author | Sylvain Thénault <sylvain.thenault@logilab.fr> |
Fri, 10 Jul 2009 09:44:36 +0200 | |
branch | stable |
changeset 2368 | b41aef0e63a7 |
parent 2312 | af4d8f75c5db |
child 2381 | caad2367d940 |
permissions | -rw-r--r-- |
1402
04b7afb14b50
new style security management forms
sylvain.thenault@logilab.fr
parents:
1398
diff
changeset
|
1 |
"""security management and error screens |
0 | 2 |
|
3 |
||
4 |
:organization: Logilab |
|
1977
606923dff11b
big bunch of copyright / docstring update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1941
diff
changeset
|
5 |
:copyright: 2001-2009 LOGILAB S.A. (Paris, FRANCE), license is LGPL v2. |
0 | 6 |
:contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr |
1977
606923dff11b
big bunch of copyright / docstring update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1941
diff
changeset
|
7 |
:license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses |
0 | 8 |
""" |
9 |
__docformat__ = "restructuredtext en" |
|
1641 | 10 |
_ = unicode |
0 | 11 |
|
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
12 |
from logilab.mtconverter import xml_escape |
0 | 13 |
|
1877
10b9feeb7905
anon should not see security management view
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1806
diff
changeset
|
14 |
from cubicweb.selectors import yes, none_rset, match_user_groups, authenticated_user |
836 | 15 |
from cubicweb.view import AnyRsetView, StartupView, EntityView |
604
e85042d18b48
[preferences] preferences sections will now remember their collapsed/open status
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
602
diff
changeset
|
16 |
from cubicweb.common.uilib import html_traceback, rest_traceback |
2270
70c0da0f2181
should use a hidden text area for error description, not an hidden input (else the browser may remove line breaks)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2052
diff
changeset
|
17 |
from cubicweb.web import formwidgets as wdgs |
1402
04b7afb14b50
new style security management forms
sylvain.thenault@logilab.fr
parents:
1398
diff
changeset
|
18 |
from cubicweb.web.formfields import guess_field |
0 | 19 |
|
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
20 |
SUBMIT_MSGID = _('Submit bug report') |
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
21 |
MAIL_SUBMIT_MSGID = _('Submit bug report by mail') |
0 | 22 |
|
2005
e8032965f37a
turn every form class into appobject. They should not be instantiated manually anymore.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1995
diff
changeset
|
23 |
|
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
24 |
class SecurityViewMixIn(object): |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
25 |
"""display security information for a given schema """ |
1941
4f38e8b81a1a
egroup -> cwgroup #343418
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
1877
diff
changeset
|
26 |
|
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
27 |
def schema_definition(self, eschema, link=True, access_types=None): |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
28 |
w = self.w |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
29 |
_ = self.req._ |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
30 |
if not access_types: |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
31 |
access_types = eschema.ACTIONS |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
32 |
w(u'<table class="schemaInfo">') |
1641 | 33 |
w(u'<tr><th>%s</th><th>%s</th><th>%s</th></tr>' % ( |
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
34 |
_("permission"), _('granted to groups'), _('rql expressions'))) |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
35 |
for access_type in access_types: |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
36 |
w(u'<tr>') |
1806 | 37 |
w(u'<td>%s</td>' % self.req.__('%s_perm' % access_type)) |
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
38 |
groups = eschema.get_groups(access_type) |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
39 |
l = [] |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
40 |
groups = [(_(group), group) for group in groups] |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
41 |
