phuoc/caotek_monaa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tested login.pt

Browse Source
This commit is contained in:
Phuoc
2017-07-22 13:11:01 +02:00
parent 2093b3588f
commit 8b50412a58
26 changed files with 296 additions and 968 deletions
Download Patch File Download Diff File Expand all files Collapse all files

200
caotek_mesavoirs/views/agenda.py
View File

@@ -1,200 +0,0 @@
# -*- coding: utf8 -*-
from pyramid.response import Response
from pyramid.renderers import render, get_renderer
from pyramid.view import (
view_config,
forbidden_view_config,
)
from pyramid.security import (
authenticated_userid,
remember,
forget,
)
from pyramid.httpexceptions import (
HTTPFound,
HTTPNotFound,
HTTPForbidden,
)
from pyramid_mailer.message import Message, Attachment
from datetime import *
import hashlib
from sqlalchemy.exc import DBAPIError
from ..security import groupfinder
import json
from ..models.agenda import *
from ..models.default import *
@view_config(route_name='rdv_edit', renderer='../templates/agenda/rdv_edit.pt', permission='view')
def rdv_edit(request):
nodossier = request.matchdict['nodossier']
nolig = request.matchdict['nolig']
url = request.route_url("rdv_edit", nodossier=nodossier, nolig=nolig)
message = ''
if nolig == '0':
# nouveau
comment = ''
commentvi = ''
date_rdv = datetime.now()
page_title= 'Nouveau rendez-vous'
else:
# lire le rendez-vous
rdv = get_dossier_rdv_by_no(request, nodossier, nolig)
if not rdv:
request.session.flash(u"Rendez-vous non trouvé : %s" % nodossier, 'warning')
return HTTPFound(location=request.route_url('dossier_view', nodossier=nodossier))
comment = rdv.COMMENT
commentvi = rdv.COMMENTVI
date_rdv = rdv.rdv_debut
page_title= u"Modification du rdv du %s" % (rdv.rdv_debut.strftime('%d-%m-%Y %H:%M'))
if 'form.submitted' in request.params:
comment = request.params['comment']
commentvi = request.params['commentvi']
date_rdv = request.params['date_rdv']
update_rdv(request, nodossier, nolig, comment, commentvi, date_rdv)
request.session.flash(u"Le rendez-vous a été mis à jour avec succès.", 'success')
return HTTPFound(location=request.route_url('dossier_view', nodossier=nodossier))
if 'form.deleted' in request.params:
delete_rdv(request, nodossier, nolig)
request.session.flash(u"Le rendez-vous a été supprimé avec succès.", 'success')
return HTTPFound(location=request.route_url('dossier_view', nodossier=nodossier))
return {
'page_title': page_title,
'url': url,
'nodossier': nodossier,
'nolig': nolig,
'comment': comment,
'commentvi': commentvi,
'date_rdv': date_rdv,
'message': message,
}
@view_config(route_name='dossier_view', renderer='../templates/agenda/dossier_view.pt', permission='view')
def dossier_view(request):
nodossier = request.matchdict['nodossier']
url = request.route_url("dossier_view", nodossier=nodossier)
dossier = get_dossier_by_no(request, nodossier)
if dossier is None:
request.session.flash(u"Le dossier no %s est introuvable" % (nodossier), 'danger')
return HTTPFound(location=request.route_url("agenda"))
# lire tous le suivi du dossier
details = get_dossier_rdv_by_no(request, nodossier, '0')
return {
'page_title': u"Dossier : %s" % (nodossier),
'nodossier': nodossier,
'dossier': dossier,
'details': details,
}
@view_config(route_name='agenda', renderer='../templates/agenda/agenda.pt', permission='view')
def agenda(request):
logged_in = authenticated_userid(request)
member = get_member_by_id(request, logged_in)
if not member:
request.session.flash(u"Identifiant %s introuvable" % (logged_in), 'danger')
return HTTPFound(location=request.route_url("/home"))
rows = get_rendez_vous(request, logged_in)
page_title = u"Agenda de %s" % member.NOM
# construire la liste des events
events = []
for row in rows:
event_url = 'dossier_view/%s' % (row.nodossier)
event_title = row.c_nom
# déterminer la couleur de l'event selon la societe
societe = row.nodossier[0:2]
