def add_permission(self):
if ISiteRoot.providedBy(self.context):
self.response['title'] = _(u"Add permission")
post = self.request.POST
if 'cancel' in post:
url = resource_url(self.context, self.request)
return HTTPFound(location=url)
schema = createSchema('SinglePermissionSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(button_add, button_cancel))
self.api.register_form_resources(form)
if IMeeting.providedBy(self.context):
self.response['tabs'] = self.api.render_single_view_component(
self.context, self.request, 'tabs', 'manage_tickets')
if 'add' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
#Set permissions
self.context.set_groups(appstruct['userid'],
appstruct['groups'],
event=True)
msg = _(u"Added permssion for user ${userid}",
mapping={'userid': appstruct['userid']})
self.api.flash_messages.add(msg)
url = resource_url(self.context, self.request)
return HTTPFound(location=url)
def group_form(self):
if IMeeting.providedBy(self.context):
self.response['title'] = _(u"Edit permissions")
else:
self.response['title'] = _(u"Root permissions")
post = self.request.POST
if 'cancel' in post:
url = resource_url(self.context, self.request)
return HTTPFound(location=url)
schema = createSchema('PermissionsSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=('save', 'cancel'))
self.api.register_form_resources(form)
if 'save' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
#Set permissions
self.context.set_security(appstruct['userids_and_groups'])
url = resource_url(self.context, self.request)
return HTTPFound(location=url)
def password_form(self):
# if admin is changing password for another user no verification of current password is needed
if self.context != self.api.user_profile and self.api.context_has_permission(
MANAGE_SERVER, self.api.root):
schema = createSchema('ChangePasswordAdminSchema')
else:
schema = createSchema('ChangePasswordSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(button_update, button_cancel))
self.api.register_form_resources(form)
post = self.request.POST
if 'update' in post:
controls = post.items()
try:
#appstruct is deforms convention. It will be the submitted data in a dict.
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
self.context.set_password(appstruct['password'])
msg = _(u"Password changed")
self.api.flash_messages.add(msg)
url = resource_url(self.context, self.request)
return HTTPFound(location=url)
def add_form(self):
post = self.request.POST
if 'cancel' in post:
self.api.flash_messages.add(_(u"Canceled"))
url = resource_url(self.context, self.request)
return HTTPFound(location=url)
schema = createSchema('AddUserSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
form = Form(schema, buttons=(button_add, button_cancel))
self.api.register_form_resources(form)
if 'add' in post:
controls = post.items()
try:
#appstruct is deforms convention. It will be the submitted data in a dict.
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
#Userid and name should be consistent
name = appstruct['userid']
del appstruct['userid']
#creators takes care of setting the role owner as well as adding it to creators attr.
obj = createContent('User', creators=[name], **appstruct)
self.context[name] = obj
self.api.flash_messages.add(_(u"Successfully added"))
url = resource_url(self.context, self.request)
return HTTPFound(location=url)
def edit_form(self):
""" For configuring polls that haven't started yet. """
schema_name = self.api.get_schema_name(self.context.content_type, 'edit')
schema = createSchema(schema_name, after_bind=poll_schema_after_bind)
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
form = Form(schema, buttons=(button_update, button_cancel))
self.api.register_form_resources(form)
post = self.request.POST
if self.request.method == 'POST':
if 'update' in post:
controls = post.items()
try:
#appstruct is deforms convention. It will be the submitted data in a dict.
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
removed_uids = set(self.context.proposal_uids) - set(appstruct['proposals'])
if removed_uids:
#Adjust removed proposals back to published state, if they're locked
for uid in removed_uids:
prop = self.context.get_proposal_by_uid(uid)
if prop.get_workflow_state() == 'voting':
prop.set_workflow_state(self.request, u'published')
updated = self.context.set_field_appstruct(appstruct)
if updated:
self.api.flash_messages.add(_(u"Successfully updated"))
else:
self.api.flash_messages.add(_(u"Nothing changed"))
if 'cancel' in post:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.context.__parent__, anchor = self.context.uid)
return HTTPFound(location = url)
def password_form(self):
# if admin is changing password for another user no verification of current password is needed
if self.context != self.api.user_profile and self.api.context_has_permission(MANAGE_SERVER, self.api.root):
schema = createSchema('ChangePasswordAdminSchema')
else:
schema = createSchema('ChangePasswordSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
form = Form(schema, buttons=(button_update, button_cancel))
self.api.register_form_resources(form)
post = self.request.POST
if 'update' in post:
controls = post.items()
try:
#appstruct is deforms convention. It will be the submitted data in a dict.
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
self.context.set_password(appstruct['password'])
msg = _(u"Password changed")
self.api.flash_messages.add(msg)
url = resource_url(self.context, self.request)
return HTTPFound(location=url)
def poll_form(self):
""" Return rendered poll form or process a vote. """
poll_plugin = self.query_poll_plugin(self.context)
if not poll_plugin:
return HTTPForbidden()
schema = poll_plugin.get_vote_schema(self.request, self.api)
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema,
action=self.request.resource_url(self.context,
'_poll_form'),
buttons=(button_vote, ),
formid="vote_form")
can_vote = has_permission(security.ADD_VOTE, self.context,
self.request)
userid = self.api.userid
post = self.request.POST
if 'vote' in post:
if not can_vote:
raise HTTPForbidden(u"You're not allowed to vote")
controls = post.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
Vote = poll_plugin.get_vote_class()
if not IVote.implementedBy(Vote):
raise TypeError(
"Poll plugins method get_vote_class returned something that didn't implement IVote."