for trad, group in sorted(groups): |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
42 |
if link: |
2047 | 43 |
# XXX we should get a group entity and call its absolute_url |
44 |
# method |
|
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
45 |
l.append(u'<a href="%s" class="%s">%s</a><br/>' % ( |
1941
4f38e8b81a1a
egroup -> cwgroup #343418
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
1877
diff
changeset
|
46 |
self.build_url('cwgroup/%s' % group), group, trad)) |
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
47 |
else: |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
48 |
l.append(u'<div class="%s">%s</div>' % (group, trad)) |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
49 |
w(u'<td>%s</td>' % u''.join(l)) |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
50 |
rqlexprs = eschema.get_rqlexprs(access_type) |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
51 |
w(u'<td>%s</td>' % u'<br/><br/>'.join(expr.expression for expr in rqlexprs)) |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
52 |
w(u'</tr>\n') |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
53 |
w(u'</table>') |
0 | 54 |
|
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
55 |
def has_schema_modified_permissions(self, eschema, access_types): |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
56 |
""" return True if eschema's actual permissions are diffrents |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
57 |
from the default ones |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
58 |
""" |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
59 |
for access_type in access_types: |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
60 |
if eschema.get_rqlexprs(access_type): |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
61 |
return True |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
62 |
if eschema.get_groups(access_type) != \ |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
63 |
frozenset(eschema.get_default_groups()[access_type]): |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
64 |
return True |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
65 |
return False |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
66 |
|
1525
cc2e2cbd7019
include dom id of the form in __errorurl in case there are multiple forms in a page
sylvain.thenault@logilab.fr
parents:
1522
diff
changeset
|
67 |
|
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
68 |
class SecurityManagementView(EntityView, SecurityViewMixIn): |
0 | 69 |
"""display security information for a given entity""" |
70 |
id = 'security' |
|
1877
10b9feeb7905
anon should not see security management view
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1806
diff
changeset
|
71 |
__select__ = EntityView.__select__ & authenticated_user() |
10b9feeb7905
anon should not see security management view
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1806
diff
changeset
|
72 |
|
0 | 73 |
title = _('security') |
1941
4f38e8b81a1a
egroup -> cwgroup #343418
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
1877
diff
changeset
|
74 |
|
1569
99a19875ef1e
set progress div in call() to avoid duplication when applied on multiple entities
sylvain.thenault@logilab.fr
parents:
1568
diff
changeset
|
75 |
def call(self): |
99a19875ef1e
set progress div in call() to avoid duplication when applied on multiple entities
sylvain.thenault@logilab.fr
parents:
1568
diff
changeset
|
76 |
self.w(u'<div id="progress">%s</div>' % self.req._('validating...')) |
99a19875ef1e
set progress div in call() to avoid duplication when applied on multiple entities
sylvain.thenault@logilab.fr
parents:
1568
diff
changeset
|
77 |
super(SecurityManagementView, self).call() |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
78 |
|
0 | 79 |
def cell_call(self, row, col): |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
80 |
self.req.add_js('cubicweb.edition.js') |
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
81 |
self.req.add_css('cubicweb.acl.css') |
0 | 82 |
entity = self.entity(row, col) |
83 |
w = self.w |
|
84 |
_ = self.req._ |
|
85 |
w(u'<h1><span class="etype">%s</span> <a href="%s">%s</a></h1>' |