if societe == "PE":
color = "#d9534f" # rouge danger
elif societe == "PL":
color = "#5cb85c" # vert success
elif societe == "PL":
color = "#5bc0de" # bleu info
else:
color = "#f0ad4e" # orange warning
json_event = {
'title': event_title,
'start': row.rdv_debut.strftime('%Y-%m-%d %H:%M:%S'),
'end': row.rdv_fin.strftime('%Y-%m-%d %H:%M:%S'),
'allDay': False,
'color': color,
'url': event_url,
}
events.append(json_event)
return {
'page_title': page_title,
'fullcalendar_events': json.dumps(events),
}
@view_config(route_name='planning', renderer='../templates/agenda/planning.pt', permission='view')
def planning(request):
logged_in = authenticated_userid(request)
member = get_member_by_id(request, logged_in)
if not member:
request.session.flash(u"Identifiant %s introuvable" % (logged_in), 'danger')
return HTTPFound(location=request.route_url("/home"))
# determiner le rôle du user
access = member.access
agendas = get_agendas(request)
agenda = 'JMD'
# prendre en compte les paramètres de saisie
if 'agenda' in request.params:
agenda = request.params["agenda"]
personne = get_member_by_id(request,agenda)
rows = get_rendez_vous(request, agenda)
# construire la liste des events
events = []
for row in rows:
event_url = 'dossier_view/%s' % (row.nodossier)
event_title = row.c_nom
# déterminer la couleur de l'event selon la societe
societe = row.nodossier[0:2]
if societe == "PE":
color = "#d9534f" # rouge danger
elif societe == "PL":
color = "#5cb85c" # vert success
elif societe == "PL":
color = "#5bc0de" # bleu info
else:
color = "#f0ad4e" # orange warning
json_event = {
'title': event_title,
'start': row.rdv_debut.strftime('%Y-%m-%d %H:%M:%S'),
'end': row.rdv_fin.strftime('%Y-%m-%d %H:%M:%S'),
'allDay': False,
'color': color,
'url': event_url,
}
events.append(json_event)
return {
'page_title': 'Planning',
'fullcalendar_events': json.dumps(events),
'agendas': agendas,
'agenda': agenda,
'access': access,
}

230
caotek_mesavoirs/views/default.py
View File

@@ -25,8 +25,6 @@ from ..security import groupfinder
import json
from ..models.default import *
def to_decimal(x):
import decimal
return decimal.Decimal(str(x))
@@ -57,175 +55,6 @@ def home(request):
'project': 'mondumas',
}
@view_config(route_name='envoyer_mdp', renderer='../templates/envoyer_mdp.pt')
def envoyer_mdp(request):
url = request.route_url('envoyer_mdp')
message = u''
if 'form.submitted' in request.params:
login = request.params['login']
member = get_member_by_id(request, login)
if member:
# Fabrication du corps du email_passwordMessage
lien = update_membre_mdp_oublie(request, login)
body = u"""
Le lien suivant vous dirigera vers une page où vous pourrez ré-initialiser votre mot de passe d'accès à « gestion.entreprise-dumas.com » :
%s
(Ce lien est valide pendant 168 heures.)
""" % (request.route_url('redefinir_mdp', lien=lien))
envoyerMail(request, member.email, u"Demande de ré-initialisation du mot de passe", body)
request.session.flash(u"Votre demande de ré-initialisation de mot de passe vous a été envoyée à %s." % member.email)
return HTTPFound(location=request.route_url('login'))
else:
message = u"Le mot de passe fourni est incorrect."
return {
'page_title': u"Changer mon mot de passe",
'url': url,
'message': message,
}
@view_config(route_name='changer_mdp', renderer='../templates/changer_mdp.pt', permission='view')
def changer_mdp(request):
url = request.route_url('changer_mdp')
logged_in = authenticated_userid(request)
message = ''
member = get_member_by_id(request, logged_in)
if member:
if 'form.submitted' in request.params:
old_password = request.params['old_password']
new_password = request.params['new_password1']
if member.mdp == hashlib.sha1(old_password).hexdigest():
update_membre_mdp(request, logged_in, new_password)
request.session.flash(u"Votre mot de passe a été mis à jour avec succès.")
