def validatePayment(self, member_id, idPayment):
""" Validate a payment specified by an id """
try:
ParamChecker.checkUsername('member_id', param=True)
ParamChecker.checkInt('idPayment', param=True)
except:
raise HTTPRedirect('/payments/index')
try:
np = self.db.query(Payment).filter(Payment.id == idPayment).one()
if np.verified:
np.verified = False
else:
np.verified = True
self.request.db.commit()
self.session['flash'] = _(
'Payment validation successfully toggled')
self.session['flash_class'] = 'success'
except:
self.session['flash'] = _('Saving payment failed')
self.session['flash_class'] = 'error'
self.session.save()
raise HTTPRedirect(
'/payments/listPayments/?member_id={0}'.format(member_id))
def validatePayment(self, member_id, idPayment):
""" Validate a payment specified by an id """
try:
ParamChecker.checkUsername('member_id', param=True)
ParamChecker.checkInt('idPayment', param=True)
except:
raise HTTPRedirect('/payments/index')
try:
np = self.db.query(Payment).filter(Payment.id == idPayment).one()
if np.verified:
np.verified = False
else:
np.verified = True
self.request.db.commit()
self.session['flash'] = _('Payment validation successfully toggled')
self.session['flash_class'] = 'success'
except:
self.session['flash'] = _('Saving payment failed')
self.session['flash_class'] = 'error'
self.session.save()
raise HTTPRedirect('/payments/listPayments/?member_id={0}'.format(member_id))
def listPayments(self, member_id=None, year=None):
""" Show a specific user's payments """
if member_id is None:
if not self.is_admin() and not self.is_finance_admin():
raise HTTPError(403, 'Forbidden')
else:
raise HTTPRedirect('/payments/showOutstanding/?showAll=1')
elif not self.is_admin() and not self.is_finance_admin() and not member_id == self.session.get('username'):
raise HTTPError(403, 'Forbidden')
if not year is None:
try:
ParamChecker.checkInt('year', param=True, max_len=4)
if int(year) > 1970 and int(year) < 2222:
year = int(year)
else:
year = datetime.datetime.now().year
except:
pass
if year is None:
try:
ParamChecker.checkUsername('member_id', param=True)
year = self._getLastPayment(member_id).year
except:
pass
if year is None:
year = datetime.datetime.now().year
c = TemplateContext()
c.heading = _('Payments for the year {0}, user {1}'.format(year, member_id))
c.member_id = member_id
## consider pagination
# http://pylonsbook.com/en/1.1/starting-the-simplesite-tutorial.html#using-pagination
try:
#c.member.leavingDate = date(int(member.leavingDate[:4]),int(member.leavingDate[5:6]),int(member.leavingDate[7:8]))
## ideally, fetch monthly from member and the rest from payment (one to many relation)
## http://www.sqlalchemy.org/docs/05/reference/ext/declarative.html
y_start = datetime.date(year, 1, 1)
y_end = datetime.date(year, 12, 31)
payment_sql = self.db.query(Payment).filter(Payment.uid == member_id).filter(Payment.date.between(y_start, y_end)).order_by(Payment.date.desc()).all()
payments = {}
c.unverifiedPledges = 0
for p in payment_sql:
if p.verified == 0:
c.unverifiedPledges += 1
payments[p.date.month] = p
c.year = year
c.payments = payments
except AttributeError, e:
return 'This member has made no payments o.O ?!: %s' % e
def bulkAdd(self, member_id):
try:
ParamChecker.checkUsername('member_id', param=True)
except:
raise HTTPRedirect('/payments/index')
c = TemplateContext()
c.member_id = member_id
c.heading = _('Add bulk payments')
return self.render('/payments/bulkAdd.mako', template_context=c)
def bulkAdd(self, member_id):
try:
ParamChecker.checkUsername('member_id', param=True)
except:
raise HTTPRedirect('/payments/index')
c = TemplateContext()
c.member_id = member_id
c.heading = _('Add bulk payments')
return self.render('/payments/bulkAdd.mako', template_context=c)
def doLogin(self, username=None, password=None):
try:
ParamChecker.checkUsername('username', param=True)
ParamChecker.checkPassword('password', 'password', param=True)
except InvalidParameterFormat as ipf:
return self.index(_('Invalid data'))
try:
ldap_connector = LdapConnector(username=username,
password=password)
except mematool.helpers.exceptions.InvalidCredentials:
