_id = self.request.matchdict["logitem_id"] logitem = DBSession.query(SecurityLogItem).filter(SecurityLogItem.id == logitem_id).first() if logitem != None: logitem.deleted = True DBSession.add(logitem) DBSession.flush() userAudit = UserAudit(self.request.user.id) userAudit.model = "SecurityLogItem" userAudit.model_id = logitem.id userAudit.action = "Deleted" userAudit.revision = logitem.metadata_revision DBSession.add(userAudit) DBSession.flush() self.request.session.flash(_(u"Log item deleted."), "success") return HTTPFound(location="/security/shifts/view/" + str(logitem.shift_id) + "/") self.request.session.flash(_(u"Error finding logitem to delete."), "Error") return HTTPFound(location="/security/shifts/view/" + str(logitem.shift_id) + "/")
def checkIfSettignKeyExists(self, setting_key, skipId=None): if setting_key == "": return True if skipId != None: settings_count = ( DBSession.query(Setting).filter(Setting.setting_key == setting_key, Setting.id != skipId).count() ) else: settings_count = DBSession.query(Setting).filter(Setting.setting_key == setting_key).count() if settings_count > 0: return True return False
def feedback_add_box_submit(self): _ = self.request.translate if self.request.method == 'POST': feedback = Feedback() feedback.title = self.request.POST.get('feedback_title') feedback.description = self.request.POST.get('feedback_description') feedback.type = int(self.request.POST.get('feedback_type')) DBSession.add(feedback) DBSession.flush() return {'success':True}
def settings_edit(self): if self.request.redirect_forbidden: return HTTPFound(location="/forbidden/") elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location="/settings/me/edit/") _ = self.request.translate # TODO: Errors errors = {} tmp_setting = {"setting_key": "", "setting_value": "", "locked_key": False} setting_id = self.request.matchdict["setting_id"] setting = DBSession.query(Setting).filter(Setting.id == setting_id).first() if setting.id: tmp_setting = { "setting_key": setting.setting_key, "setting_value": setting.setting_value, "locked_key": setting.locked_key, } if self.request.method == "POST": if not setting.locked_key: tmp_setting["setting_key"] = self.request.POST.get("setting_key").strip() else: tmp_setting["setting_key"] = setting.setting_key tmp_setting["setting_value"] = self.request.POST.get("setting_value") if tmp_setting["setting_key"] and tmp_setting["setting_key"] != "": if not self.checkIfSettignKeyExists(tmp_setting["setting_key"], setting.id): setting.setting_key = tmp_setting["setting_key"] setting.setting_value = tmp_setting["setting_value"] DBSession.add(setting) DBSession.flush() userAudit = UserAudit(self.request.user.id) userAudit.model = "Setting" userAudit.model_id = setting.id userAudit.action = "Update" userAudit.revision = setting.metadata_revision DBSession.add(userAudit) DBSession.flush() self.request.session.flash(_(u"Setting saved."), "success") return HTTPFound(location="/settings/list/") else: self.request.session.flash(_(u"Setting with same key exists allready."), "error") else: self.request.session.flash(_(u"Please provide key."), "error") self.request.bread.append({"url": "/settings/", "text": _("Settings")}) self.request.bread.append({"url": "/settings/list/", "text": _("List")}) self.request.bread.append( {"url": "/settings/edit/" + setting_id + "/", "text": _("Edit") + " " + setting.setting_key} ) return {"setting": tmp_setting}
def medical_settings(self): if self.request.redirect_forbidden: return HTTPFound(location='/forbidden/') elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location='/settings/me/edit/') _ = self.request.translate reasons = DBSession.query(MedicalReason).order_by(MedicalReason.title).all() treatmenttypes = DBSession.query(MedicalTreatmentType).order_by(MedicalTreatmentType.title).all() methodsofarrival = DBSession.query(MedicalMethodOfArrival).order_by(MedicalMethodOfArrival.title).all() self.request.bread.append({'url':'/medical/', 'text':_('Medical')}) self.request.bread.append({'url':'/medical/settings/', 'text':_('Settings')}) return {'reasons':reasons, 'treatmenttypes':treatmenttypes, 'methodsofarrival':methodsofarrival}
