def update(self): source_oid = self.params('source') targets_oid = self.params('targets') if targets_oid and source_oid: try: if not isinstance(targets_oid, (list, tuple)): targets_oid = [targets_oid] targets = [get_obj(int(t)) for t in targets_oid] source = get_obj(int(source_oid)) if targets and source: result = self.execute({ 'source': source, 'targets': targets }) if result: values = result[0] values['context'] = source body = self.content(args=values, template=self.template)['body'] item = self.adapt_item(body, self.viewid) result = {} result['coordinates'] = {self.coordinates: [item]} return result except Exception as error: log.warning(error) view_error = ViewError() view_error.principalmessage = _("An error has occurred.") return self.failure(view_error)
def update(self): source_oid = self.params('source') targets_oid = self.params('targets') if targets_oid and source_oid: try: if not isinstance(targets_oid, (list, tuple)): targets_oid = [targets_oid] targets = [get_obj(int(t)) for t in targets_oid] source = get_obj(int(source_oid)) if targets and source: result = self.execute( {'source': source, 'targets': targets}) if result and result[0].get('error', False): view_error = ViewError() view_error.principalmessage = _("An error has occurred.") return self.failure(view_error) return HTTPFound( self.request.resource_url(source, '@@index')) except Exception as error: log.warning(error) return HTTPFound(self.request.resource_url(self.context, ''))
def update(self): source_oid = self.params('source') targets_oid = self.params('targets') if targets_oid and source_oid: try: if not isinstance(targets_oid, (list, tuple)): targets_oid = [targets_oid] targets = [get_obj(int(t)) for t in targets_oid] source = get_obj(int(source_oid)) if targets and source: result = self.execute({ 'source': source, 'targets': targets }) if result and result[0].get('error', False): view_error = ViewError() view_error.principalmessage = _( "An error has occurred.") return self.failure(view_error) return HTTPFound( self.request.resource_url(source, '@@index')) except Exception as error: log.warning(error) return HTTPFound(self.request.resource_url(self.context, ''))
def update_actions( self, request, all_actions, ignor_form=False, ignor_actionsofactions=True, include_resources=True): messages = {} #find all business actions form_id = None #get submited form view if not ignor_form and '__formid__' in request.POST: #if request.POST['__formid__'].find(object_oid) >= 0: form_id = request.POST['__formid__'] toreplay, valid_form_id, action_updated, \ resources, allbodies_actions = self._ajax_views( request, all_actions, form_id, ignor_actionsofactions, include_resources) if toreplay: request.POST.clear() old_resources = resources old_allbodies_actions = allbodies_actions actions_toreplay = [] for context, action in list(all_actions): try: action.validate(context, request) if context.__parent__: actions_toreplay.append((context, action)) except Exception as e: pass action_updated, messages, \ resources, allbodies_actions = self.update_actions( request, actions_toreplay, ignor_form, include_resources=include_resources) if old_resources is not None: resources = merge_dicts(old_resources, resources, ('js_links', 'css_links')) resources['js_links'] = list(set(resources['js_links'])) resources['css_links'] = list(set(resources['css_links'])) if old_allbodies_actions is not None: allbodies_actions.extend(old_allbodies_actions) return True, messages, resources, allbodies_actions if form_id and \ not action_updated and valid_form_id and all_actions: error = ViewError() error.principalmessage = u"Action non realisee" error.causes = ["Vous n'avez plus le droit de realiser cette action.", "L'action est verrouillee par un autre utilisateur."] message = error.render_message(request) messages.update({error.type: [message]}) return action_updated, messages, resources, allbodies_actions
