21
21
import formencode.validators
22
22
from genshi.filters import HTMLFormFiller
24
from ivle.database import User
26
from ivle.pulldown_subj import enrol_user
24
27
from ivle.webapp import ApplicationRoot
25
from ivle.webapp.base.rest import JSONRESTView, require_permission
28
from ivle.webapp.base.forms import BaseFormView, URLNameValidator
26
29
from ivle.webapp.base.xhtml import XHTMLView
27
30
from ivle.webapp.base.plugins import ViewPlugin, MediaPlugin
28
31
from ivle.webapp.admin.publishing import root_to_user, user_url
29
from ivle.database import User
35
34
class UsersView(XHTMLView):
46
45
ctx['users'] = req.store.find(User).order_by(User.login)
49
# List of fields returned as part of the user JSON dictionary
50
# (as returned by the get_user action)
52
"login", "state", "unixid", "email", "nick", "fullname",
53
"admin", "studentid", "acct_exp", "pass_exp", "last_login",
57
class UserRESTView(JSONRESTView):
59
A REST interface to the user object.
62
@require_permission('view')
65
user = ivle.util.object_to_dict(user_fields_list, self.context)
66
# Convert time stamps to nice strings
67
for k in 'pass_exp', 'acct_exp', 'last_login':
68
if user[k] is not None:
69
user[k] = unicode(user[k])
71
user['local_password'] = self.context.passhash is not None
74
48
class UserEditSchema(formencode.Schema):
75
49
nick = formencode.validators.UnicodeString(not_empty=True)
76
50
email = formencode.validators.Email(not_empty=False,
79
class UserEditView(XHTMLView):
53
class UserEditView(BaseFormView):
80
54
"""A form to change a user's details."""
81
55
template = 'templates/user-edit.html'
83
57
permission = 'edit'
85
def filter(self, stream, ctx):
86
return stream | HTMLFormFiller(data=ctx['data'])
61
return UserEditSchema()
63
def get_default_data(self, req):
64
return {'nick': self.context.nick,
65
'email': self.context.email
68
def save_object(self, req, data):
69
self.context.nick = data['nick']
70
self.context.email = unicode(data['email']) if data['email'] \
88
74
def populate(self, req, ctx):
89
if req.method == 'POST':
90
data = dict(req.get_fieldstorage())
92
validator = UserEditSchema()
93
data = validator.to_python(data, state=req)
94
self.context.nick = data['nick']
95
self.context.email = unicode(data['email']) if data['email'] \
98
req.throw_redirect(req.uri)
99
except formencode.Invalid, e:
100
errors = e.unpack_errors()
102
data = {'nick': self.context.nick,
103
'email': self.context.email
75
super(UserEditView, self).populate(req, ctx)
107
76
ctx['format_datetime'] = ivle.date.make_date_nice
108
77
ctx['format_datetime_short'] = ivle.date.format_datetime_for_paragraph
78
ctx['svn_url'] = req.user.get_svn_url(req.config)
79
ctx['svn_pass'] = req.user.svn_pass
111
ctx['user'] = self.context
113
ctx['errors'] = errors
115
82
class UserAdminSchema(formencode.Schema):
116
83
admin = formencode.validators.StringBoolean(if_missing=False)
129
96
"""Only allow access if the requesting user is an admin."""
130
97
return req.user and req.user.admin
132
def filter(self, stream, ctx):
133
return stream | HTMLFormFiller(data=ctx['data'])
101
return UserAdminSchema()
103
def get_default_data(self, req):
104
return {'admin': self.context.admin,
105
'disabled': self.context.state == u'disabled',
106
'fullname': self.context.fullname,
107
'studentid': self.context.studentid,
110
def save_object(self, req, data):
111
if self.context is req.user:
112
# Admin checkbox is disabled -- assume unchanged
113
data['admin'] = self.context.admin
114
data['disabled'] = self.context.state == u'disabled'
116
self.context.admin = data['admin']
117
if self.context.state in (u'enabled', u'disabled'):
118
self.context.state = (u'disabled' if data['disabled']
120
self.context.fullname = data['fullname'] \
121
if data['fullname'] else None
122
self.context.studentid = data['studentid'] \
123
if data['studentid'] else None
135
126
def populate(self, req, ctx):
136
if req.method == 'POST':
137
data = dict(req.get_fieldstorage())
139
validator = UserAdminSchema()
140
data = validator.to_python(data, state=req)
142
if self.context is req.user:
143
# Admin checkbox is disabled -- assume unchanged
144
data['admin'] = self.context.admin
145
data['disabled'] = self.context.state == u'disabled'
147
self.context.admin = data['admin']
148
if self.context.state in (u'enabled', u'disabled'):
149
self.context.state = (u'disabled' if data['disabled']
151
self.context.fullname = data['fullname'] \
152
if data['fullname'] else None
153
self.context.studentid = data['studentid'] \
154
if data['studentid'] else None
156
req.throw_redirect(req.uri)
157
except formencode.Invalid, e:
158
errors = e.unpack_errors()
160
data = {'admin': self.context.admin,
161
'disabled': self.context.state == u'disabled',
162
'fullname': self.context.fullname,
163
'studentid': self.context.studentid,
168
ctx['user'] = self.context
169
# Disable the Admin checkbox if editing oneself
127
super(UserAdminView, self).populate(req, ctx)
129
# Disable the admin checkbox if editing oneself
170
130
ctx['disable_admin'] = self.context is req.user
172
ctx['errors'] = errors
174
132
class PasswordChangeView(XHTMLView):
175
133
"""A form to change a user's password, with knowledge of the old one."""
230
188
ctx['user'] = self.context
231
189
ctx['error'] = error
192
class UserNewSchema(formencode.Schema):
193
login = URLNameValidator() # XXX: Validate uniqueness.
194
admin = formencode.validators.StringBoolean(if_missing=False)
195
fullname = formencode.validators.UnicodeString(not_empty=True)
196
studentid = formencode.validators.UnicodeString(not_empty=False,
199
email = formencode.validators.Email(not_empty=False,
203
class UserNewView(BaseFormView):
204
"""A form for admins to create new users."""
205
template = 'templates/user-new.html'
208
def authorize(self, req):
209
"""Only allow access if the requesting user is an admin."""
210
return req.user and req.user.admin
214
return UserNewSchema()
216
def get_default_data(self, req):
219
def save_object(self, req, data):
220
data['nick'] = data['fullname']
221
data['email'] = unicode(data['email']) if data['email'] else None
222
userobj = User(**data)
223
req.store.add(userobj)
224
enrol_user(req.config, req.store, userobj)
233
229
class Plugin(ViewPlugin, MediaPlugin):
235
231
The Plugin class for the user plugin.
238
234
forward_routes = (root_to_user,)
239
235
reverse_routes = (user_url,)
240
views = [(ApplicationRoot, 'users', UsersView),
241
(ivle.database.User, '+index', UserEditView),
242
(ivle.database.User, '+admin', UserAdminView),
243
(ivle.database.User, '+changepassword', PasswordChangeView),
244
(ivle.database.User, '+resetpassword', PasswordResetView),
245
(ivle.database.User, '+index', UserRESTView, 'api'),
236
views = [(ApplicationRoot, ('users', '+index'), UsersView),
237
(ApplicationRoot, ('users', '+new'), UserNewView),
238
(User, '+index', UserEditView),
239
(User, '+admin', UserAdminView),
240
(User, '+changepassword', PasswordChangeView),
241
(User, '+resetpassword', PasswordResetView),