return HTTPFound(location=request.route_url('home'))
else:
message = u"Le mot de passe actuel n'est pas correct."
return {
'page_title': u"Changer mon mot de passe",
'url': url,
'member': member,
'message': message,
}
@view_config(route_name='redefinir_mdp', renderer='../templates/redefinir_mdp.pt')
def redefinir_mdp(request):
lien = request.matchdict["lien"]
url = request.route_url('redefinir_mdp', lien=lien)
# tester si le champ "motdepasse_oublie" est encore valide
membre = get_member_by_mdp_oublie(request, lien)
if membre:
if 'form.submitted' in request.params:
login = request.params["login"]
mdp = request.params["new_password1"]
if login == membre.cd_uti:
update_membre_mdp(request, login, mdp)
request.session.flash(u"Votre mot de passe a été modifié avec succès.", 'success')
return HTTPFound(location=request.route_url('login'))
else:
request.session.flash(u"Identifiant incorrect.", 'danger')
return HTTPFound(location=request.route_url('login'))
else:
request.session.flash(u"Le lien n'est plus valable.", 'warning')
return HTTPFound(location=request.route_url('login'))
return {
'page_title': u"Définissez votre mot de passe",
'url': url,
}
@view_config(route_name='login', renderer='../templates/login.pt', permission='view')
@forbidden_view_config(renderer='../templates/login.pt')
def login(request):
current_route_path = request.current_route_path()
login = ''
login_url = request.route_url('login')
referrer = request.url
if referrer == login_url:
referrer = '/' # never use the login form itself as came_from
came_from = request.params.get('came_from', referrer)
password = u''
message = u''
if 'form.submitted' in request.params:
login = request.params['login']
password = request.params['password']
record = get_member_by_id(request, login)
if record :
# mot de passe hash valide ?
if record.mdp == hashlib.sha1(password).hexdigest():
update_last_connection(request, login)
# force le commit car il ne se fait pas automatiquement après l'update
transaction.commit()
headers = remember(request, login)
return HTTPFound(location=came_from, headers=headers)
message = u"Email et mot de passe invalides. La connexion a échoué."
return {
'page_title': u"",
'url': login_url,
'came_from': came_from,
'login': login,
'message': message,
}
@view_config(route_name='users_list', renderer='../templates/users_list.pt', permission='manage')
def users_list(request):
# lire les utilisateurs
items = get_member_by_id(request, '0')
# construire la liste
liste=[]
for item in items:
if item.dern_cnx_le:
der_cnx_le = item.dern_cnx_le.strftime('%d/%m/%Y - %H:%M')
else:
der_cnx_le = ""
if item.actif == 0:
etat = 'Inactif'
else:
etat = ''
if item.access == 0:
role = ''
elif item.access == 8:
role = 'Compta'
elif item.access == 9:
role = 'Admin'
else:
role = 'Gestion'
d = (item.cd_uti, item.nom, item.email, item.agenda, role, der_cnx_le, etat)
liste.append(d)
return {
'page_title': u'Liste des utilisateurs',
'dt_data': json.dumps(liste),
}
@view_config(route_name='logout')
def logout(request):
request.session.invalidate()
headers = forget(request)
request.session.flash(u"Vous avez bien été déconnecté.")
return HTTPFound(location=request.route_url('login', login=''),
headers=headers)
def envoyerMail(request, destinataire, objet, corps):
body = u"""
@@ -245,62 +74,3 @@ gestion.entreprise-dumas.com
mailer.send_immediately(message)
@view_config(route_name='user_edit', renderer='../templates/user_edit.pt', permission='manage')
def user_edit(request):
cd_uti = request.matchdict['cd_uti']
url = request.route_url('user_edit', cd_uti=cd_uti)
message = ''
access = ["0 | Production", "5 | Gestion", u"8 | Comptabilité", "9 | Administration"]
if cd_uti == '0':
# nouveau
individu = {}
individu['cd_uti'] = 0
individu['nom'] = ''
individu['email'] = ''
individu['access'] = '0 | Production'
individu['actif'] = 1
individu['agenda'] = 0
page_title= 'Nouvelle Fiche'
else:
# lire la fiche de l'individu
individu = get_member_by_id(request, cd_uti)
if not individu:
request.session.flash(u"Utilisateur non trouvé : %s" % cd_uti, 'warning')
return HTTPFound(location=request.route_url('users_list'))
page_title= u"Fiche de %s" %(individu.nom)
if 'form.submitted' in request.params:
new_values = {}
for param, db_value in individu.items():
if param in request.params and request.params[param] != db_value:
new_values[param] = request.params[param]