)
#Remove crsf_token from appstruct after validation
appstruct.pop('csrf_token', None)
if userid in self.context:
vote = self.context[userid]
assert IVote.providedBy(vote)
vote.set_vote_data(appstruct)
else:
vote = Vote(creators=[userid])
#We don't need to send events here, since object added will take care of that
vote.set_vote_data(appstruct, notify=False)
#To fire events after set_vote_data is done
self.context[userid] = vote
success_msg = _(u"Your vote has been registered!")
if self.request.is_xhr:
self.response['success_msg'] = success_msg
return Response(
render("templates/snippets/vote_success.pt",
self.response,
request=self.request))
self.api.flash_messages.add(success_msg)
url = self.request.resource_url(self.context.__parent__,
anchor=self.context.uid)
return HTTPFound(location=url)
def ajax_set_groups(self):
schema = createSchema('PermissionsSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
form = Form(schema, buttons=('save', 'cancel'))
controls = self.request.POST.items()
appstruct = form.validate(controls)
#FIXME: Handle error some way, and return a proper response
self.context.set_security(appstruct['userids_and_groups'])
return Response() # i.e. 200 ok
def ajax_set_groups(self):
schema = createSchema('PermissionsSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=('save', 'cancel'))
controls = self.request.POST.items()
appstruct = form.validate(controls)
#FIXME: Handle error some way, and return a proper response
self.context.set_security(appstruct['userids_and_groups'])
return Response() # i.e. 200 ok
def access_policy(self):
schema = createSchema("AccessPolicyMeetingSchema")
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
result = self.form(schema)
if 'save' in self.request.POST and isinstance(result, HTTPFound):
ap = self.request.registry.queryAdapter(self.context, IAccessPolicy, name = self.context.get_field_value('access_policy', ''))
if ap and ap.configurable:
self.api.flash_messages.add(_(u"Review access policy configuration"))
url = self.request.resource_url(self.context, 'configure_access_policy')
return HTTPFound(location = url)
return result
def add_tickets(self):
""" Add ticket invites to this meeting.
Renders a form where you can paste email addresses and select which roles they
should have once they register. When the form is submitted, it will also email
users.
"""
post = self.request.POST
if 'cancel' in post:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.context)
return HTTPFound(location=url)
schema = createSchema('AddTicketsSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
form = deform.Form(schema, buttons=(button_add, button_cancel))
self.api.register_form_resources(form)
self.response['tabs'] = self.api.render_single_view_component(self.context, self.request, 'tabs', 'manage_tickets')
if 'add' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except deform.ValidationFailure, e:
self.response['form'] = e.render()
return self.response
emails = appstruct['emails'].splitlines()
roles = appstruct['roles']
added = 0
rejected = 0
for email in emails:
result = self.context.add_invite_ticket(email, roles, sent_by = self.api.userid)
if result:
added += 1
else:
rejected += 1
if not rejected:
msg = _('added_tickets_text', default=u"Successfully added ${added} invites",
mapping={'added': added})
elif not added:
msg = _('no_tickets_added',
default = u"No tickets added - all you specified probably exist already. (Proccessed ${rejected})",
mapping = {'rejected': rejected})
self.api.flash_messages.add(msg)
url = self.request.resource_url(self.context, 'add_tickets')
return HTTPFound(location = url)
else:
msg = _('added_tickets_text_some_rejected',
default=u"Successfully added ${added} invites but discarded ${rejected} since they already existed or were already used.",
mapping={'added': added, 'rejected': rejected})
self.api.flash_messages.add(msg)
self.request.session['send_tickets.emails'] = emails
self.request.session['send_tickets.message'] = appstruct['message']
url = self.request.resource_url(self.context, 'send_tickets')
return HTTPFound(location = url)
def delete_form(self):
""" Remove content """
schema = colander.Schema()
add_csrf_token(self.context, self.request, schema)
add_came_from(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api=self.api)
form = Form(schema, buttons=(button_delete, button_cancel))
self.api.register_form_resources(form)
post = self.request.POST
if 'delete' in post:
if self.context.content_type in ('SiteRoot', 'Users', 'User'):
raise HTTPForbidden("Can't delete this content type")
parent = self.context.__parent__
del parent[self.context.__name__]
self.api.flash_messages.add(_(u"Deleted"))
url = self.request.resource_url(parent)
came_from = self.request.POST.get('came_from', None)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url)
if 'cancel' in post:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.context)
return HTTPFound(location=url)
#No action - Render edit form
if self.context.content_type == 'Proposal':
used_in_polls = []
ai = self.context.__parent__
for poll in ai.get_content(content_type = 'Poll'):
if self.context.uid in poll.proposal_uids:
used_in_polls.append("'%s'" % poll.title)
if used_in_polls:
msg = _(u"deleting_proposals_used_in_polls_not_allowed_error",
default = u"You can't remove this proposal - it's used within the following polls: ${poll_titles}",
mapping = {'poll_titles': u", ".join(used_in_polls)})
self.api.flash_messages.add(msg, type = 'error', close_button = False)
raise HTTPFound(location = self.request.resource_url(ai))
msg = _(u"delete_form_notice",
