# -*- coding: utf8 -*-
from pyramid.response import Response
from pyramid.renderers import render, get_renderer
from pyramid.view import (
view_config,
forbidden_view_config,
)
from pyramid.security import (
remember,
forget,
)
from pyramid.httpexceptions import (
HTTPFound,
HTTPNotFound,
HTTPForbidden,
)
from datetime import *
from sqlalchemy.exc import DBAPIError
from ..security import groupfinder
from user_agents import parse
import json
import locale
import hashlib
from ..models.default import *
from ..models.agenda import *
from ..models.dossier import (
get_chantiers_byName,
get_clients_byName
)
from ..views.utils import *
def to_decimal(x):
import decimal
return decimal.Decimal(str(x))
def to_euro(x):
"""Takes a float and returns 12 345,67 €"""
locale.setlocale(locale.LC_ALL,'')
return locale.currency(x, True, True)
def to_euroz(x):
"""Takes a float and returns 12 345,67 € if not zero"""
if x == 0:
return ''
else:
return to_euro(x)
def to_decz(x):
"""Takes a float and returns a number with 2 dec"""
locale.setlocale(locale.LC_ALL,'')
if x == 0:
return ""
else:
return locale.format_string('%.2f',x, False)
def to_sha1(message):
return hashlib.sha1(message.encode('utf-8')).hexdigest()
def to_int(x):
try:
number = int(x.replace(',', '.'))
return number
except ValueError:
return 0
def to_percent(x):
"""Takes a float and returns a string"""
return ("%.2f " % x).replace('.', ',') + "%"
@view_config(route_name='home', renderer='../templates/default/home.pt', permission='view')
def home(request):
logged_in = request.authenticated_userid.upper()
# lire la fiche de l'utilisateur
member = get_member_by_id(request, logged_in)
access = member.access
return {
'page_title': 'Bienvenue sur %s' % request.host,
'project': 'mondumas',
'access': access,
'logged_in': logged_in,
}
@view_config(route_name='envoyer_mdp', renderer='../templates/default/envoyer_mdp.pt')
def envoyer_mdp(request):
url = request.route_url('envoyer_mdp')
message = ''
if 'form.submitted' in request.params:
login = request.params['login']
member = get_member_by_id(request, login)
if member:
# Fabrication du corps du email_passwordMessage
lien = update_membre_mdp_oublie(request, login)
body = """
Bonjour,
Le lien suivant vous dirigera vers une page où vous pourrez ré-initialiser votre mot de passe d'accès à gestion.entreprise-dumas.com:
%s
(Ce lien est valide pendant 168 heures.
Cordialement,
gestion.entreprise-dumas.com
""" % (request.route_url('redefinir_mdp', lien=lien))
# envoyer l'email
expediteur = request.registry.settings['mondumas.admin_email']
send_mail(request, expediteur, [member.email,], "[Ent. Dumas] Demande de ré-initialisation du mot de passe", body)
request.session.flash("Le lien permettant de redéfinir votre mot de passe vous a été envoyé à l'adresse : %s." % member.email, 'success')
return HTTPFound(location=request.route_url('affiche_message', login=login))
else:
message = "Le mot de passe fourni est incorrect."
return {
'page_title': "Changer mon mot de passe",
'url': url,
'message': message,
}
@view_config(route_name='changer_mdp', renderer='../templates/default/changer_mdp.pt', permission='view')
def changer_mdp(request):
url = request.route_url('changer_mdp')
logged_in = request.authenticated_userid
message = ''
member = get_member_by_id(request, logged_in)
if member:
if 'form.submitted' in request.params:
old_password = request.params['old_password']
new_password = request.params['new_password1']
if member.mdp == to_sha1(old_password):
update_membre_mdp(request, logged_in, new_password)
request.session.flash("Votre mot de passe a été mis à jour avec succès.")
return HTTPFound(location=request.route_url('home'))
else:
message = "Le mot de passe actuel n'est pas correct."
return {
'page_title': "Changer mon mot de passe",
'url': url,
'member': member,
'message': message,
}
@view_config(route_name='redefinir_mdp', renderer='../templates/default/redefinir_mdp.pt')
@view_config(route_name='init_mdp', renderer='../templates/default/redefinir_mdp.pt')
def redefinir_mdp(request):
if request.matched_route.name == 'redefinir_mdp':
lien = request.matchdict["lien"]
url = request.route_url('redefinir_mdp', lien=lien)
# tester si le champ "motdepasse_oublie" est encore valide
membre = get_member_by_mdp_oublie(request, lien)
else:
user = request.matchdict["user"]
lien = request.matchdict["lien"]
url = request.route_url('init_mdp', user=user, lien=lien)