|
86 |
% (entity.dc_type().capitalize(), |
|
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
87 |
xml_escape(entity.absolute_url()), |
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
88 |
xml_escape(entity.dc_title()))) |
0 | 89 |
# first show permissions defined by the schema |
90 |
self.w('<h2>%s</h2>' % _('schema\'s permissions definitions')) |
|
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
91 |
self.schema_definition(entity.e_schema) |
0 | 92 |
self.w('<h2>%s</h2>' % _('manage security')) |
93 |
# ownership information |
|
94 |
if self.schema.rschema('owned_by').has_perm(self.req, 'add', |
|
95 |
fromeid=entity.eid): |
|
96 |
self.owned_by_edit_form(entity) |
|
97 |
else: |
|
98 |
self.owned_by_information(entity) |
|
1518 | 99 |
# cwpermissions |
0 | 100 |
if 'require_permission' in entity.e_schema.subject_relations(): |
101 |
w('<h3>%s</h3>' % _('permissions for this entity')) |
|
102 |
reqpermschema = self.schema.rschema('require_permission') |
|
103 |
self.require_permission_information(entity, reqpermschema) |
|
104 |
if reqpermschema.has_perm(self.req, 'add', fromeid=entity.eid): |
|
105 |
self.require_permission_edit_form(entity) |
|
106 |
||
107 |
def owned_by_edit_form(self, entity): |
|
108 |
self.w('<h3>%s</h3>' % self.req._('ownership')) |
|
1402
04b7afb14b50
new style security management forms
sylvain.thenault@logilab.fr
parents:
1398
diff
changeset
|
109 |
msg = self.req._('ownerships have been changed') |
2005
e8032965f37a
turn every form class into appobject. They should not be instantiated manually anymore.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1995
diff
changeset
|
110 |
form = self.vreg.select_object('forms', 'base', self.req, entity=entity, |
e8032965f37a
turn every form class into appobject. They should not be instantiated manually anymore.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1995
diff
changeset
|
111 |
form_renderer_id='base', |
e8032965f37a
turn every form class into appobject. They should not be instantiated manually anymore.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1995
diff
changeset
|
112 |
submitmsg=msg, |
2270
70c0da0f2181
should use a hidden text area for error description, not an hidden input (else the browser may remove line breaks)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2052
diff
changeset
|
113 |
form_buttons=[wdgs.SubmitButton()], |
2005
e8032965f37a
turn every form class into appobject. They should not be instantiated manually anymore.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1995
diff
changeset
|
114 |
domid='ownership%s' % entity.eid, |
e8032965f37a
turn every form class into appobject. They should not be instantiated manually anymore.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1995
diff
changeset
|
115 |
__redirectvid='security', |
e8032965f37a
turn every form class into appobject. They should not be instantiated manually anymore.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1995
diff
changeset
|
116 |
__redirectpath=entity.rest_path()) |
1453
a9841184be7c
guess_field now takes an entity schema as first argument, not an entity class
sylvain.thenault@logilab.fr
parents:
1402
diff
changeset
|
117 |
field = guess_field(entity.e_schema, self.schema.rschema('owned_by')) |
a9841184be7c
guess_field now takes an entity schema as first argument, not an entity class
sylvain.thenault@logilab.fr
parents:
1402
diff
changeset
|
118 |
form.append_field(field) |
1567 | 119 |
self.w(form.form_render(display_progress_div=False)) |
0 | 120 |
|
121 |
def owned_by_information(self, entity): |
|
122 |
ownersrset = entity.related('owned_by') |
|
123 |
if ownersrset: |
|
124 |
self.w('<h3>%s</h3>' % self.req._('ownership')) |
|
125 |
self.w(u'<div class="ownerInfo">') |
|
126 |
self.w(self.req._('this entity is currently owned by') + ' ') |
|
127 |
self.wview('csv', entity.related('owned_by'), 'null') |
|
128 |
self.w(u'</div>') |
|
129 |
# else we don't know if this is because entity has no owner or becayse |
|
130 |
# user as no access to owner users entities |
|
131 |
||
132 |
def require_permission_information(self, entity, reqpermschema): |
|
133 |