default = u"Are you sure you want to delete '${display_name}' with title: ${title}?",
mapping = {'display_name': self.api.translate(self.context.display_name),
'title': self.context.title})
self.api.flash_messages.add(msg, close_button = False)
appstruct = {}
came_from = self.request.GET.get('came_from', None)
if came_from:
appstruct['came_from'] = came_from
self.response['form'] = form.render(appstruct)
return self.response
def rec_to_discussions_form(self):
""" Note: This is far from finished, don't use this unless you really know what you're doing! """
schema = createSchema('PopulateFromRecommendationsSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context = self.context, request = self.request, api = self.api)
form = deform.Form(schema, buttons=(button_save,))
self.api.register_form_resources(form)
post = self.request.POST
if 'save' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except deform.ValidationFailure, e:
self.response['form'] = e.render()
return self.response
adjust_wf = appstruct['adjust_wf']
group = appstruct['group']
userid = appstruct['userid']
dry_run = appstruct['dry_run']
created_discussion_posts = 0
wf_adjusted_proposals = 0
proposals_and_rec = self.get_proposals_and_rec(group)
handled_props = len(proposals_and_rec)
for (prop, rec) in proposals_and_rec:
if rec['text']:
created_discussion_posts += 1
text = "%s\n%s" % (rec['text'], u" ".join([u'#%s' % x for x in prop.get_tags()]))
post = createContent('DiscussionPost', creators = [userid], text = text)
name = post.suggest_name(prop.__parent__)
prop.__parent__[name] = post
if rec['state'] and adjust_wf:
wf_adjusted_proposals += 1
prop.workflow.initialize(prop)
prop.set_workflow_state(self.request, rec['state'])
self.api.flash_messages.add(_(u"Done - handled ${count} proposals",
mapping = {'count': handled_props}))
self.api.flash_messages.add(_(u"${count} new discussion posts added",
mapping = {'count': created_discussion_posts}))
if wf_adjusted_proposals:
self.api.flash_messages.add(_(u"${count} proposals workflow adjusted",
mapping = {'count': wf_adjusted_proposals}))
if dry_run:
from transaction import abort
abort()
self.api.flash_messages.add(_(u"DRY RUN - transaction aborted and nothing saved!"))
return HTTPFound(location = self.request.resource_url(self.context))
def add_meeting(self):
""" Custom view used when adding meetings.
FIXME: We may want to use custom callbacks on add instead, rather than lots of hacks in views.
"""
content_type = self.request.params.get('content_type')
#Permission check
add_permission = self.api.content_types_add_perm(content_type)
if not has_permission(add_permission, self.context, self.request):
raise HTTPForbidden(
"You're not allowed to add '%s' in this context." %
content_type)
factory = self.api.get_content_factory(content_type)
schema_name = self.api.get_schema_name(content_type, 'add')
schema = createSchema(schema_name)
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(button_add, button_cancel))
self.api.register_form_resources(form)
post = self.request.POST
if 'add' in post:
controls = post.items()
try:
#appstruct is deforms convention. It will be the submitted data in a dict.
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
copy_users_and_perms = appstruct['copy_users_and_perms']
del appstruct['copy_users_and_perms']
kwargs = {}
kwargs.update(appstruct)
if self.api.userid:
kwargs['creators'] = [self.api.userid]
obj = createContent(content_type, **kwargs)
name = self.generate_slug(obj.title)
self.context[name] = obj
if copy_users_and_perms:
obj.copy_users_and_perms(copy_users_and_perms)
self.api.flash_messages.add(
_(u"Users and their permissions successfully copied"))
else:
self.api.flash_messages.add(_(u"Successfully added"))
#Success, redirect
url = self.request.resource_url(obj)
return HTTPFound(location=url)
def poll_form(self):
""" Return rendered poll form or process a vote. """
poll_plugin = self.query_poll_plugin(self.context)
if not poll_plugin:
return HTTPForbidden()
schema = poll_plugin.get_vote_schema(self.request, self.api)
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
form = Form(schema,
action = self.request.resource_url(self.context, '_poll_form'),
buttons = (button_vote,),
formid = "vote_form")
can_vote = has_permission(security.ADD_VOTE, self.context, self.request)
userid = self.api.userid
post = self.request.POST
if 'vote' in post:
if not can_vote:
raise HTTPForbidden(u"You're not allowed to vote")
controls = post.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
Vote = poll_plugin.get_vote_class()
if not IVote.implementedBy(Vote):
raise TypeError("Poll plugins method get_vote_class returned something that didn't implement IVote.")
#Remove crsf_token from appstruct after validation
appstruct.pop('csrf_token', None)
if userid in self.context:
vote = self.context[userid]
assert IVote.providedBy(vote)
vote.set_vote_data(appstruct)
else:
vote = Vote(creators = [userid])
#We don't need to send events here, since object added will take care of that
vote.set_vote_data(appstruct, notify = False)
#To fire events after set_vote_data is done
self.context[userid] = vote
success_msg = _(u"Your vote has been registered!")
if self.request.is_xhr:
self.response['success_msg'] = success_msg
return Response(render("templates/snippets/vote_success.pt", self.response, request = self.request))
self.api.flash_messages.add(success_msg)
url = self.request.resource_url(self.context.__parent__, anchor = self.context.uid)
return HTTPFound(location = url)
def poll_config(self):
""" Configure poll settings. Only for moderators.
