2017-07-06 00:19:31 -05:00
|
|
|
# -*- coding: utf-8; -*-
|
2013-05-07 19:41:58 -05:00
|
|
|
################################################################################
|
|
|
|
#
|
|
|
|
# Rattail -- Retail Software Framework
|
2017-02-04 18:16:18 -06:00
|
|
|
# Copyright © 2010-2017 Lance Edgar
|
2013-05-07 19:41:58 -05:00
|
|
|
#
|
|
|
|
# This file is part of Rattail.
|
|
|
|
#
|
|
|
|
# Rattail is free software: you can redistribute it and/or modify it under the
|
2017-07-06 23:47:56 -05:00
|
|
|
# terms of the GNU General Public License as published by the Free Software
|
|
|
|
# Foundation, either version 3 of the License, or (at your option) any later
|
|
|
|
# version.
|
2013-05-07 19:41:58 -05:00
|
|
|
#
|
|
|
|
# Rattail is distributed in the hope that it will be useful, but WITHOUT ANY
|
|
|
|
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
|
2017-07-06 23:47:56 -05:00
|
|
|
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
|
|
|
|
# details.
|
2013-05-07 19:41:58 -05:00
|
|
|
#
|
2017-07-06 23:47:56 -05:00
|
|
|
# You should have received a copy of the GNU General Public License along with
|
|
|
|
# Rattail. If not, see <http://www.gnu.org/licenses/>.
|
2013-05-07 19:41:58 -05:00
|
|
|
#
|
|
|
|
################################################################################
|
|
|
|
"""
|
2013-09-01 09:27:47 -05:00
|
|
|
User Views
|
2013-05-07 19:41:58 -05:00
|
|
|
"""
|
|
|
|
|
2016-02-01 16:11:24 -06:00
|
|
|
from __future__ import unicode_literals, absolute_import
|
2014-08-05 23:23:55 -05:00
|
|
|
|
2017-02-04 18:16:18 -06:00
|
|
|
import copy
|
|
|
|
|
2015-08-11 23:19:41 -05:00
|
|
|
from sqlalchemy import orm
|
|
|
|
|
2015-02-09 15:33:16 -06:00
|
|
|
from rattail.db import model
|
2017-02-04 18:16:18 -06:00
|
|
|
from rattail.db.auth import guest_role, authenticated_role, set_user_password, has_permission
|
2015-01-19 00:45:26 -06:00
|
|
|
|
2017-02-04 18:16:18 -06:00
|
|
|
import wtforms
|
2015-01-19 00:45:26 -06:00
|
|
|
import formalchemy
|
2013-09-01 17:31:50 -05:00
|
|
|
from formalchemy.fields import SelectFieldRenderer
|
2017-07-06 20:13:42 -05:00
|
|
|
from webhelpers2.html import HTML, tags
|
2013-05-07 19:41:58 -05:00
|
|
|
|
2016-08-12 01:58:07 -05:00
|
|
|
from tailbone import forms
|
2015-08-11 23:19:41 -05:00
|
|
|
from tailbone.db import Session
|
2017-08-04 17:14:38 -05:00
|
|
|
from tailbone.views import MasterView2 as MasterView
|
2017-02-06 13:37:42 -06:00
|
|
|
from tailbone.views.principal import PrincipalMasterView
|
2013-05-07 19:41:58 -05:00
|
|
|
|
2013-09-01 17:31:50 -05:00
|
|
|
|
2015-08-11 23:19:41 -05:00
|
|
|
def unique_username(value, field):
|
|
|
|
user = field.parent.model
|
|
|
|
query = Session.query(model.User).filter(model.User.username == value)
|
|
|
|
if user.uuid:
|
|
|
|
query = query.filter(model.User.uuid != user.uuid)
|
|
|
|
if query.count():
|
|
|
|
raise formalchemy.ValidationError("Username must be unique.")