if entity.require_permission: |
|
134 |
w = self.w |
|
135 |
_ = self.req._ |
|
136 |
if reqpermschema.has_perm(self.req, 'delete', fromeid=entity.eid): |
|
137 |
delurl = self.build_url('edit', __redirectvid='security', |
|
138 |
__redirectpath=entity.rest_path()) |
|
139 |
delurl = delurl.replace('%', '%%') |
|
140 |
# don't give __delete value to build_url else it will be urlquoted |
|
141 |
# and this will replace %s by %25s |
|
142 |
delurl += '&__delete=%s:require_permission:%%s' % entity.eid |
|
143 |
dellinktempl = u'[<a href="%s" title="%s">-</a>] ' % ( |
|
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
144 |
xml_escape(delurl), _('delete this permission')) |
0 | 145 |
else: |
146 |
dellinktempl = None |
|
147 |
w(u'<table class="schemaInfo">') |
|
148 |
w(u'<tr><th>%s</th><th>%s</th></tr>' % (_("permission"), |
|
149 |
_('granted to groups'))) |
|
1518 | 150 |
for cwperm in entity.require_permission: |
0 | 151 |
w(u'<tr>') |
152 |
if dellinktempl: |
|
1518 | 153 |
w(u'<td>%s%s</td>' % (dellinktempl % cwperm.eid, |
154 |
cwperm.view('oneline'))) |
|
0 | 155 |
else: |
1518 | 156 |
w(u'<td>%s</td>' % cwperm.view('oneline')) |
157 |
w(u'<td>%s</td>' % self.view('csv', cwperm.related('require_group'), 'null')) |
|
0 | 158 |
w(u'</tr>\n') |
159 |
w(u'</table>') |
|
160 |
else: |
|
1518 | 161 |
self.w(self.req._('no associated permissions')) |
0 | 162 |
|
163 |
def require_permission_edit_form(self, entity): |
|
164 |
w = self.w |
|
165 |
_ = self.req._ |
|
1398
5fe84a5f7035
rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents:
1388
diff
changeset
|
166 |
newperm = self.vreg.etype_class('CWPermission')(self.req, None) |
0 | 167 |
newperm.eid = self.req.varmaker.next() |
168 |
w(u'<p>%s</p>' % _('add a new permission')) |
|
2005
e8032965f37a
turn every form class into appobject. They should not be instantiated manually anymore.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1995
diff
changeset
|
169 |
form = self.vreg.select_object('forms', 'base', self.req, entity=newperm, |
2270
70c0da0f2181
should use a hidden text area for error description, not an hidden input (else the browser may remove line breaks)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2052
diff
changeset
|
170 |
form_buttons=[wdgs.SubmitButton()], |
2005
e8032965f37a
turn every form class into appobject. They should not be instantiated manually anymore.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1995
diff
changeset
|
171 |
domid='reqperm%s' % entity.eid, |
e8032965f37a
turn every form class into appobject. They should not be instantiated manually anymore.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1995
diff
changeset
|
172 |
__redirectvid='security', |
e8032965f37a
turn every form class into appobject. They should not be instantiated manually anymore.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1995
diff
changeset
|
173 |
__redirectpath=entity.rest_path()) |
1531 | 174 |
form.form_add_hidden('require_permission', entity.eid, role='object', |
175 |
eidparam=True) |
|
1402
04b7afb14b50
new style security management forms
sylvain.thenault@logilab.fr
parents:
1398
diff
changeset
|
176 |
permnames = getattr(entity, '__permissions__', None) |
1453
a9841184be7c
guess_field now takes an entity schema as first argument, not an entity class
sylvain.thenault@logilab.fr
parents:
1402
diff
changeset
|
177 |
cwpermschema = newperm.e_schema |
1402
04b7afb14b50
new style security management forms
sylvain.thenault@logilab.fr
parents:
1398
diff
changeset
|
178 |
if permnames is not None: |
1453
a9841184be7c
guess_field now takes an entity schema as first argument, not an entity class
sylvain.thenault@logilab.fr
parents:
1402
diff
changeset
|
179 |
field = guess_field(cwpermschema, self.schema.rschema('name'), |
2270
70c0da0f2181
should use a hidden text area for error description, not an hidden input (else the browser may remove line breaks)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2052
diff
changeset
|
180 |
widget=wdgs.Select({'size': 1}), |
1531 | 181 |
choices=permnames) |
0 | 182 |
else: |
1453
a9841184be7c
guess_field now takes an entity schema as first argument, not an entity class