The settings themselves come from the poll plugin.
Note that the Edit permission should only be granted to moderators
before the actual poll has been set in the ongoing state. After that,
no settings may be changed.
"""
self.response['title'] = _(u"Poll config")
poll_plugin = self.query_poll_plugin(self.context)
if not poll_plugin:
return HTTPForbidden()
schema = poll_plugin.get_settings_schema()
if schema is None:
raise HTTPForbidden("No settings for this poll")
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(button_save, button_cancel))
self.api.register_form_resources(form)
#FIXME: Better default text
config_back_msg = _(
u"review_poll_settings_info_getback",
default=
u"To get back to the poll settings you click the cogwheel menu and select configure poll."
)
post = self.request.POST
if self.request.method == 'POST':
if 'save' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
appstruct.pop('csrf_token',
None) #Otherwise it will be stored too
self.context.poll_settings = appstruct
self.api.flash_messages.add(config_back_msg)
if 'cancel' in post:
self.api.flash_messages.add(config_back_msg)
url = self.request.resource_url(self.context.__parent__,
anchor=self.context.uid)
return HTTPFound(location=url)
def transfer_permissions_form(self):
schema = createSchema('TransferPermissionsSchema').bind(context = self.context, request = self.request)
add_csrf_token(self.context, self.request, schema)
form = deform.Form(schema, buttons=(button_save, button_cancel,))
self.api.register_form_resources(form)
post = self.request.POST
if 'save' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except deform.ValidationFailure, e: #pragma : no cover
self.response['form'] = e.render()
return self.response
from_meeting = self.api.root[appstruct['from_meeting']]
value = from_meeting.get_security()
self.api.meeting.set_security(value)
self.api.flash_messages.add(_(u"Permissions transfered"))
return HTTPFound(location = self.request.resource_url(self.api.meeting))
def add_meeting(self):
""" Custom view used when adding meetings.
FIXME: We may want to use custom callbacks on add instead, rather than lots of hacks in views.
"""
content_type = self.request.params.get('content_type')
#Permission check
add_permission = self.api.content_types_add_perm(content_type)
if not has_permission(add_permission, self.context, self.request):
raise HTTPForbidden("You're not allowed to add '%s' in this context." % content_type)
factory = self.api.get_content_factory(content_type)
schema_name = self.api.get_schema_name(content_type, 'add')
schema = createSchema(schema_name)
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api=self.api)
form = Form(schema, buttons=(button_add, button_cancel))
self.api.register_form_resources(form)
post = self.request.POST
if 'add' in post:
controls = post.items()
try:
#appstruct is deforms convention. It will be the submitted data in a dict.
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
copy_users_and_perms = appstruct['copy_users_and_perms']
del appstruct['copy_users_and_perms']
kwargs = {}
kwargs.update(appstruct)
if self.api.userid:
kwargs['creators'] = [self.api.userid]
obj = createContent(content_type, **kwargs)
name = self.generate_slug(obj.title)
self.context[name] = obj
if copy_users_and_perms:
obj.copy_users_and_perms(copy_users_and_perms)
self.api.flash_messages.add(_(u"Users and their permissions successfully copied"))
else:
self.api.flash_messages.add(_(u"Successfully added"))
#Success, redirect
url = self.request.resource_url(obj)
return HTTPFound(location=url)
def edit_form(self):
self.response['title'] = _(
u"Edit %s" % self.api.translate(self.context.display_name))
content_type = self.context.content_type
schema_name = self.api.get_schema_name(content_type, 'edit')
schema = createSchema(schema_name)
add_csrf_token(self.context, self.request, schema)
add_came_from(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(button_update, button_cancel))
self.api.register_form_resources(form)
post = self.request.POST
if self.request.method == 'POST':
came_from = None
if 'update' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
#Came from should not be stored either
came_from = appstruct.pop('came_from', '')
updated = self.context.set_field_appstruct(appstruct)
if updated:
self.api.flash_messages.add(_(u"Successfully updated"))
else:
self.api.flash_messages.add(_(u"Nothing updated"))
if 'cancel' in post:
self.api.flash_messages.add(_(u"Canceled"))
if came_from:
url = urllib.unquote(came_from)
elif self.context.content_type == 'Poll':
url = self.request.resource_url(self.context.__parent__,
anchor=self.context.uid)
else:
url = self.request.resource_url(self.context)
return HTTPFound(location=url)
def move_object(self):
""" Move object to a new parent. """
schema = createSchema('MoveObjectSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api=self.api)
form = Form(schema, buttons=(button_update, button_cancel))
post = self.request.POST
if 'update' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
new_parent_path = urllib.unquote(appstruct['new_parent_path'])
new_parent = find_resource(self.api.root, new_parent_path)
context = move_object(self.context, new_parent)
self.api.flash_messages.add(_(u"Moved"))
url = self.request.resource_url(context)
return HTTPFound(location=url)
def meeting_access_view_and_discuss(context, request, va, **kw):
if context.get_field_value('access_policy') != 'view_and_discuss_permissions':
raise Exception("ViewAction for request meeting access view_and_discuss_permissions was called, but that access policy wasn't set for this meeting.")
