tested login.pt
This commit is contained in:
@@ -9,7 +9,7 @@ License: UNKNOWN
|
||||
Description: # README #
|
||||
|
||||
|
||||
Application web permettant aux personnels de l'entreprise Dumas d'accéder aux dossiers des clients
|
||||
Cette application permet le suivi des avoirs financiers : actions, ETF, obligations (assurances-vie), livrets, etc...
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -17,10 +17,9 @@ caotek_mesavoirs.egg-info/not-zip-safe
|
||||
caotek_mesavoirs.egg-info/requires.txt
|
||||
caotek_mesavoirs.egg-info/top_level.txt
|
||||
caotek_mesavoirs/models/__init__.py
|
||||
caotek_mesavoirs/models/agenda.py
|
||||
caotek_mesavoirs/models/default.py
|
||||
caotek_mesavoirs/models/members.py
|
||||
caotek_mesavoirs/scripts/__init__.py
|
||||
caotek_mesavoirs/views/__init__.py
|
||||
caotek_mesavoirs/views/agenda.py
|
||||
caotek_mesavoirs/views/default.py
|
||||
caotek_mesavoirs/views/members.py
|
||||
caotek_mesavoirs/views/notfound.py
|
||||
@@ -12,7 +12,7 @@ def main(global_config, **settings):
|
||||
""" This function returns a Pyramid WSGI application.
|
||||
"""
|
||||
# declarations
|
||||
session_factory = UnencryptedCookieSessionFactoryConfig('Ty6sIUe9')
|
||||
session_factory = UnencryptedCookieSessionFactoryConfig('Ty6sIUf1')
|
||||
authn_policy = AuthTktAuthenticationPolicy('Ty6sIUe8', callback=groupfinder, hashalg='sha512')
|
||||
authz_policy = ACLAuthorizationPolicy()
|
||||
mailer_factory_from_settings(settings)
|
||||
|
||||
@@ -1,121 +0,0 @@
|
||||
# -*- coding: utf8 -*-
|
||||
from sqlalchemy import text
|
||||
from sqlalchemy.ext.declarative import declarative_base
|
||||
from sqlalchemy.orm import (
|
||||
scoped_session,
|
||||
sessionmaker,
|
||||
)
|
||||
from zope.sqlalchemy import (
|
||||
ZopeTransactionExtension,
|
||||
mark_changed
|
||||
)
|
||||
|
||||
from datetime import *
|
||||
import dateutil.relativedelta
|
||||
import transaction
|
||||
|
||||
def execute_query(request, query, params):
|
||||
"""Execute query and mark session as changed"""
|
||||
request.dbsession.execute(query, params)
|
||||
mark_changed(request.dbsession)
|
||||
transaction.commit()
|
||||
|
||||
def get_agendas(request):
|
||||
""" lire la liste des personnes ayant un agenda"""
|
||||
query = "CALL spGET_AGENDAS('T')"
|
||||
results = request.dbsession.execute(query).fetchall()
|
||||
return results
|
||||
|
||||
def get_table(code):
|
||||
if code == 'DD':
|
||||
table = 'dem_devis'
|
||||
elif code == 'OS':
|
||||
table = 'ordres'
|
||||
else:
|
||||
table = 'rdvous'
|
||||
return table
|
||||
|
||||
def get_table_details(code):
|
||||
if code == 'DD':
|
||||
table = 'dem_lig'
|
||||
elif code == 'OS':
|
||||
table = 'ordres_lig'
|
||||
else:
|
||||
table = 'rdvous_lig'
|
||||
return table
|
||||
|
||||
|
||||
def get_dossier_by_no(request,nodossier):
|
||||
societe = nodossier[0:2]
|
||||
table = get_table(nodossier[3:5])
|
||||
no_id = nodossier[6:]
|
||||
query = """
|
||||
SELECT d.*, c.*, a.NOM as nom_cabinet, e.NOM as nom_expert FROM %s d
|
||||
INNER JOIN clients c ON d.societe = c.societe and d.cd_cli = c.cd_cli
|
||||
INNER JOIN p_cabinet a ON d.societe = a.societe and d.cabinet = a.code
|
||||
INNER JOIN p_experts e ON d.societe = e.societe and d.cabinet = e.code_cab and d.expert = e.code_exp
|
||||
where d.societe = '%s' and d.no_id=%s;""" % (table, societe, no_id);
|
||||
results = request.dbsession.execute(query).first()
|
||||
return results
|
||||
|
||||
def get_dossier_rdv_by_no(request,nodossier, nolig):
|
||||
societe = nodossier[0:2]
|
||||
table = get_table_details(nodossier[3:5])
|
||||
no_id = nodossier[6:]
|
||||
if nolig == '0':
|
||||
query = "SELECT * FROM %s where societe = '%s' and no_id=%s;" % (table, societe, no_id)
|
||||
results = request.dbsession.execute(query).fetchall()
|
||||
else:
|
||||
query = "SELECT * FROM %s where societe = '%s' and no_id=%s and nolig=%s;" % (table, societe, no_id, nolig)
|
||||
results = request.dbsession.execute(query).first()
|
||||
return results
|
||||
|
||||
def get_rendez_vous(request, itc):
|
||||
d = datetime.now()
|
||||
d = d - dateutil.relativedelta.relativedelta(months=3)
|
||||
# début du mois M-2
|
||||
datedeb = d.strftime('%Y-%m-01')
|
||||
|
||||
# lire les rdv de l'ITC
|
||||
query = """
|
||||
(SELECT CONCAT(l.societe,"-OS-",l.no_id) as nodossier, l.rdv_debut, l.rdv_fin, e.c_nom FROM ordres_lig l
|
||||
INNER JOIN ordres e ON l.societe=e.societe AND l.no_id=e.no_id
|
||||
WHERE l.datevi >= :datedeb AND l.liste=:itc ORDER BY l.datevi, l.heurevi)
|
||||
UNION
|
||||
(SELECT CONCAT(l.societe,"-DD-",l.no_id) as nodossier, l.rdv_debut, l.rdv_fin, e.c_nom FROM dem_lig l
|
||||
INNER JOIN dem_devis e ON l.societe=e.societe AND l.no_id=e.no_id
|
||||
WHERE l.datevi >= :datedeb AND l.liste=:itc ORDER BY l.datevi, l.heurevi)
|
||||
UNION
|
||||
(SELECT CONCAT(l.societe,"-RD-",l.no_id) as nodossier, l.rdv_debut, l.rdv_fin, e.c_nom FROM rdvous_lig l
|
||||
INNER JOIN rdvous e ON l.societe=e.societe AND l.no_id=e.no_id
|
||||
WHERE l.datevi >= :datedeb AND l.liste=:itc ORDER BY l.datevi, l.heurevi);
|
||||
"""
|
||||
results = request.dbsession.execute(query, {'datedeb': datedeb, 'itc': itc}).fetchall()
|
||||
return results
|
||||
|
||||
def delete_rdv(request, nodossier, nolig):
|
||||
societe = nodossier[0:2]
|
||||
table = get_table_details(nodossier[3:5])
|
||||
no_id = nodossier[6:]
|
||||
|
||||
query = "DELETE FROM %s where societe = '%s' and no_id=%s and nolig=%s;" % (table, societe, no_id, nolig)
|
||||
execute_query(request, query, {})
|
||||
|
||||
def update_rdv(request, nodossier, nolig, comment, commentvi, date_rdv):
|
||||
societe = nodossier[0:2]
|
||||
table = get_table_details(nodossier[3:5])
|
||||
no_id = nodossier[6:]
|
||||
|
||||
# formater les champs
|
||||
ddate = datetime.strptime(date_rdv, '%d-%m-%Y %H:%M')
|
||||
datevi = ddate.strftime("%Y-%m-%d")
|
||||
heurevi = date_rdv[-5:]
|
||||
auj = date.today().strftime("%Y-%m-%d")
|
||||
|
||||
if nolig == '0':
|
||||
query = "INSERT INTO %s SET societe='%s',no_id=%s,date='%s',datevi='%s',heurevi='%s',comment='%s',commentvi='%s'" % (table, societe, no_id,auj,datevi, heurevi, comment, commentvi)
|
||||