def settings_new(self): if self.request.redirect_forbidden: return HTTPFound(location="/forbidden/") elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location="/settings/me/edit/") _ = self.request.translate # TODO: Errors errors = {} tmp_setting = {"setting_key": "", "setting_value": ""} if self.request.method == "POST": tmp_setting["setting_key"] = self.request.POST.get("setting_key").strip() tmp_setting["setting_value"] = self.request.POST.get("setting_value") if tmp_setting["setting_key"] and tmp_setting["setting_key"] != "": if not self.checkIfSettignKeyExists(tmp_setting["setting_key"]): setting = Setting(tmp_setting["setting_key"], tmp_setting["setting_value"]) DBSession.add(setting) DBSession.flush() userAudit = UserAudit(self.request.user.id) userAudit.model = "Setting" userAudit.model_id = setting.id userAudit.action = "Create" userAudit.revision = setting.metadata_revision DBSession.add(userAudit) DBSession.flush() self.request.session.flash(_(u"Setting created."), "success") return HTTPFound(location="/settings/list/") else: self.request.session.flash(_(u"Setting with same key exists allready."), "error") else: self.request.session.flash(_(u"Please provide key."), "error") self.request.bread.append({"url": "/settings/", "text": _("Settings")}) self.request.bread.append({"url": "/settings/list/", "text": _("List")}) self.request.bread.append({"url": "/settings/new/", "text": _("New")}) return {"setting": tmp_setting}
def security_shifts_new(self): if self.request.redirect_forbidden: return HTTPFound(location="/forbidden/") elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location="/settings/me/edit/") _ = self.request.translate shift = SecurityShift() if self.request.method == "POST": shift.starts = helpers.parseFinnishDateFromString(self.request.POST.get("starts").strip()) shift.ends = helpers.parseFinnishDateFromString(self.request.POST.get("ends").strip()) # shift.leader_id = helpers.decodeString(self.request.POST.get('leader_id').strip()) shift.notes = helpers.decodeString(self.request.POST.get("notes").strip()) if type(shift.starts) is datetime and type(shift.ends) is datetime and shift.starts < shift.ends: DBSession.add(shift) DBSession.flush() userAudit = UserAudit(self.request.user.id) userAudit.model = "SecurityShift" userAudit.model_id = shift.id userAudit.action = "Create" userAudit.revision = shift.metadata_revision DBSession.add(userAudit) DBSession.flush() self.request.session.flash(_(u"Shift created."), "success") return HTTPFound(location="/security/shifts/view/" + str(shift.id) + "/") else: self.request.session.flash(_(u"Error creating shift. Shift ends before it begins."), "error") self.request.bread.append({"url": "/security/", "text": _("Security")}) self.request.bread.append({"url": "/security/shifts/", "text": _("Shifts")}) self.request.bread.append({"url": "/security/shifts/new/", "text": _("Create")}) return {"shift": shift}
def medical_card_view(self): if self.request.redirect_forbidden: return HTTPFound(location='/forbidden/') elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location='/settings/me/edit/') _ = self.request.translate card_id = self.request.matchdict['card_id'] medicalCard = DBSession.query(MedicalCard).filter(MedicalCard.id==card_id).first() participant_id = medicalCard.participant_id participant = DBSession.query(Participant).filter(Participant.id==participant_id).first() participant.getParticipantMedicalData() medicalCardEvents = DBSession.query(MedicalCardEvent).filter(MedicalCardEvent.card_id==card_id).order_by(MedicalCardEvent.event_time).all() medicalParticipantAdditional = DBSession.query(MedicalParticipantAdditional).filter(MedicalParticipantAdditional.participant_id==participant_id).first() reasons = DBSession.query(MedicalReason).order_by(MedicalReason.title).all() treatmenttypes = DBSession.query(MedicalTreatmentType).order_by(MedicalTreatmentType.title).all() methodsofarrival = DBSession.query(MedicalMethodOfArrival).order_by(MedicalMethodOfArrival.title).all() participant_cards = DBSession.query(MedicalCard).filter(MedicalCard.participant_id==participant_id).all() self.request.bread.append({'url':'/medical/', 'text':_('Medical')}) self.request.bread.append({'url':'/medical/card/view/'+str(card_id)+'/', 'text':_('View card')}) return {'medicalCard':medicalCard, 'participant':participant, 'medicalParticipantAdditional':medicalParticipantAdditional, 'medicalCardEvents':medicalCardEvents, 'reasons':reasons, 'treatmenttypes':treatmenttypes, 'methodsofarrival':methodsofarrival, 'participant_cards':participant_cards}
