362 lines
12 KiB
Python
362 lines
12 KiB
Python
# -*- coding: utf8 -*-
|
|
from pyramid.response import Response
|
|
from pyramid.renderers import render, get_renderer
|
|
from pyramid.view import (
|
|
view_config,
|
|
forbidden_view_config,
|
|
)
|
|
from pyramid.security import (
|
|
remember,
|
|
forget,
|
|
)
|
|
from pyramid.httpexceptions import (
|
|
HTTPFound,
|
|
HTTPNotFound,
|
|
HTTPForbidden,
|
|
)
|
|
from pyramid_mailer import get_mailer
|
|
from pyramid_mailer.message import Message, Attachment
|
|
from datetime import *
|
|
import hashlib
|
|
|
|
from sqlalchemy.exc import DBAPIError
|
|
from ..security import groupfinder
|
|
|
|
import json
|
|
|
|
from ..models.default import *
|
|
from ..models.agenda import *
|
|
|
|
def to_decimal(x):
|
|
import decimal
|
|
return decimal.Decimal(str(x))
|
|
|
|
def to_euro(x):
|
|
"""Takes a float and returns a string"""
|
|
#if x == 0:
|
|
# return ""
|
|
#else:
|
|
return (u"%.2f €" % x).replace('.', ',')
|
|
|
|
def to_sha1(message):
|
|
return hashlib.sha1(message.encode('utf-8')).hexdigest()
|
|
|
|
def to_int(x):
|
|
try:
|
|
number = int(x.replace(',', '.'))
|
|
return number
|
|
except ValueError:
|
|
return 0
|
|
|
|
def to_percent(x):
|
|
"""Takes a float and returns a string"""
|
|
return (u"%.2f " % x).replace('.', ',') + "%"
|
|
|
|
|
|
@view_config(route_name='home', renderer='../templates/default/home.pt', permission='view')
|
|
def home(request):
|
|
return {
|
|
'page_title': 'Bienvenue',
|
|
'project': 'mondumas',
|
|
}
|
|
|
|
@view_config(route_name='envoyer_mdp', renderer='../templates/default/envoyer_mdp.pt')
|
|
def envoyer_mdp(request):
|
|
url = request.route_url('envoyer_mdp')
|
|
message = u''
|
|
|
|
if 'form.submitted' in request.params:
|
|
login = request.params['login']
|
|
member = get_member_by_id(request, login)
|
|
if member:
|
|
# Fabrication du corps du email_passwordMessage
|
|
lien = update_membre_mdp_oublie(request, login)
|
|
body = u"""
|
|
|
|
Le lien suivant vous dirigera vers une page où vous pourrez ré-initialiser votre mot de passe d'accès à « gestion.entreprise-dumas.com » :
|
|
|
|
|
|
%s
|
|
|
|
(Ce lien est valide pendant 168 heures.)
|
|
|
|
|
|
""" % (request.route_url('redefinir_mdp', lien=lien))
|
|
envoyerMail(request, member.email, u"Demande de ré-initialisation du mot de passe", body)
|
|
request.session.flash(u"Votre demande de ré-initialisation de mot de passe vous a été envoyée à %s." % member.email)
|
|
return HTTPFound(location=request.route_url('login'))
|
|
else:
|
|
message = u"Le mot de passe fourni est incorrect."
|
|
return {
|
|
'page_title': u"Changer mon mot de passe",
|
|
'url': url,
|
|
'message': message,
|
|
}
|
|
|
|
@view_config(route_name='changer_mdp', renderer='../templates/default/changer_mdp.pt', permission='view')
|
|
def changer_mdp(request):
|
|
url = request.route_url('changer_mdp')
|
|
logged_in = request.authenticated_userid
|
|
message = ''
|
|
|
|
member = get_member_by_id(request, logged_in)
|
|
if member:
|
|
if 'form.submitted' in request.params:
|
|
old_password = request.params['old_password']
|
|
new_password = request.params['new_password1']
|
|
if member.mdp == to_sha1(password):
|
|
update_membre_mdp(request, logged_in, new_password)
|
|
request.session.flash(u"Votre mot de passe a été mis à jour avec succès.")
|
|
return HTTPFound(location=request.route_url('home'))
|
|
else:
|
|
message = u"Le mot de passe actuel n'est pas correct."
