appy.bin: backup.py: added field 'To' to mails sent by the backup procedure (so it not less directly considered as junk mail); bugfix in job.py used with Appy > 0.8; appy.gen: optimized performance (methods defined in 'show' attrs were called twice on edit.pt and view.pt); appy.gen: added String.richText allowing to have ckeditor with more text-formatting icons; added ckeditor 'show source' button by default (impossible to live without that); appy.gen: solved security-related problems; appy.gen.mail: allowto send mail as authenticated user; appy.gen: bugfixes in pages when rendered by IE.

gen/wrappers/GroupWrapper.py

@@ -1,8 +1,10 @@
 # ------------------------------------------------------------------------------
+from appy.gen import WorkflowOwner
 from appy.gen.wrappers import AbstractWrapper
 
 # ------------------------------------------------------------------------------
 class GroupWrapper(AbstractWrapper):
+    workflow = WorkflowOwner
 
     def showLogin(self):
         '''When must we show the login field?'''

gen/wrappers/ToolWrapper.py

@@ -30,16 +30,23 @@ class ToolWrapper(AbstractWrapper):
                 return NOT_UNO_ENABLED_PYTHON % value
         return True
 
+    def isManager(self):
+        '''Some pages on the tool can only be accessed by God.'''
+        if self.user.has_role('Manager'): return 'view'
+
     podOutputFormats = ('odt', 'pdf', 'doc', 'rtf')
     def getPodOutputFormats(self):
         '''Gets the available output formats for POD documents.'''
         return [(of, self.translate(of)) for of in self.podOutputFormats]
 
-    def getInitiator(self):
+    def getInitiator(self, field=False):
         '''Retrieves the object that triggered the creation of the object
-           being currently created (if any).'''
+           being currently created (if any), or the name of the field in this
+           object if p_field is given.'''
         nav = self.o.REQUEST.get('nav', '')
-        if nav: return self.getObject(nav.split('.')[1])
+        if not nav or not nav.startswith('ref.'): return
+        if not field: return self.getObject(nav.split('.')[1])
+        return nav.split('.')[2].split(':')[0]
 
     def getObject(self, uid):
         '''Allow to retrieve an object from its unique identifier p_uid.'''

gen/wrappers/UserWrapper.py

@@ -1,13 +1,15 @@
 # ------------------------------------------------------------------------------
+from appy.gen import WorkflowOwner
 from appy.gen.wrappers import AbstractWrapper
 
 # ------------------------------------------------------------------------------
 class UserWrapper(AbstractWrapper):
+    workflow = WorkflowOwner
 
     def showLogin(self):
         '''When must we show the login field?'''
         if self.o.isTemporary(): return 'edit'
-        return 'view'
+        return ('view', 'result')
 
     def showName(self):
         '''Name and first name, by default, are always shown.'''
@@ -29,7 +31,8 @@ class UserWrapper(AbstractWrapper):
         if login == 'admin':
             return 'This username is reserved.' # XXX Translate
         # Check that no user or group already uses this login.
-        if self.count('User', login=login) or self.count('Group', login=login):
+        if self.count('User', noSecurity=True, login=login) or \
+           self.count('Group', noSecurity=True, login=login):
             return 'This login is already in use.' # XXX Translate
         return True
 

gen/wrappers/__init__.py

@@ -54,7 +54,8 @@ class AbstractWrapper(object):
         elif name == 'user':
             return self.o.getUser()
         elif name == 'appyUser':
-            return self.search1('User', login=self.o.getUser().getId())
+            return self.search1('User', noSecurity=True,
+                                login=self.o.getUser().getId())
         elif name == 'fields': return self.o.getAllAppyTypes()
         # Now, let's try to return a real attribute.
         res = object.__getattribute__(self, name)