From 8b50412a581108405410c3f4b3e4d1ad43282f55 Mon Sep 17 00:00:00 2001
From: Phuoc CAO <phuoc@caotek.fr>
Date: Sat, 22 Jul 2017 13:11:01 +0200
Subject: [PATCH] tested login.pt

---
 caotek_mesavoirs.egg-info/PKG-INFO            |   2 +-
 caotek_mesavoirs.egg-info/SOURCES.txt         |   5 +-
 caotek_mesavoirs/__init__.py                  |   2 +-
 caotek_mesavoirs/models/agenda.py             | 121 ---------
 .../models/{default.py => members.py}         |  34 +--
 caotek_mesavoirs/panels.py                    |  15 +-
 caotek_mesavoirs/routes.py                    |  10 +-
 caotek_mesavoirs/security.py                  |   6 +-
 caotek_mesavoirs/templates/agenda/agenda.pt   |  47 ----
 .../templates/agenda/dossier_view.pt          | 111 --------
 caotek_mesavoirs/templates/agenda/planning.pt |  59 ----
 caotek_mesavoirs/templates/agenda/rdv_edit.pt |  91 -------
 caotek_mesavoirs/templates/layouts/pdf.pt     |  22 --
 .../templates/{ => members}/changer_mdp.pt    |   0
 .../templates/{ => members}/envoyer_mdp.pt    |   0
 .../templates/{ => members}/login.pt          |   6 +-
 .../templates/{ => members}/redefinir_mdp.pt  |   0
 .../templates/{ => members}/user_edit.pt      |  17 +-
 .../templates/{ => members}/users_list.pt     |  16 +-
 .../templates/panels/dropdown_menu_panel.pt   |   3 +-
 caotek_mesavoirs/templates/security.py        |  11 -
 caotek_mesavoirs/views/agenda.py              | 200 --------------
 caotek_mesavoirs/views/default.py             | 230 ----------------
 caotek_mesavoirs/views/members.py             | 251 ++++++++++++++++++
 development.ini                               |   3 +-
 production.ini                                |   2 +-
 26 files changed, 296 insertions(+), 968 deletions(-)
 delete mode 100644 caotek_mesavoirs/models/agenda.py
 rename caotek_mesavoirs/models/{default.py => members.py} (65%)
 delete mode 100644 caotek_mesavoirs/templates/agenda/agenda.pt
 delete mode 100644 caotek_mesavoirs/templates/agenda/dossier_view.pt
 delete mode 100644 caotek_mesavoirs/templates/agenda/planning.pt
 delete mode 100644 caotek_mesavoirs/templates/agenda/rdv_edit.pt
 delete mode 100644 caotek_mesavoirs/templates/layouts/pdf.pt
 rename caotek_mesavoirs/templates/{ => members}/changer_mdp.pt (100%)
 rename caotek_mesavoirs/templates/{ => members}/envoyer_mdp.pt (100%)
 rename caotek_mesavoirs/templates/{ => members}/login.pt (91%)
 rename caotek_mesavoirs/templates/{ => members}/redefinir_mdp.pt (100%)
 rename caotek_mesavoirs/templates/{ => members}/user_edit.pt (87%)
 rename caotek_mesavoirs/templates/{ => members}/users_list.pt (73%)
 delete mode 100644 caotek_mesavoirs/templates/security.py
 delete mode 100644 caotek_mesavoirs/views/agenda.py
 create mode 100644 caotek_mesavoirs/views/members.py

diff --git a/caotek_mesavoirs.egg-info/PKG-INFO b/caotek_mesavoirs.egg-info/PKG-INFO
index 41fc5b0..28eec5a 100644
--- a/caotek_mesavoirs.egg-info/PKG-INFO
+++ b/caotek_mesavoirs.egg-info/PKG-INFO
@@ -9,7 +9,7 @@ License: UNKNOWN
 Description: # README #
         
         
-        Application web permettant aux personnels de l'entreprise Dumas d'accéder aux dossiers des clients
+        Cette application permet le suivi des avoirs financiers : actions, ETF, obligations (assurances-vie), livrets, etc...
         
         
         