api = kw['api']
if not api.userid:
raise Exception("Can't find userid")
schema = colander.Schema()
add_csrf_token(context, request, schema)
form = Form(schema, buttons=(button_request, button_cancel,))
response = {'api': api}
post = request.POST
if 'request' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
response['form'] = e.render()
return response
context.add_groups(api.userid, [ROLE_DISCUSS, ], event = True)
api.flash_messages.add(_(u"Access granted!"))
url = resource_url(context, request)
return HTTPFound(location=url)
def form(self, schema_name):
""" Generic settings for for site root. """
schema = createSchema(schema_name)
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
form = deform.Form(schema, buttons=(button_save, button_cancel))
self.api.register_form_resources(form)
post = self.request.POST
if 'save' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except deform.ValidationFailure, e:
self.response['form'] = e.render()
return self.response
updated = self.context.set_field_appstruct(appstruct)
if updated:
self.api.flash_messages.add(_(u"Successfully updated"))
else:
self.api.flash_messages.add(_(u"Nothing updated"))
url = self.request.resource_url(self.context)
return HTTPFound(location=url)
def edit_form(self):
""" For configuring polls that haven't started yet. """
schema_name = self.api.get_schema_name(self.context.content_type,
'edit')
schema = createSchema(schema_name, after_bind=poll_schema_after_bind)
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(button_update, button_cancel))
self.api.register_form_resources(form)
post = self.request.POST
if self.request.method == 'POST':
if 'update' in post:
controls = post.items()
try:
#appstruct is deforms convention. It will be the submitted data in a dict.
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
removed_uids = set(self.context.proposal_uids) - set(
appstruct['proposals'])
if removed_uids:
#Adjust removed proposals back to published state, if they're locked
for uid in removed_uids:
prop = self.context.get_proposal_by_uid(uid)
if prop.get_workflow_state() == 'voting':
prop.set_workflow_state(self.request, u'published')
updated = self.context.set_field_appstruct(appstruct)
if updated:
self.api.flash_messages.add(_(u"Successfully updated"))
else:
self.api.flash_messages.add(_(u"Nothing changed"))
if 'cancel' in post:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.context.__parent__,
anchor=self.context.uid)
return HTTPFound(location=url)
def add_participants(self):
""" Add participants to this meeting.
Renders a form where you can paste a csv with the users and select which roles they
should have once they register. When the form is submitted, a list of userids and
passwords is displayed
"""
self.response['title'] = _(u"Add meeting participants")
post = self.request.POST
if 'cancel' in post:
self.api.flash_messages.add(_(u"Canceled"))
url = resource_url(self.context, self.request)
return HTTPFound(location=url)
schema = createSchema('AddParticipantsSchema').bind(context=self.context, request=self.request, api=self.api)
add_csrf_token(self.context, self.request, schema)
form = Form(schema, buttons=(button_add, button_cancel))
self.api.register_form_resources(form)
if 'add' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
roles = appstruct['roles']
output = self._import_participants(appstruct['csv'], roles)
msg = _('added_participants_text', default=u"Successfully added ${participant_count} participants", mapping={'participant_count':len(output)} )
self.api.flash_messages.add(msg)
self.response['heading'] = "%s %s" % (len(output), self.api.pluralize(self.api.translate(_("participant added")), self.api.translate(_("participants added")), len(output)))
self.response['participants'] = output
return Response(render("add_participants.pt", self.response, request = self.request))
def move_object(self):
""" Move object to a new parent. """
schema = createSchema('MoveObjectSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(button_update, button_cancel))
post = self.request.POST
if 'update' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
new_parent_path = urllib.unquote(appstruct['new_parent_path'])
new_parent = find_resource(self.api.root, new_parent_path)
context = move_object(self.context, new_parent)
self.api.flash_messages.add(_(u"Moved"))
url = self.request.resource_url(context)
return HTTPFound(location=url)
def edit_form(self):
self.response['title'] = _(u"Edit %s" % self.api.translate(self.context.display_name))
content_type = self.context.content_type
schema_name = self.api.get_schema_name(content_type, 'edit')
schema = createSchema(schema_name)
add_csrf_token(self.context, self.request, schema)
add_came_from(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api=self.api)
form = Form(schema, buttons=(button_update, button_cancel))
self.api.register_form_resources(form)
post = self.request.POST
if self.request.method == 'POST':
came_from = None
if 'update' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
#Came from should not be stored either
came_from = appstruct.pop('came_from', '')
updated = self.context.set_field_appstruct(appstruct)
if updated:
self.api.flash_messages.add(_(u"Successfully updated"))
else:
self.api.flash_messages.add(_(u"Nothing updated"))
if 'cancel' in post:
self.api.flash_messages.add(_(u"Canceled"))
if came_from:
url = urllib.unquote(came_from)
elif self.context.content_type == 'Poll':
url = self.request.resource_url(self.context.__parent__, anchor = self.context.uid)
else:
url = self.request.resource_url(self.context)
return HTTPFound(location = url)
def poll_config(self):
""" Configure poll settings. Only for moderators.
The settings themselves come from the poll plugin.
Note that the Edit permission should only be granted to moderators
before the actual poll has been set in the ongoing state. After that,
no settings may be changed.