sylvain.thenault@logilab.fr
parents:
1402
diff
changeset
|
183 |
field = guess_field(cwpermschema, self.schema.rschema('name')) |
1402
04b7afb14b50
new style security management forms
sylvain.thenault@logilab.fr
parents:
1398
diff
changeset
|
184 |
form.append_field(field) |
1453
a9841184be7c
guess_field now takes an entity schema as first argument, not an entity class
sylvain.thenault@logilab.fr
parents:
1402
diff
changeset
|
185 |
field = guess_field(cwpermschema, self.schema.rschema('label')) |
1402
04b7afb14b50
new style security management forms
sylvain.thenault@logilab.fr
parents:
1398
diff
changeset
|
186 |
form.append_field(field) |
1453
a9841184be7c
guess_field now takes an entity schema as first argument, not an entity class
sylvain.thenault@logilab.fr
parents:
1402
diff
changeset
|
187 |
field = guess_field(cwpermschema, self.schema.rschema('require_group')) |
1402
04b7afb14b50
new style security management forms
sylvain.thenault@logilab.fr
parents:
1398
diff
changeset
|
188 |
form.append_field(field) |
2040
c865cc7100ca
[views] API fix: select_object is a vreg method
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
2005
diff
changeset
|
189 |
renderer = self.vreg.select_object('formrenderers', 'htable', self.req, |
c865cc7100ca
[views] API fix: select_object is a vreg method
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
2005
diff
changeset
|
190 |
rset=None, display_progress_div=False) |
1995
ec95eaa2b711
turn renderers into appobjects
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
191 |
self.w(form.form_render(renderer=renderer)) |
0 | 192 |
|
193 |
||
194 |
class ErrorView(AnyRsetView): |
|
195 |
"""default view when no result has been found""" |
|
731
ac4a94e50b60
some more s/__selectors__/__select__ but still more to come
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
691
diff
changeset
|
196 |
__select__ = yes() |
0 | 197 |
id = 'error' |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
198 |
|
0 | 199 |
def page_title(self): |
200 |
"""returns a title according to the result set - used for the |
|
201 |
title in the HTML header |
|
202 |
""" |
|
203 |
return self.req._('an error occured') |
|
204 |
||
205 |
def call(self): |
|
206 |
req = self.req.reset_headers() |
|
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
207 |
w = self.w |
0 | 208 |
ex = req.data.get('ex')#_("unable to find exception information")) |
209 |
excinfo = req.data.get('excinfo') |
|
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
210 |
title = self.req._('an error occured') |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
211 |
w(u'<h2>%s</h2>' % title) |
0 | 212 |
if 'errmsg' in req.data: |
213 |
ex = req.data['errmsg'] |
|
174
a2966960d550
get actual exception class instead of 'unicode' in the error view
Sylvain Thenault <sylvain.thenault@logilab.fr>
parents:
0
diff
changeset
|
214 |
exclass = None |
0 | 215 |
else: |
174
a2966960d550
get actual exception class instead of 'unicode' in the error view
Sylvain Thenault <sylvain.thenault@logilab.fr>
parents:
0
diff
changeset
|
216 |
exclass = ex.__class__.__name__ |
0 | 217 |
ex = exc_message(ex, req.encoding) |
218 |
if excinfo is not None and self.config['print-traceback']: |
|
174
a2966960d550
get actual exception class instead of 'unicode' in the error view
Sylvain Thenault <sylvain.thenault@logilab.fr>
parents:
0
diff
changeset
|
219 |
if exclass is None: |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
220 |
w(u'<div class="tb">%s</div>' |
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
221 |
% xml_escape(ex).replace("\n","<br />")) |
174
a2966960d550
get actual exception class instead of 'unicode' in the error view
Sylvain Thenault <sylvain.thenault@logilab.fr>
parents:
0
diff
changeset
|
222 |
else: |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
223 |
w(u'<div class="tb">%s: %s</div>' |
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
224 |
% (exclass, xml_escape(ex).replace("\n","<br />"))) |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
225 |
w(u'<hr />') |
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
226 |
w(u'<div class="tb">%s</div>' % html_traceback(excinfo, ex, '')) |