|
2013-09-01 17:31:50 -05:00
|
|
|
|
|
|
|
|
2015-08-11 23:19:41 -05:00
|
|
|
def passwords_match(value, field):
|
|
|
|
if field.parent.confirm_password.value != value:
|
|
|
|
raise formalchemy.ValidationError("Passwords do not match")
|
|
|
|
return value
|
|
|
|
|
|
|
|
|
|
|
|
class PasswordFieldRenderer(formalchemy.PasswordFieldRenderer):
|
|
|
|
|
|
|
|
def render(self, **kwargs):
|
|
|
|
return tags.password(self.name, value='', maxlength=self.length, **kwargs)
|
|
|
|
|
|
|
|
|
|
|
|
class PasswordField(formalchemy.Field):
|
|
|
|
|
|
|
|
def __init__(self, *args, **kwargs):
|
|
|
|
kwargs.setdefault('value', lambda x: x.password)
|
|
|
|
kwargs.setdefault('renderer', PasswordFieldRenderer)
|
|
|
|
kwargs.setdefault('validate', passwords_match)
|
|
|
|
super(PasswordField, self).__init__(*args, **kwargs)
|
2013-09-01 17:31:50 -05:00
|
|
|
|
|
|
|
def sync(self):
|
|
|
|
if not self.is_readonly():
|
2015-08-11 23:19:41 -05:00
|
|
|
password = self.renderer.deserialize()
|
|
|
|
if password:
|
|
|
|
set_user_password(self.model, password)
|
|
|
|
|
2013-09-01 17:31:50 -05:00
|
|
|
|
|
|
|
def RolesFieldRenderer(request):
|
|
|
|
|
|
|
|
class RolesFieldRenderer(SelectFieldRenderer):
|
|
|
|
|
|
|
|
def render_readonly(self, **kwargs):
|
2015-08-11 23:19:41 -05:00
|
|
|
roles = Session.query(model.Role)
|
2013-09-01 17:31:50 -05:00
|
|
|
html = ''
|
|
|
|
for uuid in self.value:
|
|
|
|
role = roles.get(uuid)
|
|
|
|
link = tags.link_to(
|
2015-08-11 15:01:21 -05:00
|
|
|
role.name, request.route_url('roles.view', uuid=role.uuid))
|
2013-09-01 17:31:50 -05:00
|
|
|
html += HTML.tag('li', c=link)
|
|
|
|
html = HTML.tag('ul', c=html)
|
|
|
|
return html
|
|
|
|
|
|
|
|
return RolesFieldRenderer
|
|
|
|
|
|
|
|
|
2015-08-11 23:19:41 -05:00
|
|
|
class RolesField(formalchemy.Field):
|
2015-01-19 00:45:26 -06:00
|
|
|
|
2015-08-11 23:19:41 -05:00
|
|
|
def __init__(self, name, **kwargs):
|
|
|
|
kwargs.setdefault('value', self.get_value)
|
|
|
|
kwargs.setdefault('options', self.get_options())
|
|
|
|
kwargs.setdefault('multiple', True)
|
|
|
|
super(RolesField, self).__init__(name, **kwargs)
|
2015-01-19 00:45:26 -06:00
|
|
|
|
2015-08-11 23:19:41 -05:00
|
|
|
def get_value(self, user):
|
|
|
|
return [x.uuid for x in user.roles]
|
2015-01-19 00:45:26 -06:00
|
|
|
|
2015-08-11 23:19:41 -05:00
|
|
|
def get_options(self):
|
|
|
|
return Session.query(model.Role.name, model.Role.uuid)\
|
|
|
|
.filter(model.Role.uuid != guest_role(Session()).uuid)\
|
2016-06-15 12:51:10 -05:00
|
|
|
.filter(model.Role.uuid != authenticated_role(Session()).uuid)\
|
2015-08-11 23:19:41 -05:00
|
|
|
.order_by(model.Role.name)\
|
|
|
|
.all()
|
2015-01-19 00:45:26 -06:00
|
|
|
|
|
|
|
def sync(self):
|
|
|
|
if not self.is_readonly():
|
2015-08-11 23:19:41 -05:00
|
|
|
user = self.model
|
|
|
|
roles = Session.query(model.Role)
|
|
|
|
data = self.renderer.deserialize()
|
|
|
|
user.roles = [roles.get(x) for x in data]
|
|
|
|
|
2015-01-19 00:45:26 -06:00
|
|
|
|
2017-02-06 13:37:42 -06:00
|
|
|
class UsersView(PrincipalMasterView):
|
2015-08-11 23:19:41 -05:00
|
|
|
"""
|
|
|
|
Master view for the User model.
