def update(self):
source_oid = self.params('source')
targets_oid = self.params('targets')
if targets_oid and source_oid:
try:
if not isinstance(targets_oid, (list, tuple)):
targets_oid = [targets_oid]
targets = [get_obj(int(t)) for t in targets_oid]
source = get_obj(int(source_oid))
if targets and source:
result = self.execute({
'source': source,
'targets': targets
})
if result:
values = result[0]
values['context'] = source
body = self.content(args=values,
template=self.template)['body']
item = self.adapt_item(body, self.viewid)
result = {}
result['coordinates'] = {self.coordinates: [item]}
return result
except Exception as error:
log.warning(error)
view_error = ViewError()
view_error.principalmessage = _("An error has occurred.")
return self.failure(view_error)
def update(self):
source_oid = self.params('source')
targets_oid = self.params('targets')
if targets_oid and source_oid:
try:
if not isinstance(targets_oid, (list, tuple)):
targets_oid = [targets_oid]
targets = [get_obj(int(t)) for t in targets_oid]
source = get_obj(int(source_oid))
if targets and source:
result = self.execute(
{'source': source,
'targets': targets})
if result and result[0].get('error', False):
view_error = ViewError()
view_error.principalmessage = _("An error has occurred.")
return self.failure(view_error)
return HTTPFound(
self.request.resource_url(source, '@@index'))
except Exception as error:
log.warning(error)
return HTTPFound(self.request.resource_url(self.context, ''))
def update(self):
source_oid = self.params('source')
targets_oid = self.params('targets')
if targets_oid and source_oid:
try:
if not isinstance(targets_oid, (list, tuple)):
targets_oid = [targets_oid]
targets = [get_obj(int(t)) for t in targets_oid]
source = get_obj(int(source_oid))
if targets and source:
result = self.execute({
'source': source,
'targets': targets
})
if result and result[0].get('error', False):
view_error = ViewError()
view_error.principalmessage = _(
"An error has occurred.")
return self.failure(view_error)
return HTTPFound(
self.request.resource_url(source, '@@index'))
except Exception as error:
log.warning(error)
return HTTPFound(self.request.resource_url(self.context, ''))
def update_actions(
self,
request,
all_actions,
ignor_form=False,
ignor_actionsofactions=True,
include_resources=True):
messages = {}
#find all business actions
form_id = None
#get submited form view
if not ignor_form and '__formid__' in request.POST:
#if request.POST['__formid__'].find(object_oid) >= 0:
form_id = request.POST['__formid__']
toreplay, valid_form_id, action_updated, \
resources, allbodies_actions = self._ajax_views(
request, all_actions,
form_id, ignor_actionsofactions,
include_resources)
if toreplay:
request.POST.clear()
old_resources = resources
old_allbodies_actions = allbodies_actions
actions_toreplay = []
for context, action in list(all_actions):
try:
action.validate(context, request)
if context.__parent__:
actions_toreplay.append((context, action))
except Exception as e:
pass
action_updated, messages, \
resources, allbodies_actions = self.update_actions(
request, actions_toreplay, ignor_form,
include_resources=include_resources)
if old_resources is not None:
resources = merge_dicts(old_resources, resources,
('js_links', 'css_links'))
resources['js_links'] = list(set(resources['js_links']))
resources['css_links'] = list(set(resources['css_links']))
if old_allbodies_actions is not None:
allbodies_actions.extend(old_allbodies_actions)
return True, messages, resources, allbodies_actions
if form_id and \
not action_updated and valid_form_id and all_actions:
error = ViewError()
error.principalmessage = u"Action non realisee"
error.causes = ["Vous n'avez plus le droit de realiser cette action.",
"L'action est verrouillee par un autre utilisateur."]