return self.index(_('Invalid credentials'))
except mematool.helpers.exceptions.ServerError:
return self.index(_('Server error, please retry later'))
old_session_language = self.session.get('language', '')
self.session.regenerate()
self.session['username'] = username
self.session['password'] = encodeAES(password)
self.set_ldapcon(ldap_connector.get_connection())
self.session['groups'] = self.mf.getUserGroupList(username)
try:
user = self.mf.getUser(self.session['username'])
except:
return self.index(_('Server error, please retry later'))
self.session['user'] = user
if self.is_admin():
self.session[
'pendingMemberValidations'] = self.pendingMemberValidations()
uidNumber = user.uidNumber
language = self.db.query(Preferences).filter(
and_(Preferences.uidNumber == uidNumber,
Preferences.key == 'language')).one()
if language.value in self.languages:
self.session['language'] = language.value
elif not old_session_language == '':
self.session['language'] = old_session_language
else:
self.session['language'] = self.default_language
log.info(username + ' logged in')
if user.is_admin():
raise HTTPRedirect('/members/index')
else:
raise HTTPRedirect('/profile/index')
def doLogin(self, username=None, password=None):
try:
ParamChecker.checkUsername('username', param=True)
ParamChecker.checkPassword('password', 'password', param=True)
except InvalidParameterFormat as ipf:
return self.index(_('Invalid data'))
try:
ldap_connector = LdapConnector(username=username, password=password)
except mematool.helpers.exceptions.InvalidCredentials:
return self.index(_('Invalid credentials'))
except mematool.helpers.exceptions.ServerError:
return self.index(_('Server error, please retry later'))
old_session_language = self.session.get('language', '')
self.session.regenerate()
self.session['username'] = username
self.session['password'] = encodeAES(password)
self.set_ldapcon(ldap_connector.get_connection())
self.session['groups'] = self.mf.getUserGroupList(username)
try:
user = self.mf.getUser(self.session['username'])
except:
return self.index(_('Server error, please retry later'))
self.session['user'] = user
if self.is_admin():
self.session['pendingMemberValidations'] = self.pendingMemberValidations()
uidNumber = user.uidNumber
language = self.db.query(Preferences).filter(and_(Preferences.uidNumber == uidNumber, Preferences.key == 'language')).one()
if language.value in self.languages:
self.session['language'] = language.value
elif not old_session_language == '':
self.session['language'] = old_session_language
else:
self.session['language'] = self.default_language
log.info(username + ' logged in')
if user.is_admin():
raise HTTPRedirect('/members/index')
else:
raise HTTPRedirect('/profile/index')
def deleteGroup(self, gid):
try:
ParamChecker.checkUsername('gid', param=True)
except:
raise HTTPRedirect('/groups/index')
result = self.mf.deleteGroup(request.params['gid'])
if result:
msg = _('Group successfully deleted')
msg_class = 'success'
else:
msg = _('Failed to delete group!')
msg_class = 'error'
return self.index(msg=msg, msg_class=msg_class)
def unmanageGroup(self, gid):
try:
ParamChecker.checkUsername('gid', param=True)
except:
raise HTTPRedirect('/groups/index')
result = self.mf.unmanageGroup(gid)
if result:
msg = _('Group no longer managed')
msg_class = 'success'
else:
msg = _('Failed to remove group from management!')
msg_class = 'error'
return self.index(msg=msg, msg_class=msg_class)
def deleteGroup(self, gid):
try:
ParamChecker.checkUsername('gid', param=True)
except:
raise HTTPRedirect('/groups/index')
result = self.mf.deleteGroup(request.params['gid'])
if result:
msg = _('Group successfully deleted')
msg_class = 'success'
else:
msg = _('Failed to delete group!')
msg_class = 'error'
return self.index(msg=msg, msg_class=msg_class)
def unmanageGroup(self, gid):
try:
ParamChecker.checkUsername('gid', param=True)
except:
raise HTTPRedirect('/groups/index')
result = self.mf.unmanageGroup(gid)
if result:
msg = _('Group no longer managed')
msg_class = 'success'
else:
msg = _('Failed to remove group from management!')