"""
self.response['title'] = _(u"Poll config")
poll_plugin = self.query_poll_plugin(self.context)
if not poll_plugin:
return HTTPForbidden()
schema = poll_plugin.get_settings_schema()
if schema is None:
raise HTTPForbidden("No settings for this poll")
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
form = Form(schema, buttons=(button_save, button_cancel))
self.api.register_form_resources(form)
#FIXME: Better default text
config_back_msg = _(u"review_poll_settings_info_getback",
default = u"To get back to the poll settings you click the cogwheel menu and select configure poll.")
post = self.request.POST
if self.request.method == 'POST':
if 'save' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
appstruct.pop('csrf_token', None) #Otherwise it will be stored too
self.context.poll_settings = appstruct
self.api.flash_messages.add(config_back_msg)
if 'cancel' in post:
self.api.flash_messages.add(config_back_msg)
url = self.request.resource_url(self.context.__parent__, anchor = self.context.uid)
return HTTPFound(location = url)
def clone_form(self):
""" Note: This is far from finished, don't use this unless you really know what you're doing! """
schema = createSchema('CloneMeetingSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context = self.context, request = self.request, api = self.api)
form = deform.Form(schema, buttons=(button_save, button_cancel,))
self.api.register_form_resources(form)
post = self.request.POST
if 'save' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except deform.ValidationFailure, e: #pragma : no cover
self.response['form'] = e.render()
return self.response
new_name = appstruct['new_name']
new_meeting = createContent('Meeting', title = "Clone of %s" % self.context.title)
self.api.root[new_name] = new_meeting
if hasattr(self.context, '__proposal_ids__'):
new_meeting.__proposal_ids__ = deepcopy(self.context.__proposal_ids__)
ignore_attributes = appstruct['ignore_attributes'].splitlines()
self.process_meeting_structure(new_meeting, ignore_attributes)
self.api.flash_messages.add(_(u"Cloned meeting"))
return HTTPFound(location = self.request.resource_url(new_meeting))
def add_form(self):
post = self.request.POST
if 'cancel' in post:
self.api.flash_messages.add(_(u"Canceled"))
url = resource_url(self.context, self.request)
return HTTPFound(location=url)
schema = createSchema('AddUserSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(button_add, button_cancel))
self.api.register_form_resources(form)
if 'add' in post:
controls = post.items()
try:
#appstruct is deforms convention. It will be the submitted data in a dict.
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
#Userid and name should be consistent
name = appstruct['userid']
del appstruct['userid']
#creators takes care of setting the role owner as well as adding it to creators attr.
obj = createContent('User', creators=[name], **appstruct)
self.context[name] = obj
self.api.flash_messages.add(_(u"Successfully added"))
url = resource_url(self.context, self.request)
return HTTPFound(location=url)
def form(self, schema_name):
""" Generic settings for for site root. """
schema = createSchema(schema_name)
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = deform.Form(schema, buttons=(button_save, button_cancel))
self.api.register_form_resources(form)
post = self.request.POST
if 'save' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except deform.ValidationFailure, e:
self.response['form'] = e.render()
return self.response
updated = self.context.set_field_appstruct(appstruct)
if updated:
self.api.flash_messages.add(_(u"Successfully updated"))
else:
self.api.flash_messages.add(_(u"Nothing updated"))
url = self.request.resource_url(self.context)
return HTTPFound(location=url)
def manage_layout(self):
""" Manage layout
"""
self.response['title'] = _(u"Layout")
schema = createSchema('LayoutSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api=self.api)
form = Form(schema, buttons=(button_save, button_cancel,))
self.api.register_form_resources(form)
post = self.request.POST
if 'save' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
self.context.set_field_appstruct(appstruct)
url = self.request.resource_url(self.context)
return HTTPFound(location=url)
def manage_layout(self):
""" Manage layout
"""
self.response['title'] = _(u"Layout")
schema = createSchema('LayoutSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api=self.api)
form = Form(schema, buttons=(button_save, button_cancel,))
self.api.register_form_resources(form)
post = self.request.POST
if 'save' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
self.context.set_field_appstruct(appstruct)
url = self.request.resource_url(self.context)
return HTTPFound(location=url)
def presentation(self):
schema = createSchema("PresentationMeetingSchema")
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
return self.form(schema)
def openid_register(self):
schema = createSchema('CSORegisterUserOpenIDSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(
button_register,
button_cancel,
))
self.api.register_form_resources(form)
if 'cancel' in self.request.POST:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.api.root)
return HTTPFound(location=url)
if self.request.POST:
post = dict(self.request.POST)
openid_identifier = post['openid_identifier']
domain = post['domain']
userid = post['userid']
came_from = post['came_from']
# Logged in user, connect openid_identifier
if self.api.userid:
user = self.api.user_profile
#check that no other user has this token already
other_user = self.api.root.users.get_auth_domain_user(
'openid', 'openid_identifier', openid_identifier)
if other_user and user != other_user:
raise Forbidden(
_("Another user has already registered with this identifier."