diff --git a/caotek_mesavoirs.egg-info/SOURCES.txt b/caotek_mesavoirs.egg-info/SOURCES.txt
index 3a2d0c4..df1d87b 100644
--- a/caotek_mesavoirs.egg-info/SOURCES.txt
+++ b/caotek_mesavoirs.egg-info/SOURCES.txt
@@ -17,10 +17,9 @@ caotek_mesavoirs.egg-info/not-zip-safe
 caotek_mesavoirs.egg-info/requires.txt
 caotek_mesavoirs.egg-info/top_level.txt
 caotek_mesavoirs/models/__init__.py
-caotek_mesavoirs/models/agenda.py
-caotek_mesavoirs/models/default.py
+caotek_mesavoirs/models/members.py
 caotek_mesavoirs/scripts/__init__.py
 caotek_mesavoirs/views/__init__.py
-caotek_mesavoirs/views/agenda.py
 caotek_mesavoirs/views/default.py
+caotek_mesavoirs/views/members.py
 caotek_mesavoirs/views/notfound.py
\ No newline at end of file
diff --git a/caotek_mesavoirs/__init__.py b/caotek_mesavoirs/__init__.py
index 3afa2af..f8ffa16 100644
--- a/caotek_mesavoirs/__init__.py
+++ b/caotek_mesavoirs/__init__.py
@@ -12,7 +12,7 @@ def main(global_config, **settings):
     """ This function returns a Pyramid WSGI application.
     """
     # declarations
-    session_factory = UnencryptedCookieSessionFactoryConfig('Ty6sIUe9')
+    session_factory = UnencryptedCookieSessionFactoryConfig('Ty6sIUf1')
     authn_policy = AuthTktAuthenticationPolicy('Ty6sIUe8', callback=groupfinder, hashalg='sha512')
     authz_policy = ACLAuthorizationPolicy()
     mailer_factory_from_settings(settings)
diff --git a/caotek_mesavoirs/models/agenda.py b/caotek_mesavoirs/models/agenda.py
deleted file mode 100644
index d6be209..0000000
--- a/caotek_mesavoirs/models/agenda.py
+++ /dev/null
@@ -1,121 +0,0 @@
-# -*- coding: utf8 -*-
-from sqlalchemy import text
-from sqlalchemy.ext.declarative import declarative_base
-from sqlalchemy.orm import (
-    scoped_session,
-    sessionmaker,
-)
-from zope.sqlalchemy import (
-    ZopeTransactionExtension, 
-    mark_changed
-)
-
-from datetime import *
-import dateutil.relativedelta
-import transaction
-
-def execute_query(request, query, params):
-    """Execute query and mark session as changed"""
-    request.dbsession.execute(query, params)
-    mark_changed(request.dbsession)
-    transaction.commit()
-
-def get_agendas(request):
-    """ lire la liste des personnes ayant un agenda"""
-    query = "CALL spGET_AGENDAS('T')"
-    results = request.dbsession.execute(query).fetchall()
-    return results
-
-def get_table(code):
-    if code == 'DD':
-        table = 'dem_devis'
-    elif code == 'OS':
-        table = 'ordres'
-    else:
-        table = 'rdvous'
-    return table
-
-def get_table_details(code):
-    if code == 'DD':
-        table = 'dem_lig'
-    elif code == 'OS':
-        table = 'ordres_lig'
-    else:
-        table = 'rdvous_lig'
-    return table
-
-
-def get_dossier_by_no(request,nodossier):
-    societe = nodossier[0:2]
-    table = get_table(nodossier[3:5])
-    no_id = nodossier[6:]
-    query = """
-SELECT d.*, c.*, a.NOM as nom_cabinet, e.NOM as nom_expert FROM %s d 
-INNER JOIN clients c ON d.societe = c.societe and d.cd_cli = c.cd_cli
-INNER JOIN p_cabinet a ON d.societe = a.societe and d.cabinet = a.code
-INNER JOIN p_experts e ON d.societe = e.societe and d.cabinet = e.code_cab and d.expert = e.code_exp
-where d.societe = '%s' and d.no_id=%s;""" % (table, societe, no_id);
-    results = request.dbsession.execute(query).first()
-    return results
-
-def get_dossier_rdv_by_no(request,nodossier, nolig):
-    societe = nodossier[0:2]
-    table = get_table_details(nodossier[3:5])
-    no_id = nodossier[6:]
-    if nolig == '0':
-        query = "SELECT * FROM %s where societe = '%s' and no_id=%s;" % (table, societe, no_id)
-        results = request.dbsession.execute(query).fetchall()
-    else:
-        query = "SELECT * FROM %s where societe = '%s' and no_id=%s and nolig=%s;" % (table, societe, no_id, nolig)
-        results = request.dbsession.execute(query).first()
-    return results
-
-def get_rendez_vous(request, itc):
-    d = datetime.now()
-    d = d - dateutil.relativedelta.relativedelta(months=3)
-    # début du mois M-2
-    datedeb = d.strftime('%Y-%m-01')
-    
-    # lire les rdv de l'ITC 
-    query = """
-    (SELECT CONCAT(l.societe,"-OS-",l.no_id) as nodossier, l.rdv_debut, l.rdv_fin, e.c_nom FROM ordres_lig l 
-    INNER JOIN ordres e ON l.societe=e.societe AND l.no_id=e.no_id  
-    WHERE l.datevi >= :datedeb AND l.liste=:itc ORDER BY l.datevi, l.heurevi)
-  UNION
-    (SELECT CONCAT(l.societe,"-DD-",l.no_id) as nodossier, l.rdv_debut, l.rdv_fin, e.c_nom FROM dem_lig l 
-    INNER JOIN dem_devis e ON l.societe=e.societe AND l.no_id=e.no_id
-    WHERE l.datevi >= :datedeb AND l.liste=:itc ORDER BY l.datevi, l.heurevi)
-  UNION
-    (SELECT CONCAT(l.societe,"-RD-",l.no_id) as nodossier, l.rdv_debut, l.rdv_fin, e.c_nom FROM rdvous_lig l 
-    INNER JOIN rdvous e ON l.societe=e.societe AND l.no_id=e.no_id
-    WHERE l.datevi >= :datedeb AND l.liste=:itc ORDER BY l.datevi, l.heurevi);
-"""
-    results = request.dbsession.execute(query, {'datedeb': datedeb, 'itc': itc}).fetchall()
-    return results
-
-def delete_rdv(request, nodossier, nolig):
-    societe = nodossier[0:2]
-    table = get_table_details(nodossier[3:5])
-    no_id = nodossier[6:]
-
-    query = "DELETE FROM %s where societe = '%s' and no_id=%s and nolig=%s;" % (table, societe, no_id, nolig)
-    execute_query(request, query, {})
-
-def update_rdv(request, nodossier, nolig, comment, commentvi, date_rdv):
-    societe = nodossier[0:2]
-    table = get_table_details(nodossier[3:5])
-    no_id = nodossier[6:]
-
-    # formater les champs
-    ddate = datetime.strptime(date_rdv, '%d-%m-%Y %H:%M')
-    datevi = ddate.strftime("%Y-%m-%d")
-    heurevi = date_rdv[-5:]
-    auj = date.today().strftime("%Y-%m-%d")
-    
-    if nolig == '0':
-        query = "INSERT INTO %s SET societe='%s',no_id=%s,date='%s',datevi='%s',heurevi='%s',comment='%s',commentvi='%s'" % (table, societe, no_id,auj,datevi, heurevi, comment, commentvi)
-    else:
-        query = "UPDATE %s SET datevi='%s', heurevi='%s', comment='%s', commentvi='%s' where societe = '%s' and no_id=%s and nolig=%s;" % (table, datevi, heurevi, comment, commentvi, societe, no_id, nolig)
-
-    execute_query(request, query, {})
-
diff --git a/caotek_mesavoirs/models/default.py b/caotek_mesavoirs/models/members.py
similarity index 65%
rename from caotek_mesavoirs/models/default.py
rename to caotek_mesavoirs/models/members.py
index 37cdafb..98cf23e 100644
--- a/caotek_mesavoirs/models/default.py
+++ b/caotek_mesavoirs/models/members.py
@@ -20,18 +20,18 @@ def execute_query(request, query, params):
     transaction.commit()
 
 def get_member_by_mdp_oublie(request, lien):
-    query = "SELECT * FROM p_users WHERE mdp_oublie=:lien;"
+    query = "SELECT * FROM members WHERE mdp_oublie=:lien;"
     results = request.dbsession.execute(query, {'lien':lien}).first()
     return results
 
-def get_member_by_id(request, mbr_id):
-    if mbr_id == '0':
-        query = "SELECT * FROM P_USERS ORDER BY cd_uti"
+def get_member_by_email(request, email):
+    if email == '0':
+        query = "SELECT * FROM members ORDER BY nom"
         results = request.dbsession.execute(query).fetchall()
     else:
         # lire le membres par son identifianr
-        query = """SELECT * FROM p_users WHERE CD_UTI=:mbr_id;"""
-        results = request.dbsession.execute(query, {'mbr_id': mbr_id}).first()
+        query = """SELECT * FROM members WHERE email=:email;"""
+        results = request.dbsession.execute(query, {'email': email}).first()
     return results
 
 def update_membre_mdp_oublie(request, login):
@@ -41,21 +41,21 @@ def update_membre_mdp_oublie(request, login):
     # get a UUID - URL safe, Base64
     r_uuid = base64.urlsafe_b64encode(uuid.uuid4().bytes)
     r_uuid = r_uuid.replace('=', '')
-    query = "UPDATE p_users SET mdp_oublie=:r_uuid, mdp_oublie_date=now() WHERE CD_UTI=:login;"
+    query = "UPDATE members SET mdp_oublie=:r_uuid, mdp_oublie_date=now() WHERE email=:login;"
     execute_query(request, query, {'r_uuid':r_uuid, 'login':login})
     return r_uuid
 
 def update_membre_mdp(request, login, password):
     """Update password for member login"""
-    query = "UPDATE p_users SET mdp = SHA1(:password), mdp_oublie=NULL, mdp_oublie_date=NULL WHERE cd_uti=:login;"
+    query = "UPDATE members SET mdp = SHA1(:password), mdp_oublie=NULL, mdp_oublie_date=NULL WHERE email=:login;"
     execute_query(request, query, {'login': login, 'password': password})
 
 def update_last_connection(request, login):
     """Update last connection for login """
-    query = "UPDATE p_users SET dern_cnx_le=NOW() WHERE cd_uti=:login;"
+    query = "UPDATE members SET dern_cnx_le=NOW() WHERE email=:login;"
     execute_query(request, query, {'login': login})
 
-def update_membre(request, cd_uti, new_values):
+def update_membre(request, email, new_values):
     # formater les champs
     s = ''
     for param in new_values.keys():
@@ -70,14 +70,14 @@ def update_membre(request, cd_uti, new_values):
         else:
             s = "%s=:%s" % (param, param)
 
-    if cd_uti == '0':
-        query = "INSERT INTO p_users SET %s" % s
+    if email == '':
+        query = "INSERT INTO members SET %s" % s
     else:
-        new_values['cd_uti'] = cd_uti
-        query = "UPDATE p_users SET %s WHERE cd_uti = :cd_uti;" % s
+        new_values['email'] = email
+        query = "UPDATE members SET %s WHERE email = :email;" % s
     execute_query(request, query, new_values)
 
-def delete_membre(request, cd_uti):
-    query = "DELETE FROM p_users WHERE cd_uti = :cd_uti ;"
-    execute_query(request, query, {'cd_uti': cd_uti})
+def delete_membre(request, email):
+    query = "DELETE FROM members WHERE email = :email ;"
+    execute_query(request, query, {'email': email})
 
diff --git a/caotek_mesavoirs/panels.py b/caotek_mesavoirs/panels.py
index 7dd0bab..09a48d0 100644
--- a/caotek_mesavoirs/panels.py
+++ b/caotek_mesavoirs/panels.py
@@ -3,7 +3,7 @@ from pyramid_layout.panel import panel_config
 from pyramid.security import authenticated_userid
 
 from .security import groupfinder
-from .models.default import get_member_by_id
+from .models.members import get_member_by_email
 