else:
|
||||
query = "UPDATE %s SET datevi='%s', heurevi='%s', comment='%s', commentvi='%s' where societe = '%s' and no_id=%s and nolig=%s;" % (table, datevi, heurevi, comment, commentvi, societe, no_id, nolig)
|
||||
|
||||
execute_query(request, query, {})
|
||||
|
||||
@@ -20,18 +20,18 @@ def execute_query(request, query, params):
|
||||
transaction.commit()
|
||||
|
||||
def get_member_by_mdp_oublie(request, lien):
|
||||
query = "SELECT * FROM p_users WHERE mdp_oublie=:lien;"
|
||||
query = "SELECT * FROM members WHERE mdp_oublie=:lien;"
|
||||
results = request.dbsession.execute(query, {'lien':lien}).first()
|
||||
return results
|
||||
|
||||
def get_member_by_id(request, mbr_id):
|
||||
if mbr_id == '0':
|
||||
query = "SELECT * FROM P_USERS ORDER BY cd_uti"
|
||||
def get_member_by_email(request, email):
|
||||
if email == '0':
|
||||
query = "SELECT * FROM members ORDER BY nom"
|
||||
results = request.dbsession.execute(query).fetchall()
|
||||
else:
|
||||
# lire le membres par son identifianr
|
||||
query = """SELECT * FROM p_users WHERE CD_UTI=:mbr_id;"""
|
||||
results = request.dbsession.execute(query, {'mbr_id': mbr_id}).first()
|
||||
query = """SELECT * FROM members WHERE email=:email;"""
|
||||
results = request.dbsession.execute(query, {'email': email}).first()
|
||||
return results
|
||||
|
||||
def update_membre_mdp_oublie(request, login):
|
||||
@@ -41,21 +41,21 @@ def update_membre_mdp_oublie(request, login):
|
||||
# get a UUID - URL safe, Base64
|
||||
r_uuid = base64.urlsafe_b64encode(uuid.uuid4().bytes)
|
||||
r_uuid = r_uuid.replace('=', '')
|
||||
query = "UPDATE p_users SET mdp_oublie=:r_uuid, mdp_oublie_date=now() WHERE CD_UTI=:login;"
|
||||
query = "UPDATE members SET mdp_oublie=:r_uuid, mdp_oublie_date=now() WHERE email=:login;"
|
||||
execute_query(request, query, {'r_uuid':r_uuid, 'login':login})
|
||||
return r_uuid
|
||||
|
||||
def update_membre_mdp(request, login, password):
|
||||
"""Update password for member login"""
|
||||
query = "UPDATE p_users SET mdp = SHA1(:password), mdp_oublie=NULL, mdp_oublie_date=NULL WHERE cd_uti=:login;"
|
||||
query = "UPDATE members SET mdp = SHA1(:password), mdp_oublie=NULL, mdp_oublie_date=NULL WHERE email=:login;"
|
||||
execute_query(request, query, {'login': login, 'password': password})
|
||||
|
||||
def update_last_connection(request, login):
|
||||
"""Update last connection for login """
|
||||
query = "UPDATE p_users SET dern_cnx_le=NOW() WHERE cd_uti=:login;"
|
||||
query = "UPDATE members SET dern_cnx_le=NOW() WHERE email=:login;"
|
||||
execute_query(request, query, {'login': login})
|
||||
|
||||
def update_membre(request, cd_uti, new_values):
|
||||
def update_membre(request, email, new_values):
|
||||
# formater les champs
|
||||
s = ''
|
||||
for param in new_values.keys():
|
||||
@@ -70,14 +70,14 @@ def update_membre(request, cd_uti, new_values):
|
||||
else:
|
||||
s = "%s=:%s" % (param, param)
|
||||
|
||||
if cd_uti == '0':
|
||||
query = "INSERT INTO p_users SET %s" % s
|
||||
if email == '':
|
||||
query = "INSERT INTO members SET %s" % s
|
||||
else:
|
||||
new_values['cd_uti'] = cd_uti
|
||||
query = "UPDATE p_users SET %s WHERE cd_uti = :cd_uti;" % s
|
||||
new_values['email'] = email
|
||||
query = "UPDATE members SET %s WHERE email = :email;" % s
|
||||
execute_query(request, query, new_values)
|
||||
|
||||
def delete_membre(request, cd_uti):
|
||||
query = "DELETE FROM p_users WHERE cd_uti = :cd_uti ;"
|
||||
execute_query(request, query, {'cd_uti': cd_uti})
|
||||
def delete_membre(request, email):
|
||||
query = "DELETE FROM members WHERE email = :email ;"
|
||||
execute_query(request, query, {'email': email})
|
||||
|
||||
@@ -3,7 +3,7 @@ from pyramid_layout.panel import panel_config
|
||||
from pyramid.security import authenticated_userid
|
||||
|
||||
from .security import groupfinder
|
||||
from .models.default import get_member_by_id
|
||||
from .models.members import get_member_by_email
|
||||
|
||||
@panel_config(name='dropdown_menu_panel', renderer='templates/panels/dropdown_menu_panel.pt')
|
||||
def dropdown_menu_panel(context, request):
|
||||
@@ -11,22 +11,13 @@ def dropdown_menu_panel(context, request):
|
||||
if logged_in is None:
|
||||
return { 'logged_in': '' }
|
||||
else:
|
||||
member = get_member_by_id(request, logged_in)
|
||||
member = get_member_by_email(request, logged_in)
|
||||
fullname = member.nom
|
||||
email = member.email
|
||||
if member.access == 9:
|
||||
logged_in_fonction = 'Administrateur'
|
||||
elif member.access == 8:
|
||||
logged_in_fonction = 'Comptabilité'
|
||||
elif member.access == 5:
|
||||
logged_in_fonction = 'Gestion'
|
||||
else:
|
||||
logged_in_fonction = 'Production'
|
||||
logged_in_fonction = member.acces
|
||||
|
||||
return {
|
||||
'logged_in': logged_in,
|
||||
'logged_in_name': fullname,
|
||||
'logged_in_email': email,
|
||||
'logged_in_fonction': logged_in_fonction,
|
||||
}
|
||||
|
||||
|
||||
@@ -1,15 +1,11 @@
|
||||
def includeme(config):
|
||||
config.add_static_view('static', 'static', cache_max_age=3600)
|
||||
config.add_route('home', '/')
|
||||
config.add_route('agenda', '/agenda')
|
||||
# members
|
||||
config.add_route('changer_mdp', '/changer_mdp')
|
||||
config.add_route('dossier_view', '/dossier_view/{nodossier}')
|
||||
config.add_route('rdv_edit','/rdv_edit/{nodossier}/{nolig}')
|
||||
config.add_route('envoyer_mdp', '/envoyer_mdp')
|
||||
config.add_route('user_edit', '/user_edit/{cd_uti}')
|
||||
config.add_route('users_list', '/users_list')
|
||||
config.add_route('login', '/login')
|
||||
config.add_route('logout', '/logout')
|
||||
config.add_route('planning', '/planning')
|
||||
config.add_route('redefinir_mdp', '/redefinir_mdp/{lien}')
|
||||
|
||||
config.add_route('user_edit', '/user_edit/{email}')
|
||||
config.add_route('users_list', '/users_list')
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
from .models.default import get_member_by_id
|
||||
from .models.members import get_member_by_email
|
||||
|
||||
def groupfinder(userid, request):
|
||||
member = get_member_by_id(request, userid)
|
||||
member = get_member_by_email(request, userid)
|
||||
|
||||
if member:
|
||||
# Roles administrateur ?
|
||||
if member.access == 9:
|
||||
if member.acces == 'ADMIN':
|
||||
return ['group:administrators']
|
||||
else:
|
||||
return [] # it means that userid is logged in (it returns None if userid isn't logged in)
|
||||
|
||||
@@ -1,47 +0,0 @@
|
||||
<metal:block use-macro="main_template">
|
||||
<div metal:fill-slot="content">
|
||||
<div class="container">
|
||||
|
||||
<div class="form-group">
|
||||
<div class="row">
|
||||
<div class="col-md-2">
|
||||
<a class="btn btn-primary" role="button" href="/">
|
||||
<span class="glyphicon glyphicon-chevron-left"></span> Retour</a>
|
||||
</div>
|
||||
<div class="col-md-5">
|
||||
<p>
|
||||
<span class="label label-danger">RDV Peinture</span> <span class="label label-warning">RDV Menuiserie</span>
|
||||
<span class="label label-success">RDV Plomberiee</span> <span class="label label-info">RDV Polynet</span>
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<br />
|
||||
<div class="container">
|
||||
<div id="calendar"></div>
|
||||
</div>
|
||||
<br />
|
||||
<br />
|
||||
|
||||
<script>
|
||||
$(document).ready(function() {
|
||||
$('#calendar').fullCalendar({
|
||||
locale: 'fr',
|
||||
header: {
|
||||
left: 'agendaDay agendaWeek month listMonth',
|
||||
center: 'prev title next',
|
||||
right: 'today'
|
||||
},
|
||||
defaultView: 'agendaWeek',
|
||||
minTime: "07:00:00",
|
||||
maxTime: "21:00:00",
|
||||
events:${fullcalendar_events},
|
||||
});
|
||||
});
|
||||
</script>
|
||||
|
||||
</div><!-- content -->
|
||||
</metal:block>
|
||||
|
||||
|
||||
@@ -1,111 +0,0 @@
|
||||
<metal:block use-macro="main_template">
|
||||
<div metal:fill-slot="content">
|
||||
<br />
|
||||
<!-- ENTETE -->
|
||||
<div class="row">
|
||||
<!-- CHANTIER -->
|
||||
<div class="col-md-6">
|
||||
<table class="table table-condensed ">
|
||||
<tr>
|
||||
<td><h4>CHANTIER</h4></td>
|
||||
<td>
|
||||
<h4>${dossier.C_QUALITE} ${dossier.C_NOM}</h4>
|
||||
${dossier.C_ADR}<br />
|
||||
<span tal:condition="dossier.C_ADR2">${dossier.C_ADR2}<br /></span>
|
||||
${dossier.C_CP} ${dossier.C_VILLE}<br />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Etage - Code<br />
|
||||
Tél. domicile - prof.<br />
|
||||
Tél. mobile - fax
|
||||
</td>
|
||||
<td>
|
||||
${dossier.C_ETAGE} - ${dossier.C_CODE}<br />
|
||||
${dossier.C_TEL1} - ${dossier.C_TEL2}<br />
|
||||
${dossier.C_TELP} - ${dossier.C_FAX}
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Cabinet<br />
|
||||
Expert<br />
|
||||
Référence expert
|
||||
</td>
|
||||
<td>
|
||||
${dossier.nom_cabinet}<br />
|
||||
${dossier.nom_expert}<br />
|
||||
${dossier.REF_EXPERT}<br />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Police<br />
|
||||
Sinistre<br />
|
||||
Votre référence<br />
|
||||
</td>
|
||||
<td>
|
||||
${dossier.NOPOL}<br />
|
||||
${dossier.NOSIN}<br />
|
||||
${dossier.VREF}<br />
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
|
||||
<!-- Mon compte -->
|
||||
<div class="col-md-6 well">
|
||||
<table class="table table-condensed ">
|
||||
<tr>
|
||||
<td><h4>CLIENT</h4></td>
|
||||
<td>
|
||||
<h4>${dossier.QUALITE} ${dossier.NOM}</h4>
|
||||
${dossier.ADRESSE}<br />
|
||||
<span tal:condition="dossier.ADRESSE2">${dossier.ADRESSE2}<br /></span>
|
||||
${dossier.CP} ${dossier.VILLE}<br />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
Responsable<br />
|
||||
Tél. 1 - 2<br />
|
||||
Tél. mobile - fax
|
||||
</td>
|
||||
<td>
|
||||
${dossier.NOMRESP}<br />
|
||||
${dossier.TEL1} - ${dossier.TEL2}<br />
|
||||
${dossier.TELP} - ${dossier.FAX}
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
</div> <!-- row -->
|
||||
|
||||
<h3>SUIVI</h3>
|
||||
<p><a class="btn btn-success" role="button" href="${request.route_url('rdv_edit', nodossier=nodossier, nolig='0')}">
|
||||
<span class="glyphicon glyphicon-plus"></span> Nouvelle ligne</a></p>
|
||||
|
||||
<table class="table table-bordered">
|
||||
<tr>
|
||||
<th>Date</th>
|
||||
<th>Visite</th>
|
||||
<th>Action</th>
|
||||
<th class="text-center">Avec</th>
|
||||
</tr>
|
||||
<tr tal:repeat="detail details">
|
||||
<td>${detail.DATE.strftime('%d/%m/%Y')}</td>
|
||||
<td>
|
||||
<span tal:condition="detail.rdv_debut==None"></span>
|
||||
<span tal:condition="detail.rdv_debut<>None">
|
||||
<a href="${request.route_url('rdv_edit', nodossier=nodossier, nolig=detail.NOLIG)}">
|
||||
${detail.rdv_debut.strftime('%d/%m/%Y %H:%M')}</a>
|
||||
</span>
|
||||
</td>
|
||||
<td>${detail.COMMENT} ${detail.COMMENTVI}</td>
|
||||
<td class="text-center">${detail.LISTE}</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
</div>
|
||||
</metal:block>
|
||||
@@ -1,59 +0,0 @@
|
||||
<metal:block use-macro="main_template">
|
||||
<div metal:fill-slot="content">
|
||||
<div class="container">
|
||||
|
||||
<div class="form-group">
|
||||
<div class="row">
|
||||
<div class="col-md-2">
|
||||
<a class="btn btn-primary" role="button" href="/">
|
||||
<span class="glyphicon glyphicon-chevron-left"></span> Retour</a>
|
||||
</div>
|
||||
<form method="POST" id="frm">
|
||||
<div class="col-md-3" tal:condition="access >= 5">
|
||||
<select class="form-control" id="agenda" name="agenda" onChange="$('#frm').submit()">
|
||||
<optgroup tal:repeat="item agendas">
|
||||
<option value="${item.cd_uti}" tal:attributes="selected agenda==item.cd_uti and 'selected' or None">${item.nom}</option>
|
||||
</optgroup>
|
||||
</select>
|
||||
</div>
|
||||
<div class="col-md-3" tal:condition="access < 5">
|
||||
<input type="hidden" name="agenda" value="${agenda}"/>
|
||||
</div>
|
||||
</form>
|
||||
<div class="col-md-5">
|
||||
<p>
|
||||
<span class="label label-danger">RDV Peinture</span> <span class="label label-warning">RDV Menuiserie</span>
|
||||
<span class="label label-success">RDV Plomberiee</span> <span class="label label-info">RDV Polynet</span>
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<br />
|
||||
<div class="container">
|
||||
<div id="calendar"></div>
|
||||
</div>
|
||||
<br />
|
||||
<br />
|
||||
|
||||
<script>
|
||||
$(document).ready(function() {
|
||||
$('#calendar').fullCalendar({
|
||||
locale: 'fr',
|
||||
header: {
|
||||
left: 'agendaDay agendaWeek month listMonth',
|
||||
center: 'prev title next',
|
||||
right: 'today'
|
||||
},
|
||||
defaultView: 'agendaWeek',
|
||||
minTime: "07:00:00",
|
||||
maxTime: "21:00:00",
|
||||
events:${fullcalendar_events},
|
||||
});
|
||||
});
|
||||
</script>
|
||||
|
||||
</div><!-- content -->
|
||||
</metal:block>
|
||||
|
||||
|
||||
@@ -1,91 +0,0 @@
|
||||
<metal:block use-macro="main_template">
|
||||
<div metal:fill-slot="content">
|
||||
|
||||
<div tal:condition="message" tal:content="message" class="alert alert-danger" />
|
||||
<br />
|
||||
<div class="row">
|
||||
<form id="rdv_edit-form" class="form-horizontal" action="${url}" method="post"
|
||||
data-fv-framework="bootstrap"
|
||||
data-fv-icon-valid="glyphicon glyphicon-ok"
|
||||
data-fv-icon-invalid="glyphicon glyphicon-remove"
|
||||