))
#setting domain stuff
user.auth_domains['openid'] = {
'openid_identifier': openid_identifier,
'domain': domain
}
url = self.request.resource_url(user)
return HTTPFound(location=url)
else:
# Find user with auth token and log it in
user = self.api.root.users.get_auth_domain_user(
'openid', 'openid_identifier', openid_identifier)
if IUser.providedBy(user):
headers = remember(self.request, user.__name__)
url = self.request.resource_url(self.context)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
if 'register' in self.request.POST:
controls = self.request.POST.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
userid = appstruct['userid']
email = appstruct['email']
first_name = appstruct['first_name']
last_name = appstruct['last_name']
obj = createContent('User',
creators=[userid],
email=email,
first_name=first_name,
last_name=last_name)
self.context.users[userid] = obj
#setting domain stuff
obj.auth_domains['openid'] = {
'openid_identifier': openid_identifier,
'domain': domain
}
headers = remember(self.request, userid) # login user
url = self.request.resource_url(self.api.root)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
else:
self.response['form'] = form.render(self.request.POST)
return self.response
def facebook_register(self):
schema = createSchema('CSORegisterUserSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(
button_register,
button_cancel,
))
self.api.register_form_resources(form)
if 'cancel' in self.request.POST:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.api.root)
return HTTPFound(location=url)
if self.request.POST:
post = dict(self.request.POST)
oauth_userid = post['oauth_userid']
oauth_access_token = post['oauth_access_token']
came_from = post['came_from']
# Logged in user, connect auth token to user
if self.api.userid:
user = self.api.user_profile
#check that no other user has this token already
other_user = self.api.root.users.get_user_by_oauth_token(
'facebook', oauth_access_token)
if other_user and user != other_user:
raise Forbidden(
_("Another user has already registered with this token."
))
#setting domain stuff
user.auth_domains['facebook'] = {
'oauth_userid': oauth_userid,
'oauth_access_token': oauth_access_token,
}
url = self.request.resource_url(user)
return HTTPFound(location=url)
else:
# Find user with auth token and log it in
user = self.api.root.users.get_user_by_oauth_token(
'facebook', oauth_access_token)
if IUser.providedBy(user):
headers = remember(self.request, user.__name__)
url = self.request.resource_url(self.context)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
if 'register' in self.request.POST:
controls = self.request.POST.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
name = appstruct['userid']
del appstruct['userid']
# removing domain data from appstruct
del appstruct['oauth_userid']
del appstruct['oauth_access_token']
# add facebook as selected profile image
appstruct['profile_image_plugin'] = 'facebook_profile_image'
del appstruct['came_from']
obj = createContent('User', creators=[name], **appstruct)
self.context.users[name] = obj
#setting domain stuff
obj.auth_domains['facebook'] = {
'oauth_userid': oauth_userid,
'oauth_access_token': oauth_access_token,
}
headers = remember(self.request, name) # login user
url = self.request.resource_url(self.api.root)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
else:
self.response['form'] = form.render(self.request.POST)
return self.response
def global_poll_settings(self):
schema = createSchema("MeetingPollSettingsSchema")
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
return self.form(schema)
def add_tickets(self):
""" Add ticket invites to this meeting.
Renders a form where you can paste email addresses and select which roles they
should have once they register. When the form is submitted, it will also email
users.
"""
post = self.request.POST
if 'cancel' in post:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.context)
return HTTPFound(location=url)
schema = createSchema('AddTicketsSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = deform.Form(schema, buttons=(button_add, button_cancel))
self.api.register_form_resources(form)
self.response['tabs'] = self.api.render_single_view_component(
self.context, self.request, 'tabs', 'manage_tickets')
if 'add' in post:
controls = post.items()
try:
appstruct = form.validate(controls)
except deform.ValidationFailure, e:
self.response['form'] = e.render()
return self.response
emails = appstruct['emails'].splitlines()
roles = appstruct['roles']
added = 0
rejected = 0
for email in emails:
result = self.context.add_invite_ticket(
email, roles, sent_by=self.api.userid)
if result:
added += 1
else:
rejected += 1
if not rejected:
msg = _('added_tickets_text',
default=u"Successfully added ${added} invites",
mapping={'added': added})
elif not added:
msg = _(
'no_tickets_added',
default=
u"No tickets added - all you specified probably exist already. (Proccessed ${rejected})",
mapping={'rejected': rejected})
self.api.flash_messages.add(msg)
url = self.request.resource_url(self.context, 'add_tickets')
return HTTPFound(location=url)
else:
msg = _(
'added_tickets_text_some_rejected',
default=
u"Successfully added ${added} invites but discarded ${rejected} since they already existed or were already used.",
mapping={
'added': added,
'rejected': rejected
})
self.api.flash_messages.add(msg)
self.request.session['send_tickets.emails'] = emails
self.request.session['send_tickets.message'] = appstruct['message']
url = self.request.resource_url(self.context, 'send_tickets')
return HTTPFound(location=url)
def mail_settings(self):
schema = createSchema("MailSettingsMeetingSchema")
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
return self.form(schema)
def delete_form(self):
""" Remove content """
schema = colander.Schema()
add_csrf_token(self.context, self.request, schema)
add_came_from(self.context, self.request, schema)
schema = schema.bind(context=self.context,
request=self.request,
api=self.api)
form = Form(schema, buttons=(button_delete, button_cancel))
self.api.register_form_resources(form)
post = self.request.POST
if 'delete' in post:
if self.context.content_type in ('SiteRoot', 'Users', 'User'):
raise HTTPForbidden("Can't delete this content type")