def update(self,): if not self.validated_children: e = ViewError() e.principalmessage = CallViewErrorPrincipalmessage causes = set() for view, er in self.errors: causes.update(er.causes) e.causes = list(causes) raise e result = {} global_result = {} for view in self.validated_children: try: view_result = view.update() except ViewError as e: continue if self.isexecutable and \ view.isexecutable and \ view.finished_successfully: self.finished_successfully = True return self.success(view_result) currentview = view if 'view' in view_result: currentview = view_result['view'] global_result = merge_dicts(view_result, global_result) if len(view_result['coordinates']) == 1 and \ len(view_result['coordinates'].items()[0][1]) == 1: coordinate = view_result['coordinates'].items()[0][0] item = view_result['coordinates'].items()[0][1][0] if coordinate in result: result[coordinate].append(item) else: result[coordinate] = [item] else: for coordinate, values in view_result['coordinates'].items(): item = values[0] subviewid = currentview.viewid+'_'+coordinate item['id'] = subviewid if coordinate in result: result[coordinate].append(item) else: result[coordinate] = [item] for coordinate, items in result.items(): values = {'items': items, 'id':self.viewid+coordinate } body = self.content(args=values, template=self.template)['body'] item = self.adapt_item(body, self.viewid) global_result['coordinates'][coordinate] = [item] #if not (len(self.validated_children) == len(self.contexts)): # global_result['messages'] global_result = merge_dicts(self.requirements_copy, global_result) return global_result
def update(self,): #validation if not self.validated_children and \ not self.include_failed_views: error = ViewError() error.principalmessage = MutltipleViewErrorPrincipalmessage causes = set() for viewinstance, er in self.errors: causes.update(er.causes) error.causes = list(causes) raise error #update children result = {} if self.include_failed_views: result = self._update_all_children() else: result = self._update_validated_children() if not result: error = ViewError() error.principalmessage = MutltipleViewErrorPrincipalmessage error.causes = MutltipleViewErrorCauses raise error if not isinstance(result, dict): return result for _coordinate in result['coordinates']: coordinate = _coordinate if self.merged: coordinate = self.coordinates items = result['coordinates'][coordinate] isactive = False for item in items: if item['isactive']: isactive = True break if not isactive: self._activate(items) if self.parent is None: isactive = True _item = {'isactive':isactive, 'items': items, 'view': self, 'id':self.viewid} values = {'coordinates': coordinate, 'subitem': _item, 'parent': self} body = self.content(args=values, template=self.template)['body'] item = self.adapt_item(body, self.viewid) item['isactive'] = isactive result['coordinates'][coordinate] = [item] result = merge_dicts(self.requirements_copy, result) return result
def update(self): allactions = getAllBusinessAction(self.context, self.request, True) allactions.sort(key=lambda x: x.title) views = [] for action in allactions: views.append(action.action_view) if views: indexmultiview = MultipleView(self.context, self.request, self.parent) indexmultiview.wrapper_template = 'templates/views_templates/empty_view_wrapper.pt' indexmultiview.template = 'templates/views_templates/simple_multipleview.pt' indexmultiview.css_class = 'index-view' indexmultiview.coordinates = self.coordinates indexmultiview._init_views(views) indexmultiview.before_update() return indexmultiview.update() error = ViewError() error.principalmessage = IndexViewErrorPrincipalmessage error.causes = IndexViewErrorCauses raise error
def update(self): allactions = getAllBusinessAction(self.context, self.request, True) allactions.sort(key=lambda x: x.title) views = [] for action in allactions: views.append(action.action_view) if views: indexmultiview = MultipleView( self.context, self.request, self.parent) indexmultiview.wrapper_template = 'templates/views_templates/empty_view_wrapper.pt' indexmultiview.template = 'templates/views_templates/simple_multipleview.pt' indexmultiview.css_class = 'index-view' indexmultiview.coordinates = self.coordinates indexmultiview._init_views(views) indexmultiview.before_update() return indexmultiview.update() error = ViewError() error.principalmessage = IndexViewErrorPrincipalmessage error.causes = IndexViewErrorCauses raise error
def update(self): request = self.request login_url = request.resource_url(request.context, 'login') login_url2 = request.resource_url(request.context, '@@login') referrer = request.path_url if '/auditstream-sse' in referrer: # If we're being invoked as the result of a failed request to the # auditstream sse view, bail. Otherwise the came_from will be set to # the auditstream URL, and the user who this happens to will eventually # be redirected to it and they'll be left scratching their head when # they see e.g. "id: 0-10\ndata: " when they log in successfully. return HTTPForbidden() if login_url in referrer or login_url2 in referrer: # never use the login form itself as came_from referrer = request.resource_url(request.virtual_root) came_from = request.session.setdefault( 'lac.came_from', referrer).replace('@@dace-ui-api-view', '@@index') login = '' password = '' message = None messages = {} if 'login_form.submitted' in request.params: try: check_csrf_token(request) except: request.sdiapi.flash(_('Failed login (CSRF)'), 'danger') else: login = request.params['email'] password = request.params['password'] result = self.execute(dict( login=login, password=password, came_from=came_from )) if result[0].get('logged', False): return result[0].get('redirect') error = ViewError() error.principalmessage = _("Failed login") message = error.render_message(request) messages.update({error.type: [message]}) self.finished_successfully = False # Pass this through FBO views (e.g., forbidden) which use its macros. template = get_renderer( 'lac:views/user_management/templates/login.pt').implementation() site = self.request.get_site_folder values = dict( velruse_login_url=velruse_login_url, applications=getattr(site, 'applications', []), url=request.resource_url(request.virtual_root, ''), came_from=came_from, login=login, password=password, login_template=template, form_id=self.viewid, check_url=self.request.resource_url( self.request.root, '@@creationculturelapi', query={'op': 'check_user'}) ) body = self.content(args=values, template=self.template)['body'] item = self.adapt_item(body, self.viewid) item['messages'] = messages result = {} result['coordinates'] = {self.coordinates: [item]} return result
def update(self): result = {} user = get_current() folderid = self.params('folderid') try: folder = get_obj(int(folderid)) except: folder = None # if not valid folderid if folderid is None or folder is None: error = ViewError() error.principalmessage = _("Access to the requested folder has been denied") error.causes = [_("Folder not valid")] message = error.render_message(self.request) item = self.adapt_item('', self.viewid) item['messages'] = {error.type: [message]} result['coordinates'] = {self.coordinates: [item]} return result # if permission denied if folder and not can_access(user, folder): error = ViewError() error.principalmessage = _("Access to the requested folder has been denied") error.causes = [_("Permission denied")] message = error.render_message(self.request) item = self.adapt_item('', self.viewid) item['messages'] = {error.type: [message]} result['coordinates'] = {self.coordinates: [item]} return result # calling self._add_filter will set self.filter_instance or not template_type = getattr(folder, 'view_type', 'default') if template_type == 'bloc': self.wrapper_template = 'novaideo:views/smart_folder_management/templates/folder_blocs_view_wrapper.pt' filter_body = None filter_form, filter_data = self._add_filter(folder, user) args = merge_with_filter_view(self, {}) objects = get_folder_content(folder, user, **args) objects, sort_body = sort_view_objects( self, objects, ['proposal', 'idea', 'amendment', 'file', 'person'], user) len_result = len(objects) self.breadcrumb = self.content( args={'number': len_result}, template=self.breadcrumb_template)['body'] if getattr(self, 'filter_instance', None) is not None: filter_data['filter_message'] = self.breadcrumb filter_body = getattr(self, 'filter_instance').get_body(filter_data) url = self.request.resource_url( self.context, 'open', query={'folderid': folderid}) batch = Batch(objects, self.request, url=url, default_size=BATCH_DEFAULT_SIZE) batch.target = "#results" result_body = [] for obj in batch: body = render_listing_obj( self.request, obj, user, view_type=template_type) if body: result_body.append(body) values = { 'bodies': result_body, 'batch': batch, 'filter_body': filter_body, 'sort_body': sort_body, 'row_len': math.ceil(len_result/2) } template = self.templates.get(template_type, 'default') body = self.content(args=values, template=template)['body'] item = self.adapt_item(body, self.viewid) result['coordinates'] = {self.coordinates: [item]} if filter_form: result['css_links'] = filter_form['css_links'] result['js_links'] = filter_form['js_links'] return result