msg_class = 'error'
return self.index(msg=msg, msg_class=msg_class)
def deletePayment(self, member_id, idPayment):
""" Delete a payment specified by an id """
try:
ParamChecker.checkUsername('member_id', param=True)
ParamChecker.checkInt('idPayment', param=True)
except:
raise HTTPRedirect('/members/index')
try:
np = self.db.query(Payment).filter(Payment.id == idPayment).one()
self.db.delete(np)
self.db.commit()
except:
''' Don't care '''
pass
raise HTTPRedirect('/payments/listPayments/?member_id={0}'.format(member_id))
def deletePayment(self, member_id, idPayment):
""" Delete a payment specified by an id """
try:
ParamChecker.checkUsername('member_id', param=True)
ParamChecker.checkInt('idPayment', param=True)
except:
raise HTTPRedirect('/members/index')
try:
np = self.db.query(Payment).filter(Payment.id == idPayment).one()
self.db.delete(np)
self.db.commit()
except:
''' Don't care '''
pass
raise HTTPRedirect(
'/payments/listPayments/?member_id={0}'.format(member_id))
def new_f(self, gid, users=None):
formok = True
errors = []
items = {}
try:
ParamChecker.checkUsername('gid', param=True)
except:
formok = False
errors.append(_('Invalid group ID'))
items['users'] = []
if not users is None:
try:
#ParamChecker.checkString('users', param=True, min_len=-1, max_len=9999, regex=r'([\w]{1,20}\n?)*')
for k in users.split('\n'):
m = k.replace('\r', '').replace(' ', '')
if m == '':
continue
else:
ParamChecker.checkUsername(m, param=False)
items['users'].append(m)
except InvalidParameterFormat as ipf:
formok = False
errors.append(_('Invalid user name(s)'))
if not formok:
self.session['errors'] = errors
self.session['reqparams'] = {}
# @TODO request.params may contain multiple values per key... test & fix
for k in self.request.params.iterkeys():
self.session['reqparams'][k] = cherrypy.request.params[k]
self.session.save()
raise HTTPRedirect('/groups/editGroup/?gid={0}'.format(gid))
else:
items['gid'] = gid
return f(self, items)
def new_f(self, gid, users=None):
formok = True
errors = []
items = {}
try:
ParamChecker.checkUsername('gid', param=True)
except:
formok = False
errors.append(_('Invalid group ID'))
items['users'] = []
if not users is None:
try:
#ParamChecker.checkString('users', param=True, min_len=-1, max_len=9999, regex=r'([\w]{1,20}\n?)*')
for k in users.split('\n'):
m = k.replace('\r', '').replace(' ', '')
if m == '':
continue
else:
ParamChecker.checkUsername(m, param=False)
items['users'].append(m)
except InvalidParameterFormat as ipf:
formok = False
errors.append(_('Invalid user name(s)'))
if not formok:
self.session['errors'] = errors
self.session['reqparams'] = {}
# @TODO request.params may contain multiple values per key... test & fix
for k in self.request.params.iterkeys():
self.session['reqparams'][k] = cherrypy.request.params[k]
self.session.save()
raise HTTPRedirect('/groups/editGroup/?gid={0}'.format(gid))
else:
items['gid'] = gid
return f(self, items)
def doBulkAdd(self, member_id, months, verified=None):
try:
ParamChecker.checkUsername('member_id', param=True)
ParamChecker.checkInt('months', param=True, max_len=2)
except:
raise HTTPRedirect('/payments/index')
lastDate = self._getLastPayment(member_id)
months = int(months)
if self.is_finance_admin():
try:
ParamChecker.checkInt('verified', param=True, max_len=1)
verified = True
except:
verified = False
try:
for i in range(months):
p = Payment()
p.uid = member_id
p.date = lastDate + relativedelta(months=i)
p.status = 0
p.verified = verified
self.db.add(p)
self.db.commit()
self.session['flash'] = _('Payments added')
self.session['flash_class'] = 'success'
except Exception as e:
self.session['flash'] = _('Operation failed')
self.session['flash_class'] = 'error'
self.session.save()
raise HTTPRedirect(
'/payments/listPayments/?member_id={0}'.format(member_id))
def doBulkAdd(self, member_id, months, verified=None):
try:
ParamChecker.checkUsername('member_id', param=True)
ParamChecker.checkInt('months', param=True, max_len=2)
except:
raise HTTPRedirect('/payments/index')
lastDate = self._getLastPayment(member_id)
months = int(months)
if self.is_finance_admin():
try:
ParamChecker.checkInt('verified', param=True, max_len=1)
verified = True
except:
verified = False
try:
for i in range(months):
p = Payment()
p.uid = member_id
p.date = lastDate + relativedelta(months=i)
p.status = 0
p.verified = verified
self.db.add(p)
self.db.commit()
self.session['flash'] = _('Payments added')
self.session['flash_class'] = 'success'
except Exception as e:
self.session['flash'] = _('Operation failed')
self.session['flash_class'] = 'error'
self.session.save()
raise HTTPRedirect('/payments/listPayments/?member_id={0}'.format(member_id))
def editGroup(self, gid=None):
c = TemplateContext()
# vary form depending on mode (do that over ajax)
if gid is None:
c.group = Group()
action = 'Adding'
c.gid = ''
else:
try:
ParamChecker.checkUsername('gid', param=True)
except:
msg = _('Invalid format!')