parent = self.context.__parent__
del parent[self.context.__name__]
self.api.flash_messages.add(_(u"Deleted"))
url = self.request.resource_url(parent)
came_from = self.request.POST.get('came_from', None)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url)
if 'cancel' in post:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.context)
return HTTPFound(location=url)
#No action - Render edit form
if self.context.content_type == 'Proposal':
used_in_polls = []
ai = self.context.__parent__
for poll in ai.get_content(content_type='Poll'):
if self.context.uid in poll.proposal_uids:
used_in_polls.append("'%s'" % poll.title)
if used_in_polls:
msg = _(
u"deleting_proposals_used_in_polls_not_allowed_error",
default=
u"You can't remove this proposal - it's used within the following polls: ${poll_titles}",
mapping={'poll_titles': u", ".join(used_in_polls)})
self.api.flash_messages.add(msg,
type='error',
close_button=False)
raise HTTPFound(location=self.request.resource_url(ai))
msg = _(
u"delete_form_notice",
default=
u"Are you sure you want to delete '${display_name}' with title: ${title}?",
mapping={
'display_name': self.api.translate(self.context.display_name),
'title': self.context.title
})
self.api.flash_messages.add(msg, close_button=False)
appstruct = {}
came_from = self.request.GET.get('came_from', None)
if came_from:
appstruct['came_from'] = came_from
self.response['form'] = form.render(appstruct)
return self.response
def presentation(self):
schema = createSchema("PresentationMeetingSchema")
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
return self.form(schema)
def openid_register(self):
schema = createSchema('CSORegisterUserOpenIDSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
form = Form(schema, buttons=(button_register, button_cancel,))
self.api.register_form_resources(form)
if 'cancel' in self.request.POST:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.api.root)
return HTTPFound(location=url)
if self.request.POST:
post = dict(self.request.POST)
openid_identifier = post['openid_identifier']
domain = post['domain']
userid = post['userid']
came_from = post['came_from']
# Logged in user, connect openid_identifier
if self.api.userid:
user = self.api.user_profile
#check that no other user has this token already
other_user = self.api.root.users.get_auth_domain_user('openid', 'openid_identifier', openid_identifier)
if other_user and user != other_user:
raise Forbidden(_("Another user has already registered with this identifier."))
#setting domain stuff
user.auth_domains['openid'] = {'openid_identifier': openid_identifier,
'domain': domain}
url = self.request.resource_url(user)
return HTTPFound(location=url)
else:
# Find user with auth token and log it in
user = self.api.root.users.get_auth_domain_user('openid', 'openid_identifier', openid_identifier)
if IUser.providedBy(user):
headers = remember(self.request, user.__name__)
url = self.request.resource_url(self.context)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location = url,
headers = headers)
if 'register' in self.request.POST:
controls = self.request.POST.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
userid = appstruct['userid']
email = appstruct['email']
first_name = appstruct['first_name']
last_name = appstruct['last_name']
obj = createContent('User', creators=[userid], email = email, first_name = first_name, last_name = last_name)
self.context.users[userid] = obj
#setting domain stuff
obj.auth_domains['openid'] = {'openid_identifier': openid_identifier,
'domain': domain}
headers = remember(self.request, userid) # login user
url = self.request.resource_url(self.api.root)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
else:
self.response['form'] = form.render(self.request.POST)
return self.response
def facebook_register(self):
schema = createSchema('CSORegisterUserSchema')
add_csrf_token(self.context, self.request, schema)
schema = schema.bind(context=self.context, request=self.request, api = self.api)
form = Form(schema, buttons=(button_register, button_cancel,))
self.api.register_form_resources(form)
if 'cancel' in self.request.POST:
self.api.flash_messages.add(_(u"Canceled"))
url = self.request.resource_url(self.api.root)
return HTTPFound(location=url)
if self.request.POST:
post = dict(self.request.POST)
oauth_userid = post['oauth_userid']
oauth_access_token = post['oauth_access_token']
came_from = post['came_from']
# Logged in user, connect auth token to user
if self.api.userid:
user = self.api.user_profile
#check that no other user has this token already
other_user = self.api.root.users.get_user_by_oauth_token('facebook', oauth_access_token)
if other_user and user != other_user:
raise Forbidden(_("Another user has already registered with this token."))
#setting domain stuff
user.auth_domains['facebook'] = {'oauth_userid': oauth_userid,
'oauth_access_token': oauth_access_token,}
url = self.request.resource_url(user)
return HTTPFound(location=url)
else:
# Find user with auth token and log it in
user = self.api.root.users.get_user_by_oauth_token('facebook', oauth_access_token)
if IUser.providedBy(user):
headers = remember(self.request, user.__name__)
url = self.request.resource_url(self.context)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location = url,
headers = headers)
if 'register' in self.request.POST:
controls = self.request.POST.items()
try:
appstruct = form.validate(controls)
except ValidationFailure, e:
self.response['form'] = e.render()
return self.response
name = appstruct['userid']
del appstruct['userid']
# removing domain data from appstruct
del appstruct['oauth_userid']
del appstruct['oauth_access_token']
# add facebook as selected profile image
appstruct['profile_image_plugin'] = 'facebook_profile_image'
del appstruct['came_from']
obj = createContent('User', creators=[name], **appstruct)
self.context.users[name] = obj
#setting domain stuff
obj.auth_domains['facebook'] = {'oauth_userid': oauth_userid,
'oauth_access_token': oauth_access_token,}
headers = remember(self.request, name) # login user
url = self.request.resource_url(self.api.root)
if came_from:
url = urllib.unquote(came_from)
return HTTPFound(location=url, headers=headers)
else:
self.response['form'] = form.render(self.request.POST)
return self.response