|
|
|
|
"""
|
|
|
|
model_class = model.User
|
2017-08-04 17:14:38 -05:00
|
|
|
has_rows = True
|
|
|
|
model_row_class = model.UserEvent
|
2017-07-15 02:46:39 -05:00
|
|
|
has_versions = True
|
|
|
|
|
2017-02-17 12:49:15 -06:00
|
|
|
mergeable = True
|
|
|
|
merge_additive_fields = [
|
|
|
|
'sent_message_count',
|
|
|
|
'received_message_count',
|
|
|
|
]
|
|
|
|
merge_fields = merge_additive_fields + [
|
|
|
|
'uuid',
|
|
|
|
'username',
|
|
|
|
'person_uuid',
|
|
|
|
'person_name',
|
|
|
|
'role_count',
|
|
|
|
'active',
|
|
|
|
]
|
2015-01-19 00:45:26 -06:00
|
|
|
|
2017-07-07 09:13:53 -05:00
|
|
|
grid_columns = [
|
|
|
|
'username',
|
|
|
|
'person',
|
2017-10-13 16:12:28 -05:00
|
|
|
'active',
|
2017-07-07 09:13:53 -05:00
|
|
|
]
|
|
|
|
|
2017-08-04 17:14:38 -05:00
|
|
|
row_grid_columns = [
|
|
|
|
'type_code',
|
|
|
|
'occurred',
|
|
|
|
]
|
|
|
|
|
2015-08-11 23:19:41 -05:00
|
|
|
def query(self, session):
|
|
|
|
return session.query(model.User)\
|
2017-08-09 21:41:42 -05:00
|
|
|
.outerjoin(model.Person)\
|
2015-08-11 23:19:41 -05:00
|
|
|
.options(orm.joinedload(model.User.person))
|
2013-05-07 19:41:58 -05:00
|
|
|
|
2015-08-11 23:19:41 -05:00
|
|
|
def configure_grid(self, g):
|
2017-07-07 09:13:53 -05:00
|
|
|
super(UsersView, self).configure_grid(g)
|
|
|
|
|
2015-08-11 23:19:41 -05:00
|
|
|
del g.filters['password']
|
|
|
|
del g.filters['salt']
|
|
|
|
g.filters['username'].default_active = True
|
|
|
|
g.filters['username'].default_verb = 'contains'
|
|
|
|
g.filters['active'].default_active = True
|
|
|
|
g.filters['active'].default_verb = 'is_true'
|
2017-07-07 09:13:53 -05:00
|
|
|
g.filters['person'] = g.make_filter('person', model.Person.display_name,
|
2015-08-11 23:19:41 -05:00
|
|
|
default_active=True, default_verb='contains')
|
2016-02-01 16:11:24 -06:00
|
|
|
g.filters['password'] = g.make_filter('password', model.User.password,
|
|
|
|
verbs=['is_null', 'is_not_null'])
|
2013-05-07 19:41:58 -05:00
|
|
|
|
2017-08-09 21:41:42 -05:00
|
|
|
g.set_sorter('person', model.Person.display_name)
|
|
|
|
g.set_sorter('first_name', model.Person.first_name)
|
|
|
|
g.set_sorter('last_name', model.Person.last_name)
|
|
|
|
g.set_sorter('display_name', model.Person.display_name)
|
2015-08-11 23:19:41 -05:00
|
|
|
g.default_sortkey = 'username'
|
2013-05-07 19:41:58 -05:00
|
|
|
|
2017-07-07 09:13:53 -05:00
|
|
|
g.set_label('person', "Person's Name")
|
2013-05-07 19:41:58 -05:00
|
|
|
|
2017-08-02 20:40:02 -05:00
|
|
|
g.set_link('username')
|
|
|
|
g.set_link('person')
|
2017-08-09 21:41:42 -05:00
|
|
|
g.set_link('first_name')
|
|
|
|
g.set_link('last_name')
|
|
|
|
g.set_link('display_name')
|
2017-08-02 20:40:02 -05:00
|
|
|
|
2016-12-10 10:14:52 -06:00
|
|
|
def _preconfigure_fieldset(self, fs):
|
2016-10-10 10:58:49 -05:00
|
|
|
fs.username.set(renderer=forms.renderers.StrippedTextFieldRenderer, validate=unique_username)
|
2016-12-10 10:14:52 -06:00
|
|
|
fs.person.set(renderer=forms.renderers.PersonFieldRenderer, options=[])
|
2015-08-11 23:19:41 -05:00
|
|
|
fs.append(PasswordField('password', label="Set Password"))
|
|
|
|
fs.append(formalchemy.Field('confirm_password', renderer=PasswordFieldRenderer))
|
2017-02-17 14:24:13 -06:00
|
|
|
fs.append(RolesField('roles', renderer=RolesFieldRenderer(self.request), size=10))
|
2017-08-09 21:41:42 -05:00
|
|
|
fs.append(forms.AssociationProxyField('first_name'))
|
|
|
|
fs.append(forms.AssociationProxyField('last_name'))
|
|
|
|
fs.append(forms.AssociationProxyField('display_name', label="Full Name"))