|
|
|
|
return {
|
|
'page_title': u"Changer mon mot de passe",
|
|
'url': url,
|
|
'member': member,
|
|
'message': message,
|
|
}
|
|
|
|
@view_config(route_name='redefinir_mdp', renderer='../templates/default/redefinir_mdp.pt')
|
|
def redefinir_mdp(request):
|
|
lien = request.matchdict["lien"]
|
|
url = request.route_url('redefinir_mdp', lien=lien)
|
|
|
|
# tester si le champ "motdepasse_oublie" est encore valide
|
|
membre = get_member_by_mdp_oublie(request, lien)
|
|
if membre:
|
|
if 'form.submitted' in request.params:
|
|
login = request.params["login"]
|
|
mdp = request.params["new_password1"]
|
|
if login == membre.cd_uti:
|
|
update_membre_mdp(request, login, mdp)
|
|
request.session.flash(u"Votre mot de passe a été modifié avec succès.", 'success')
|
|
return HTTPFound(location=request.route_url('login'))
|
|
else:
|
|
request.session.flash(u"Identifiant incorrect.", 'danger')
|
|
return HTTPFound(location=request.route_url('login'))
|
|
else:
|
|
request.session.flash(u"Le lien n'est plus valable.", 'warning')
|
|
return HTTPFound(location=request.route_url('login'))
|
|
return {
|
|
'page_title': u"Définissez votre mot de passe",
|
|
'url': url,
|
|
}
|
|
|
|
|
|
@view_config(route_name='login', renderer='../templates/default/login.pt', permission='view')
|
|
@forbidden_view_config(renderer='../templates/login.pt')
|
|
def login(request):
|
|
|
|
current_route_path = request.current_route_path()
|
|
login = ''
|
|
login_url = request.route_url('login')
|
|
|
|
referrer = request.url
|
|
if referrer == login_url:
|
|
referrer = '/' # never use the login form itself as came_from
|
|
|
|
came_from = request.params.get('came_from', referrer)
|
|
password = u''
|
|
message = u''
|
|
if 'form.submitted' in request.params:
|
|
login = request.params['login']
|
|
password = request.params['password']
|
|
record = get_member_by_id(request, login)
|
|
if record :
|
|
# mot de passe hash valide ?
|
|
if record.mdp == to_sha1(password):
|
|
update_last_connection(request, login)
|
|
# force le commit car il ne se fait pas automatiquement après l'update
|
|
transaction.commit()
|
|
|
|
headers = remember(request, login)
|
|
return HTTPFound(location=came_from, headers=headers)
|
|
|
|
message = u"Email et mot de passe invalides. La connexion a échoué."
|
|
|
|
return {
|
|
'page_title': u"",
|
|
'url': login_url,
|
|
'came_from': came_from,
|
|
'login': login,
|
|
'message': message,
|
|
}
|
|
|
|
|
|
@view_config(route_name='logout')
|
|
def logout(request):
|
|
request.session.invalidate()
|
|
headers = forget(request)
|
|
request.session.flash(u"Vous avez bien été déconnecté.")
|
|
return HTTPFound(location=request.route_url('login', login=''),
|
|
headers=headers)
|
|
|
|
|
|
|
|
def envoyerMail(request, destinataire, objet, corps):
|
|
body = u"""
|
|
|
|
%s
|
|
|
|
Cordialement,
|
|
gestion.entreprise-dumas.com
|
|
|
|
""" % (corps)
|
|
|
|
message = Message(subject=u"[Ent. Dumas] %s" % objet,
|
|
sender=request.registry.settings['mondumas.admin_email'],
|
|
body=body)
|
|
message.add_recipient(destinataire)
|
|
mailer = get_mailer(request)
|
|
|
|
mailer.send_immediately(message)
|
|
|
|
|
|
@view_config(route_name='dossier_lookup', renderer='../templates/default/dossier_lookup.pt', permission='view')
|
|
@view_config(route_name='dossier_select', renderer='../templates/default/dossier_lookup.pt', permission='view')
|
|
def dossier_lookup(request):
|
|
|
|
if 'dossier_select' in request.current_route_path() :
|
|
# récupérer les paramètres de l'appel de la view
|
|
datePlan = request.matchdict['date']
|
|
# sélectionner dossier -> goto planning
|
|
goto_url = '/dossier_selected/agenda/%s/' % datePlan
|
|
url = request.route_url('dossier_select', date=datePlan)
|
|
else:
|
|
# recherche dossier -> goto fiche dossier
|
|
goto_url = '/dossier_selected/dossier_view/%s/' % date.today().strftime('%Y-%m-%d')
|
|
url = request.route_url('dossier_lookup')
|
|
|
|
message = u''
|
|
societes = ['PE','ME','PL','PO','CD']
|
|
societe = 'PE'
|
|
liste=[]
|
|
name = u''
|
|
cb_tous = "non"
|
|
|
|
if 'form.submitted' in request.params:
|
|
name = request.params['name']
|
|
societe = request.params['societe']