message = error.render_message(request)
messages.update({error.type: [message]})
return action_updated, messages, resources, allbodies_actions
def update(self,):
if not self.validated_children:
e = ViewError()
e.principalmessage = CallViewErrorPrincipalmessage
causes = set()
for view, er in self.errors:
causes.update(er.causes)
e.causes = list(causes)
raise e
result = {}
global_result = {}
for view in self.validated_children:
try:
view_result = view.update()
except ViewError as e:
continue
if self.isexecutable and \
view.isexecutable and \
view.finished_successfully:
self.finished_successfully = True
return self.success(view_result)
currentview = view
if 'view' in view_result:
currentview = view_result['view']
global_result = merge_dicts(view_result, global_result)
if len(view_result['coordinates']) == 1 and \
len(view_result['coordinates'].items()[0][1]) == 1:
coordinate = view_result['coordinates'].items()[0][0]
item = view_result['coordinates'].items()[0][1][0]
if coordinate in result:
result[coordinate].append(item)
else:
result[coordinate] = [item]
else:
for coordinate, values in view_result['coordinates'].items():
item = values[0]
subviewid = currentview.viewid+'_'+coordinate
item['id'] = subviewid
if coordinate in result:
result[coordinate].append(item)
else:
result[coordinate] = [item]
for coordinate, items in result.items():
values = {'items': items, 'id':self.viewid+coordinate }
body = self.content(args=values, template=self.template)['body']
item = self.adapt_item(body, self.viewid)
global_result['coordinates'][coordinate] = [item]
#if not (len(self.validated_children) == len(self.contexts)):
# global_result['messages']
global_result = merge_dicts(self.requirements_copy, global_result)
return global_result
def update(self,):
#validation
if not self.validated_children and \
not self.include_failed_views:
error = ViewError()
error.principalmessage = MutltipleViewErrorPrincipalmessage
causes = set()
for viewinstance, er in self.errors:
causes.update(er.causes)
error.causes = list(causes)
raise error
#update children
result = {}
if self.include_failed_views:
result = self._update_all_children()
else:
result = self._update_validated_children()
if not result:
error = ViewError()
error.principalmessage = MutltipleViewErrorPrincipalmessage
error.causes = MutltipleViewErrorCauses
raise error
if not isinstance(result, dict):
return result
for _coordinate in result['coordinates']:
coordinate = _coordinate
if self.merged:
coordinate = self.coordinates
items = result['coordinates'][coordinate]
isactive = False
for item in items:
if item['isactive']:
isactive = True
break
if not isactive:
self._activate(items)
if self.parent is None:
isactive = True
_item = {'isactive':isactive,
'items': items,
'view': self,
'id':self.viewid}
values = {'coordinates': coordinate,
'subitem': _item,
'parent': self}
body = self.content(args=values, template=self.template)['body']
item = self.adapt_item(body, self.viewid)
item['isactive'] = isactive
result['coordinates'][coordinate] = [item]
result = merge_dicts(self.requirements_copy, result)
return result
def update(self):
allactions = getAllBusinessAction(self.context, self.request, True)
allactions.sort(key=lambda x: x.title)
views = []
for action in allactions:
views.append(action.action_view)
if views:
indexmultiview = MultipleView(self.context, self.request,
self.parent)
indexmultiview.wrapper_template = 'templates/views_templates/empty_view_wrapper.pt'
indexmultiview.template = 'templates/views_templates/simple_multipleview.pt'
indexmultiview.css_class = 'index-view'
indexmultiview.coordinates = self.coordinates
indexmultiview._init_views(views)
indexmultiview.before_update()
return indexmultiview.update()
error = ViewError()
error.principalmessage = IndexViewErrorPrincipalmessage
error.causes = IndexViewErrorCauses
raise error
def update(self):
allactions = getAllBusinessAction(self.context, self.request, True)
allactions.sort(key=lambda x: x.title)
views = []
for action in allactions:
views.append(action.action_view)
if views:
indexmultiview = MultipleView(
self.context, self.request, self.parent)
indexmultiview.wrapper_template = 'templates/views_templates/empty_view_wrapper.pt'
indexmultiview.template = 'templates/views_templates/simple_multipleview.pt'
indexmultiview.css_class = 'index-view'
indexmultiview.coordinates = self.coordinates
indexmultiview._init_views(views)
indexmultiview.before_update()
return indexmultiview.update()
error = ViewError()
error.principalmessage = IndexViewErrorPrincipalmessage
error.causes = IndexViewErrorCauses
raise error
def update(self):
request = self.request
login_url = request.resource_url(request.context, 'login')
login_url2 = request.resource_url(request.context, '@@login')
referrer = request.path_url
if '/auditstream-sse' in referrer:
# If we're being invoked as the result of a failed request to the
# auditstream sse view, bail. Otherwise the came_from will be set to
# the auditstream URL, and the user who this happens to will eventually
# be redirected to it and they'll be left scratching their head when
# they see e.g. "id: 0-10\ndata: " when they log in successfully.
return HTTPForbidden()
if login_url in referrer or login_url2 in referrer:
# never use the login form itself as came_from
referrer = request.resource_url(request.virtual_root)
came_from = request.session.setdefault(
'lac.came_from', referrer).replace('@@dace-ui-api-view', '@@index')
login = ''
password = ''
message = None
messages = {}
if 'login_form.submitted' in request.params:
try:
check_csrf_token(request)
except:
request.sdiapi.flash(_('Failed login (CSRF)'), 'danger')
else:
login = request.params['email']
password = request.params['password']
result = self.execute(dict(
login=login,
password=password,
came_from=came_from
))
if result[0].get('logged', False):
return result[0].get('redirect')
error = ViewError()
error.principalmessage = _("Failed login")
message = error.render_message(request)
messages.update({error.type: [message]})
self.finished_successfully = False
# Pass this through FBO views (e.g., forbidden) which use its macros.
template = get_renderer(
'lac:views/user_management/templates/login.pt').implementation()
site = self.request.get_site_folder
values = dict(
velruse_login_url=velruse_login_url,
applications=getattr(site, 'applications', []),
url=request.resource_url(request.virtual_root, ''),
came_from=came_from,
login=login,
password=password,
login_template=template,
form_id=self.viewid,
check_url=self.request.resource_url(
self.request.root, '@@creationculturelapi',
query={'op': 'check_user'})
)
body = self.content(args=values, template=self.template)['body']
item = self.adapt_item(body, self.viewid)
item['messages'] = messages
result = {}
result['coordinates'] = {self.coordinates: [item]}
return result
def update(self):
result = {}
user = get_current()
folderid = self.params('folderid')
try:
folder = get_obj(int(folderid))
except:
folder = None
# if not valid folderid
if folderid is None or folder is None:
error = ViewError()
error.principalmessage = _("Access to the requested folder has been denied")
error.causes = [_("Folder not valid")]
message = error.render_message(self.request)
item = self.adapt_item('', self.viewid)
item['messages'] = {error.type: [message]}
result['coordinates'] = {self.coordinates: [item]}
return result
# if permission denied
if folder and not can_access(user, folder):
error = ViewError()
error.principalmessage = _("Access to the requested folder has been denied")
error.causes = [_("Permission denied")]
message = error.render_message(self.request)
item = self.adapt_item('', self.viewid)
item['messages'] = {error.type: [message]}
result['coordinates'] = {self.coordinates: [item]}
return result
# calling self._add_filter will set self.filter_instance or not
template_type = getattr(folder, 'view_type', 'default')
if template_type == 'bloc':
self.wrapper_template = 'novaideo:views/smart_folder_management/templates/folder_blocs_view_wrapper.pt'
filter_body = None
filter_form, filter_data = self._add_filter(folder, user)
args = merge_with_filter_view(self, {})
objects = get_folder_content(folder, user, **args)
objects, sort_body = sort_view_objects(
self, objects,
['proposal', 'idea', 'amendment',
'file', 'person'], user)
len_result = len(objects)
self.breadcrumb = self.content(
args={'number': len_result},
template=self.breadcrumb_template)['body']
if getattr(self, 'filter_instance', None) is not None:
filter_data['filter_message'] = self.breadcrumb
filter_body = getattr(self, 'filter_instance').get_body(filter_data)
url = self.request.resource_url(
self.context, 'open', query={'folderid': folderid})
batch = Batch(objects,
self.request,
url=url,
default_size=BATCH_DEFAULT_SIZE)
batch.target = "#results"
result_body = []
for obj in batch:
body = render_listing_obj(
self.request, obj, user,