|
|
|
|
|
|
|
|
# hm this should work according to MDN but doesn't seem to...
|
|
|
|
# https://developer.mozilla.org/en-US/docs/Web/Security/Securing_your_site/Turning_off_form_autocompletion
|
|
|
|
fs.username.attrs(autocomplete='new-password')
|
|
|
|
fs.password.attrs(autocomplete='new-password')
|
|
|
|
fs.confirm_password.attrs(autocomplete='new-password')
|
2016-12-10 10:14:52 -06:00
|
|
|
|
|
|
|
def configure_fieldset(self, fs):
|
2013-05-07 19:41:58 -05:00
|
|
|
fs.configure(
|
|
|
|
include=[
|
|
|
|
fs.username,
|
2015-08-11 23:19:41 -05:00
|
|
|
fs.person,
|
2017-08-09 21:41:42 -05:00
|
|
|
fs.first_name,
|
|
|
|
fs.last_name,
|
|
|
|
fs.display_name,
|
2015-08-11 23:19:41 -05:00
|
|
|
fs.active,
|
2017-03-27 21:37:45 -05:00
|
|
|
fs.active_sticky,
|
2015-08-11 23:19:41 -05:00
|
|
|
fs.password,
|
2013-05-07 19:41:58 -05:00
|
|
|
fs.confirm_password,
|
|
|
|
fs.roles,
|
2015-08-11 23:19:41 -05:00
|
|
|
])
|
|
|
|
if self.viewing:
|
2016-08-12 01:58:07 -05:00
|
|
|
permissions = self.request.registry.settings.get('tailbone_permissions', {})
|
|
|
|
renderer = forms.renderers.PermissionsFieldRenderer(permissions,
|
|
|
|
include_guest=True,
|
|
|
|
include_authenticated=True)
|
|
|
|
fs.append(formalchemy.Field('permissions', renderer=renderer))
|
2016-10-25 18:14:43 -05:00
|
|
|
if self.viewing or self.deleting:
|
|
|
|
del fs.password
|
|
|
|
del fs.confirm_password
|
2013-05-07 19:41:58 -05:00
|
|
|
|
2017-03-19 11:21:00 -05:00
|
|
|
def editable_instance(self, user):
|
|
|
|
if self.rattail_config.demo():
|
|
|
|
return user.username != 'chuck'
|
|
|
|
return True
|
|
|
|
|
|
|
|
def deletable_instance(self, user):
|
|
|
|
if self.rattail_config.demo():
|
|
|
|
return user.username != 'chuck'
|
|
|
|
return True
|
|
|
|
|
2017-08-04 17:14:38 -05:00
|
|
|
def get_row_data(self, user):
|
|
|
|
return self.Session.query(model.UserEvent)\
|
|
|
|
.filter(model.UserEvent.user == user)
|
|
|
|
|
|
|
|
def configure_row_grid(self, g):
|
|
|
|
super(UsersView, self).configure_row_grid(g)
|
|
|
|
g.width = 'half'
|
|
|
|
g.filterable = False
|
|
|
|
g.default_sortkey = 'occurred'
|
|
|
|
g.default_sortdir = 'desc'
|
|
|
|
g.set_enum('type_code', self.enum.USER_EVENT)
|
|
|
|
g.set_label('type_code', "Event Type")
|
|
|
|
g.main_actions = []
|
|
|
|
|
2017-07-15 02:46:39 -05:00
|
|
|
def get_version_child_classes(self):
|
|
|
|
return [
|
|
|
|
(model.UserRole, 'user_uuid'),
|
|
|
|
]
|
|
|
|
|
2017-02-06 13:37:42 -06:00
|
|
|
def find_principals_with_permission(self, session, permission):