return self.index(msg=msg)
action = 'Editing'
c.gid = gid
try:
c.group = self.mf.getGroup(gid)
print 'poll'
users = ''
for u in c.group.users:
if not users == '':
users += '\n'
users += u
c.group.users = users
except LookupError:
# @TODO implement better handler
msg = _('No such group!')
return self.index(msg=msg)
c.heading = '{0} group'.format(action)
return self.render('/groups/editGroup.mako', template_context=c)
def editGroup(self, gid=None):
c = TemplateContext()
# vary form depending on mode (do that over ajax)
if gid is None:
c.group = Group()
action = 'Adding'
c.gid = ''
else:
try:
ParamChecker.checkUsername('gid', param=True)
except:
msg = _('Invalid format!')
return self.index(msg=msg)
action = 'Editing'
c.gid = gid
try:
c.group = self.mf.getGroup(gid)
print 'poll'
users = ''
for u in c.group.users:
if not users == '':
users += '\n'
users += u
c.group.users = users
except LookupError:
# @TODO implement better handler
msg = _('No such group!')
return self.index(msg=msg)
c.heading = '{0} group'.format(action)
return self.render('/groups/editGroup.mako', template_context=c)
def check(self):
errors = []
checkOK = True
try:
ParamChecker.checkUsername(self.uid, param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid username'))
try:
ParamChecker.checkString(self.sn,
min_len=0,
max_len=20,
param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid surname'))
try:
ParamChecker.checkString(self.givenName,
min_len=0,
max_len=20,
param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid given name'))
try:
ParamChecker.checkString(self.homePostalAddress,
min_len=0,
max_len=255,
param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid address'))
'''optional'''
try:
ParamChecker.checkBool(self.isMinor, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid selection for "is minor"'))
'''optional'''
try:
ParamChecker.checkPhone(self.homePhone, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(ipf.message)
'''optional'''
try:
ParamChecker.checkPhone(self.mobile, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid mobile number'))
try:
ParamChecker.checkEmail(self.mail, param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(ipf.message)
try:
ParamChecker.checkString(self.loginShell,
min_len=0,
max_len=20,
regex=regex.loginShell,
param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid login shell'))
try:
ParamChecker.checkDate(self.arrivalDate, param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid "member since" date'))
'''optional'''
try:
ParamChecker.checkDate(self.leavingDate,
param=False,
optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid "membership canceled" date'))
'''optional'''
try:
ParamChecker.checkString(self.sshPublicKey,
min_len=0,
max_len=1200,
regex=regex.sshKey,
param=False,
optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid SSH key'))
'''optional'''
try:
ParamChecker.checkPGP(self.pgpKey, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(ipf.message)
'''optional'''
try:
ParamChecker.checkiButtonUID(self.iButtonUID,
param=False,
optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(ipf.message)
try:
ParamChecker.checkUsername(self.conventionSigner, param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid convention signer'))
'''optional'''
try:
ParamChecker.checkEmail(self.xmppID, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid XMPP/Jabber/GTalk ID'))
'''optional'''
try:
ParamChecker.checkBool(self.spaceKey, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid Space-Key value'))
'''optional'''
try:
ParamChecker.checkBool(self.npoMember, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid NPO-Member value'))
try:
ParamChecker.checkCountryCode(self.nationality, param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid nationality'))
if checkOK:
return checkOK
raise InvalidParameterFormat(errors)
def listPayments(self, member_id=None, year=None):
""" Show a specific user's payments """
if member_id is None:
if not self.is_admin() and not self.is_finance_admin():
raise HTTPError(403, 'Forbidden')
else:
raise HTTPRedirect('/payments/showOutstanding/?showAll=1')
elif not self.is_admin() and not self.is_finance_admin(