def getPeoplePresenceCountsByAgegroup(dt, club=0, subunit=0, village=0, subcamp=0): agegroups = {0: 0, 1: 0, 2: 0, 3: 0, 4: 0, 5: 0, 6: 0, 7: 0} report = DBSession.query(Participant.age_group, func.count(Participant.age_group)) if club != 0: report = report.filter(Participant.club_id == club) if subunit != 0: report = report.filter(Participant.subunit_id == subunit) if village != 0: report = report.filter(Participant.village_id == village) if subcamp != 0: report = report.filter(Participant.subcamp_id == subcamp) report = report.filter(Participant.active == True) report = report.filter(Participant.latest_status_key != 200) report = report.join(ParticipantPresence).filter( ParticipantPresence.presence_starts <= dt, ParticipantPresence.presence_ends >= dt ) report = report.group_by(Participant.age_group) participants_count = report.all() for count in participants_count: agegroups[count[0]] = count[1] return agegroups
def getUserLastLoginData(self): return ( DBSession.query(UserLogin) .filter(UserLogin.user_id == self.id) .order_by(UserLogin.login_time.desc()) .first() )
def security_participant_search(self): _ = self.request.translate participants = [] search_string = "" if self.request.method == "POST": search_string = self.request.POST.get("searchstr").strip() if search_string == "": self.request.session.flash(_(u"Empty search, please provide search string."), "error") else: participants = ( DBSession.query(Participant) .filter( or_( Participant.firstname.like("%" + search_string + "%"), Participant.lastname.like("%" + search_string + "%"), Participant.nickname.like("%" + search_string + "%"), Participant.member_no.like("%" + search_string + "%"), ) ) .all() ) self.request.bread.append({"url": "/security/", "text": _("Security")}) self.request.bread.append({"url": "/security/participant/search/", "text": _("Search")}) return {"participants": participants, "search_string": search_string}
def json_search_participant(self): _ = self.request.translate if self.request.method == 'POST': search_string = self.request.POST.get('searchstr').strip() if search_string == '': self.request.session.flash(_(u"Empty search, please provide search string."), 'error') else: participants = DBSession.query(Participant).filter( or_( Participant.firstname.like('%'+search_string+'%'), Participant.lastname.like('%'+search_string+'%'), Participant.nickname.like('%'+search_string+'%'), Participant.member_no.like('%'+search_string+'%') )).all() participants_tmp = [] for participant in participants: participant_tmp = { 'id':participant.id, 'firstname':helpers.decodeString(participant.firstname), 'lastname':helpers.decodeString(participant.lastname), } participants_tmp.append(participant_tmp) return json.dumps(participants_tmp) return {}
def getParticipantMedicalData(self): request = get_current_request() if security.has_permission('office_participant_view_medical', request.context, request) or security.has_permission('medical_view', request.context, request): self.medical_data = DBSession.query(ParticipantMedical).filter(ParticipantMedical.participant_id==self.id).options(joinedload('*')).first() if self.medical_data == None: self.medical_data = ParticipantMedical() medical_data_searched = True