def update(self): result = {} user = get_current() folderid = self.params('folderid') try: folder = get_obj(int(folderid)) except: folder = None # if not valid folderid if folderid is None or folder is None: error = ViewError() error.principalmessage = _( "Access to the requested folder has been denied") error.causes = [_("Folder not valid")] message = error.render_message(self.request) item = self.adapt_item('', self.viewid) item['messages'] = {error.type: [message]} result['coordinates'] = {self.coordinates: [item]} return result # if permission denied if folder and not can_access(user, folder): error = ViewError() error.principalmessage = _( "Access to the requested folder has been denied") error.causes = [_("Permission denied")] message = error.render_message(self.request) item = self.adapt_item('', self.viewid) item['messages'] = {error.type: [message]} result['coordinates'] = {self.coordinates: [item]} return result classifications = [ CLASSIFICATIONS[fid] for fid in getattr(folder, 'classifications', []) ] classifications.reverse() source_class = None for classification in classifications: source_class = classification(source_class) setattr(self, 'filter_instance', None) filter_body = None filter_form, filter_data = self._add_filter(folder, user) # calling self._add_filter will set self.filter_instance or not template_type = getattr(folder, 'view_type', 'default') if template_type == 'bloc': self.container_css_class = 'home folder-bloc' self.wrapper_template = 'lac:views/admin_process/templates/folder_blocs_view_wrapper.pt' args = merge_with_filter_view(self, {}) objects = get_folder_content(folder, user, **args) len_result = len(objects) self.breadcrumb = self.content( args={ 'lineage': folder.folder_lineage, 'nember': len_result }, template=self.breadcrumb_template)['body'] self.title = '/'.join([f.title for f in folder.folder_lineage]) if getattr(self, 'filter_instance', None) is not None: filter_data['filter_message'] = self.breadcrumb filter_body = getattr(self, 'filter_instance').get_body(filter_data) if source_class is None: url = self.request.resource_url(self.context, 'open', query={'folderid': folderid}) batch = Batch(objects, self.request, url=url, default_size=BATCH_DEFAULT_SIZE) batch.target = "#results" result_body = [] for obj in batch: object_values = { 'object': obj, 'current_user': user, 'state': get_states_mapping( user, obj, getattr(obj, 'state_or_none', [None])[0]) } body = self.content( args=object_values, template=obj.templates[template_type])['body'] result_body.append(body) values = { 'bodies': result_body, 'batch': batch, 'filter_body': filter_body, 'row_len': math.ceil(len_result / 2) } template = self.templates.get(template_type, 'default') body = self.content(args=values, template=template)['body'] else: body = source_class.render(objects, self.request, folder, filter_body=filter_body, validated=getattr( self.filter_instance, 'validated', {}), template_type=template_type) item = self.adapt_item(body, self.viewid) result['coordinates'] = {self.coordinates: [item]} result = merge_dicts(self.requirements_copy, result) if filter_form: result['css_links'] = filter_form['css_links'] result['js_links'] = filter_form['js_links'] return result
def update(self): request = self.request context = self.context login_url = request.resource_url(request.context, 'login') login_url2 = request.resource_url(request.context, '@@login') referrer = self.params('came_from') if not referrer: referrer = request.path_url if '/auditstream-sse' in referrer: # If we're being invoked as the result of a failed request to the # auditstream sse view, bail. Otherwise the came_from will be set to # the auditstream URL, and the user who this happens to will eventually # be redirected to it and they'll be left scratching their head when # they see e.g. "id: 0-10\ndata: " when they log in successfully. return HTTPForbidden() if login_url in referrer or login_url2 in referrer: # never use the login form itself as came_from referrer = request.resource_url(request.virtual_root) came_from = request.session.setdefault('novaideo.came_from', referrer) login = '' password = '' message = None messages = {} if 'form.submitted' in request.params: try: check_csrf_token(request) except: request.sdiapi.flash(_('Failed login (CSRF)'), 'danger') else: self.execute(None) login = request.params['email'].strip() password = request.params['password'] novaideo_catalog = find_catalog('novaideo') dace_catalog = find_catalog('dace') identifier_index = novaideo_catalog['identifier'] object_provides_index = dace_catalog['object_provides'] query = object_provides_index.any([IPerson.