 @panel_config(name='dropdown_menu_panel', renderer='templates/panels/dropdown_menu_panel.pt')
 def dropdown_menu_panel(context, request):
@@ -11,22 +11,13 @@ def dropdown_menu_panel(context, request):
     if logged_in is None:
         return { 'logged_in': '' }
     else:
-        member = get_member_by_id(request, logged_in)
+        member = get_member_by_email(request, logged_in)
         fullname = member.nom
-        email = member.email
-        if member.access == 9:
-            logged_in_fonction = 'Administrateur'
-        elif member.access == 8:
-            logged_in_fonction = 'Comptabilité'
-        elif member.access == 5:
-            logged_in_fonction = 'Gestion'
-        else:
-            logged_in_fonction = 'Production'       
+        logged_in_fonction = member.acces
 
     return {
         'logged_in': logged_in,
         'logged_in_name': fullname,
-        'logged_in_email': email,
         'logged_in_fonction': logged_in_fonction,
         }
 
diff --git a/caotek_mesavoirs/routes.py b/caotek_mesavoirs/routes.py
index ac49f9c..0a0abc3 100644
--- a/caotek_mesavoirs/routes.py
+++ b/caotek_mesavoirs/routes.py
@@ -1,15 +1,11 @@
 def includeme(config):
     config.add_static_view('static', 'static', cache_max_age=3600)
     config.add_route('home', '/')
-    config.add_route('agenda', '/agenda')
+    # members
     config.add_route('changer_mdp', '/changer_mdp')
-    config.add_route('dossier_view', '/dossier_view/{nodossier}')
-    config.add_route('rdv_edit','/rdv_edit/{nodossier}/{nolig}')
     config.add_route('envoyer_mdp', '/envoyer_mdp')
-    config.add_route('user_edit', '/user_edit/{cd_uti}')
-    config.add_route('users_list', '/users_list')
     config.add_route('login', '/login')
     config.add_route('logout', '/logout')
-    config.add_route('planning', '/planning')
     config.add_route('redefinir_mdp', '/redefinir_mdp/{lien}')
-
+    config.add_route('user_edit', '/user_edit/{email}')
+    config.add_route('users_list', '/users_list')
diff --git a/caotek_mesavoirs/security.py b/caotek_mesavoirs/security.py
index c27e419..1bc9057 100644
--- a/caotek_mesavoirs/security.py
+++ b/caotek_mesavoirs/security.py
@@ -1,11 +1,11 @@
-from .models.default import get_member_by_id
+from .models.members import get_member_by_email
 
 def groupfinder(userid, request):
-    member = get_member_by_id(request, userid)
+    member = get_member_by_email(request, userid)
 
