![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6b0427b)
raw | patch | inline | side by side (parent: 6b0427b)
| author | richard <richard@57a73879-2fb5-44c3-a270-3262357dd7e2> | |
| Sun, 1 Sep 2002 23:57:53 +0000 (23:57 +0000) | ||
| committer | richard <richard@57a73879-2fb5-44c3-a270-3262357dd7e2> | |
| Sun, 1 Sep 2002 23:57:53 +0000 (23:57 +0000) |
git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/trunk@1022 57a73879-2fb5-44c3-a270-3262357dd7e2
| TODO.txt | patch | blob | history | |
| roundup/cgi/client.py | patch | blob | history | |
| roundup/templates/classic/html/page | patch | blob | history | |
| roundup/templates/classic/html/user.item | patch | blob | history | |
| roundup/templates/classic/html/user.register | [new file with mode: 0644] | patch | blob |
diff --git a/TODO.txt b/TODO.txt
index 30cad613f19656f42f3e74cfa10be77d178c6c4f..2ef63fd68dabce508ffe02f6901a29022609dc46 100644 (file)
--- a/TODO.txt
+++ b/TODO.txt
. generic class editing
. classhelp
. query saving
+ - add ":queryname" to search form submission, and handle it in search action
+ - ?add a drop-down on search page with all queries that fills form with
+ each query's values?
. search "refinement" (pre-fill the search page with the current search
parameters)
-. web registration of new users by anonymous
ongoing: any bugs
diff --git a/roundup/cgi/client.py b/roundup/cgi/client.py
index 6924ad73d5e69bbe08b4463da3094b8564970915..ff234f95533f5f8d0c54574e248cc88f57854bc2 100644 (file)
--- a/roundup/cgi/client.py
+++ b/roundup/cgi/client.py
-# $Id: client.py,v 1.4 2002-09-01 22:09:20 richard Exp $
+# $Id: client.py,v 1.5 2002-09-01 23:57:53 richard Exp $
__doc__ = """
WWW request handler (also used in the stand-alone server).
return pt.render(**kwargs)
except PageTemplate.PTRuntimeError, message:
return '<strong>%s</strong><ol>%s</ol>'%(message,
- cgi.escape('<li>'.join(pt._v_errors)))
+ '<li>'.join(pt._v_errors))
except:
# everything else
return cgitb.html()
actions = {
'edit': 'editItemAction',
'new': 'newItemAction',
+ 'register': 'registerAction',
'login': 'login_action',
'logout': 'logout_action',
- 'register': 'register_action',
'search': 'searchAction',
}
def handle_action(self):
actions are defined in the "actions" dictionary on this class:
"edit" -> self.editItemAction
"new" -> self.newItemAction
+ "register" -> self.registerAction
"login" -> self.login_action
"logout" -> self.logout_action
- "register" -> self.register_action
"search" -> self.searchAction
'''
# Let the user know what's going on
self.ok_message.append(_('You are logged out'))
- def register_action(self):
+ def registerAction(self):
'''Attempt to create a new user based on the contents of the form
and then set the cookie.
return 1 on successful login
'''
+ # create the new user
+ cl = self.db.user
+
+ # parse the props from the form
+ try:
+ props = parsePropsFromForm(self.db, cl, self.form, self.nodeid)
+ except (ValueError, KeyError), message:
+ self.error_message.append(_('Error: ') + str(message))
+ return
+
# make sure we're allowed to register
- userid = self.db.user.lookup(self.user)
- if not self.db.security.hasPermission('Web Registration', userid):
- raise Unauthorised, _("You do not have permission to access"\
- " %(action)s.")%{'action': 'registration'}
+ if not self.registerPermission(props):
+ raise Unauthorised, _("You do not have permission to register")
# re-open the database as "admin"
if self.user != 'admin':
try:
props = parsePropsFromForm(self.db, cl, self.form)
props['roles'] = self.instance.NEW_WEB_USER_ROLES
- uid = cl.create(**props)
+ self.userid = cl.create(**props)
self.db.commit()
except ValueError, message:
self.error_message.append(message)
# log the new user in
- self.user = cl.get(uid, 'username')
+ self.user = cl.get(self.userid, 'username')
# re-open the database for real, using the user
self.opendb(self.user)
- password = cl.get(uid, 'password')
+ password = self.db.user.get(self.userid, 'password')
self.set_cookie(self.user, password)
# nice message
self.ok_message.append(_('You are now registered, welcome!'))
+ def registerPermission(self, props):
+ ''' Determine whether the user has permission to register
+
+ Base behaviour is to check the user has "Web Registration".
+ '''
+ # registration isn't allowed to supply roles
+ if props.has_key('roles'):
+ return 0
+ if self.db.security.hasPermission('Web Registration', self.userid):
+ return 1
+ return 0
+
def editItemAction(self):
''' Perform an edit of an item in the database.