data-fv-icon-validating="glyphicon glyphicon-refresh">
|
||||
|
||||
<div class="form-group">
|
||||
<label class="col-xs-2 control-label" for="date_rdv">Date et heure</label>
|
||||
<div class="col-xs-3 input-group date" id="date_rdv_picker">
|
||||
<input class="form-control" type="text" name="date_rdv" value="${date_rdv.strftime('%d-%m-%Y %H:%M')}"
|
||||
data-fv-notempty="true"
|
||||
data-fv-notempty-message="La date et l'heure sont obligatoires"
|
||||
data-fv-date="true"
|
||||
data-fv-date-format="DD-MM-YYYY HH:mm"
|
||||
data-fv-date-message="La date et l'heure ne sont pas valides" />
|
||||
<span class="input-group-addon add-on">
|
||||
<span class="glyphicon glyphicon-calendar"></span>
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label class="control-label col-xs-2" for="comment">Commentaire 1</label>
|
||||
<div class="col-xs-5">
|
||||
<input class="form-control" type="text" id="comment" name="comment" value="${comment}"
|
||||
placeholder="30 caractères maximum"
|
||||
data-fv-notempty="true"
|
||||
data-fv-notempty-message="Un commentaire est obligatoire"
|
||||
data-fv-stringlength="true"
|
||||
data-fv-stringlength-max="30"
|
||||
data-fv-stringlength-message="30 caractères maximum" />
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-xs-2" for="commentvi">Commentaire 2</label>
|
||||
<div class="col-xs-5">
|
||||
<input class="form-control" type="text" id="commentvi" name="commentvi" value="${commentvi}"
|
||||
placeholder="30 caractères maximum"
|
||||
data-fv-stringlength="true"
|
||||
data-fv-stringlength-max="30"
|
||||
data-fv-stringlength-message="30 caractères maximum" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<div class="col-xs-offset-2 col-xs-10">
|
||||
<div class="form-group">
|
||||
<a class="btn btn-default" href="${request.route_url('dossier_view', nodossier=nodossier)}">
|
||||
<span class="glyphicon glyphicon-arrow-left"></span> Annuler</a>
|
||||
<button class="btn btn-primary" type="submit" name="form.submitted">
|
||||
<span class="glyphicon glyphicon-ok"></span> Enregistrer</button>
|
||||
<button class="btn btn-warning" type="submit" name="form.deleted"
|
||||
tal:condition="python: nolig <> '0'">
|
||||
<span class="glyphicon glyphicon-remove"></span> Supprimer</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</form>
|
||||
<br />
|
||||
<br />
|
||||
<br />
|
||||
</div> <!-- row -->
|
||||
|
||||
<script>
|
||||
$(document).ready(function() {
|
||||
$('#rdv_edit-form').formValidation();
|
||||
$('#date_rdv_picker').datetimepicker({
|
||||
format: 'DD-MM-YYYY HH:mm',
|
||||
showClear: true,
|
||||
allowInputToggle: true,
|
||||
stepping: 15,
|
||||
})
|
||||
.on('changeDate', function(e) {
|
||||
// Revalidate the date field
|
||||
$('#rdv_edit-form').formValidation('revalidateField', 'date_rdv');
|
||||
});
|
||||
$('form input').on('keypress', function(e) {
|
||||
return e.which !== 13;
|
||||
});
|
||||
});
|
||||
</script>
|
||||
|
||||
</div>
|
||||
</metal:block>
|
||||
@@ -1,22 +0,0 @@
|
||||
<!DOCTYPE html>
|
||||
<html xmlns="http://www.w3.org/1999/xhtml"
|
||||
xmlns:metal="http://xml.zope.org/namespaces/metal"
|
||||
xmlns:tal="http://xml.zope.org/namespaces/tal"
|
||||
lang="fr">
|
||||
<head>
|
||||
<title>${page_title}</title>
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<img src="http://www.caes.cnrs.fr/logo.jpg" class="caes-logo" alt="CAES du CNRS" title="CAES du CNRS" />
|
||||
|
||||
<div metal:define-slot="content" />
|
||||
|
||||
<div id="footer">
|
||||
<div class="well">
|
||||
Siège : <a href="http://www.caes.cnrs.fr">CAES du CNRS</a> - 2, Allée Georges Méliès - 94306 Vincennes CEDEX - France
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
@@ -16,9 +16,9 @@
|
||||
|
||||
<div class="form-group">
|
||||
<input class="form-control" type="text" name="login" value="${login}"
|
||||
placeholder="Identifiant"
|
||||
data-fv-notempty="true"
|
||||
data-fv-notempty-message="L'identifiant est obligatoire" />
|
||||
placeholder="Email"
|
||||
data-fv-emailaddress="true"
|
||||
data-fv-emailaddress-message="L'adresse email n'est pas valide" />
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
@@ -11,15 +11,12 @@
|
||||
data-fv-icon-validating="glyphicon glyphicon-refresh">
|
||||
|
||||
<div class="form-group">
|
||||
<label class="control-label col-xs-2" for="cd_uti">Identifiant</label>
|
||||
<div class="col-xs-2">
|
||||
<input class="form-control" type="text" id="cd_uti" name="cd_uti" value="${individu.cd_uti}"
|
||||
placeholder="10 caractères maximum"
|
||||
data-fv-notempty="true"
|
||||
data-fv-notempty-message="L'identifiant est obligatoire"
|
||||
data-fv-stringlength="true"
|
||||
data-fv-stringlength-max="3"
|
||||
data-fv-stringlength-message="3 caractères maximum" />
|
||||
<label class="col-xs-2 control-label">Email</label>
|
||||
<div class="col-xs-5">
|
||||
<input class="form-control" type="text" name="email"
|
||||
value="${individu.email}" placeholder="55 caractères maximum"
|
||||
data-fv-emailaddress="true"
|
||||
data-fv-emailaddress-message="L'adresse email n'est pas valide" />
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
@@ -86,7 +83,7 @@
|
||||
<button class="btn btn-primary" type="submit" name="form.submitted">
|
||||
<span class="glyphicon glyphicon-ok"></span> Enregistrer</button>
|
||||
<button class="btn btn-warning" type="submit" name="form.deleted"
|
||||
tal:condition="individu.cd_uti > 0">
|
||||
tal:condition="individu.email > 0">
|
||||
<span class="glyphicon glyphicon-remove"></span> Supprimer</button>
|
||||
</div>
|
||||
</div>
|
||||
@@ -11,13 +11,11 @@
|
||||
<table id="users_list" class="table table-striped table-bordered">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Login</th>
|
||||
<th>Nom, Prénom</th>
|
||||
<th>Email</th>
|
||||
<th>Agenda</th>
|
||||
<th>Rôle</th>
|
||||
<th>Dern cnx</th>
|
||||
<th>Etat</th>
|
||||
<th>Expire le</th>
|
||||
</tr>
|
||||
</thead>
|
||||
</table>
|
||||
@@ -35,22 +33,12 @@
|
||||
pageLength: 50,
|
||||
bLengthChange: false,
|
||||
columnDefs: [
|
||||
{ "targets": 0,
|
||||
{ "targets": 1,
|
||||
"render": function (data, type, full, meta) {
|
||||
// ajouter un link vers le formulaire
|
||||
return '<a href="/user_edit/' + data + '">' + data + '</a>';
|
||||
},
|
||||
},
|
||||
{ "targets": 3,
|
||||
"render": function (data, type, full, meta) {
|
||||
if (data != 0) {
|
||||
return '<span class="glyphicon glyphicon-calendar"></span>';
|
||||
}
|
||||
else {
|
||||
return '';
|
||||
}
|
||||
},
|
||||
}
|
||||
]
|
||||
});
|
||||
|
||||
@@ -3,8 +3,7 @@
|
||||
|
||||
<ul class="dropdown-menu">
|
||||
<li class="dropdown-header">
|
||||
${logged_in_email}<br />
|
||||
Identifiant : ${logged_in}<br />
|
||||
${logged_in}<br />
|
||||
Fonction: ${logged_in_fonction}
|
||||
</li>
|
||||
|
||||
|
||||
@@ -1,11 +0,0 @@
|
||||
from .models.default import get_member_by_id
|
||||
|
||||
def groupfinder(userid, request):
|
||||
member = get_member_by_id(request, userid)
|
||||
|
||||
if member:
|
||||
# Roles administrateur ?
|
||||
if member.access == 9:
|
||||
return ['group:administrators']
|
||||
else:
|
||||
return [] # it means that userid is logged in (it returns None if userid isn't logged in)
|
||||
@@ -1,200 +0,0 @@
|
||||
# -*- coding: utf8 -*-
|
||||
from pyramid.response import Response
|
||||
from pyramid.renderers import render, get_renderer
|
||||
from pyramid.view import (
|
||||
view_config,
|
||||
forbidden_view_config,
|
||||
)
|
||||
from pyramid.security import (
|
||||
authenticated_userid,
|
||||
remember,
|
||||
forget,
|
||||
)
|
||||
from pyramid.httpexceptions import (
|
||||
HTTPFound,
|
||||
HTTPNotFound,
|
||||
HTTPForbidden,
|
||||
)
|
||||
|
||||
from pyramid_mailer.message import Message, Attachment
|
||||
from datetime import *
|
||||
import hashlib
|
||||
|
||||
from sqlalchemy.exc import DBAPIError
|
||||
from ..security import groupfinder
|
||||
|
||||
import json
|
||||
|
||||
from ..models.agenda import *
|
||||
from ..models.default import *
|
||||
|
||||
|
||||
@view_config(route_name='rdv_edit', renderer='../templates/agenda/rdv_edit.pt', permission='view')
|
||||
def rdv_edit(request):
|
||||
nodossier = request.matchdict['nodossier']
|
||||
nolig = request.matchdict['nolig']
|
||||
url = request.route_url("rdv_edit", nodossier=nodossier, nolig=nolig)
|
||||
|
||||
message = ''
|
||||
if nolig == '0':
|
||||
# nouveau
|
||||
comment = ''
|
||||
commentvi = ''
|
||||
date_rdv = datetime.now()
|
||||
page_title= 'Nouveau rendez-vous'
|
||||
else:
|
||||
# lire le rendez-vous
|
||||
rdv = get_dossier_rdv_by_no(request, nodossier, nolig)
|
||||
if not rdv:
|
||||
request.session.flash(u"Rendez-vous non trouvé : %s" % nodossier, 'warning')
|
||||
return HTTPFound(location=request.route_url('dossier_view', nodossier=nodossier))
|
||||
|
||||
comment = rdv.COMMENT
|
||||
commentvi = rdv.COMMENTVI
|
||||
date_rdv = rdv.rdv_debut
|
||||
page_title= u"Modification du rdv du %s" % (rdv.rdv_debut.strftime('%d-%m-%Y %H:%M'))
|
||||
|
||||
if 'form.submitted' in request.params:
|
||||
comment = request.params['comment']
|
||||
commentvi = request.params['commentvi']
|
||||
date_rdv = request.params['date_rdv']
|
||||
|
||||
update_rdv(request, nodossier, nolig, comment, commentvi, date_rdv)
|
||||
request.session.flash(u"Le rendez-vous a été mis à jour avec succès.", 'success')
|
||||
return HTTPFound(location=request.route_url('dossier_view', nodossier=nodossier))
|
||||
|
||||
if 'form.deleted' in request.params:
|
||||
delete_rdv(request, nodossier, nolig)
|
||||
request.session.flash(u"Le rendez-vous a été supprimé avec succès.", 'success')
|
||||
return HTTPFound(location=request.route_url('dossier_view', nodossier=nodossier))
|
||||
|
||||
return {
|
||||
'page_title': page_title,
|
||||
'url': url,
|
||||
'nodossier': nodossier,
|
||||
'nolig': nolig,
|
||||
'comment': comment,
|
||||
'commentvi': commentvi,
|
||||
'date_rdv': date_rdv,
|
||||
'message': message,
|
||||
}
|
||||
|
||||
@view_config(route_name='dossier_view', renderer='../templates/agenda/dossier_view.pt', permission='view')
|
||||
def dossier_view(request):
|
||||
nodossier = request.matchdict['nodossier']
|
||||
url = request.route_url("dossier_view", nodossier=nodossier)
|
||||
|
||||
dossier = get_dossier_by_no(request, nodossier)
|
||||
if dossier is None:
|
||||
request.session.flash(u"Le dossier no %s est introuvable" % (nodossier), 'danger')
|
||||
return HTTPFound(location=request.route_url("agenda"))
|
||||
# lire tous le suivi du dossier
|
||||
details = get_dossier_rdv_by_no(request, nodossier, '0')
|
||||
|
||||
return {
|
||||
'page_title': u"Dossier : %s" % (nodossier),
|
||||
'nodossier': nodossier,
|
||||
'dossier': dossier,
|
||||
'details': details,
|
||||
}
|
||||
|
||||
@view_config(route_name='agenda', renderer='../templates/agenda/agenda.pt', permission='view')
|
||||
def agenda(request):
|
||||
logged_in = authenticated_userid(request)
|
||||
member = get_member_by_id(request, logged_in)
|
||||
if not member:
|
||||
request.session.flash(u"Identifiant %s introuvable" % (logged_in), 'danger')
|
||||
return HTTPFound(location=request.route_url("/home"))
|
||||
|
||||
rows = get_rendez_vous(request, logged_in)
|
||||
page_title = u"Agenda de %s" % member.NOM
|
||||
|
||||
# construire la liste des events
|
||||
events = []
|
||||
for row in rows:
|
||||
event_url = 'dossier_view/%s' % (row.nodossier)
|
||||
event_title = row.c_nom
|
||||
|
||||
# déterminer la couleur de l'event selon la societe
|
||||
societe = row.nodossier[0:2]
|
||||
if societe == "PE":
|
||||
color = "#d9534f" # rouge danger
|
||||
elif societe == "PL":
|
||||
color = "#5cb85c" # vert success
|
||||
elif societe == "PL":
|
||||
color = "#5bc0de" # bleu info
|
||||
else:
|
||||
color = "#f0ad4e" # orange warning
|
||||
|
||||
json_event = {
|
||||
'title': event_title,
|
||||
'start': row.rdv_debut.strftime('%Y-%m-%d %H:%M:%S'),
|
||||
'end': row.rdv_fin.strftime('%Y-%m-%d %H:%M:%S'),
|
||||
'allDay': False,
|
||||
'color': color,
|
||||
'url': event_url,
|
||||
}
|
||||
events.append(json_event)
|
||||
|
||||
|
||||
return {
|
||||
'page_title': page_title,
|
||||
'fullcalendar_events': json.dumps(events),
|
||||
}
|
||||
|
||||
@view_config(route_name='planning', renderer='../templates/agenda/planning.pt', permission='view')
|
||||
def planning(request):
|
||||
logged_in = authenticated_userid(request)
|
||||
member = get_member_by_id(request, logged_in)
|
||||
if not member:
|
||||
request.session.flash(u"Identifiant %s introuvable" % (logged_in), 'danger')
|
||||
return HTTPFound(location=request.route_url("/home"))
|
||||
|
||||
# determiner le rôle du user
|
||||
access = member.access
|
||||
agendas = get_agendas(request)
|
||||
|
||||
agenda = 'JMD'
|
||||
# prendre en compte les paramètres de saisie
|
||||
if 'agenda' in request.params:
|
||||
agenda = request.params["agenda"]
|
||||
|
||||
personne = get_member_by_id(request,agenda)
|
||||