def base_configure(global_config, **settings): for key, value in conf_defaults.items(): settings.setdefault(key, value) _resolve_dotted(settings) engine = engine_from_config(settings, 'sqlalchemy.') DBSession.configure(bind=engine) authentication_policy = AuthTktAuthenticationPolicy(settings['leirirekkari.secret'], callback=groupfinder) authorization_policy = ACLAuthorizationPolicy() config = Configurator(settings=settings, root_factory=Root) config.set_request_property(get_user, 'user', reify=True) config.set_authentication_policy(authentication_policy) config.set_authorization_policy(authorization_policy) config.set_default_permission('view') # config.add_static_view('static', 'static', cache_max_age=3600) config.add_static_view(name=settings['leirirekkari.static_name'], path=settings['leirirekkari.static_path'], cache_max_age=3600) config.add_forbidden_view(forbidden) config.add_notfound_view(notfound, append_slash=True) config.add_translation_dirs('leirirekkari:locale/') config.set_locale_negotiator(leirirekkari_locale_negotiator) config.add_subscriber('leirirekkari.subscribers.add_localizer', 'pyramid.events.NewRequest') config.add_subscriber('leirirekkari.subscribers.add_renderer_globals', 'pyramid.events.BeforeRender') config.add_subscriber('leirirekkari.subscribers.breadcrumb_subscriber', 'pyramid.events.NewRequest') config.include('pyramid_mailer') session_factory = settings['leirirekkari.session_factory'][0](**settings) config.set_session_factory(session_factory) # Include modules listed in 'leirirekkari.base_includes': for module in settings['leirirekkari.base_includes']: config.include(module) config.commit() config.scan() return config
def security_shifts_view(self): if self.request.redirect_forbidden: return HTTPFound(location="/forbidden/") elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location="/settings/me/edit/") _ = self.request.translate shift_id = self.request.matchdict["shift_id"] shift = DBSession.query(SecurityShift).filter(SecurityShift.id == shift_id).first() if self.request.method == "POST": logitem = SecurityLogItem() logitem.event_type = self.request.POST.get("event_type") logitem.shift_id = shift_id logitem.notified_by = self.request.POST.get("notified_by") logitem.task = self.request.POST.get("task") logitem.content = self.request.POST.get("content") logitem.deleted = False logitem.people_present = self.request.POST.get("people_present") logitem.started = helpers.parseFinnishDateFromString(self.request.POST.get("started"), default_now=True) logitem.ended = helpers.parseFinnishDateFromString(self.request.POST.get("ended")) DBSession.add(logitem) DBSession.flush() userAudit = UserAudit(self.request.user.id) userAudit.model = "SecurityLogItem" userAudit.model_id = logitem.id userAudit.action = "Create" userAudit.revision = logitem.metadata_revision DBSession.add(userAudit) DBSession.flush() self.request.session.flash(_(u"Log item created."), "success") return HTTPFound(location="/security/shifts/view/" + shift_id + "/") logitems = ( DBSession.query(SecurityLogItem) .filter(SecurityLogItem.shift_id == shift_id, SecurityLogItem.deleted == False) .order_by(SecurityLogItem.started.desc()) .all() ) self.request.bread.append({"url": "/security/", "text": _("Security")}) self.request.bread.append({"url": "/security/shifts/", "text": _("Shifts")}) self.request.bread.append({"url": "/security/shifts/view/" + shift_id + "/", "text": _("View")}) return {"shift": shift, "logitems": logitems}
def security_participant_view(self): _ = self.request.translate participant_id = self.request.matchdict["participant_id"] participant = DBSession.query(Participant).get(participant_id) if ( self.request.method == "POST" and self.request.POST.get("participant_new_status_id") != None and self.request.POST.get("participant_new_status_id").isdigit() ): participantStatus = ParticipantStatus() participantStatus.participant_id = participant.id participantStatus.status_id = int(self.request.POST.get("participant_new_status_id")) description = self.request.POST.get("participant_new_status_description") if description != None and description.strip() != "": participantStatus.description = description expected_next_change = self.request.POST.get("participant_new_status_expected_next_change") if expected_next_change != None and expected_next_change.strip() != "": participantStatus.expected_next_change = helpers.parseFinnishDateFromString( expected_next_change.strip() ) DBSession.add(participantStatus) DBSession.flush() participant.latest_status_key = int(self.request.POST.get("participant_new_status_id")) DBSession.add(participant) DBSession.flush() self.request.session.flash(_(u"Added new status for participant."), "success") return