     if member:
         # Roles administrateur ?
-        if member.access == 9:
+        if member.acces == 'ADMIN':
             return ['group:administrators']
         else:
             return []  # it means that userid is logged in (it returns None if userid isn't logged in)
diff --git a/caotek_mesavoirs/templates/agenda/agenda.pt b/caotek_mesavoirs/templates/agenda/agenda.pt
deleted file mode 100644
index 96e7d76..0000000
--- a/caotek_mesavoirs/templates/agenda/agenda.pt
+++ /dev/null
@@ -1,47 +0,0 @@
-<metal:block use-macro="main_template">
-<div metal:fill-slot="content">
-	<div class="container">
-
-	<div class="form-group">
-		<div class="row">
-			<div class="col-md-2">
-				<a class="btn btn-primary" role="button" href="/">
-					<span class="glyphicon glyphicon-chevron-left"></span> Retour</a>
-			</div>
-			<div class="col-md-5">
-				<p>
-					<span class="label label-danger">RDV Peinture</span>&nbsp;<span class="label label-warning">RDV Menuiserie</span>&nbsp;
-					<span class="label label-success">RDV Plomberiee</span>&nbsp;<span class="label label-info">RDV Polynet</span>&nbsp;
-				</p>
-			</div>
-		</div>	
-	</div>
-	</div>
-	<br />
-	<div class="container">
-		<div id="calendar"></div>
-	</div>
-	<br />
-	<br />
-	
-<script>
-$(document).ready(function() {
-	$('#calendar').fullCalendar({
-		locale: 'fr',
-		header: {
-			left: 'agendaDay agendaWeek month listMonth',
-			center: 'prev title next',
-			right: 'today'
-		},
-		defaultView: 'agendaWeek',
-		minTime: "07:00:00",
-		maxTime: "21:00:00",
-		events:${fullcalendar_events},
-	});
-});
-</script>
-
-</div><!-- content -->
-</metal:block>
-
-
diff --git a/caotek_mesavoirs/templates/agenda/dossier_view.pt b/caotek_mesavoirs/templates/agenda/dossier_view.pt
deleted file mode 100644
index c6eb274..0000000
--- a/caotek_mesavoirs/templates/agenda/dossier_view.pt
+++ /dev/null
@@ -1,111 +0,0 @@
-<metal:block use-macro="main_template">
-<div metal:fill-slot="content">
-    <br />
-    <!-- ENTETE -->
-    <div class="row">
-        <!-- CHANTIER -->
-        <div class="col-md-6">
-            <table class="table table-condensed ">
-                <tr>
-                    <td><h4>CHANTIER</h4></td>
-                    <td>
-                        <h4>${dossier.C_QUALITE} ${dossier.C_NOM}</h4>
-                        ${dossier.C_ADR}<br />
-                        <span tal:condition="dossier.C_ADR2">${dossier.C_ADR2}<br /></span>
-                        ${dossier.C_CP} ${dossier.C_VILLE}<br />
-                    </td>
-                </tr>
-                <tr>
-                    <td>
-                        Etage - Code<br />
-                        Tél. domicile - prof.<br />
-                        Tél. mobile - fax
-                    </td>
-                    <td>
-                        ${dossier.C_ETAGE} - ${dossier.C_CODE}<br />
-                        ${dossier.C_TEL1} - ${dossier.C_TEL2}<br />
-                        ${dossier.C_TELP} - ${dossier.C_FAX}
-                    </td>
-                </tr>
-                <tr>
-                    <td>
-                        Cabinet<br />
-                        Expert<br />
-                        Référence expert
-                    </td>
-                    <td>
-                        ${dossier.nom_cabinet}<br />
-                        ${dossier.nom_expert}<br />
-                        ${dossier.REF_EXPERT}<br />
-                    </td>
-                </tr>
-                <tr>
-                    <td>
-                        Police<br />
-                        Sinistre<br />
-                        Votre référence<br />
-                    </td>
-                    <td>
-                         ${dossier.NOPOL}<br />
-                         ${dossier.NOSIN}<br />
-                         ${dossier.VREF}<br />
-                    </td>
-                </tr>
-            </table>
-        </div>
-
-        <!-- Mon compte -->
-        <div class="col-md-6 well">
-            <table class="table table-condensed ">
-                <tr>
-                    <td><h4>CLIENT</h4></td>
-                    <td>
-                        <h4>${dossier.QUALITE} ${dossier.NOM}</h4>
-                        ${dossier.ADRESSE}<br />
-                        <span tal:condition="dossier.ADRESSE2">${dossier.ADRESSE2}<br /></span>
-                        ${dossier.CP} ${dossier.VILLE}<br />
-                    </td>
-                </tr>
-                <tr>
-                    <td>
-                        Responsable<br />
-                        Tél. 1 - 2<br />
-                        Tél. mobile - fax
-                    </td>
-                    <td>
-                        ${dossier.NOMRESP}<br />
-                        ${dossier.TEL1} - ${dossier.TEL2}<br />
-                        ${dossier.TELP} - ${dossier.FAX}
-                    </td>
-                </tr>
-            </table>
-        </div>
-    </div>  <!-- row -->
-
-    <h3>SUIVI</h3>
-    <p><a class="btn btn-success" role="button" href="${request.route_url('rdv_edit', nodossier=nodossier, nolig='0')}">
-                    <span class="glyphicon glyphicon-plus"></span> Nouvelle ligne</a></p>
-                    
-    <table class="table table-bordered">
-        <tr>
-            <th>Date</th>
-            <th>Visite</th>
-            <th>Action</th>
-            <th class="text-center">Avec</th>
-        </tr>
-        <tr tal:repeat="detail details">
-            <td>${detail.DATE.strftime('%d/%m/%Y')}</td>
-            <td>
-                <span tal:condition="detail.rdv_debut==None"></span>
-                <span tal:condition="detail.rdv_debut<>None">
-                    <a href="${request.route_url('rdv_edit', nodossier=nodossier, nolig=detail.NOLIG)}">
-                        ${detail.rdv_debut.strftime('%d/%m/%Y %H:%M')}</a>
-                </span>
-            </td>
-            <td>${detail.COMMENT} ${detail.COMMENTVI}</td>
-            <td  class="text-center">${detail.LISTE}</td>
-        </tr>
-    </table>
- 
-</div>
-</metal:block>
diff --git a/caotek_mesavoirs/templates/agenda/planning.pt b/caotek_mesavoirs/templates/agenda/planning.pt
deleted file mode 100644
index 17d72aa..0000000
--- a/caotek_mesavoirs/templates/agenda/planning.pt
+++ /dev/null
@@ -1,59 +0,0 @@
-<metal:block use-macro="main_template">
-<div metal:fill-slot="content">
-	<div class="container">
-
-	<div class="form-group">
-		<div class="row">
-			<div class="col-md-2">
-				<a class="btn btn-primary" role="button" href="/">
-					<span class="glyphicon glyphicon-chevron-left"></span> Retour</a>
-			</div>
-			<form method="POST" id="frm">
-				<div class="col-md-3" tal:condition="access >= 5">
-					<select class="form-control" id="agenda" name="agenda" onChange="$('#frm').submit()">
-						<optgroup tal:repeat="item agendas">
-							<option value="${item.cd_uti}" tal:attributes="selected agenda==item.cd_uti and 'selected' or None">${item.nom}</option>
-						</optgroup>
-					</select>
-				</div>
-				<div class="col-md-3" tal:condition="access < 5">
-					<input type="hidden" name="agenda" value="${agenda}"/>
-				</div>
-			</form>
-			<div class="col-md-5">
-				<p>
-					<span class="label label-danger">RDV Peinture</span>&nbsp;<span class="label label-warning">RDV Menuiserie</span>&nbsp;
-					<span class="label label-success">RDV Plomberiee</span>&nbsp;<span class="label label-info">RDV Polynet</span>&nbsp;
-				</p>
-			</div>
-		</div>	
-	</div>
-	</div>
-	<br />
-	<div class="container">
-		<div id="calendar"></div>
-	</div>
-	<br />
-	<br />
-	
-<script>
-$(document).ready(function() {
-	$('#calendar').fullCalendar({
-		locale: 'fr',
-		header: {
-			left: 'agendaDay agendaWeek month listMonth',
-			center: 'prev title next',
-			right: 'today'
-		},
-		defaultView: 'agendaWeek',
-		minTime: "07:00:00",
-		maxTime: "21:00:00",
-		events:${fullcalendar_events},
-	});
-});
-</script>
-
-</div><!-- content -->
-</metal:block>
-
-
diff --git a/caotek_mesavoirs/templates/agenda/rdv_edit.pt b/caotek_mesavoirs/templates/agenda/rdv_edit.pt
deleted file mode 100644
index 1634c77..0000000
--- a/caotek_mesavoirs/templates/agenda/rdv_edit.pt
+++ /dev/null
@@ -1,91 +0,0 @@
-<metal:block use-macro="main_template">
-<div metal:fill-slot="content">
-
-    <div tal:condition="message" tal:content="message" class="alert alert-danger" />
-	<br />
-    <div class="row">
-		<form id="rdv_edit-form" class="form-horizontal" action="${url}" method="post"
-			data-fv-framework="bootstrap"
-			data-fv-icon-valid="glyphicon glyphicon-ok"
-			data-fv-icon-invalid="glyphicon glyphicon-remove"
-			data-fv-icon-validating="glyphicon glyphicon-refresh">
-
-            <div class="form-group">
-                <label class="col-xs-2 control-label" for="date_rdv">Date et heure</label>
-                <div class="col-xs-3 input-group date" id="date_rdv_picker">
-                    <input class="form-control" type="text" name="date_rdv" value="${date_rdv.strftime('%d-%m-%Y %H:%M')}" 
-                        data-fv-notempty="true"
-                        data-fv-notempty-message="La date et l'heure sont obligatoires"
-                        data-fv-date="true"
-                        data-fv-date-format="DD-MM-YYYY HH:mm"							
-                        data-fv-date-message="La date et l'heure ne sont pas valides" />
-					<span class="input-group-addon add-on">
-						<span class="glyphicon glyphicon-calendar"></span>
-					</span>
-                </div>
-            </div>
-            
-			<div class="form-group">
-				<label class="control-label col-xs-2" for="comment">Commentaire 1</label>
-				<div class="col-xs-5">
-					<input class="form-control" type="text" id="comment" name="comment" value="${comment}"
-						placeholder="30 caractères maximum" 
-						data-fv-notempty="true"
-						data-fv-notempty-message="Un commentaire est obligatoire"
-						data-fv-stringlength="true"
-						data-fv-stringlength-max="30"
-						data-fv-stringlength-message="30 caractères maximum" />
-				</div>
-			</div>
-			<div class="form-group">
-				<label class="control-label col-xs-2" for="commentvi">Commentaire 2</label>
-				<div class="col-xs-5">
-					<input class="form-control" type="text" id="commentvi" name="commentvi" value="${commentvi}"
-						placeholder="30 caractères maximum" 
-						data-fv-stringlength="true"
-						data-fv-stringlength-max="30"
-						data-fv-stringlength-message="30 caractères maximum" />
-				</div>
-			</div>
-
-			<div class="form-group"> 
-				<div class="col-xs-offset-2 col-xs-10">
-					<div class="form-group">					
-						<a class="btn btn-default" href="${request.route_url('dossier_view', nodossier=nodossier)}">
-							<span class="glyphicon glyphicon-arrow-left"></span> Annuler</a>
-						<button class="btn btn-primary" type="submit" name="form.submitted">
-							<span class="glyphicon glyphicon-ok"></span> Enregistrer</button>
-						<button class="btn btn-warning" type="submit" name="form.deleted"
-							tal:condition="python: nolig <> '0'">
-							<span class="glyphicon glyphicon-remove"></span> Supprimer</button>
-					</div>
-				</div>
-			</div>
-
-		 </form>
-	<br />
-	<br />
-	<br />
-    </div> <!-- row -->
-
-<script>
-$(document).ready(function() {
-	$('#rdv_edit-form').formValidation();
-	$('#date_rdv_picker').datetimepicker({
-		format: 'DD-MM-YYYY HH:mm',
-		showClear: true,
-		allowInputToggle: true,
-		stepping: 15,
-	})
-	.on('changeDate', function(e) {
-		// Revalidate the date field
-		$('#rdv_edit-form').formValidation('revalidateField', 'date_rdv');
-	});
-	$('form input').on('keypress', function(e) {
-		return e.which !== 13;
-	});
-});
-</script>
-
-</div>
-</metal:block>
diff --git a/caotek_mesavoirs/templates/layouts/pdf.pt b/caotek_mesavoirs/templates/layouts/pdf.pt
deleted file mode 100644
index 9b7ee39..0000000
--- a/caotek_mesavoirs/templates/layouts/pdf.pt
+++ /dev/null
@@ -1,22 +0,0 @@
-<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml"
-      xmlns:metal="http://xml.zope.org/namespaces/metal"
-      xmlns:tal="http://xml.zope.org/namespaces/tal"
-      lang="fr">
-  <head>
-    <title>${page_title}</title>
-  </head>
-  <body>
-
-    <img src="http://www.caes.cnrs.fr/logo.jpg" class="caes-logo" alt="CAES du CNRS" title="CAES du CNRS" />
-
-    <div metal:define-slot="content" />
-
-    <div id="footer">
-      <div class="well">
-        Siège : <a href="http://www.caes.cnrs.fr">CAES du CNRS</a> - 2, Allée Georges Méliès - 94306 Vincennes CEDEX - France
-      </div>
-    </div>
-
-  </body>
-</html>
diff --git a/caotek_mesavoirs/templates/changer_mdp.pt b/caotek_mesavoirs/templates/members/changer_mdp.pt
similarity index 100%
rename from caotek_mesavoirs/templates/changer_mdp.pt
rename to caotek_mesavoirs/templates/members/changer_mdp.pt
diff --git a/caotek_mesavoirs/templates/envoyer_mdp.pt b/caotek_mesavoirs/templates/members/envoyer_mdp.pt
similarity index 100%
rename from caotek_mesavoirs/templates/envoyer_mdp.pt
rename to caotek_mesavoirs/templates/members/envoyer_mdp.pt
diff --git a/caotek_mesavoirs/templates/login.pt b/caotek_mesavoirs/templates/members/login.pt
similarity index 91%
rename from caotek_mesavoirs/templates/login.pt
rename to caotek_mesavoirs/templates/members/login.pt
index 006e247..b6f8519 100644
--- a/caotek_mesavoirs/templates/login.pt
+++ b/caotek_mesavoirs/templates/members/login.pt
@@ -16,9 +16,9 @@
 