0 | 227 |
else: |
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
228 |
w(u'<div class="tb">%s</div>' % (xml_escape(ex).replace("\n","<br />"))) |
0 | 229 |
# if excinfo is not None, it's probably not a bug |
230 |
if excinfo is None: |
|
231 |
return |
|
232 |
vcconf = self.config.vc_config() |
|
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
233 |
w(u"<div>") |
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
234 |
eversion = vcconf.get('cubicweb', self.req._('no version information')) |
0 | 235 |
# NOTE: tuple wrapping needed since eversion is itself a tuple |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
236 |
w(u"<b>CubicWeb version:</b> %s<br/>\n" % (eversion,)) |
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
237 |
cversions = [] |
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
238 |
for cube in self.config.cubes(): |
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
239 |
cubeversion = vcconf.get(cube, self.req._('no version information')) |
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
240 |
w(u"<b>Package %s version:</b> %s<br/>\n" % (cube, cubeversion)) |
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
241 |
cversions.append((cube, cubeversion)) |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
242 |
w(u"</div>") |
0 | 243 |
# creates a bug submission link if SUBMIT_URL is set |
244 |
submiturl = self.config['submit-url'] |
|
245 |
submitmail = self.config['submit-mail'] |
|
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
246 |
if submiturl or submitmail: |
2052
0b9b0bdc93f5
backport changesets which should have been in stable branch. now *stable is 3.3* and *default is 3.4*
Sylvain Thénault <sylvain.thenault@logilab.fr>
diff
changeset
|
247 |
form = self.vreg.select_object('forms', 'base', self.req, rset=None, |
0b9b0bdc93f5
backport changesets which should have been in stable branch. now *stable is 3.3* and *default is 3.4*
Sylvain Thénault <sylvain.thenault@logilab.fr>
diff
changeset
|
248 |
mainform=False) |
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
249 |
binfo = text_error_description(ex, excinfo, req, eversion, cversions) |
2270
70c0da0f2181
should use a hidden text area for error description, not an hidden input (else the browser may remove line breaks)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2052
diff
changeset
|
250 |
form.form_add_hidden('description', binfo, |
70c0da0f2181
should use a hidden text area for error description, not an hidden input (else the browser may remove line breaks)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2052
diff
changeset
|
251 |
# we must use a text area to keep line breaks |
70c0da0f2181
should use a hidden text area for error description, not an hidden input (else the browser may remove line breaks)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2052
diff
changeset
|
252 |
widget=wdgs.TextArea({'class': 'hidden'})) |
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
253 |
form.form_add_hidden('__bugreporting', '1') |
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
254 |
if submitmail: |
2270
70c0da0f2181
should use a hidden text area for error description, not an hidden input (else the browser may remove line breaks)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2052
diff
changeset
|
255 |
form.form_buttons = [wdgs.SubmitButton(MAIL_SUBMIT_MSGID)] |
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
256 |
form.action = req.build_url('reportbug') |
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
257 |
w(form.form_render()) |
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
258 |
if submiturl: |
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
259 |
form.form_add_hidden('description_format', 'text/rest') |
2270
70c0da0f2181
should use a hidden text area for error description, not an hidden input (else the browser may remove line breaks)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2052
diff
changeset
|
260 |
form.form_buttons = [wdgs.SubmitButton(SUBMIT_MSGID)] |
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
261 |
form.action = submiturl |
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
262 |