rows = get_rendez_vous(request, agenda)
|
||||
|
||||
# construire la liste des events
|
||||
events = []
|
||||
for row in rows:
|
||||
event_url = 'dossier_view/%s' % (row.nodossier)
|
||||
event_title = row.c_nom
|
||||
|
||||
# déterminer la couleur de l'event selon la societe
|
||||
societe = row.nodossier[0:2]
|
||||
if societe == "PE":
|
||||
color = "#d9534f" # rouge danger
|
||||
elif societe == "PL":
|
||||
color = "#5cb85c" # vert success
|
||||
elif societe == "PL":
|
||||
color = "#5bc0de" # bleu info
|
||||
else:
|
||||
color = "#f0ad4e" # orange warning
|
||||
|
||||
json_event = {
|
||||
'title': event_title,
|
||||
'start': row.rdv_debut.strftime('%Y-%m-%d %H:%M:%S'),
|
||||
'end': row.rdv_fin.strftime('%Y-%m-%d %H:%M:%S'),
|
||||
'allDay': False,
|
||||
'color': color,
|
||||
'url': event_url,
|
||||
}
|
||||
events.append(json_event)
|
||||
|
||||
|
||||
return {
|
||||
'page_title': 'Planning',
|
||||
'fullcalendar_events': json.dumps(events),
|
||||
'agendas': agendas,
|
||||
'agenda': agenda,
|
||||
'access': access,
|
||||
}
|
||||
|
||||
@@ -25,8 +25,6 @@ from ..security import groupfinder
|
||||
|
||||
import json
|
||||
|
||||
from ..models.default import *
|
||||
|
||||
def to_decimal(x):
|
||||
import decimal
|
||||
return decimal.Decimal(str(x))
|
||||
@@ -57,175 +55,6 @@ def home(request):
|
||||
'project': 'mondumas',
|
||||
}
|
||||
|
||||
@view_config(route_name='envoyer_mdp', renderer='../templates/envoyer_mdp.pt')
|
||||
def envoyer_mdp(request):
|
||||
url = request.route_url('envoyer_mdp')
|
||||
message = u''
|
||||
|
||||
if 'form.submitted' in request.params:
|
||||
login = request.params['login']
|
||||
member = get_member_by_id(request, login)
|
||||
if member:
|
||||
# Fabrication du corps du email_passwordMessage
|
||||
lien = update_membre_mdp_oublie(request, login)
|
||||
body = u"""
|
||||
|
||||
Le lien suivant vous dirigera vers une page où vous pourrez ré-initialiser votre mot de passe d'accès à « gestion.entreprise-dumas.com » :
|
||||
|
||||
|
||||
%s
|
||||
|
||||
(Ce lien est valide pendant 168 heures.)
|
||||
|
||||
|
||||
""" % (request.route_url('redefinir_mdp', lien=lien))
|
||||
envoyerMail(request, member.email, u"Demande de ré-initialisation du mot de passe", body)
|
||||
request.session.flash(u"Votre demande de ré-initialisation de mot de passe vous a été envoyée à %s." % member.email)
|
||||
return HTTPFound(location=request.route_url('login'))
|
||||
else:
|
||||
message = u"Le mot de passe fourni est incorrect."
|
||||
return {
|
||||
'page_title': u"Changer mon mot de passe",
|
||||
'url': url,
|
||||
'message': message,
|
||||
}
|
||||
|
||||
@view_config(route_name='changer_mdp', renderer='../templates/changer_mdp.pt', permission='view')
|
||||
def changer_mdp(request):
|
||||
url = request.route_url('changer_mdp')
|
||||
logged_in = authenticated_userid(request)
|
||||
message = ''
|
||||
|
||||
member = get_member_by_id(request, logged_in)
|
||||
if member:
|
||||
if 'form.submitted' in request.params:
|
||||
old_password = request.params['old_password']
|
||||
new_password = request.params['new_password1']
|
||||
if member.mdp == hashlib.sha1(old_password).hexdigest():
|
||||
update_membre_mdp(request, logged_in, new_password)
|
||||
request.session.flash(u"Votre mot de passe a été mis à jour avec succès.")
|
||||
return HTTPFound(location=request.route_url('home'))
|
||||
else:
|
||||
message = u"Le mot de passe actuel n'est pas correct."
|
||||
|
||||
return {
|
||||
'page_title': u"Changer mon mot de passe",
|
||||
'url': url,
|
||||
'member': member,
|
||||
'message': message,
|
||||
}
|
||||
|
||||
@view_config(route_name='redefinir_mdp', renderer='../templates/redefinir_mdp.pt')
|
||||
def redefinir_mdp(request):
|
||||
lien = request.matchdict["lien"]
|
||||
url = request.route_url('redefinir_mdp', lien=lien)
|
||||
|
||||
# tester si le champ "motdepasse_oublie" est encore valide
|
||||
membre = get_member_by_mdp_oublie(request, lien)
|
||||
if membre:
|
||||
if 'form.submitted' in request.params:
|
||||
login = request.params["login"]
|
||||
mdp = request.params["new_password1"]
|
||||
if login == membre.cd_uti:
|
||||
update_membre_mdp(request, login, mdp)
|
||||
request.session.flash(u"Votre mot de passe a été modifié avec succès.", 'success')
|
||||
return HTTPFound(location=request.route_url('login'))
|
||||
else:
|
||||
request.session.flash(u"Identifiant incorrect.", 'danger')
|
||||
return HTTPFound(location=request.route_url('login'))
|
||||
else:
|
||||
request.session.flash(u"Le lien n'est plus valable.", 'warning')
|
||||
return HTTPFound(location=request.route_url('login'))
|
||||
return {
|
||||
'page_title': u"Définissez votre mot de passe",
|
||||
'url': url,
|
||||
}
|
||||
|
||||
|
||||
@view_config(route_name='login', renderer='../templates/login.pt', permission='view')
|
||||
@forbidden_view_config(renderer='../templates/login.pt')
|
||||
def login(request):
|
||||
|
||||
current_route_path = request.current_route_path()
|
||||
login = ''
|
||||
login_url = request.route_url('login')
|
||||
|
||||
referrer = request.url
|
||||
if referrer == login_url:
|
||||
referrer = '/' # never use the login form itself as came_from
|
||||
|
||||
came_from = request.params.get('came_from', referrer)
|
||||
password = u''
|
||||
message = u''
|
||||
if 'form.submitted' in request.params:
|
||||
login = request.params['login']
|
||||
password = request.params['password']
|
||||
record = get_member_by_id(request, login)
|
||||
if record :
|
||||
# mot de passe hash valide ?
|
||||
if record.mdp == hashlib.sha1(password).hexdigest():
|
||||
update_last_connection(request, login)
|
||||
# force le commit car il ne se fait pas automatiquement après l'update
|
||||
transaction.commit()
|
||||
|
||||
headers = remember(request, login)
|
||||
return HTTPFound(location=came_from, headers=headers)
|
||||
|
||||
message = u"Email et mot de passe invalides. La connexion a échoué."