 			<div class="form-group">
 				<input class="form-control" type="text" name="login" value="${login}" 
-					placeholder="Identifiant" 
-					data-fv-notempty="true"
-					data-fv-notempty-message="L'identifiant est obligatoire"  />
+					placeholder="Email" 
+					data-fv-emailaddress="true"
+					data-fv-emailaddress-message="L'adresse email n'est pas valide" />
 			</div>
 
 			<div class="form-group">
diff --git a/caotek_mesavoirs/templates/redefinir_mdp.pt b/caotek_mesavoirs/templates/members/redefinir_mdp.pt
similarity index 100%
rename from caotek_mesavoirs/templates/redefinir_mdp.pt
rename to caotek_mesavoirs/templates/members/redefinir_mdp.pt
diff --git a/caotek_mesavoirs/templates/user_edit.pt b/caotek_mesavoirs/templates/members/user_edit.pt
similarity index 87%
rename from caotek_mesavoirs/templates/user_edit.pt
rename to caotek_mesavoirs/templates/members/user_edit.pt
index 2bebe89..e443da3 100644
--- a/caotek_mesavoirs/templates/user_edit.pt
+++ b/caotek_mesavoirs/templates/members/user_edit.pt
@@ -11,15 +11,12 @@
 			data-fv-icon-validating="glyphicon glyphicon-refresh">
 
 			<div class="form-group">
-				<label class="control-label col-xs-2" for="cd_uti">Identifiant</label>
-				<div class="col-xs-2">
-					<input class="form-control" type="text" id="cd_uti" name="cd_uti" value="${individu.cd_uti}"
-						placeholder="10 caractères maximum" 
-						data-fv-notempty="true"
-						data-fv-notempty-message="L'identifiant est obligatoire"
-						data-fv-stringlength="true"
-						data-fv-stringlength-max="3"
-						data-fv-stringlength-message="3 caractères maximum" />
+				<label class="col-xs-2 control-label">Email</label>
+				<div class="col-xs-5">
+					<input class="form-control" type="text" name="email" 
+						value="${individu.email}" placeholder="55 caractères maximum" 
+						data-fv-emailaddress="true"
+						data-fv-emailaddress-message="L'adresse email n'est pas valide" />
 				</div>
 			</div>
 			<div class="form-group">
@@ -86,7 +83,7 @@
 						<button class="btn btn-primary" type="submit" name="form.submitted">
 							<span class="glyphicon glyphicon-ok"></span> Enregistrer</button>
 						<button class="btn btn-warning" type="submit" name="form.deleted" 
-							tal:condition="individu.cd_uti > 0">
+							tal:condition="individu.email > 0">
 							<span class="glyphicon glyphicon-remove"></span> Supprimer</button>
 					</div>
 				</div>
diff --git a/caotek_mesavoirs/templates/users_list.pt b/caotek_mesavoirs/templates/members/users_list.pt
similarity index 73%
rename from caotek_mesavoirs/templates/users_list.pt
rename to caotek_mesavoirs/templates/members/users_list.pt
index a3efcd2..b44b643 100644
--- a/caotek_mesavoirs/templates/users_list.pt
+++ b/caotek_mesavoirs/templates/members/users_list.pt
@@ -11,13 +11,11 @@
     <table id="users_list" class="table table-striped table-bordered">
         <thead>
             <tr>
-                <th>Login</th>
                 <th>Nom, Prénom</th>
                 <th>Email</th>
-                <th>Agenda</th>
                 <th>Rôle</th>
                 <th>Dern cnx</th>
-                <th>Etat</th>
+                <th>Expire le</th>
             </tr>
         </thead>
     </table>
@@ -35,22 +33,12 @@
             pageLength: 50,
             bLengthChange: false,
             columnDefs: [
-                { "targets": 0,
+                { "targets": 1,
                     "render": function (data, type, full, meta) {
                     // ajouter un link vers le formulaire
                     return '<a href="/user_edit/' + data + '">' + data + '</a>';
                     },
                 },  
-                { "targets": 3,
-                    "render": function (data, type, full, meta) {
-                    if (data != 0) {
-                        return '<span class="glyphicon glyphicon-calendar"></span>';
-                        }
-                    else {
-                        return '';
-                        }
-                    },
-                }
             ]   
         });
     
diff --git a/caotek_mesavoirs/templates/panels/dropdown_menu_panel.pt b/caotek_mesavoirs/templates/panels/dropdown_menu_panel.pt
index 1556813..5bb66ff 100644
--- a/caotek_mesavoirs/templates/panels/dropdown_menu_panel.pt
+++ b/caotek_mesavoirs/templates/panels/dropdown_menu_panel.pt
@@ -3,8 +3,7 @@
 
 	<ul class="dropdown-menu">
 		<li class="dropdown-header">
-			${logged_in_email}<br />
-			Identifiant : ${logged_in}<br />
+			${logged_in}<br />
 			Fonction: ${logged_in_fonction}
 		</li>
 