view_type=template_type)
if body:
result_body.append(body)
values = {
'bodies': result_body,
'batch': batch,
'filter_body': filter_body,
'sort_body': sort_body,
'row_len': math.ceil(len_result/2)
}
template = self.templates.get(template_type, 'default')
body = self.content(args=values, template=template)['body']
item = self.adapt_item(body, self.viewid)
result['coordinates'] = {self.coordinates: [item]}
if filter_form:
result['css_links'] = filter_form['css_links']
result['js_links'] = filter_form['js_links']
return result
def update(self):
result = {}
user = get_current()
folderid = self.params('folderid')
try:
folder = get_obj(int(folderid))
except:
folder = None
# if not valid folderid
if folderid is None or folder is None:
error = ViewError()
error.principalmessage = _(
"Access to the requested folder has been denied")
error.causes = [_("Folder not valid")]
message = error.render_message(self.request)
item = self.adapt_item('', self.viewid)
item['messages'] = {error.type: [message]}
result['coordinates'] = {self.coordinates: [item]}
return result
# if permission denied
if folder and not can_access(user, folder):
error = ViewError()
error.principalmessage = _(
"Access to the requested folder has been denied")
error.causes = [_("Permission denied")]
message = error.render_message(self.request)
item = self.adapt_item('', self.viewid)
item['messages'] = {error.type: [message]}
result['coordinates'] = {self.coordinates: [item]}
return result
classifications = [
CLASSIFICATIONS[fid]
for fid in getattr(folder, 'classifications', [])
]
classifications.reverse()
source_class = None
for classification in classifications:
source_class = classification(source_class)
setattr(self, 'filter_instance', None)
filter_body = None
filter_form, filter_data = self._add_filter(folder, user)
# calling self._add_filter will set self.filter_instance or not
template_type = getattr(folder, 'view_type', 'default')
if template_type == 'bloc':
self.container_css_class = 'home folder-bloc'
self.wrapper_template = 'lac:views/admin_process/templates/folder_blocs_view_wrapper.pt'
args = merge_with_filter_view(self, {})
objects = get_folder_content(folder, user, **args)
len_result = len(objects)
self.breadcrumb = self.content(
args={
'lineage': folder.folder_lineage,
'nember': len_result
},
template=self.breadcrumb_template)['body']
self.title = '/'.join([f.title for f in folder.folder_lineage])
if getattr(self, 'filter_instance', None) is not None:
filter_data['filter_message'] = self.breadcrumb
filter_body = getattr(self,
'filter_instance').get_body(filter_data)
if source_class is None:
url = self.request.resource_url(self.context,
'open',
query={'folderid': folderid})
batch = Batch(objects,
self.request,
url=url,
default_size=BATCH_DEFAULT_SIZE)
batch.target = "#results"
result_body = []
for obj in batch:
object_values = {
'object':
obj,
'current_user':
user,
'state':
get_states_mapping(
user, obj,
getattr(obj, 'state_or_none', [None])[0])
}
body = self.content(
args=object_values,
template=obj.templates[template_type])['body']
result_body.append(body)
values = {
'bodies': result_body,
'batch': batch,
'filter_body': filter_body,
'row_len': math.ceil(len_result / 2)
}
template = self.templates.get(template_type, 'default')
body = self.content(args=values, template=template)['body']
else:
body = source_class.render(objects,
self.request,
folder,
filter_body=filter_body,
validated=getattr(
self.filter_instance, 'validated',
{}),
template_type=template_type)
item = self.adapt_item(body, self.viewid)
result['coordinates'] = {self.coordinates: [item]}
result = merge_dicts(self.requirements_copy, result)
if filter_form:
result['css_links'] = filter_form['css_links']
result['js_links'] = filter_form['js_links']
return result
def update(self):
request = self.request
context = self.context
login_url = request.resource_url(request.context, 'login')
login_url2 = request.resource_url(request.context, '@@login')
referrer = self.params('came_from')
if not referrer:
referrer = request.path_url
if '/auditstream-sse' in referrer:
# If we're being invoked as the result of a failed request to the
# auditstream sse view, bail. Otherwise the came_from will be set to
# the auditstream URL, and the user who this happens to will eventually
# be redirected to it and they'll be left scratching their head when
# they see e.g. "id: 0-10\ndata: " when they log in successfully.
return HTTPForbidden()
if login_url in referrer or login_url2 in referrer:
# never use the login form itself as came_from
referrer = request.resource_url(request.virtual_root)
came_from = request.session.setdefault('novaideo.came_from', referrer)
login = ''
password = ''
message = None
messages = {}
if 'form.submitted' in request.params:
try:
check_csrf_token(request)
except:
request.sdiapi.flash(_('Failed login (CSRF)'), 'danger')
else:
self.execute(None)
login = request.params['email'].strip()
password = request.params['password']
novaideo_catalog = find_catalog('novaideo')
dace_catalog = find_catalog('dace')
identifier_index = novaideo_catalog['identifier']
object_provides_index = dace_catalog['object_provides']
query = object_provides_index.any([IPerson.__identifier__]) &\
identifier_index.any([login])
users = list(query.execute().all())
user = users[0] if users else None
valid_check = user and user.check_password(password)
if valid_check and \
(has_role(user=user, role=('SiteAdmin', )) or
'active' in getattr(user, 'state', [])):
request.session.pop('novaideo.came_from', None)
headers = remember(request, get_oid(user))
request.registry.notify(
LoggedIn(login, user, context, request))
user.last_connection = datetime.datetime.now(tz=pytz.UTC)
if hasattr(user, 'reindex'):
user.reindex()
return HTTPFound(location=came_from, headers=headers)
elif valid_check and 'deactivated' in getattr(
user, 'state', []):
error = ViewError()
error.principalmessage = _(
"Disabled account! Contact the site administrator to activate your account."
)
message = error.render_message(request)
messages.update({error.type: [message]})
else:
error = ViewError()
error.principalmessage = _("Failed login")
message = error.render_message(request)
messages.update({error.type: [message]})