__identifier__]) &\ identifier_index.any([login]) users = list(query.execute().all()) user = users[0] if users else None valid_check = user and user.check_password(password) if valid_check and \ (has_role(user=user, role=('SiteAdmin', )) or 'active' in getattr(user, 'state', [])): request.session.pop('novaideo.came_from', None) headers = remember(request, get_oid(user)) request.registry.notify( LoggedIn(login, user, context, request)) user.last_connection = datetime.datetime.now(tz=pytz.UTC) if hasattr(user, 'reindex'): user.reindex() return HTTPFound(location=came_from, headers=headers) elif valid_check and 'deactivated' in getattr( user, 'state', []): error = ViewError() error.principalmessage = _( "Disabled account! Contact the site administrator to activate your account." ) message = error.render_message(request) messages.update({error.type: [message]}) else: error = ViewError() error.principalmessage = _("Failed login") message = error.render_message(request) messages.update({error.type: [message]}) # Pass this through FBO views (e.g., forbidden) which use its macros. template = get_renderer( 'novaideo:views/user_management/templates/login.pt' ).implementation() login_bodies = [] try: login_navbars = generate_navbars(request, request.root, process_id=CONNECTOR_PROCESSES, node_id='login', descriminators=['body-action']) login_bodies = login_navbars['body_actions'] except Exception as e: log.warning(e) values = dict(url=request.resource_url(request.virtual_root, 'login'), came_from=came_from, login=login, password=password, login_template=template, logins=login_bodies) body = self.content(args=values, template=self.template)['body'] item = self.adapt_item(body, self.viewid) item['messages'] = messages result = {} result['coordinates'] = {self.coordinates: [item]} return result
def update(self,): if not self.contexts: e = ViewError() e.principalmessage = CallViewErrorPrincipalmessage e.causes = CallViewViewErrorCauses raise e self.init_stepid(self.schema) form, reqts = self._build_form() form.formid = self.viewid+'_'+form.formid item = None result = {} posted_formid = None error = False if '__formid__' in self.request.POST: posted_formid = self.request.POST['__formid__'] if posted_formid is not None and posted_formid == form.formid: for button in form.buttons: if button.name in self.request.POST: try: controls = self.request.POST.items() validated = form.validate(controls) self.validated_items = list(validated['items'].values()) except deform.exception.ValidationFailure as e: fail = getattr(self, '%s_failure' % button.name, None) if fail is None: fail = self._failure item = fail(e, form) error = True else: try: item = self._call_callview(button.name) return item except FormError as e: snippet = '<div class="error">Failed: %s</div>' % e self.request.sdiapi.flash(snippet, 'danger', allow_duplicate=True) item = self.adapt_item(form.render(validated), form.formid) error = True break if posted_formid is not None and '__viewid__' in self.request.POST: posted_viewid = self.request.POST['__viewid__'].split(':') _viewid = posted_viewid[0] if _viewid == self.viewid: self.validated_items = [get_obj(int(o)) for o in \ self.request.POST['__contextsoids__'].split(':')[1:]] if not self.validated_items: e = ViewError() e.principalmessage = CallViewErrorPrincipalmessage e.causes = CallViewViewErrorCauses raise e viewname = posted_viewid[1] return self._call_callview(viewname) if item is None: item = self.show(form) if isinstance(item,dict): if error: item['isactive'] = True result['coordinates'] = {self.coordinates:[item]} result['js_links'] = reqts['js'] result['css_links'] = reqts['css'] result = merge_dicts(self.requirements_copy, result) else: result = item return result
def update(self,): if not self.children_by_context: error = ViewError() error.principalmessage = CallViewErrorPrincipalmessage causes = set() for view, er in self.errors: causes.update(er.causes) error.causes = list(causes) raise error messages = {} if self.failed_children: error = ViewError() error.type = 'warning' error.principalmessage = CallViewErrorCildrenNotValidatedmessage error.causes = CallViewViewErrorCauses messages[error] = error.render_message(self.request) self.init_stepid(self.schema) form, reqts = self._build_form() form.formid = self.viewid+'_'+form.formid item = None result = {} posted_formid = None error = False if '__formid__' in self.request.POST: posted_formid = self.request.POST['__formid__'] if posted_formid is not None and posted_formid == form.formid: for button in form.buttons: if button.name in self.request.POST: try: controls = self.request.POST.items() validated = form.validate(controls) except deform.exception.ValidationFailure as e: #@TODO gestion des _failure des vues fail = getattr(self, '%s_failure' % button.name, None) if fail is None: fail = self._failure item = fail(e, form) error = True else: try: views = validated['views'] for v in views: views_context = None