# actif coché ?
if 'actif' in request.params:
new_values['actif'] = 1
else:
new_values['actif'] = 0
# agenda coché ?
if 'agenda' in request.params:
new_values['agenda'] = 1
else:
new_values['agenda'] = 0
if new_values:
update_membre(request, cd_uti, new_values)
request.session.flash(u"La fiche a été mise à jour avec succès.", 'success')
return HTTPFound(location=request.route_url('users_list'))
if 'form.deleted' in request.params:
delete_membre(request, cd_uti)
request.session.flash(u"La fiche a été supprimée avec succès.", 'success')
return HTTPFound(location=request.route_url('users_list'))
return {
'page_title': page_title,
'url': url,
'individu': individu,
'access': access,
'message': message,
}

251
caotek_mesavoirs/views/members.py Normal file
View File

@@ -0,0 +1,251 @@
# -*- coding: utf8 -*-
from pyramid.response import Response
from pyramid.renderers import render, get_renderer
from pyramid.view import (
view_config,
forbidden_view_config,
)
from pyramid.security import (
authenticated_userid,
remember,
forget,
)
from pyramid.httpexceptions import (
HTTPFound,
HTTPNotFound,
HTTPForbidden,
)
from pyramid_mailer import get_mailer
from pyramid_mailer.message import Message, Attachment
from datetime import *
import hashlib
from sqlalchemy.exc import DBAPIError
from ..security import groupfinder
import json
from ..models.members import *
@view_config(route_name='envoyer_mdp', renderer='../templates/members/envoyer_mdp.pt')
def envoyer_mdp(request):
url = request.route_url('envoyer_mdp')
message = u''
if 'form.submitted' in request.params:
login = request.params['login']
member = get_member_by_email(request, login)
if member:
# Fabrication du corps du email_passwordMessage
lien = update_membre_mdp_oublie(request, login)
body = u"""
Le lien suivant vous dirigera vers une page où vous pourrez ré-initialiser votre mot de passe d'accès à « gestion.entreprise-dumas.com » :
%s
(Ce lien est valide pendant 168 heures.)
""" % (request.route_url('redefinir_mdp', lien=lien))
envoyerMail(request, member.email, u"Demande de ré-initialisation du mot de passe", body)
request.session.flash(u"Votre demande de ré-initialisation de mot de passe vous a été envoyée à %s." % member.email)
return HTTPFound(location=request.route_url('login'))
else:
message = u"Le mot de passe fourni est incorrect."
return {
'page_title': u"Changer mon mot de passe",
'url': url,
'message': message,
}
@view_config(route_name='changer_mdp', renderer='../templates/members/changer_mdp.pt', permission='view')
def changer_mdp(request):
url = request.route_url('changer_mdp')
logged_in = authenticated_userid(request)
message = ''
member = get_member_by_email(request, logged_in)
if member:
if 'form.submitted' in request.params:
old_password = request.params['old_password']
new_password = request.params['new_password1']
if member.mdp == hashlib.sha1(old_password).hexdigest():
update_membre_mdp(request, logged_in, new_password)
request.session.flash(u"Votre mot de passe a été mis à jour avec succès.")
return HTTPFound(location=request.route_url('home'))
else:
message = u"Le mot de passe actuel n'est pas correct."