# if the item being edited is the current user, we're ok
if self.nodeid == self.userid:
return 1
- if not self.db.security.hasPermission('Edit', self.userid,
- self.classname):
- return 0
- return 1
+ if self.db.security.hasPermission('Edit', self.userid, self.classname):
+ return 1
+ return 0
def newItemAction(self):
''' Add a new item to the database.
if self.classname == 'user' and has('Web Registration', self.userid,
'user'):
return 1
- if not has('Edit', self.userid, self.classname):
- return 0
- return 1
+ if has('Edit', self.userid, self.classname):
+ return 1
+ return 0
def genericEditAction(self):
''' Performs an edit of all of a class' items in one go.
index f9aec13dc9b1b9e3d1b55bdab51818045392919f..75d63d3e60a3dfb28a38cec5731f4a152579cd46 100644 (file)
<a href="user?:template=item">Add User</a>
</p>
- <p class="userblock">
- <b>Hello,</b><br><b tal:content="request/user/username">username</b><br>
- <form method="POST" action=''
- tal:condition="python:request.user.username=='anonymous'">
+ <p class="userblock" tal:condition="python:request.user.username=='anonymous'">
+ <form method="POST" action="">
<input size="10" name="__login_name"><br>
<input size="10" type="password" name="__login_password"><br>
<input type="submit" name=":action" value="login">
<span tal:replace="structure request/indexargs_form" />
</form>
- <tal:block tal:condition="python:request.user.username != 'anonymous'">
- <a tal:attributes="href string:issue?:sort=-activity&:group=priority&:filter=status,assignedto&:columns=id,activity,title,creator,priority&status=-1,1,2,3,4,5,6,7&assignedto=${request/user/id}">My Issues</a><br>
- <a tal:attributes="href string:user${request/user/id}">My Details</a><br>
- <a tal:attributes="href python:request.indexargs_href(request.url,
- {':action':'logout'})">Logout</a>
- </tal:block>
+ <a href="user?:template=register">Register</a>
+ </p>
+
+ <p class="userblock" tal:condition="python:request.user.username != 'anonymous'">
+ <b>Hello,</b><br><b tal:content="request/user/username">username</b><br>
+ <a tal:attributes="href string:issue?:sort=-activity&:group=priority&:filter=status,assignedto&:columns=id,activity,title,creator,priority&status=-1,1,2,3,4,5,6,7&assignedto=${request/user/id}">My Issues</a><br>
+ <a tal:attributes="href string:user${request/user/id}">My Details</a><br>
+ <a tal:attributes="href python:request.indexargs_href(request.url,
+ {':action':'logout'})">Logout</a>
</p>
</td>
<td>
index 28fff4485af5f281ff1fc3f4379ea72e2a46330a..dff2ee4f62a9749fb44647e08eee504c18ddcf7f 100644 (file)
<!-- dollarId: user.item,v 1.7 2002/08/16 04:29:04 richard Exp dollar-->
-<tal:block tal:define="editok python:request.user.hasPermission('Edit') or
- user.id == request.user.id;
- viewok python:request.user.hasPermission('View')">
+<tal:block tal:define="
+ editok python:request.user.hasPermission('Edit') or
+ user.id == request.user.id;
+ viewok python:request.user.hasPermission('View')">
<span tal:condition="python:not (viewok or editok)">
You are not allowed to view this page.
<tr>
<td> </td>
- <td colspan=3 tal:content="structure user/submit">submit button here</td>
+ <td tal:content="structure user/submit">submit button here</td>
</tr>
</table>
</form>
diff --git a/roundup/templates/classic/html/user.register b/roundup/templates/classic/html/user.register
--- /dev/null
@@ -0,0 +1,63 @@
+<!-- dollarId: user.item,v 1.7 2002/08/16 04:29:04 richard Exp dollar-->
+<tal:block tal:define=" editok python:request.user.username=='anonymous' and
+ request.user.hasPermission('Web Registration')">
+
+<span tal:condition="python:not editok">
+You are not allowed to view this page.
+</span>
+
+<tal:block tal:condition="editok">
+<form method="POST" onSubmit="return submit_once()" enctype="multipart/form-data">
+
+<table class="form">
+ <tr>
+ <th>Name</th>
+ <td tal:content="structure user/realname/field">realname</td>
+ </tr>
+ <tr>
+ <th>Login Name</th>
+ <td tal:content="structure user/username/field">username</td>
+ </tr>
+ <tr>
+ <th>Login Password</th>
+ <td tal:content="structure user/password/field">password</td>
+ </tr>
+ <tr tal:condition="python:request.user.hasPermission('Web Roles')">
+ <th>Roles</th>
+ <td tal:condition="exists:item"
+ tal:content="structure user/roles/field">roles</td>
+ <td tal:condition="not:exists:item">
+ <input name="roles" tal:attributes="value db/config/NEW_WEB_USER_ROLES">
+ </td>
+ </tr>
+ <tr>
+ <th>Phone</th>
+ <td tal:content="structure user/phone/field">phone</td>
+ </tr>
+ <tr>
+ <th>Organisation</th>
+ <td tal:content="structure user/organisation/field">organisation</td>
+ </tr>
+ <tr>
+ <th>E-mail address</th>
+ <td tal:content="structure user/address/field">address</td>
+ </tr>
+ <tr>
+ <th>Alternate E-mail addresses<br>One address per line</th>
+ <td tal:content="structure user/alternate_addresses/multiline">alternate_addresses</td>
+ </tr>
+
+ <tr>
+ <td> </td>
+ <td>
+ <input type="hidden" name=":action" value="register">
+ <input type="submit" name="submit" value="Register">
+ </td>
+ </tr>
+</table>
+</form>
+
+</tal:block>
+
+</tal:block>
+