) and not member_id == self.session.get('username'):
raise HTTPError(403, 'Forbidden')
if not year is None:
try:
ParamChecker.checkInt('year', param=True, max_len=4)
if int(year) > 1970 and int(year) < 2222:
year = int(year)
else:
year = datetime.datetime.now().year
except:
pass
if year is None:
try:
ParamChecker.checkUsername('member_id', param=True)
year = self._getLastPayment(member_id).year
except:
pass
if year is None:
year = datetime.datetime.now().year
c = TemplateContext()
c.heading = _('Payments for the year {0}, user {1}'.format(
year, member_id))
c.member_id = member_id
## consider pagination
# http://pylonsbook.com/en/1.1/starting-the-simplesite-tutorial.html#using-pagination
try:
#c.member.leavingDate = date(int(member.leavingDate[:4]),int(member.leavingDate[5:6]),int(member.leavingDate[7:8]))
## ideally, fetch monthly from member and the rest from payment (one to many relation)
## http://www.sqlalchemy.org/docs/05/reference/ext/declarative.html
y_start = datetime.date(year, 1, 1)
y_end = datetime.date(year, 12, 31)
payment_sql = self.db.query(Payment).filter(
Payment.uid == member_id).filter(
Payment.date.between(y_start, y_end)).order_by(
Payment.date.desc()).all()
payments = {}
c.unverifiedPledges = 0
for p in payment_sql:
if p.verified == 0:
c.unverifiedPledges += 1
payments[p.date.month] = p
c.year = year
c.payments = payments
except AttributeError, e:
return 'This member has made no payments o.O ?!: %s' % e
def check(self):
errors = []
checkOK = True
try:
ParamChecker.checkUsername(self.uid, param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid username'))
try:
ParamChecker.checkString(self.sn, min_len=0, max_len=20, param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid surname'))
try:
ParamChecker.checkString(self.givenName, min_len=0, max_len=20, param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid given name'))
try:
ParamChecker.checkString(self.homePostalAddress, min_len=0, max_len=255, param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid address'))
'''optional'''
try:
ParamChecker.checkBool(self.isMinor, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid selection for "is minor"'))
'''optional'''
try:
ParamChecker.checkPhone(self.homePhone, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(ipf.message)
'''optional'''
try:
ParamChecker.checkPhone(self.mobile, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid mobile number'))
try:
ParamChecker.checkEmail(self.mail, param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(ipf.message)
try:
ParamChecker.checkString(self.loginShell, min_len=0, max_len=20, regex=regex.loginShell, param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid login shell'))
try:
ParamChecker.checkDate(self.arrivalDate, param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid "member since" date'))
'''optional'''
try:
ParamChecker.checkDate(self.leavingDate, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid "membership canceled" date'))
'''optional'''
try:
ParamChecker.checkString(self.sshPublicKey, min_len=0, max_len=1200, regex=regex.sshKey, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid SSH key'))
'''optional'''
try:
ParamChecker.checkPGP(self.pgpKey, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(ipf.message)
'''optional'''
try:
ParamChecker.checkiButtonUID(self.iButtonUID, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(ipf.message)
try:
ParamChecker.checkUsername(self.conventionSigner, param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid convention signer'))
'''optional'''
try:
ParamChecker.checkEmail(self.xmppID, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid XMPP/Jabber/GTalk ID'))
'''optional'''
try:
ParamChecker.checkBool(self.spaceKey, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid Space-Key value'))
'''optional'''
try:
ParamChecker.checkBool(self.npoMember, param=False, optional=True)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid NPO-Member value'))
try:
ParamChecker.checkCountryCode(self.nationality, param=False)
except InvalidParameterFormat as ipf:
checkOK = False
errors.append(_('Invalid nationality'))
if checkOK:
return checkOK
raise InvalidParameterFormat(errors)