if v['context_oid'] in self.children_by_context: views_context = self.children_by_context[v['context_oid']] else: continue view_instance = None for v_context in views_context: if v_context.viewid == v['id']: view_instance = v_context break if view_instance is None: continue bname = button.name.replace(('_'+self.suffixe), '') if bname in view_instance.behaviors_instances: behavior = view_instance.behaviors_instances[bname] behavior.execute(view_instance.context, self.request, v['item']) view_instance.finished_successfully = True item = self.success(validated) self.finished_successfully = True except FormError as e: snippet = '<div class="error">Failed: %s</div>' % e self.request.sdiapi.flash(snippet, 'danger', allow_duplicate=True) item = self.adapt_item(form.render(validated), form.formid) error = True break if item is None: item = self.show(form) if isinstance(item,dict): if error: item['isactive'] = True if messages: item['messages'] = {} for e, messagecontent in messages.items(): if e.type in item['messages']: item['messages'][e.type].append(messagecontent) else: item['messages'][e.type] = [messagecontent] result['coordinates'] = {self.view.coordinates:[item]} result['js_links'] = reqts['js'] result['css_links'] = reqts['css'] result = merge_dicts(self.requirements_copy, result) else: result = item return result
def update(self): code = self.params('code') error = self.params('error') message = None messages = {} request = self.request root = getSite() yammer_connectors = list(root.get_connectors(YAMMER_CONNECTOR_ID)) yammer_connector = yammer_connectors[0] if yammer_connectors else None login_url = request.resource_url(request.context, 'login') login_url2 = request.resource_url(request.context, '@@login') referrer = self.params('came_from') if not referrer: referrer = request.path_url if '/auditstream-sse' in referrer: return HTTPForbidden() if login_url in referrer or login_url2 in referrer: # never use the login form itself as came_from referrer = request.resource_url(root) came_from = request.session.setdefault('novaideo.came_from', referrer) error_message = _("Failed login") if yammer_connector and code: trusted_networks = getattr(yammer_connector, 'networks', []) source_data, user_data = yammer_connector.extract_data(code) if not trusted_networks or \ any(n in trusted_networks for n in source_data['network_domains']): result = self.execute({ 'source_data': source_data, 'user_data': user_data, 'came_from': came_from }) if result[0].get('logged', False): return result[0].get('redirect') elif trusted_networks: error_message = _( "You don't have the right to login with this account.") error = True if error: error = ViewError() error.principalmessage = error_message message = error.render_message(request) messages.update({error.type: [message]}) self.finished_successfully = False # Pass this through FBO views (e.g., forbidden) which use its macros. template = get_renderer( 'novaideo:views/user_management/templates/login.pt' ).implementation() login_bodies = [] try: login_navbars = generate_navbars(request, request.root, process_id=CONNECTOR_PROCESSES, node_id='login', descriminators=['body-action']) login_bodies = login_navbars['body_actions'] except Exception: pass values = dict(url=request.resource_url(request.virtual_root, 'login'), came_from=came_from, login='', password='', login_template=template, logins=login_bodies) body = self.content(args=values, template=self.template)['body'] item = self.adapt_item(body, self.viewid) item['messages'] = messages result = {} result['coordinates'] = {self.coordinates: [item]} return result
def update(self): code = self.params('code') error = self.params('error') message = None messages = {} request = self.request root = getSite() yammer_connectors = list(root.get_connectors(YAMMER_CONNECTOR_ID)) yammer_connector = yammer_connectors[0] if yammer_connectors else None login_url = request.resource_url(request.context, 'login') login_url2 = request.resource_url(request.context, '@@login') referrer = self.params('came_from') if not referrer: referrer = request.path_url if '/auditstream-sse' in referrer: return HTTPForbidden() if login_url in referrer or login_url2 in referrer: # never use the login form itself as came_from referrer = request.resource_url(root) came_from = request.session.setdefault( 'novaideo.came_from', referrer) error_message = _("Failed login") if yammer_connector and code: trusted_networks = getattr(yammer_connector, 'networks', []) source_data, user_data = yammer_connector.extract_data(code) if not