|
2017-02-04 18:16:18 -06:00
|
|
|
# TODO: this should search Permission table instead, and work backward to User?
|
|
|
|
all_users = session.query(model.User)\
|
|
|
|
.filter(model.User.active == True)\
|
|
|
|
.order_by(model.User.username)\
|
|
|
|
.options(orm.joinedload(model.User._roles)\
|
|
|
|
.joinedload(model.UserRole.role)\
|
|
|
|
.joinedload(model.Role._permissions))
|
|
|
|
users = []
|
|
|
|
for user in all_users:
|
|
|
|
if has_permission(session, user, permission):
|
|
|
|
users.append(user)
|
|
|
|
return users
|
|
|
|
|
2017-02-17 12:49:15 -06:00
|
|
|
def get_merge_data(self, user):
|
|
|
|
return {
|
|
|
|
'uuid': user.uuid,
|
|
|
|
'username': user.username,
|
|
|
|
'person_uuid': user.person_uuid,
|
|
|
|
'person_name': user.person.display_name if user.person else None,
|
|
|
|
'_roles': user.roles,
|
|
|
|
'role_count': len(user.roles),
|
|
|
|
'active': user.active,
|
|
|
|
'sent_message_count': len(user.sent_messages),
|
|
|
|
'received_message_count': len(user._messages),
|
|
|
|
}
|
|
|
|
|
|
|
|
def get_merge_resulting_data(self, remove, keep):
|
|
|
|
result = super(UsersView, self).get_merge_resulting_data(remove, keep)
|
|
|
|
result['role_count'] = len(set(remove['_roles'] + keep['_roles']))
|
|
|
|
return result
|
|
|
|
|
|
|
|
def merge_objects(self, removing, keeping):
|
|
|
|
# TODO: merge roles, messages
|
|
|
|
assert not removing.sent_messages
|
|
|
|
assert not removing._messages
|
|
|
|
assert not removing._roles
|
|
|
|
self.Session.delete(removing)
|
|
|
|
|
2013-05-07 19:41:58 -05:00
|
|
|
|
2017-08-04 17:14:38 -05:00
|
|
|
class UserEventsView(MasterView):
|
|
|
|
"""
|
|
|
|
Master view for all user events
|
|
|
|
"""
|
|
|
|
model_class = model.UserEvent
|
|
|
|
url_prefix = '/user-events'
|
|
|
|
viewable = False
|
|
|
|
creatable = False
|
|
|
|
editable = False
|
|
|
|
deletable = False
|
|
|
|
|
|
|
|
grid_columns = [
|
|
|
|
'user',
|
|
|
|
'person',
|
|
|
|
'type_code',
|
|
|
|
'occurred',
|
|
|
|
]
|
|
|
|
|
|
|
|
def get_data(self, session=None):
|
|
|
|
query = super(UserEventsView, self).get_data(session=session)
|
|
|
|
return query.join(model.User)
|
|
|
|
|
|
|
|
def configure_grid(self, g):
|
|
|
|
super(UserEventsView, self).configure_grid(g)
|
|
|
|
g.set_joiner('person', lambda q: q.outerjoin(model.Person))
|
|
|
|
g.set_sorter('user', model.User.username)
|
|
|
|
g.set_sorter('person', model.Person.display_name)
|
|
|
|
g.filters['user'] = g.make_filter('user', model.User.username)
|
|
|
|
g.filters['person'] = g.make_filter('person', model.Person.display_name)
|
|
|
|
g.set_enum('type_code', self.enum.USER_EVENT)
|
|
|
|
g.set_type('occurred', 'datetime')
|
|
|
|
g.set_renderer('user', self.render_user)
|
|
|
|
g.set_renderer('person', self.render_person)
|
|
|
|
g.default_sortkey = 'occurred'
|
|
|
|
g.default_sortdir = 'desc'
|
|
|
|
g.set_label('user', "Username")
|
|
|
|
g.set_label('type_code', "Event Type")
|
|
|
|
|
|
|
|
def render_user(self, event, column):
|
|
|
|
return event.user.username
|
|
|
|
|
|
|
|
def render_person(self, event, column):
|
2017-08-09 21:41:42 -05:00
|
|
|
if event.user.person:
|
|
|
|
return event.user.person.display_name
|
2017-08-04 17:14:38 -05:00
|
|
|
|
|
|
|
|
2013-05-07 19:41:58 -05:00
|
|
|
def includeme(config):
|
2015-08-11 23:19:41 -05:00
|
|
|
UsersView.defaults(config)
|
2017-08-04 17:14:38 -05:00
|
|
|
UserEventsView.defaults(config)
|