|
||||
|
||||
return {
|
||||
'page_title': u"",
|
||||
'url': login_url,
|
||||
'came_from': came_from,
|
||||
'login': login,
|
||||
'message': message,
|
||||
}
|
||||
|
||||
@view_config(route_name='users_list', renderer='../templates/users_list.pt', permission='manage')
|
||||
def users_list(request):
|
||||
# lire les utilisateurs
|
||||
items = get_member_by_id(request, '0')
|
||||
|
||||
# construire la liste
|
||||
liste=[]
|
||||
for item in items:
|
||||
if item.dern_cnx_le:
|
||||
der_cnx_le = item.dern_cnx_le.strftime('%d/%m/%Y - %H:%M')
|
||||
else:
|
||||
der_cnx_le = ""
|
||||
|
||||
if item.actif == 0:
|
||||
etat = 'Inactif'
|
||||
else:
|
||||
etat = ''
|
||||
|
||||
if item.access == 0:
|
||||
role = ''
|
||||
elif item.access == 8:
|
||||
role = 'Compta'
|
||||
elif item.access == 9:
|
||||
role = 'Admin'
|
||||
else:
|
||||
role = 'Gestion'
|
||||
|
||||
d = (item.cd_uti, item.nom, item.email, item.agenda, role, der_cnx_le, etat)
|
||||
liste.append(d)
|
||||
|
||||
return {
|
||||
'page_title': u'Liste des utilisateurs',
|
||||
'dt_data': json.dumps(liste),
|
||||
}
|
||||
|
||||
|
||||
@view_config(route_name='logout')
|
||||
def logout(request):
|
||||
request.session.invalidate()
|
||||
headers = forget(request)
|
||||
request.session.flash(u"Vous avez bien été déconnecté.")
|
||||
return HTTPFound(location=request.route_url('login', login=''),
|
||||
headers=headers)
|
||||
|
||||
|
||||
|
||||
def envoyerMail(request, destinataire, objet, corps):
|
||||
body = u"""
|
||||
@@ -245,62 +74,3 @@ gestion.entreprise-dumas.com
|
||||
|
||||
mailer.send_immediately(message)
|
||||
|
||||
@view_config(route_name='user_edit', renderer='../templates/user_edit.pt', permission='manage')
|
||||
def user_edit(request):
|
||||
cd_uti = request.matchdict['cd_uti']
|
||||
url = request.route_url('user_edit', cd_uti=cd_uti)
|
||||
message = ''
|
||||
access = ["0 | Production", "5 | Gestion", u"8 | Comptabilité", "9 | Administration"]
|
||||
|
||||
if cd_uti == '0':
|
||||
# nouveau
|
||||
individu = {}
|
||||
individu['cd_uti'] = 0
|
||||
individu['nom'] = ''
|
||||
individu['email'] = ''
|
||||
individu['access'] = '0 | Production'
|
||||
individu['actif'] = 1
|
||||
individu['agenda'] = 0
|
||||
page_title= 'Nouvelle Fiche'
|
||||
else:
|
||||
# lire la fiche de l'individu
|
||||
individu = get_member_by_id(request, cd_uti)
|
||||
if not individu:
|
||||
request.session.flash(u"Utilisateur non trouvé : %s" % cd_uti, 'warning')
|
||||
return HTTPFound(location=request.route_url('users_list'))
|
||||
page_title= u"Fiche de %s" %(individu.nom)
|
||||
|
||||
if 'form.submitted' in request.params:
|
||||
new_values = {}
|
||||
for param, db_value in individu.items():
|
||||
if param in request.params and request.params[param] != db_value:
|
||||
new_values[param] = request.params[param]
|
||||
|
||||
# actif coché ?
|
||||
if 'actif' in request.params:
|
||||
new_values['actif'] = 1
|
||||
else:
|
||||
new_values['actif'] = 0
|
||||
# agenda coché ?
|
||||
if 'agenda' in request.params:
|
||||
new_values['agenda'] = 1
|
||||
else:
|
||||
new_values['agenda'] = 0
|
||||
|
||||
if new_values:
|
||||
update_membre(request, cd_uti, new_values)
|
||||
request.session.flash(u"La fiche a été mise à jour avec succès.", 'success')
|
||||
return HTTPFound(location=request.route_url('users_list'))
|
||||
|
||||
if 'form.deleted' in request.params:
|
||||
delete_membre(request, cd_uti)
|
||||
request.session.flash(u"La fiche a été supprimée avec succès.", 'success')
|
||||
return HTTPFound(location=request.route_url('users_list'))
|
||||
|
||||
return {
|
||||
'page_title': page_title,
|
||||
'url': url,
|
||||
'individu': individu,
|
||||
'access': access,
|
||||
'message': message,
|
||||
}
|
||||
|
||||
251
caotek_mesavoirs/views/members.py
Normal file
251
caotek_mesavoirs/views/members.py
Normal file
@@ -0,0 +1,251 @@
|
||||
# -*- coding: utf8 -*-
|
||||
from pyramid.response import Response
|
||||
from pyramid.renderers import render, get_renderer
|
||||
from pyramid.view import (
|
||||
view_config,
|
||||
forbidden_view_config,
|
||||
)
|
||||
from pyramid.security import (
|
||||
authenticated_userid,
|
||||
remember,
|
||||
forget,
|
||||
)
|
||||
from pyramid.httpexceptions import (
|
||||
HTTPFound,
|
||||
HTTPNotFound,
|
||||
HTTPForbidden,
|
||||
)
|
||||
from pyramid_mailer import get_mailer
|
||||
from pyramid_mailer.message import Message, Attachment
|
||||
from datetime import *
|
||||
import hashlib
|
||||
|
||||
from sqlalchemy.exc import DBAPIError
|
||||
from ..security import groupfinder
|
||||
|
||||
import json
|
||||
|
||||
from ..models.members import *
|
||||
|
||||
@view_config(route_name='envoyer_mdp', renderer='../templates/members/envoyer_mdp.pt')
|
||||
def envoyer_mdp(request):
|
||||
url = request.route_url('envoyer_mdp')
|
||||
message = u''
|
||||
|
||||
if 'form.submitted' in request.params:
|
||||
login = request.params['login']
|
||||
member = get_member_by_email(request, login)
|
||||
if member:
|
||||
# Fabrication du corps du email_passwordMessage
|
||||
lien = update_membre_mdp_oublie(request, login)
|
||||
body = u"""
|
||||
|
||||
Le lien suivant vous dirigera vers une page où vous pourrez ré-initialiser votre mot de passe d'accès à « gestion.entreprise-dumas.com » :
|
||||
|
||||
|
||||
%s
|
||||
|
||||
(Ce lien est valide pendant 168 heures.)
|
||||
|
||||
|
||||
""" % (request.route_url('redefinir_mdp', lien=lien))
|
||||
envoyerMail(request, member.email, u"Demande de ré-initialisation du mot de passe", body)
|
||||
request.session.flash(u"Votre demande de ré-initialisation de mot de passe vous a été envoyée à %s." % member.email)
|
||||
return HTTPFound(location=request.route_url('login'))
|
||||
else:
|
||||
message = u"Le mot de passe fourni est incorrect."
|
||||
return {
|
||||
'page_title': u"Changer mon mot de passe",
|
||||
'url': url,
|
||||
'message': message,
|
||||
}
|
||||
|
||||
@view_config(route_name='changer_mdp', renderer='../templates/members/changer_mdp.pt', permission='view')
|
||||
def changer_mdp(request):
|
||||
url = request.route_url('changer_mdp')
|
||||
logged_in = authenticated_userid(request)
|
||||
message = ''
|
||||
|
||||
member = get_member_by_email(request, logged_in)
|
||||
if member:
|
||||
if 'form.submitted' in request.params:
|
||||
old_password = request.params['old_password']
|
||||
new_password = request.params['new_password1']
|
||||
if member.mdp == hashlib.sha1(old_password).hexdigest():
|
||||
update_membre_mdp(request, logged_in, new_password)
|
||||
request.session.flash(u"Votre mot de passe a été mis à jour avec succès.")
|
||||
return HTTPFound(location=request.route_url('home'))
|
||||
else:
|
||||
message = u"Le mot de passe actuel n'est pas correct."