diff --git a/caotek_mesavoirs/templates/security.py b/caotek_mesavoirs/templates/security.py
deleted file mode 100644
index c27e419..0000000
--- a/caotek_mesavoirs/templates/security.py
+++ /dev/null
@@ -1,11 +0,0 @@
-from .models.default import get_member_by_id
-
-def groupfinder(userid, request):
-    member = get_member_by_id(request, userid)
-
-    if member:
-        # Roles administrateur ?
-        if member.access == 9:
-            return ['group:administrators']
-        else:
-            return []  # it means that userid is logged in (it returns None if userid isn't logged in)
diff --git a/caotek_mesavoirs/views/agenda.py b/caotek_mesavoirs/views/agenda.py
deleted file mode 100644
index 8695613..0000000
--- a/caotek_mesavoirs/views/agenda.py
+++ /dev/null
@@ -1,200 +0,0 @@
-# -*- coding: utf8 -*-
-from pyramid.response import Response
-from pyramid.renderers import render, get_renderer
-from pyramid.view import (
-    view_config,
-    forbidden_view_config,
-)
-from pyramid.security import (
-    authenticated_userid,
-    remember,
-    forget,
-)
-from pyramid.httpexceptions import (
-    HTTPFound,
-    HTTPNotFound,
-    HTTPForbidden,
-)
-
-from pyramid_mailer.message import Message, Attachment
-from datetime import *
-import hashlib
-
-from sqlalchemy.exc import DBAPIError
-from ..security import groupfinder
-
-import json
-
-from ..models.agenda import *
-from ..models.default import *
-
-
-@view_config(route_name='rdv_edit', renderer='../templates/agenda/rdv_edit.pt', permission='view')
-def rdv_edit(request):
-    nodossier = request.matchdict['nodossier']
-    nolig = request.matchdict['nolig']
-    url = request.route_url("rdv_edit", nodossier=nodossier, nolig=nolig)
-
-    message = ''
-    if nolig == '0':
-        # nouveau
-        comment = ''
-        commentvi = ''
-        date_rdv = datetime.now()
-        page_title= 'Nouveau rendez-vous'
-    else:
-        # lire le rendez-vous
-        rdv = get_dossier_rdv_by_no(request, nodossier, nolig)
-        if not rdv:
-            request.session.flash(u"Rendez-vous non trouvé : %s" % nodossier, 'warning')
-            return HTTPFound(location=request.route_url('dossier_view', nodossier=nodossier))
-
-        comment = rdv.COMMENT
-        commentvi = rdv.COMMENTVI
-        date_rdv = rdv.rdv_debut
-        page_title= u"Modification du rdv du %s" % (rdv.rdv_debut.strftime('%d-%m-%Y %H:%M'))
-
-    if 'form.submitted' in request.params:
-        comment = request.params['comment']
-        commentvi = request.params['commentvi']
-        date_rdv = request.params['date_rdv']
-
-        update_rdv(request, nodossier, nolig, comment, commentvi, date_rdv)
-        request.session.flash(u"Le rendez-vous a été mis à jour avec succès.", 'success')
-        return HTTPFound(location=request.route_url('dossier_view', nodossier=nodossier))
-
-    if 'form.deleted' in request.params:
-        delete_rdv(request, nodossier, nolig)
-        request.session.flash(u"Le rendez-vous a été supprimé avec succès.", 'success')
-        return HTTPFound(location=request.route_url('dossier_view', nodossier=nodossier))
-
-    return {
-        'page_title': page_title,
-        'url': url,
-        'nodossier': nodossier,
-        'nolig': nolig,
-        'comment': comment,
-        'commentvi': commentvi,
-        'date_rdv': date_rdv,
-        'message': message,
-    }
-
-@view_config(route_name='dossier_view', renderer='../templates/agenda/dossier_view.pt', permission='view')
-def dossier_view(request):
-    nodossier = request.matchdict['nodossier']
-    url = request.route_url("dossier_view", nodossier=nodossier)
-
-    dossier = get_dossier_by_no(request, nodossier)
-    if dossier is None:
-        request.session.flash(u"Le dossier no %s est introuvable" % (nodossier), 'danger')
-        return HTTPFound(location=request.route_url("agenda"))
-    # lire tous le suivi du dossier
-    details = get_dossier_rdv_by_no(request, nodossier, '0')
-
-    return {
-        'page_title': u"Dossier : %s" % (nodossier),
-        'nodossier': nodossier,
-        'dossier': dossier,
-        'details': details,
-    }
-
-@view_config(route_name='agenda', renderer='../templates/agenda/agenda.pt', permission='view')
-def agenda(request):
-    logged_in = authenticated_userid(request)
-    member = get_member_by_id(request, logged_in)
-    if not member:
-        request.session.flash(u"Identifiant %s introuvable" % (logged_in), 'danger')
-        return HTTPFound(location=request.route_url("/home"))
-    
-    rows = get_rendez_vous(request, logged_in)
-    page_title = u"Agenda de %s" % member.NOM
-        
-    # construire la liste des events
-    events = []
-    for row in rows:
-        event_url = 'dossier_view/%s' % (row.nodossier)
-        event_title = row.c_nom
-
-        # déterminer la couleur de l'event selon la societe
-        societe = row.nodossier[0:2]
-        if societe == "PE":
-            color = "#d9534f"   # rouge danger
-        elif societe == "PL":
-            color = "#5cb85c" # vert success
-        elif societe == "PL":
-            color = "#5bc0de" # bleu info
-        else:
-            color = "#f0ad4e" # orange warning
-                
-        json_event = {
-            'title': event_title,
-            'start': row.rdv_debut.strftime('%Y-%m-%d %H:%M:%S'),
-            'end': row.rdv_fin.strftime('%Y-%m-%d %H:%M:%S'),
-            'allDay': False,
-            'color': color,
-            'url': event_url,
-            }
-        events.append(json_event)
-    
-    
-    return {
-        'page_title': page_title,
-        'fullcalendar_events': json.dumps(events),
-    }
-
-@view_config(route_name='planning', renderer='../templates/agenda/planning.pt', permission='view')
-def planning(request):
-    logged_in = authenticated_userid(request)
-    member = get_member_by_id(request, logged_in)
-    if not member:
-        request.session.flash(u"Identifiant %s introuvable" % (logged_in), 'danger')
-        return HTTPFound(location=request.route_url("/home"))
-    
-    # determiner le rôle du user 
-    access = member.access
-    agendas = get_agendas(request)
-        
-    agenda = 'JMD'
-    # prendre en compte les paramètres de saisie
-    if 'agenda' in request.params:
-        agenda = request.params["agenda"]
-    
-    personne = get_member_by_id(request,agenda)
-    rows = get_rendez_vous(request, agenda)
-        
-    # construire la liste des events
-    events = []
-    for row in rows:
-        event_url = 'dossier_view/%s' % (row.nodossier)
-        event_title = row.c_nom
-
-        # déterminer la couleur de l'event selon la societe
-        societe = row.nodossier[0:2]
-        if societe == "PE":
-            color = "#d9534f"   # rouge danger
-        elif societe == "PL":
-            color = "#5cb85c" # vert success
-        elif societe == "PL":
-            color = "#5bc0de" # bleu info
-        else:
-            color = "#f0ad4e" # orange warning
-                
-        json_event = {
-            'title': event_title,
-            'start': row.rdv_debut.strftime('%Y-%m-%d %H:%M:%S'),
-            'end': row.rdv_fin.strftime('%Y-%m-%d %H:%M:%S'),
-            'allDay': False,
-            'color': color,
-            'url': event_url,
-            }
-        events.append(json_event)
-    
-    
-    return {
-        'page_title': 'Planning',
-        'fullcalendar_events': json.dumps(events),
-        'agendas': agendas,
-        'agenda': agenda,
-        'access': access,
-    }
-
diff --git a/caotek_mesavoirs/views/default.py b/caotek_mesavoirs/views/default.py
index b2a53e0..4569e4a 100644
--- a/caotek_mesavoirs/views/default.py
+++ b/caotek_mesavoirs/views/default.py
@@ -25,8 +25,6 @@ from ..security import groupfinder
 
 import json
 
-from ..models.default import *
-
 def to_decimal(x):
     import decimal
     return decimal.Decimal(str(x))
@@ -57,175 +55,6 @@ def home(request):
         'project': 'mondumas',
     }
 