HTTPFound(location="/security/participant/view/" + str(participant.id) + "/") participant.getParticipantAddressData() participant.getParticipantPhoneData() participant.getParticipantLanguageData() participant.getParticipantPresenceData() participant.getParticipantNextOfKinData() participant.getParticipantMetaData() self.request.bread.append({"url": "/security/", "text": _("Security")}) self.request.bread.append({"url": "/security/participant/search/", "text": _("Search")}) self.request.bread.append( { "url": "/security/participant/view/" + participant_id + "/", "text": _("Participant") + " " + helpers.decodeString(participant.firstname) + " " + helpers.decodeString(participant.lastname), } ) return {"participant": participant}
def settings_groups_new(self): if self.request.redirect_forbidden: return HTTPFound(location='/forbidden/') elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location='/settings/me/edit/') _ = self.request.translate tmp_group = { 'name':'', 'leader_id':'', 'privileges':'', } if self.request.method == 'POST': tmp_group['name'] = self.request.POST.get('name').strip() # tmp_group['leader_id'] = self.request.POST.get('leader_id').strip() if not self.checkIfGroupnameExists(tmp_group['name']): group = Group(tmp_group['name']) if security.has_permission("settings_users_modify_permissions", self.request.context, self.request): privileges_list = '' if len(self.request.POST.getall('privileges')) > 0: for privilege in DBSession.query(Privilege).filter(Privilege.id.in_(self.request.POST.getall('privileges'))).all(): privileges_list += '|'+privilege.name + '|' group.privileges = privileges_list DBSession.add(group) DBSession.flush() userAudit = UserAudit(self.request.user.id) userAudit.model = 'Group' userAudit.model_id = group.id userAudit.action = 'Create' userAudit.revision = group.metadata_revision DBSession.add(userAudit) DBSession.flush() self.request.session.flash(_(u"Group created."), 'success') if group.id != '' and group.id != 0: return HTTPFound(location='/settings/groups/view/'+str(group.id)) else: self.request.session.flash(_(u"Group with that name allready exists."), 'error') privileges = DBSession.query(Privilege).all() self.request.bread.append({'url':'/settings/', 'text':_('Settings')}) self.request.bread.append({'url':'/settings/groups/', 'text':_('Groups')}) self.request.bread.append({'url':'/settings/groups/new/', 'text':_('New')}) return {'group':tmp_group, 'privileges':privileges}
def settings_organization_subcamp_edit(self): if self.request.redirect_forbidden: return HTTPFound(location='/forbidden/') elif userhelpers.checkUserPasswordChangeNeed(self.request): return HTTPFound(location='/settings/me/edit/') _ = self.request.translate tmp_subcamp = { 'name':'', 'short_name':'', 'leader_id':'', } subcamp_id = self.request.matchdict['subcamp_id'] subcamp = DBSession.query(Subcamp).filter(Subcamp.id==subcamp_id).first() if subcamp.id: tmp_subcamp = { 'name':subcamp.name, 'short_name':subcamp.short_name, 'leader_id':subcamp.leader_id, } if self.request.method == 'POST': tmp_subcamp['name'] = self.request.POST.get('name').strip() tmp_subcamp['short_name'] = self.request.POST.get('short_name').strip() #tmp_subcamp['leader_id'] = self.request.POST.get('leader_id').strip() tmp_subcamp['leader_id'] = 0 if tmp_subcamp['name']: subcamp.name = tmp_subcamp['name'] subcamp.short_name = tmp_subcamp['short_name'] subcamp.leader_id = int(tmp_subcamp['leader_id']) DBSession.add(subcamp) DBSession.flush() userAudit = UserAudit(self.request.user.id) userAudit.model = 'Subcamp' userAudit.model_id = subcamp.id userAudit.action = 'Update' userAudit.revision = subcamp.metadata_revision DBSession.add(userAudit) DBSession.flush() self.request.session.flash(_(u"Subcamp saved."), 'success') return HTTPFound(location='/settings/organization/') else: self.request.session.flash(_(u"Please provide subcamp name."), 'error') self.request.bread.append({'url':'/settings/', 'text':_('Settings')}) self.request.bread.append({'url':'/settings/organization/', 'text':_('Organization')}) self.request.bread.append({'url':'/settings/organization/subcamp_edit/'+subcamp_id+'/', 'text':_('Edit subcamp')}) return {'subcamp':tmp_subcamp}