# Pass this through FBO views (e.g., forbidden) which use its macros.
template = get_renderer(
'novaideo:views/user_management/templates/login.pt'
).implementation()
login_bodies = []
try:
login_navbars = generate_navbars(request,
request.root,
process_id=CONNECTOR_PROCESSES,
node_id='login',
descriminators=['body-action'])
login_bodies = login_navbars['body_actions']
except Exception as e:
log.warning(e)
values = dict(url=request.resource_url(request.virtual_root, 'login'),
came_from=came_from,
login=login,
password=password,
login_template=template,
logins=login_bodies)
body = self.content(args=values, template=self.template)['body']
item = self.adapt_item(body, self.viewid)
item['messages'] = messages
result = {}
result['coordinates'] = {self.coordinates: [item]}
return result
def update(self,):
if not self.contexts:
e = ViewError()
e.principalmessage = CallViewErrorPrincipalmessage
e.causes = CallViewViewErrorCauses
raise e
self.init_stepid(self.schema)
form, reqts = self._build_form()
form.formid = self.viewid+'_'+form.formid
item = None
result = {}
posted_formid = None
error = False
if '__formid__' in self.request.POST:
posted_formid = self.request.POST['__formid__']
if posted_formid is not None and posted_formid == form.formid:
for button in form.buttons:
if button.name in self.request.POST:
try:
controls = self.request.POST.items()
validated = form.validate(controls)
self.validated_items = list(validated['items'].values())
except deform.exception.ValidationFailure as e:
fail = getattr(self, '%s_failure' % button.name, None)
if fail is None:
fail = self._failure
item = fail(e, form)
error = True
else:
try:
item = self._call_callview(button.name)
return item
except FormError as e:
snippet = '<div class="error">Failed: %s</div>' % e
self.request.sdiapi.flash(snippet, 'danger',
allow_duplicate=True)
item = self.adapt_item(form.render(validated),
form.formid)
error = True
break
if posted_formid is not None and '__viewid__' in self.request.POST:
posted_viewid = self.request.POST['__viewid__'].split(':')
_viewid = posted_viewid[0]
if _viewid == self.viewid:
self.validated_items = [get_obj(int(o)) for o in \
self.request.POST['__contextsoids__'].split(':')[1:]]
if not self.validated_items:
e = ViewError()
e.principalmessage = CallViewErrorPrincipalmessage
e.causes = CallViewViewErrorCauses
raise e
viewname = posted_viewid[1]
return self._call_callview(viewname)
if item is None:
item = self.show(form)
if isinstance(item,dict):
if error:
item['isactive'] = True
result['coordinates'] = {self.coordinates:[item]}
result['js_links'] = reqts['js']
result['css_links'] = reqts['css']
result = merge_dicts(self.requirements_copy, result)
else:
result = item
return result
def update(self,):
if not self.children_by_context:
error = ViewError()
error.principalmessage = CallViewErrorPrincipalmessage
causes = set()
for view, er in self.errors:
causes.update(er.causes)
error.causes = list(causes)
raise error
messages = {}
if self.failed_children:
error = ViewError()
error.type = 'warning'
error.principalmessage = CallViewErrorCildrenNotValidatedmessage
error.causes = CallViewViewErrorCauses
messages[error] = error.render_message(self.request)
self.init_stepid(self.schema)
form, reqts = self._build_form()
form.formid = self.viewid+'_'+form.formid
item = None
result = {}
posted_formid = None
error = False
if '__formid__' in self.request.POST:
posted_formid = self.request.POST['__formid__']
if posted_formid is not None and posted_formid == form.formid:
for button in form.buttons:
if button.name in self.request.POST:
try:
controls = self.request.POST.items()
validated = form.validate(controls)
except deform.exception.ValidationFailure as e:
#@TODO gestion des _failure des vues
fail = getattr(self, '%s_failure' % button.name, None)
if fail is None:
fail = self._failure
item = fail(e, form)
error = True
else:
try:
views = validated['views']
for v in views:
views_context = None
if v['context_oid'] in self.children_by_context:
views_context = self.children_by_context[v['context_oid']]
else:
continue
view_instance = None
for v_context in views_context:
if v_context.viewid == v['id']:
view_instance = v_context
break
if view_instance is None:
continue
bname = button.name.replace(('_'+self.suffixe), '')
if bname in view_instance.behaviors_instances:
behavior = view_instance.behaviors_instances[bname]
behavior.execute(view_instance.context,
self.request, v['item'])