trusted_networks or \ any(n in trusted_networks for n in source_data['network_domains']): result = self.execute({ 'source_data': source_data, 'user_data': user_data, 'came_from': came_from }) if result[0].get('logged', False): return result[0].get('redirect') elif trusted_networks: error_message = _("You don't have the right to login with this account.") error = True if error: error = ViewError() error.principalmessage = error_message message = error.render_message(request) messages.update({error.type: [message]}) self.finished_successfully = False # Pass this through FBO views (e.g., forbidden) which use its macros. template = get_renderer( 'novaideo:views/user_management/templates/login.pt').implementation() login_bodies = [] try: login_navbars = generate_navbars( request, request.root, process_id=CONNECTOR_PROCESSES, node_id='login', descriminators=['body-action']) login_bodies = login_navbars['body_actions'] except Exception: pass values = dict( url=request.resource_url(request.virtual_root, 'login'), came_from=came_from, login='', password='', login_template=template, logins=login_bodies ) body = self.content(args=values, template=self.template)['body'] item = self.adapt_item(body, self.viewid) item['messages'] = messages result = {} result['coordinates'] = {self.coordinates: [item]} return result
def update(self): request = self.request context = self.context login_url = request.resource_url(request.context, 'login') login_url2 = request.resource_url(request.context, '@@login') referrer = self.params('came_from') if not referrer: referrer = request.path_url if '/auditstream-sse' in referrer: # If we're being invoked as the result of a failed request to the # auditstream sse view, bail. Otherwise the came_from will be set to # the auditstream URL, and the user who this happens to will eventually # be redirected to it and they'll be left scratching their head when # they see e.g. "id: 0-10\ndata: " when they log in successfully. return HTTPForbidden() if login_url in referrer or login_url2 in referrer: # never use the login form itself as came_from referrer = request.resource_url(request.virtual_root) came_from = request.session.setdefault('novaideo.came_from', referrer) login = '' password = '' message = None messages = {} if 'form.submitted' in request.params: try: check_csrf_token(request) except: request.sdiapi.flash(_('Failed login (CSRF)'), 'danger') else: self.execute(None) login = request.params['email'].strip() password = request.params['password'] novaideo_catalog = find_catalog('novaideo') dace_catalog = find_catalog('dace') identifier_index = novaideo_catalog['identifier'] object_provides_index = dace_catalog['object_provides'] query = object_provides_index.any([IPerson.__identifier__]) &\ identifier_index.any([login]) users = list(query.execute().all()) user = users[0] if users else None valid_check = user and user.check_password(password) if valid_check and \ (has_role(user=user, role=('SiteAdmin', )) or \ 'active' in getattr(user, 'state', [])): request.session.pop('novaideo.came_from', None) headers = remember(request, get_oid(user)) request.registry.notify(LoggedIn(login, user, context, request)) user.last_connection = datetime.datetime.now(tz=pytz.UTC) if hasattr(user, 'reindex'): user.reindex() return HTTPFound(location=came_from, headers=headers) elif valid_check and 'deactivated' in getattr(user, 'state', []): error = ViewError() error.principalmessage = _("Disabled account! Contact the site administrator to activate your account.") message = error.render_message(request) messages.update({error.type: [message]}) else: error = ViewError() error.principalmessage = _("Failed login") message = error.render_message(request) messages.update({error.type: [message]}) # Pass this through FBO views (e.g., forbidden) which use its macros. template = get_renderer('novaideo:views/user_management/templates/login.pt').implementation() login_bodies = [] try: login_navbars = generate_navbars( request, request.root, process_id=CONNECTOR_PROCESSES, node_id='login', descriminators=['body-action']) login_bodies = login_navbars['body_actions'] except Exception as e: log.warning(e) values = dict( url=request.resource_url(request.virtual_root, 'login'), came_from=came_from, login=login, password=password, login_template=template, logins=login_bodies ) body = self.content(args=values, template=self.template)['body'] item = self.adapt_item(body, self.viewid) item['messages'] = messages result = {} result['coordinates'] = {self.coordinates: [item]} return result