|
||||
|
||||
return {
|
||||
'page_title': u"Changer mon mot de passe",
|
||||
'url': url,
|
||||
'member': member,
|
||||
'message': message,
|
||||
}
|
||||
|
||||
@view_config(route_name='redefinir_mdp', renderer='../templates/members/redefinir_mdp.pt')
|
||||
def redefinir_mdp(request):
|
||||
lien = request.matchdict["lien"]
|
||||
url = request.route_url('redefinir_mdp', lien=lien)
|
||||
|
||||
# tester si le champ "motdepasse_oublie" est encore valide
|
||||
membre = get_member_by_mdp_oublie(request, lien)
|
||||
if membre:
|
||||
if 'form.submitted' in request.params:
|
||||
login = request.params["login"]
|
||||
mdp = request.params["new_password1"]
|
||||
if login == membre.email:
|
||||
update_membre_mdp(request, login, mdp)
|
||||
request.session.flash(u"Votre mot de passe a été modifié avec succès.", 'success')
|
||||
return HTTPFound(location=request.route_url('login'))
|
||||
else:
|
||||
request.session.flash(u"Identifiant incorrect.", 'danger')
|
||||
return HTTPFound(location=request.route_url('login'))
|
||||
else:
|
||||
request.session.flash(u"Le lien n'est plus valable.", 'warning')
|
||||
return HTTPFound(location=request.route_url('login'))
|
||||
return {
|
||||
'page_title': u"Définissez votre mot de passe",
|
||||
'url': url,
|
||||
}
|
||||
|
||||
|
||||
@view_config(route_name='login', renderer='../templates/members/login.pt', permission='view')
|
||||
@forbidden_view_config(renderer='../templates/members/login.pt')
|
||||
def login(request):
|
||||
|
||||
current_route_path = request.current_route_path()
|
||||
login = ''
|
||||
login_url = request.route_url('login')
|
||||
|
||||
referrer = request.url
|
||||
if referrer == login_url:
|
||||
referrer = '/' # never use the login form itself as came_from
|
||||
|
||||
came_from = request.params.get('came_from', referrer)
|
||||
password = u''
|
||||
message = u''
|
||||
if 'form.submitted' in request.params:
|
||||
login = request.params['login']
|
||||
password = request.params['password']
|
||||
record = get_member_by_email(request, login)
|
||||
if record :
|
||||
# mot de passe hash valide ?
|
||||
if record.mdp == hashlib.sha1(password).hexdigest():
|
||||
update_last_connection(request, login)
|
||||
# force le commit car il ne se fait pas automatiquement après l'update
|
||||
transaction.commit()
|
||||
|
||||
headers = remember(request, login)
|
||||
return HTTPFound(location=came_from, headers=headers)
|
||||
|
||||
message = u"Email et mot de passe invalides. La connexion a échoué."
|
||||
|
||||
return {
|
||||
'page_title': u"",
|
||||
'url': login_url,
|
||||
'came_from': came_from,
|
||||
'login': login,
|
||||
'message': message,
|
||||
}
|
||||
|
||||
@view_config(route_name='users_list', renderer='../templates/members/users_list.pt', permission='manage')
|
||||
def users_list(request):
|
||||
# lire les utilisateurs
|
||||
items = get_member_by_email(request, '0')
|
||||
|
||||
# construire la liste
|
||||
liste=[]
|
||||
for item in items:
|
||||
if item.dern_cnx_le:
|
||||
der_cnx_le = item.dern_cnx_le.strftime('%d/%m/%Y - %H:%M')
|
||||
else:
|
||||
der_cnx_le = ""
|
||||
|
||||
if item.expire_le :
|
||||
expire_le = item.dern_cnx_le.strftime('%d/%m/%Y')
|
||||
else:
|
||||
expire_le = ''
|
||||
|
||||
|
||||
d = (item.nom, item.email, item.acces, der_cnx_le, expire_le)
|
||||
liste.append(d)
|
||||
|
||||
return {
|
||||
'page_title': u'Liste des utilisateurs',
|
||||
'dt_data': json.dumps(liste),
|
||||
}
|
||||
|
||||
|
||||
@view_config(route_name='logout')
|
||||
def logout(request):
|
||||
request.session.invalidate()
|
||||
headers = forget(request)
|
||||
request.session.flash(u"Vous avez bien été déconnecté.")
|
||||
return HTTPFound(location=request.route_url('login', login=''),
|
||||
headers=headers)
|
||||
|
||||
|
||||
|
||||
|
||||
@view_config(route_name='user_edit', renderer='../templates/members/user_edit.pt', permission='manage')
|
||||
def user_edit(request):
|
||||
email = request.matchdict['email']
|
||||
url = request.route_url('user_edit', email=email)
|
||||
message = ''
|
||||
access = ["0 | Production", "5 | Gestion", u"8 | Comptabilité", "9 | Administration"]
|
||||
|
||||
if email == '0':
|
||||
# nouveau
|
||||
individu = {}
|
||||
individu['email'] = ''
|
||||
individu['nom'] = ''
|
||||
individu['email'] = ''
|
||||
individu['access'] = '0 | Production'
|
||||
individu['actif'] = 1
|
||||
individu['agenda'] = 0
|
||||
page_title= 'Nouvelle Fiche'
|
||||
else:
|
||||
# lire la fiche de l'individu
|
||||
individu = get_member_by_email(request, email)
|
||||
if not individu:
|
||||
request.session.flash(u"Utilisateur non trouvé : %s" % email, 'warning')
|
||||
return HTTPFound(location=request.route_url('users_list'))
|
||||
page_title= u"Fiche de %s" %(individu.nom)
|
||||
|
||||
if 'form.submitted' in request.params:
|
||||
new_values = {}
|
||||
for param, db_value in individu.items():
|
||||
if param in request.params and request.params[param] != db_value:
|
||||
new_values[param] = request.params[param]
|
||||
|
||||
# actif coché ?
|
||||
if 'actif' in request.params:
|
||||
new_values['actif'] = 1
|
||||
else:
|
||||
new_values['actif'] = 0
|
||||
# agenda coché ?
|
||||
if 'agenda' in request.params:
|
||||
new_values['agenda'] = 1
|
||||
else:
|
||||
new_values['agenda'] = 0
|
||||
|
||||
if new_values:
|
||||
update_membre(request, email, new_values)
|
||||
request.session.flash(u"La fiche a été mise à jour avec succès.", 'success')
|
||||
return HTTPFound(location=request.route_url('users_list'))
|
||||
|
||||
if 'form.deleted' in request.params:
|
||||
delete_membre(request, email)
|
||||
request.session.flash(u"La fiche a été supprimée avec succès.", 'success')
|
||||
return HTTPFound(location=request.route_url('users_list'))
|
||||
|
||||
return {
|
||||
'page_title': page_title,
|
||||
'url': url,
|
||||
'individu': individu,
|
||||
'access': access,
|
||||
'message': message,
|
||||
}
|
||||
@@ -18,8 +18,7 @@ pyramid.includes =
|
||||
pyramid_mailer
|
||||
pyramid_tm
|
||||
|
||||
sqlalchemy.url = mysql://root:phuoc@localhost/bddevfac?charset=utf8
|
||||
# sqlalchemy.url = mysql://root:cni/@srvbd/bddevfac?charset=utf8
|
||||
sqlalchemy.url = mysql://root:phuoc@localhost/bd_mesavoirs?charset=utf8
|
||||
|
||||
caotek_mesavoirs.admin_email = ctphuoc@bbox.fr
|
||||
|
||||
|
||||
@@ -18,7 +18,7 @@ pyramid.includes =
|
||||
pyramid_tm
|
||||
pyramid_exclog
|
||||
|
||||
sqlalchemy.url = mysql://root:cni/@srvbd/bddevfac?charset=utf8
|
||||
sqlalchemy.url = mysql://root:phuoc/@srvbd/bd_mesavoirs?charset=utf8
|
||||
|
||||
caotek_mesavoirs.admin_email = phuoc@caotek.fr
|
||||
|
||||
|
||||
Reference in New Issue
Block a user