12 from logilab.common.decorators import cached |
12 from logilab.common.decorators import cached |
13 |
13 |
14 from cubicweb.common.utils import UStringIO |
14 from cubicweb.common.utils import UStringIO |
15 from cubicweb.common.view import AnyRsetView, StartupView, EntityView |
15 from cubicweb.common.view import AnyRsetView, StartupView, EntityView |
16 from cubicweb.common.uilib import html_traceback, rest_traceback |
16 from cubicweb.common.uilib import html_traceback, rest_traceback |
17 from cubicweb.common.selectors import (yes, one_line_rset, |
17 from cubicweb.common.selectors import (yes, one_line_rset, match_user_groups, |
18 accept_rset, none_rset, |
18 accept_rset, none_rset, |
19 chainfirst, chainall) |
19 chainfirst, chainall) |
20 from cubicweb.web import INTERNAL_FIELD_VALUE, eid_param, stdmsgs |
20 from cubicweb.web import INTERNAL_FIELD_VALUE, eid_param, stdmsgs |
21 from cubicweb.web.widgets import StaticComboBoxWidget |
21 from cubicweb.web.widgets import StaticComboBoxWidget |
22 from cubicweb.web.form import FormMixIn |
22 from cubicweb.web.form import FormMixIn |
291 return u'<a href="%s">%s</a>' % (action, label) |
291 return u'<a href="%s">%s</a>' % (action, label) |
292 |
292 |
293 def css_class(someclass): |
293 def css_class(someclass): |
294 return someclass and 'class="%s"' % someclass or '' |
294 return someclass and 'class="%s"' % someclass or '' |
295 |
295 |
296 class SystemEpropertiesForm(FormMixIn, StartupView): |
296 class SystemEPropertiesForm(FormMixIn, StartupView): |
297 controller = 'edit' |
297 controller = 'edit' |
298 id = 'systemepropertiesform' |
298 id = 'systemepropertiesform' |
299 title = _('site configuration') |
299 title = _('site configuration') |
300 require_groups = ('managers',) |
300 require_groups = ('managers',) |
301 category = 'startupview' |
301 category = 'startupview' |
459 w(u'<input type="hidden" name="%s" value="EProperty"/>' % eid_param('__type', eid)) |
459 w(u'<input type="hidden" name="%s" value="EProperty"/>' % eid_param('__type', eid)) |
460 w(u'<input type="hidden" name="%s" value="%s"/>' % (eid_param('pkey', eid), key)) |
460 w(u'<input type="hidden" name="%s" value="%s"/>' % (eid_param('pkey', eid), key)) |
461 w(u'<input type="hidden" name="%s" value="%s"/>' % (eid_param('edits-pkey', eid), '')) |
461 w(u'<input type="hidden" name="%s" value="%s"/>' % (eid_param('edits-pkey', eid), '')) |
462 |
462 |
463 |
463 |
464 class EpropertiesForm(SystemEpropertiesForm): |
464 |
|
465 def is_user_prefs(cls, req, rset, row, col): |
|
466 return req.user.eid == rset[row or 0 ][col or 0] |
|
467 |
|
468 class EPropertiesForm(SystemEPropertiesForm): |
465 id = 'epropertiesform' |
469 id = 'epropertiesform' |
|
470 __selectors__ = ( |
|
471 # we don't want guests to be able to come here |
|
472 match_user_groups('users', 'managers'), |
|
473 chainfirst(none_rset), |
|
474 chainall(one_line_rset, is_user_prefs), |
|
475 chainall(one_line_rset, match_user_groups('managers')) |
|
476 ) |
|
477 |
|
478 accepts = ('EUser',) |
|
479 |
466 title = _('preferences') |
480 title = _('preferences') |
467 require_groups = ('users', 'managers') # we don't want guests to be able to come here |
|
468 __selectors__ = chainfirst(none_rset, |
|
469 chainall(one_line_rset, accept_rset)), |
|
470 accepts = ('EUser',) |
|
471 |
|
472 @classmethod |
|
473 def accept_rset(cls, req, rset, row, col): |
|
474 if row is None: |
|
475 row = 0 |
|
476 score = super(EpropertiesForm, cls).accept_rset(req, rset, row, col) |
|
477 # check current user is the rset user or he is in the managers group |
|
478 if score and (req.user.eid == rset[row][col or 0] |
|
479 or req.user.matching_groups('managers')): |
|
480 return score |
|
481 return 0 |
|
482 |
481 |
483 @property |
482 @property |
484 def user(self): |
483 def user(self): |
485 if self.rset is None: |
484 if self.rset is None: |
486 return self.req.user |
485 return self.req.user |
491 def eprops_rset(self): |
490 def eprops_rset(self): |
492 return self.req.execute('Any P,K,V WHERE P is EProperty, P pkey K, P value V,' |
491 return self.req.execute('Any P,K,V WHERE P is EProperty, P pkey K, P value V,' |
493 'P for_user U, U eid %(x)s', {'x': self.user.eid}) |
492 'P for_user U, U eid %(x)s', {'x': self.user.eid}) |
494 |
493 |
495 def form_row_hiddens(self, w, entity, key): |
494 def form_row_hiddens(self, w, entity, key): |
496 super(EpropertiesForm, self).form_row_hiddens(w, entity, key) |
495 super(EPropertiesForm, self).form_row_hiddens(w, entity, key) |
497 # if user is in the managers group and the property is being created, |
496 # if user is in the managers group and the property is being created, |
498 # we have to set for_user explicitly |
497 # we have to set for_user explicitly |
499 if not entity.has_eid() and self.user.matching_groups('managers'): |
498 if not entity.has_eid() and self.user.matching_groups('managers'): |
500 eid = entity.eid |
499 eid = entity.eid |
501 w(u'<input type="hidden" name="%s" value="%s"/>' |
500 w(u'<input type="hidden" name="%s" value="%s"/>' |