w(form.form_render()) |
0 | 263 |
|
264 |
||
265 |
def exc_message(ex, encoding): |
|
266 |
try: |
|
267 |
return unicode(ex) |
|
268 |
except: |
|
269 |
try: |
|
270 |
return unicode(str(ex), encoding, 'replace') |
|
271 |
except: |
|
272 |
return unicode(repr(ex), encoding, 'replace') |
|
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
273 |
|
0 | 274 |
def text_error_description(ex, excinfo, req, eversion, cubes): |
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
275 |
binfo = rest_traceback(excinfo, xml_escape(ex)) |
0 | 276 |
binfo += u'\n\n:URL: %s\n' % req.url() |
277 |
if not '__bugreporting' in req.form: |
|
278 |
binfo += u'\n:form params:\n' |
|
279 |
binfo += u'\n'.join(u' * %s = %s' % (k, v) for k, v in req.form.iteritems()) |
|
280 |
binfo += u'\n\n:CubicWeb version: %s\n' % (eversion,) |
|
281 |
for pkg, pkgversion in cubes: |
|
282 |
binfo += u":Package %s version: %s\n" % (pkg, pkgversion) |
|
283 |
binfo += '\n' |
|
284 |
return binfo |
|
285 |
||
1877
10b9feeb7905
anon should not see security management view
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1806
diff
changeset
|
286 |
|
0 | 287 |
class ProcessInformationView(StartupView): |
288 |
id = 'info' |
|
742
99115e029dca
replaced most of __selectors__ assignments with __select__
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
731
diff
changeset
|
289 |
__select__ = none_rset() & match_user_groups('managers') |
1453
a9841184be7c
guess_field now takes an entity schema as first argument, not an entity class
sylvain.thenault@logilab.fr
parents:
1402
diff
changeset
|
290 |
|
0 | 291 |
title = _('server information') |
292 |
||
293 |
def call(self, **kwargs): |
|
294 |
"""display server information""" |
|
295 |
vcconf = self.config.vc_config() |
|
296 |
req = self.req |
|
297 |
_ = req._ |
|
298 |
# display main information |
|
299 |
self.w(u'<h3>%s</h3>' % _('Application')) |
|
300 |
self.w(u'<table border="1">') |
|
301 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' % ( |
|
302 |
'CubicWeb', vcconf.get('cubicweb', _('no version information')))) |
|
303 |
for pkg in self.config.cubes(): |
|
304 |
pkgversion = vcconf.get(pkg, _('no version information')) |
|
305 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' % ( |
|
306 |
pkg, pkgversion)) |
|
307 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' % ( |
|
308 |
_('home'), self.config.apphome)) |
|
309 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' % ( |
|
310 |
_('base url'), req.base_url())) |
|
311 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' % ( |
|
312 |
_('data directory url'), req.datadir_url)) |
|
313 |
self.w(u'</table>') |
|
314 |
self.w(u'<br/>') |
|
315 |
# environment and request and server information |
|
316 |
try: |
|
317 |
# need to remove our adapter and then modpython-apache wrapper... |
|
318 |
env = req._areq._req.subprocess_env |
|
319 |
except AttributeError: |
|
320 |
return |
|
321 |
self.w(u'<h3>%s</h3>' % _('Environment')) |
|
322 |
self.w(u'<table border="1">') |
|
323 |
for attr in env.keys(): |
|
324 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' |
|
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
325 |
% (attr, xml_escape(env[attr]))) |
0 | 326 |
self.w(u'</table>') |
327 |
self.w(u'<h3>%s</h3>' % _('Request')) |
|
328 |
self.w(u'<table border="1">') |
|
329 |
for attr in ('filename', 'form', 'hostname', 'main', 'method', |
|
330 |
'path_info', 'protocol', |
|
331 |
'search_state', 'the_request', 'unparsed_uri', 'uri'): |
|
332 |
val = getattr(req, attr) |
|
333 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' |
|
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
334 |
% (attr, xml_escape(val))) |
0 | 335 |
self.w(u'</table>') |
336 |
server = req.server |
|
337 |
self.w(u'<h3>%s</h3>' % _('Server')) |
|
338 |
self.w(u'<table border="1">') |
|
339 |
for attr in dir(server): |
|
340 |
val = getattr(server, attr) |
|
341 |
if attr.startswith('_') or callable(val): |
|
342 |
continue |
|
343 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' |
|
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
344 |
% (attr, xml_escape(val))) |
0 | 345 |
self.w(u'</table>') |
346 |