-@view_config(route_name='envoyer_mdp', renderer='../templates/envoyer_mdp.pt')
-def envoyer_mdp(request):
-    url = request.route_url('envoyer_mdp')
-    message = u''
-
-    if 'form.submitted' in request.params:
-        login = request.params['login']
-        member = get_member_by_id(request, login)
-        if member:
-            # Fabrication du corps du email_passwordMessage
-            lien = update_membre_mdp_oublie(request, login)
-            body = u"""
-
-Le lien suivant vous dirigera vers une page où vous pourrez ré-initialiser votre mot de passe d'accès à « gestion.entreprise-dumas.com » :
-
-
-%s
-
-(Ce lien est valide pendant 168 heures.)
-
-
-""" % (request.route_url('redefinir_mdp', lien=lien))
-            envoyerMail(request, member.email, u"Demande de ré-initialisation du mot de passe", body)
-            request.session.flash(u"Votre demande de ré-initialisation de mot de passe vous a été envoyée à %s." % member.email)
-            return HTTPFound(location=request.route_url('login'))
-        else:
-            message = u"Le mot de passe fourni est incorrect."
-    return {
-        'page_title': u"Changer mon mot de passe",
-        'url': url,
-        'message': message,
-    }
-
-@view_config(route_name='changer_mdp', renderer='../templates/changer_mdp.pt', permission='view')
-def changer_mdp(request):
-    url = request.route_url('changer_mdp')
-    logged_in = authenticated_userid(request)
-    message = ''
-
-    member = get_member_by_id(request, logged_in)
-    if member:
-        if 'form.submitted' in request.params:
-            old_password = request.params['old_password']
-            new_password = request.params['new_password1']
-            if member.mdp == hashlib.sha1(old_password).hexdigest():
-                update_membre_mdp(request, logged_in, new_password)
-                request.session.flash(u"Votre mot de passe a été mis à jour avec succès.")
-                return HTTPFound(location=request.route_url('home'))
-            else:
-                message = u"Le mot de passe actuel n'est pas correct."
-
-    return {
-            'page_title': u"Changer mon mot de passe",
-                'url': url,
-                'member': member,
-                'message': message,
-                }
-
-@view_config(route_name='redefinir_mdp', renderer='../templates/redefinir_mdp.pt')
-def redefinir_mdp(request):
-    lien = request.matchdict["lien"]
-    url = request.route_url('redefinir_mdp', lien=lien)
-
-    # tester si le champ "motdepasse_oublie" est encore valide
-    membre = get_member_by_mdp_oublie(request, lien)
-    if membre:
-        if 'form.submitted' in request.params:
-            login = request.params["login"]
-            mdp = request.params["new_password1"]
-            if login == membre.cd_uti:
-                update_membre_mdp(request, login, mdp)
-                request.session.flash(u"Votre mot de passe a été modifié avec succès.", 'success')
-                return HTTPFound(location=request.route_url('login'))
-            else:
-                request.session.flash(u"Identifiant incorrect.", 'danger')
-                return HTTPFound(location=request.route_url('login'))
-    else:
-        request.session.flash(u"Le lien n'est plus valable.", 'warning')
-        return HTTPFound(location=request.route_url('login'))
-    return {
-        'page_title': u"Définissez votre mot de passe",
-        'url': url,
-    }
-
-
-@view_config(route_name='login', renderer='../templates/login.pt', permission='view')
-@forbidden_view_config(renderer='../templates/login.pt')
-def login(request):
-
-    current_route_path = request.current_route_path()
-    login = ''
-    login_url = request.route_url('login')
-
-    referrer = request.url
-    if referrer == login_url:
-        referrer = '/' # never use the login form itself as came_from
-
-    came_from = request.params.get('came_from', referrer)
-    password = u''
-    message = u''
-    if 'form.submitted' in request.params:
-        login = request.params['login']
-        password = request.params['password']
-        record = get_member_by_id(request, login)
-        if record :
-            # mot de passe hash valide ?
-            if record.mdp == hashlib.sha1(password).hexdigest():
-                update_last_connection(request, login)
-                # force le commit car il ne se fait pas automatiquement après l'update
-                transaction.commit()
-
-                headers = remember(request, login)
-                return HTTPFound(location=came_from, headers=headers)
-
-        message = u"Email et mot de passe invalides. La connexion a échoué."
-
-    return {
-        'page_title': u"",
-        'url': login_url,
-        'came_from': came_from,
-        'login': login,
-        'message': message,
-    }
-
-@view_config(route_name='users_list', renderer='../templates/users_list.pt', permission='manage')
-def users_list(request):
-    # lire les utilisateurs 
-    items = get_member_by_id(request, '0')
-
-    # construire la liste 
-    liste=[]
-    for item in items:
-        if item.dern_cnx_le:
-            der_cnx_le = item.dern_cnx_le.strftime('%d/%m/%Y - %H:%M')
-        else:
-            der_cnx_le = ""
-            
-        if item.actif == 0:
-            etat = 'Inactif'
-        else:
-            etat = ''
-            
-        if item.access == 0:
-            role = ''
-        elif item.access == 8:
-            role = 'Compta'
-        elif item.access == 9:
-            role = 'Admin'
-        else:
-            role = 'Gestion'
-            
-        d = (item.cd_uti, item.nom, item.email, item.agenda, role, der_cnx_le, etat)
-        liste.append(d)
-
-    return {
-        'page_title': u'Liste des utilisateurs',
-        'dt_data': json.dumps(liste),
-    }
-
-
-@view_config(route_name='logout')
-def logout(request):
-    request.session.invalidate()
-    headers = forget(request)
-    request.session.flash(u"Vous avez bien été déconnecté.")
-    return HTTPFound(location=request.route_url('login', login=''),
-                     headers=headers)
-
-
 
 def envoyerMail(request, destinataire, objet, corps):
     body = u"""
@@ -245,62 +74,3 @@ gestion.entreprise-dumas.com
 
     mailer.send_immediately(message)
 