view_instance.finished_successfully = True
item = self.success(validated)
self.finished_successfully = True
except FormError as e:
snippet = '<div class="error">Failed: %s</div>' % e
self.request.sdiapi.flash(snippet, 'danger',
allow_duplicate=True)
item = self.adapt_item(form.render(validated),
form.formid)
error = True
break
if item is None:
item = self.show(form)
if isinstance(item,dict):
if error:
item['isactive'] = True
if messages:
item['messages'] = {}
for e, messagecontent in messages.items():
if e.type in item['messages']:
item['messages'][e.type].append(messagecontent)
else:
item['messages'][e.type] = [messagecontent]
result['coordinates'] = {self.view.coordinates:[item]}
result['js_links'] = reqts['js']
result['css_links'] = reqts['css']
result = merge_dicts(self.requirements_copy, result)
else:
result = item
return result
def update(self):
code = self.params('code')
error = self.params('error')
message = None
messages = {}
request = self.request
root = getSite()
yammer_connectors = list(root.get_connectors(YAMMER_CONNECTOR_ID))
yammer_connector = yammer_connectors[0] if yammer_connectors else None
login_url = request.resource_url(request.context, 'login')
login_url2 = request.resource_url(request.context, '@@login')
referrer = self.params('came_from')
if not referrer:
referrer = request.path_url
if '/auditstream-sse' in referrer:
return HTTPForbidden()
if login_url in referrer or login_url2 in referrer:
# never use the login form itself as came_from
referrer = request.resource_url(root)
came_from = request.session.setdefault('novaideo.came_from', referrer)
error_message = _("Failed login")
if yammer_connector and code:
trusted_networks = getattr(yammer_connector, 'networks', [])
source_data, user_data = yammer_connector.extract_data(code)
if not trusted_networks or \
any(n in trusted_networks for n in source_data['network_domains']):
result = self.execute({
'source_data': source_data,
'user_data': user_data,
'came_from': came_from
})
if result[0].get('logged', False):
return result[0].get('redirect')
elif trusted_networks:
error_message = _(
"You don't have the right to login with this account.")
error = True
if error:
error = ViewError()
error.principalmessage = error_message
message = error.render_message(request)
messages.update({error.type: [message]})
self.finished_successfully = False
# Pass this through FBO views (e.g., forbidden) which use its macros.
template = get_renderer(
'novaideo:views/user_management/templates/login.pt'
).implementation()
login_bodies = []
try:
login_navbars = generate_navbars(request,
request.root,
process_id=CONNECTOR_PROCESSES,
node_id='login',
descriminators=['body-action'])
login_bodies = login_navbars['body_actions']
except Exception:
pass
values = dict(url=request.resource_url(request.virtual_root, 'login'),
came_from=came_from,
login='',
password='',
login_template=template,
logins=login_bodies)
body = self.content(args=values, template=self.template)['body']
item = self.adapt_item(body, self.viewid)
item['messages'] = messages
result = {}
result['coordinates'] = {self.coordinates: [item]}
return result
def update(self):
code = self.params('code')
error = self.params('error')
message = None
messages = {}
request = self.request
root = getSite()
yammer_connectors = list(root.get_connectors(YAMMER_CONNECTOR_ID))
yammer_connector = yammer_connectors[0] if yammer_connectors else None
login_url = request.resource_url(request.context, 'login')
login_url2 = request.resource_url(request.context, '@@login')
referrer = self.params('came_from')
if not referrer:
referrer = request.path_url
if '/auditstream-sse' in referrer:
return HTTPForbidden()
if login_url in referrer or login_url2 in referrer:
# never use the login form itself as came_from
referrer = request.resource_url(root)
came_from = request.session.setdefault(
'novaideo.came_from', referrer)
error_message = _("Failed login")
if yammer_connector and code:
trusted_networks = getattr(yammer_connector, 'networks', [])
source_data, user_data = yammer_connector.extract_data(code)
if not trusted_networks or \
any(n in trusted_networks for n in source_data['network_domains']):
result = self.execute({
'source_data': source_data,
'user_data': user_data,
'came_from': came_from
})
if result[0].get('logged', False):
return result[0].get('redirect')
elif trusted_networks:
error_message = _("You don't have the right to login with this account.")