return {
'page_title': u"Changer mon mot de passe",
'url': url,
'member': member,
'message': message,
}
@view_config(route_name='redefinir_mdp', renderer='../templates/members/redefinir_mdp.pt')
def redefinir_mdp(request):
lien = request.matchdict["lien"]
url = request.route_url('redefinir_mdp', lien=lien)
# tester si le champ "motdepasse_oublie" est encore valide
membre = get_member_by_mdp_oublie(request, lien)
if membre:
if 'form.submitted' in request.params:
login = request.params["login"]
mdp = request.params["new_password1"]
if login == membre.email:
update_membre_mdp(request, login, mdp)
request.session.flash(u"Votre mot de passe a été modifié avec succès.", 'success')
return HTTPFound(location=request.route_url('login'))
else:
request.session.flash(u"Identifiant incorrect.", 'danger')
return HTTPFound(location=request.route_url('login'))
else:
request.session.flash(u"Le lien n'est plus valable.", 'warning')
return HTTPFound(location=request.route_url('login'))
return {
'page_title': u"Définissez votre mot de passe",
'url': url,
}
@view_config(route_name='login', renderer='../templates/members/login.pt', permission='view')
@forbidden_view_config(renderer='../templates/members/login.pt')
def login(request):
current_route_path = request.current_route_path()
login = ''
login_url = request.route_url('login')
referrer = request.url
if referrer == login_url:
referrer = '/' # never use the login form itself as came_from
came_from = request.params.get('came_from', referrer)
password = u''
message = u''
if 'form.submitted' in request.params:
login = request.params['login']
password = request.params['password']
record = get_member_by_email(request, login)
if record :
# mot de passe hash valide ?
if record.mdp == hashlib.sha1(password).hexdigest():
update_last_connection(request, login)
# force le commit car il ne se fait pas automatiquement après l'update
transaction.commit()
headers = remember(request, login)
return HTTPFound(location=came_from, headers=headers)
message = u"Email et mot de passe invalides. La connexion a échoué."
return {
'page_title': u"",
'url': login_url,
'came_from': came_from,
'login': login,
'message': message,
}
@view_config(route_name='users_list', renderer='../templates/members/users_list.pt', permission='manage')
def users_list(request):
# lire les utilisateurs
items = get_member_by_email(request, '0')
# construire la liste
liste=[]
for item in items:
if item.dern_cnx_le:
der_cnx_le = item.dern_cnx_le.strftime('%d/%m/%Y - %H:%M')
else:
der_cnx_le = ""
if item.expire_le :
expire_le = item.dern_cnx_le.strftime('%d/%m/%Y')
else:
expire_le = ''
d = (item.nom, item.email, item.acces, der_cnx_le, expire_le)
liste.append(d)
return {
'page_title': u'Liste des utilisateurs',
'dt_data': json.dumps(liste),
}
@view_config(route_name='logout')
def logout(request):
request.session.invalidate()
headers = forget(request)
request.session.flash(u"Vous avez bien été déconnecté.")
return HTTPFound(location=request.route_url('login', login=''),
headers=headers)
@view_config(route_name='user_edit', renderer='../templates/members/user_edit.pt', permission='manage')
def user_edit(request):
email = request.matchdict['email']
url = request.route_url('user_edit', email=email)
message = ''
access = ["0 | Production", "5 | Gestion", u"8 | Comptabilité", "9 | Administration"]
if email == '0':
# nouveau
individu = {}
individu['email'] = ''
individu['nom'] = ''
individu['email'] = ''
individu['access'] = '0 | Production'
individu['actif'] = 1
individu['agenda'] = 0
page_title= 'Nouvelle Fiche'
else:
# lire la fiche de l'individu
individu = get_member_by_email(request, email)
if not individu:
request.session.flash(u"Utilisateur non trouvé : %s" % email, 'warning')
return HTTPFound(location=request.route_url('users_list'))
page_title= u"Fiche de %s" %(individu.nom)
if 'form.submitted' in request.params:
new_values = {}
for param, db_value in individu.items():
if param in request.params and request.params[param] != db_value:
new_values[param] = request.params[param]
# actif coché ?
if 'actif' in request.params:
new_values['actif'] = 1
else:
new_values['actif'] = 0
# agenda coché ?
if 'agenda' in request.params:
new_values['agenda'] = 1
else:
new_values['agenda'] = 0
if new_values:
update_membre(request, email, new_values)
request.session.flash(u"La fiche a été mise à jour avec succès.", 'success')
return HTTPFound(location=request.route_url('users_list'))
if 'form.deleted' in request.params:
delete_membre(request, email)
request.session.flash(u"La fiche a été supprimée avec succès.", 'success')
return HTTPFound(location=request.route_url('users_list'))
return {
'page_title': page_title,
'url': url,
'individu': individu,
'access': access,
'message': message,
}