-@view_config(route_name='user_edit', renderer='../templates/user_edit.pt', permission='manage')
-def user_edit(request):
-    cd_uti = request.matchdict['cd_uti']
-    url = request.route_url('user_edit', cd_uti=cd_uti)
-    message = ''
-    access = ["0 | Production", "5 | Gestion", u"8 | Comptabilité", "9 | Administration"]
-    
-    if cd_uti == '0':
-        # nouveau
-        individu = {}
-        individu['cd_uti'] = 0
-        individu['nom'] = ''
-        individu['email'] = ''
-        individu['access'] = '0 | Production'
-        individu['actif'] = 1
-        individu['agenda'] = 0
-        page_title= 'Nouvelle Fiche'
-    else:
-        # lire la fiche de l'individu 
-        individu = get_member_by_id(request, cd_uti)
-        if not individu:
-            request.session.flash(u"Utilisateur non trouvé : %s" % cd_uti, 'warning')
-            return HTTPFound(location=request.route_url('users_list'))
-        page_title= u"Fiche de %s" %(individu.nom)
-
-    if 'form.submitted' in request.params:
-        new_values = {}
-        for param, db_value in individu.items():
-            if param in request.params and request.params[param] != db_value:
-                new_values[param] = request.params[param]
-                
-        # actif coché ?
-        if 'actif' in request.params: 
-            new_values['actif'] = 1
-        else:
-            new_values['actif'] = 0
-        # agenda coché ?
-        if 'agenda' in request.params: 
-            new_values['agenda'] = 1
-        else:
-            new_values['agenda'] = 0
-
-        if new_values:            
-            update_membre(request, cd_uti, new_values)
-            request.session.flash(u"La fiche a été mise à jour avec succès.", 'success')
-            return HTTPFound(location=request.route_url('users_list'))
-
-    if 'form.deleted' in request.params:
-        delete_membre(request, cd_uti)
-        request.session.flash(u"La fiche a été supprimée avec succès.", 'success')
-        return HTTPFound(location=request.route_url('users_list'))
-    
-    return {
-        'page_title': page_title,
-        'url': url,
-        'individu': individu,
-        'access': access,
-        'message': message,
-    }
diff --git a/caotek_mesavoirs/views/members.py b/caotek_mesavoirs/views/members.py
new file mode 100644
index 0000000..ceeab7f
--- /dev/null
+++ b/caotek_mesavoirs/views/members.py
@@ -0,0 +1,251 @@
+# -*- coding: utf8 -*-
+from pyramid.response import Response
+from pyramid.renderers import render, get_renderer
+from pyramid.view import (
+    view_config,
+    forbidden_view_config,
+)
+from pyramid.security import (
+    authenticated_userid,
+    remember,
+    forget,
+)
+from pyramid.httpexceptions import (
+    HTTPFound,
+    HTTPNotFound,
+    HTTPForbidden,
+)
+from pyramid_mailer import get_mailer
+from pyramid_mailer.message import Message, Attachment
+from datetime import *
+import hashlib
+
+from sqlalchemy.exc import DBAPIError
+from ..security import groupfinder
+
+import json
+
+from ..models.members import *
+
+@view_config(route_name='envoyer_mdp', renderer='../templates/members/envoyer_mdp.pt')
+def envoyer_mdp(request):
+    url = request.route_url('envoyer_mdp')
+    message = u''
+
+    if 'form.submitted' in request.params:
+        login = request.params['login']
+        member = get_member_by_email(request, login)
+        if member:
+            # Fabrication du corps du email_passwordMessage
+            lien = update_membre_mdp_oublie(request, login)
+            body = u"""
+
+Le lien suivant vous dirigera vers une page où vous pourrez ré-initialiser votre mot de passe d'accès à « gestion.entreprise-dumas.com » :
+
+
+%s
+
+(Ce lien est valide pendant 168 heures.)
+
+
+""" % (request.route_url('redefinir_mdp', lien=lien))
+            envoyerMail(request, member.email, u"Demande de ré-initialisation du mot de passe", body)
+            request.session.flash(u"Votre demande de ré-initialisation de mot de passe vous a été envoyée à %s." % member.email)
+            return HTTPFound(location=request.route_url('login'))
+        else:
+            message = u"Le mot de passe fourni est incorrect."
+    return {
+        'page_title': u"Changer mon mot de passe",
+        'url': url,
+        'message': message,
+    }
+
+@view_config(route_name='changer_mdp', renderer='../templates/members/changer_mdp.pt', permission='view')
+def changer_mdp(request):
+    url = request.route_url('changer_mdp')
+    logged_in = authenticated_userid(request)
+    message = ''
+
+    member = get_member_by_email(request, logged_in)
+    if member:
+        if 'form.submitted' in request.params:
+            old_password = request.params['old_password']
+            new_password = request.params['new_password1']
+            if member.mdp == hashlib.sha1(old_password).hexdigest():
+                update_membre_mdp(request, logged_in, new_password)
+                request.session.flash(u"Votre mot de passe a été mis à jour avec succès.")
+                return HTTPFound(location=request.route_url('home'))
+            else:
+                message = u"Le mot de passe actuel n'est pas correct."
+
+    return {
+            'page_title': u"Changer mon mot de passe",
+                'url': url,
+                'member': member,
+                'message': message,
+                }
+
+@view_config(route_name='redefinir_mdp', renderer='../templates/members/redefinir_mdp.pt')
+def redefinir_mdp(request):
+    lien = request.matchdict["lien"]
+    url = request.route_url('redefinir_mdp', lien=lien)
+
+    # tester si le champ "motdepasse_oublie" est encore valide
+    membre = get_member_by_mdp_oublie(request, lien)
+    if membre:
+        if 'form.submitted' in request.params:
+            login = request.params["login"]
+            mdp = request.params["new_password1"]
+            if login == membre.email:
+                update_membre_mdp(request, login, mdp)
+                request.session.flash(u"Votre mot de passe a été modifié avec succès.", 'success')
+                return HTTPFound(location=request.route_url('login'))
+            else:
+                request.session.flash(u"Identifiant incorrect.", 'danger')
+                return HTTPFound(location=request.route_url('login'))
+    else:
+        request.session.flash(u"Le lien n'est plus valable.", 'warning')
+        return HTTPFound(location=request.route_url('login'))
+    return {
+        'page_title': u"Définissez votre mot de passe",
+        'url': url,
+    }
+
+
+@view_config(route_name='login', renderer='../templates/members/login.pt', permission='view')
+@forbidden_view_config(renderer='../templates/members/login.pt')
+def login(request):
+
+    current_route_path = request.current_route_path()
+    login = ''
+    login_url = request.route_url('login')
+
+    referrer = request.url
+    if referrer == login_url:
+        referrer = '/' # never use the login form itself as came_from
+
+    came_from = request.params.get('came_from', referrer)
+    password = u''
+    message = u''
+    if 'form.submitted' in request.params:
+        login = request.params['login']
+        password = request.params['password']
+        record = get_member_by_email(request, login)
+        if record :
+            # mot de passe hash valide ?
+            if record.mdp == hashlib.sha1(password).hexdigest():
+                update_last_connection(request, login)
+                # force le commit car il ne se fait pas automatiquement après l'update
+                transaction.commit()
+
+                headers = remember(request, login)
+                return HTTPFound(location=came_from, headers=headers)
+
+        message = u"Email et mot de passe invalides. La connexion a échoué."
+
+    return {
+        'page_title': u"",
+        'url': login_url,
+        'came_from': came_from,
+        'login': login,
+        'message': message,
+    }
+
+@view_config(route_name='users_list', renderer='../templates/members/users_list.pt', permission='manage')
+def users_list(request):
+    # lire les utilisateurs 
+    items = get_member_by_email(request, '0')
+
+    # construire la liste 
+    liste=[]
+    for item in items:
+        if item.dern_cnx_le:
+            der_cnx_le = item.dern_cnx_le.strftime('%d/%m/%Y - %H:%M')
+        else:
+            der_cnx_le = ""
+            
+        if item.expire_le :
+            expire_le = item.dern_cnx_le.strftime('%d/%m/%Y')
+        else:
+            expire_le = ''
+            
+            
+        d = (item.nom, item.email, item.acces, der_cnx_le, expire_le)
+        liste.append(d)
+
+    return {
+        'page_title': u'Liste des utilisateurs',
+        'dt_data': json.dumps(liste),
+    }
+
+
+@view_config(route_name='logout')
+def logout(request):
+    request.session.invalidate()
+    headers = forget(request)
+    request.session.flash(u"Vous avez bien été déconnecté.")
+    return HTTPFound(location=request.route_url('login', login=''),
+                     headers=headers)
+
+
+
+
+@view_config(route_name='user_edit', renderer='../templates/members/user_edit.pt', permission='manage')
+def user_edit(request):
+    email = request.matchdict['email']
+    url = request.route_url('user_edit', email=email)
+    message = ''
+    access = ["0 | Production", "5 | Gestion", u"8 | Comptabilité", "9 | Administration"]
+    
+    if email == '0':
+        # nouveau
+        individu = {}
+        individu['email'] = ''
+        individu['nom'] = ''
+        individu['email'] = ''
+        individu['access'] = '0 | Production'
+        individu['actif'] = 1
+        individu['agenda'] = 0
+        page_title= 'Nouvelle Fiche'
+    else:
+        # lire la fiche de l'individu 
+        individu = get_member_by_email(request, email)
+        if not individu:
+            request.session.flash(u"Utilisateur non trouvé : %s" % email, 'warning')
+            return HTTPFound(location=request.route_url('users_list'))
+        page_title= u"Fiche de %s" %(individu.nom)
+
+    if 'form.submitted' in request.params:
+        new_values = {}
+        for param, db_value in individu.items():
+            if param in request.params and request.params[param] != db_value:
+                new_values[param] = request.params[param]
+                
+        # actif coché ?
+        if 'actif' in request.params: 
+            new_values['actif'] = 1
+        else:
+            new_values['actif'] = 0
+        # agenda coché ?
+        if 'agenda' in request.params: 
+            new_values['agenda'] = 1
+        else:
+            new_values['agenda'] = 0
+
+        if new_values:            
+            update_membre(request, email, new_values)
+            request.session.flash(u"La fiche a été mise à jour avec succès.", 'success')
+            return HTTPFound(location=request.route_url('users_list'))
+
+    if 'form.deleted' in request.params:
+        delete_membre(request, email)
+        request.session.flash(u"La fiche a été supprimée avec succès.", 'success')
+        return HTTPFound(location=request.route_url('users_list'))
+    
+    return {
+        'page_title': page_title,
+        'url': url,
+        'individu': individu,
+        'access': access,
+        'message': message,
+    }
diff --git a/development.ini b/development.ini
index 32eaa85..9194a8d 100644
--- a/development.ini
+++ b/development.ini
@@ -18,8 +18,7 @@ pyramid.includes =
     pyramid_mailer
     pyramid_tm
     
-sqlalchemy.url = mysql://root:phuoc@localhost/bddevfac?charset=utf8
-# sqlalchemy.url = mysql://root:cni/@srvbd/bddevfac?charset=utf8
+sqlalchemy.url = mysql://root:phuoc@localhost/bd_mesavoirs?charset=utf8
 
 caotek_mesavoirs.admin_email = ctphuoc@bbox.fr
 
diff --git a/production.ini b/production.ini
index 60a0b77..658c975 100644
--- a/production.ini
+++ b/production.ini
@@ -18,7 +18,7 @@ pyramid.includes =
     pyramid_tm
 	pyramid_exclog
 
-sqlalchemy.url = mysql://root:cni/@srvbd/bddevfac?charset=utf8
+sqlalchemy.url = mysql://root:phuoc/@srvbd/bd_mesavoirs?charset=utf8
 
 caotek_mesavoirs.admin_email = phuoc@caotek.fr