error = True
if error:
error = ViewError()
error.principalmessage = error_message
message = error.render_message(request)
messages.update({error.type: [message]})
self.finished_successfully = False
# Pass this through FBO views (e.g., forbidden) which use its macros.
template = get_renderer(
'novaideo:views/user_management/templates/login.pt').implementation()
login_bodies = []
try:
login_navbars = generate_navbars(
request, request.root,
process_id=CONNECTOR_PROCESSES,
node_id='login',
descriminators=['body-action'])
login_bodies = login_navbars['body_actions']
except Exception:
pass
values = dict(
url=request.resource_url(request.virtual_root, 'login'),
came_from=came_from,
login='',
password='',
login_template=template,
logins=login_bodies
)
body = self.content(args=values, template=self.template)['body']
item = self.adapt_item(body, self.viewid)
item['messages'] = messages
result = {}
result['coordinates'] = {self.coordinates: [item]}
return result
def update(self):
request = self.request
context = self.context
login_url = request.resource_url(request.context, 'login')
login_url2 = request.resource_url(request.context, '@@login')
referrer = self.params('came_from')
if not referrer:
referrer = request.path_url
if '/auditstream-sse' in referrer:
# If we're being invoked as the result of a failed request to the
# auditstream sse view, bail. Otherwise the came_from will be set to
# the auditstream URL, and the user who this happens to will eventually
# be redirected to it and they'll be left scratching their head when
# they see e.g. "id: 0-10\ndata: " when they log in successfully.
return HTTPForbidden()
if login_url in referrer or login_url2 in referrer:
# never use the login form itself as came_from
referrer = request.resource_url(request.virtual_root)
came_from = request.session.setdefault('novaideo.came_from', referrer)
login = ''
password = ''
message = None
messages = {}
if 'form.submitted' in request.params:
try:
check_csrf_token(request)
except:
request.sdiapi.flash(_('Failed login (CSRF)'), 'danger')
else:
self.execute(None)
login = request.params['email'].strip()
password = request.params['password']
novaideo_catalog = find_catalog('novaideo')
dace_catalog = find_catalog('dace')
identifier_index = novaideo_catalog['identifier']
object_provides_index = dace_catalog['object_provides']
query = object_provides_index.any([IPerson.__identifier__]) &\
identifier_index.any([login])
users = list(query.execute().all())
user = users[0] if users else None
valid_check = user and user.check_password(password)
if valid_check and \
(has_role(user=user, role=('SiteAdmin', )) or \
'active' in getattr(user, 'state', [])):
request.session.pop('novaideo.came_from', None)
headers = remember(request, get_oid(user))
request.registry.notify(LoggedIn(login, user,
context, request))
user.last_connection = datetime.datetime.now(tz=pytz.UTC)
if hasattr(user, 'reindex'):
user.reindex()
return HTTPFound(location=came_from, headers=headers)
elif valid_check and 'deactivated' in getattr(user, 'state', []):
error = ViewError()
error.principalmessage = _("Disabled account! Contact the site administrator to activate your account.")
message = error.render_message(request)
messages.update({error.type: [message]})
else:
error = ViewError()
error.principalmessage = _("Failed login")
message = error.render_message(request)
messages.update({error.type: [message]})
# Pass this through FBO views (e.g., forbidden) which use its macros.
template = get_renderer('novaideo:views/user_management/templates/login.pt').implementation()
login_bodies = []
try:
login_navbars = generate_navbars(
request, request.root,
process_id=CONNECTOR_PROCESSES,
node_id='login',
descriminators=['body-action'])
login_bodies = login_navbars['body_actions']
except Exception as e:
log.warning(e)
values = dict(
url=request.resource_url(request.virtual_root, 'login'),
came_from=came_from,
login=login,
password=password,
login_template=template,
logins=login_bodies
)
body = self.content(args=values, template=self.template)['body']
item = self.adapt_item(body, self.viewid)
item['messages'] = messages
result = {}
result['coordinates'] = {self.coordinates: [item]}
return result