161 lines
5.3 KiB
Python
161 lines
5.3 KiB
Python
from pyramid.view import (
|
|
view_config,
|
|
forbidden_view_config,
|
|
)
|
|
from pyramid.httpexceptions import HTTPFound
|
|
from pyramid.security import remember, forget
|
|
from ..services.user import UserService
|
|
from ..services.blog_record import BlogRecordService
|
|
from ..forms import UserCreateForm
|
|
from ..models.user import User
|
|
|
|
|
|
@view_config(route_name='home', renderer='../templates/home.jinja2')
|
|
def home(request):
|
|
# get the last created posts
|
|
last_ten = BlogRecordService.get_last_created(request)
|
|
# get Chappatte cartoon
|
|
entry = BlogRecordService.by_id(request, 95)
|
|
|
|
return {
|
|
'page_title': "This is the Way",
|
|
'last_ten': last_ten,
|
|
'cartoon_title': entry.title,
|
|
'cartoon_url': entry.body,
|
|
}
|
|
|
|
|
|
@view_config(route_name='apropos',
|
|
renderer='../templates/apropos.jinja2')
|
|
def apropos(request):
|
|
|
|
return {
|
|
'page_title': "A propos",
|
|
}
|
|
|
|
|
|
@view_config(route_name='login', renderer='../templates/login.jinja2')
|
|
@forbidden_view_config(renderer='../templates/login.jinja2')
|
|
def login(request):
|
|
login_url = request.route_url('login')
|
|
|
|
referrer = request.url
|
|
if referrer == login_url:
|
|
referrer = '/' # never use the login form itself as came_from
|
|
|
|
came_from = request.params.get('came_from', referrer)
|
|
username = ''
|
|
userpwd = ''
|
|
if 'form.submitted' in request.params:
|
|
username = request.POST.get('username')
|
|
userpwd = request.POST.get('password')
|
|
user = UserService.by_name(request, username)
|
|
if user and user.verify_password(userpwd):
|
|
headers = remember(request, username)
|
|
request.session.flash("Bienvenue %s !" % username, 'success')
|
|
return HTTPFound(location=came_from, headers=headers)
|
|
else:
|
|
headers = forget(request)
|
|
request.session.flash("Login et mot de passe invalides. La connexion a échoué.", "danger")
|
|
|
|
return {
|
|
'page_title': "",
|
|
'came_from': came_from,
|
|
'login_url': login_url,
|
|
}
|
|
|
|
|
|
@view_config(route_name='logout', renderer='string')
|
|
def logout(request):
|
|
username = request.authenticated_userid
|
|
if username == None:
|
|
username = ''
|
|
|
|
headers = forget(request)
|
|
request.session.flash('Au revoir ' + username + ' !', 'success')
|
|
return HTTPFound(location=request.route_url('home'), headers=headers)
|
|
|
|
|
|
@view_config(route_name='users', renderer='../templates/users.jinja2', permission='manage')
|
|
def users(request):
|
|
# get all users
|
|
users = UserService.all(request)
|
|
return {
|
|
'page_title': "Liste des utilisateurs",
|
|
'users': users
|
|
}
|
|
|
|
@view_config(route_name='user_edit', renderer='ctp_blogr:templates/user_edit.jinja2', permission='view')
|
|
def user_edit(request):
|
|
message = ''
|
|
name = request.matchdict['name']
|
|
url = request.route_url('user_edit', name=name)
|
|
if request.authenticated_userid == 'admin':
|
|
url_retour = request.route_url('users')
|
|
else:
|
|
url_retour = request.route_url('home')
|
|
|
|
if name == '0':
|
|
# nouvel utilisateur
|
|
user = User()
|
|
form = UserCreateForm(request.POST, user)
|
|
page_title = "Nouvel utilisateur"
|
|
else:
|
|
# lire la fiche du user
|
|
user = UserService.by_name(request, name)
|
|
if not user:
|
|
request.session.flash("Utilisateur non trouvé : %s" % name, 'danger')
|
|
return HTTPFound(location=url_retour)
|
|
|
|
form = UserCreateForm(request.POST, user)
|
|
page_title = "Modification utilisateur"
|
|
|
|
|
|
if 'form.submitted' in request.params and form.validate():
|
|
# controle que le password a moins 6 car
|
|
if len(form.password.data) < 6 :
|
|
message = "Le mot de passe doit avoir au moins 6 caractères"
|
|
else:
|
|
if name == '0':
|
|
# création user
|
|
# controler que le nouvel user n'existe pas dans la BD
|
|
new_user = UserService.by_name(request, form.name.data)
|
|
if new_user:
|
|
message = "Utilisateur déjà créé : %s" % form.name.data
|
|
else:
|
|
form.populate_obj(user)
|
|
user.set_password(form.password.data.encode('utf8'))
|
|
# créer le nouveau
|
|
request.dbsession.add(user)
|
|
request.session.flash("La fiche a été créée avec succès.", 'success')
|
|
return HTTPFound(location=url_retour)
|
|
|
|
else:
|
|
# modification user
|
|
del form.name # SECURITY: prevent overwriting of primary key
|
|
form.populate_obj(user)
|
|
user.set_password(form.password.data.encode('utf8'))
|
|
request.session.flash("La fiche a été modifiée avec succès.", 'success')
|
|
return HTTPFound(location=url_retour)
|
|
|
|
if 'form.deleted' in request.params:
|
|
UserService.delete(request, user.id)
|
|
request.session.flash("La fiche a été supprimée avec succès.", 'success')
|
|
return HTTPFound(location=url_retour)
|
|
|
|
return {
|
|
'page_title': page_title,
|
|
'message': message,
|
|
'form': form,
|
|
'url': url,
|
|
'url_retour': url_retour,
|
|
'name': name,
|
|
}
|
|
|
|
@view_config(route_name='portal', renderer='../templates/portal.jinja2')
|
|
def portal(request):
|
|
|
|
return {
|
|
'page_title': "A propos",
|
|
}
|