|
|
# si afficher tous les fiches ?
|
|
if 'cb_tous' in request.params:
|
|
cb_tous = "oui"
|
|
chantiers = get_chantiers_byName(request, societe, name, True)
|
|
else:
|
|
cb_tous = "non"
|
|
chantiers = get_chantiers_byName(request, societe, name, False)
|
|
if len(chantiers) == 0:
|
|
message = u"Chantier non trouvé : %s" % name
|
|
# construire la liste
|
|
for item in chantiers:
|
|
d = ('%s-%s' % (societe, item.numero),item.date.strftime('%d-%m-%Y'), item.nomcli, item.chantier, to_euro(item.montant),
|
|
item.nosin, item.status)
|
|
liste.append(d)
|
|
|
|
return {
|
|
'page_title': u"Rechercher un chantier",
|
|
'url': url,
|
|
'goto_url': goto_url,
|
|
'message': message,
|
|
'dt_data': json.dumps(liste),
|
|
'societes': societes,
|
|
'societe': societe,
|
|
'name': name,
|
|
'cb_tous': cb_tous,
|
|
}
|
|
|
|
@view_config(route_name='dossier_view', renderer='../templates/default/dossier_view.pt', permission='view')
|
|
def dossier_view(request):
|
|
nodossier = request.matchdict['nodossier']
|
|
url = request.route_url("dossier_view", nodossier=nodossier)
|
|
|
|
dossier = get_dossier_by_no(request, nodossier)
|
|
if dossier is None:
|
|
request.session.flash(u"Le dossier no %s est introuvable" % (nodossier), 'danger')
|
|
return HTTPFound(location=request.route_url("chantier_lookup"))
|
|
# lire tous le suivi du dossier
|
|
details = get_dossier_rdv_by_no(request, nodossier, '0')
|
|
# lire toutes les dossiers du chantiers
|
|
documents = get_documents_byChantier(request, nodossier)
|
|
return {
|
|
'page_title': u"Dossier : %s" % (nodossier),
|
|
'nodossier': nodossier,
|
|
'dossier': dossier,
|
|
'details': details,
|
|
'documents': documents,
|
|
}
|
|
|
|
@view_config(route_name='dossier_selected', permission='view')
|
|
def dossier_selected(request):
|
|
|
|
# récupérer les paramètres de l'appel de la view
|
|
goto = request.matchdict['goto']
|
|
datePlan = request.matchdict['date']
|
|
nodossier = request.matchdict['nodossier']
|
|
|
|
# fiche dossier
|
|
dossier = get_dossier_by_no(request, nodossier)
|
|
# memorize nodossier et nom dossier
|
|
request.session['mem_nodossier'] = nodossier
|
|
request.session['mem_nomdossier'] = dossier.C_NOM
|
|
if goto == 'dossier_view':
|
|
return HTTPFound(location=request.route_url('dossier_view', nodossier=nodossier))
|
|
else:
|
|
return HTTPFound(location=request.route_url('agenda', date=datePlan))
|
|
|
|
@view_config(route_name='suivi_edit', renderer='../templates/default/suivi_edit.pt', permission='view')
|
|
def suivi_edit(request):
|
|
|
|
logged_in = request.authenticated_userid
|
|
nodossier = request.matchdict['nodossier']
|
|
nolig = request.matchdict['nolig']
|
|
url = request.route_url("suivi_edit", nodossier=nodossier, nolig=nolig)
|
|
|
|
message = ''
|
|
if nolig == '0':
|
|
# nouveau
|
|
suivi = {}
|
|
suivi['COMMENT'] = ''
|
|
suivi['COMMENTVI'] = ''
|
|
suivi['USERMAJ'] = logged_in.upper()
|
|
suivi['DATEMAJ'] = datetime.now()
|
|
page_title= 'Nouveau suivi'
|
|
else:
|
|
# lire le suivi
|
|
suivi = get_dossier_rdv_by_no(request, nodossier, nolig)
|
|
if not suivi:
|
|
request.session.flash(u"Suivi non trouvé : %s" % nodossier, 'warning')
|
|
return HTTPFound(location=request.route_url('dossier_view', nodossier=nodossier))
|
|
|
|
page_title= u"Modification du suivi %s" % (nolig)
|
|
|
|
if 'form.submitted' in request.params:
|
|
new_values = {}
|
|
for param, db_value in suivi.items():
|
|
if param in request.params and request.params[param] != db_value:
|
|
new_values[param] = request.params[param]
|
|
|
|
if new_values:
|
|
new_values['USERMAJ'] = logged_in.upper()
|
|
new_values['DATE'] = date.today()
|
|
|
|
update_suivi(request, nodossier, nolig, new_values)
|
|
request.session.flash(u"Le suivi a été mis à jour avec succès.", 'success')
|
|
|
|
return HTTPFound(location=request.route_url('dossier_view', nodossier=nodossier))
|
|
|
|
if 'form.deleted' in request.params:
|
|
delete_rdv(request, nodossier, nolig)
|
|
request.session.flash(u"Le suivi a été supprimé avec succès.", 'success')
|
|
return HTTPFound(location=request.route_url('dossier_view', nodossier=nodossier))
|
|
|
|
return {
|
|
'page_title': page_title,
|
|
'url': url,
|
|
'nodossier': nodossier,
|
|
'nolig': nolig,
|
|
'suivi': suivi,
|
|
'message': message,
|
|
}
|