# tester valeur OK ?
if lien == date.today().strftime('%d%m%Y'):
# oui, lire le membre
membre = get_member_by_id(request, user)
else:
membre = None
if membre:
if 'form.submitted' in request.params:
login = request.params["login"]
mdp = request.params["new_password1"]
if login == membre.CD_UTI:
update_membre_mdp(request, login, mdp)
request.session.flash("Votre mot de passe a été modifié avec succès.", 'success')
return HTTPFound(location=request.route_url('login'))
else:
request.session.flash("Identifiant incorrect.", 'danger')
return HTTPFound(location=request.route_url('login'))
else:
request.session.flash("Le lien n'est plus valable.", 'warning')
return HTTPFound(location=request.route_url('login'))
return {
'page_title': "Définissez votre mot de passe",
'url': url,
}
@view_config(route_name='login', renderer='../templates/default/login.pt', permission='view')
@view_config(route_name='login_as', renderer='../templates/default/login.pt', permission='view')
@forbidden_view_config(renderer='../templates/default/login.pt')
def login(request):
current_route_path = request.current_route_path()
login = ''
login_url = request.route_url('login')
referrer = request.url
if referrer == login_url:
referrer = '/' # never use the login form itself as came_from
came_from = request.params.get('came_from', referrer)
password = ''
message = ''
if 'form.submitted' in request.params:
login = request.params['login']
password = request.params['password']
record = get_member_by_id(request, login)
if record :
# mot de passe hash valide ?
if record.mdp == to_sha1(password) and record.actif == 1:
# get user agent string from request
ua_string = request.user_agent
user_agent = parse(ua_string)
update_last_connection(request, login, request.client_addr + ' - ' + str(user_agent))
# force le commit car il ne se fait pas automatiquement après l'update
transaction.commit()
headers = remember(request, login)
return HTTPFound(location=came_from, headers=headers)
message = "Email et mot de passe invalides. La connexion a échoué."
return {
'page_title': "",
'url': login_url,
'came_from': came_from,
'login': login,
'message': message,
}
@view_config(route_name='logout')
def logout(request):
request.session.invalidate()
headers = forget(request)
request.session.flash("Vous avez bien été déconnecté.")
return HTTPFound(location=request.route_url('login', login=''),
headers=headers)
@view_config(route_name='affiche_message', renderer='../templates/default/affiche_message.pt')
def affiche_message(request):
login = request.matchdict['login']
messages = request.session.pop_flash()
return {
'page_title': "Demande effectuée",
'login': login,
'messages' : messages,
'url_identification': request.route_url('login_as', login=login)
}
@view_config(route_name='ajax_codepostal')
def ajax_codepostal(request):
recherche = request.GET['recherche']
# lire les codes postaux commencant par
items = get_codespostaux(request, recherche)
liste=[]
for row in items:
d = row.code_postal + " - " + row.libelle
liste.append(d)
return Response(json.dumps(liste))
@view_config(route_name='ajax_lookup')
def ajax_lookup(request):
recherche = request.GET['recherche']
societe = recherche[:2] # 1er car.
name = recherche[2:]
# lire les chantiers
chantiers = get_chantiers_byName(request, societe, name)
liste=[]
for row in chantiers:
d = "%s | %s-%s"% (row.chantier, societe, row.numero)
liste.append(d)
return Response(json.dumps(liste))
@view_config(route_name='ajax_client')
def ajax_client(request):
recherche = request.GET['recherche']
societe = recherche[:2] # 1er car.
name = recherche[2:]
# lire les clients
clients = get_clients_byName(request, societe, name)
liste=[]
for row in clients:
d = "%s | %s-%s"% (row.NOM, societe, row.CD_CLI)
liste.append(d)
return Response(json.dumps(liste))
@view_config(route_name='ajax_texte')
def ajax_texte(request):
recherche = request.GET['recherche']
type = recherche[:2]
lib = recherche[2:]
# import pdb;pdb.set_trace()
# lire les articles commencant par
items = get_article(request, type, lib)
liste=[]
for row in items:
if type == 'AR':
d = '%s | %s | %s' % (row.ref_cli2, row.LIBART, to_euro(row.PRIXHT2))
else:
d = row.LIBART
liste.append(d)
return Response(json.dumps(liste))
@view_config(route_name='ajax_article')
def ajax_article(request):
ref = request.GET['ref']
# lire l'article
items = get_article(request, 'REF2', ref)
# puis retourne son libellé et son prixht
liste=[]
d = {}
d['ref'] = items.ref_cli2
d['libelle'] = items.libelle
d['prixht'] = "%.2f" % items.PRIXHT2
liste.append(d)
return Response(json.dumps(liste))