Newer
Older
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# -------------------------------------------------------------------------------
# This file is part of Mentat system (https://mentat.cesnet.cz/).
#
# Copyright (C) since 2011 CESNET, z.s.p.o (http://www.ces.net/)
# Use of this source is governed by the MIT license, see LICENSE file.
# -------------------------------------------------------------------------------
This module contains custom user account management forms for Hawat.
"""
__author__ = "Jan Mach <jan.mach@cesnet.cz>"
__credits__ = "Pavel Kácha <pavel.kacha@cesnet.cz>, Andrea Kropáčová <andrea.kropacova@cesnet.cz>"
import sqlalchemy
from wtforms.ext.sqlalchemy.fields import QuerySelectField, QuerySelectMultipleField
from flask_babel import gettext, lazy_gettext
import hawat.db
import hawat.const
import hawat.forms
from hawat.forms import check_login, get_available_groups
from mentat.datatype.sqldb import UserModel
def check_id_existence(form, field):
"""
Callback for validating user logins during account create action.
try:
hawat.db.db_get().session.query(UserModel). \
filter(UserModel.login == field.data). \
one()
except sqlalchemy.orm.exc.NoResultFound:
return
except: # pylint: disable=locally-disabled,bare-except
pass
raise wtforms.validators.ValidationError(gettext('User account with this login already exists.'))
def check_id_uniqueness(form, field):
Callback for validating user logins during account update action.
user = hawat.db.db_get().session.query(UserModel). \
filter(UserModel.login == field.data). \
filter(UserModel.id != form.db_item_id). \
all()
if not user:
return
raise wtforms.validators.ValidationError(gettext('User account with this login already exists.'))
class BaseUserAccountForm(hawat.forms.BaseItemForm):
"""
Class representing base user account form.
"""
fullname = wtforms.StringField(
lazy_gettext('Full name:'),
wtforms.validators.DataRequired(),
wtforms.validators.Length(min=3, max=100)
]
)
email = wtforms.StringField(
lazy_gettext('Email:'),
wtforms.validators.DataRequired(),
wtforms.validators.Length(min=3, max=250),
wtforms.validators.Email()
]
)
organization = wtforms.StringField(
lazy_gettext('Home organization:'),
wtforms.validators.DataRequired(),
wtforms.validators.Length(min=3, max=250)
lazy_gettext('Prefered locale:'),
wtforms.validators.Optional()
choices=[('', lazy_gettext('<< no preference >>'))],
filters=[lambda x: x or None],
default=''
lazy_gettext('Prefered timezone:'),
wtforms.validators.Optional(),
],
choices=[('', lazy_gettext('<< no preference >>'))] + list(zip(pytz.common_timezones, pytz.common_timezones)),
filters=[lambda x: x or None],
default=''
submit = wtforms.SubmitField(
lazy_gettext('Submit')
)
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
#
# Handle additional custom keywords.
#
# The list of choices for 'locale' attribute comes from outside of the
# form to provide as loose tie as possible to the outer application.
# Another approach would be to load available choices here with:
#
# locales = list(flask.current_app.config['SUPPORTED_LOCALES'].items())
#
# That would mean direct dependency on flask.Flask application.
self.locale.choices[1:] = kwargs['choices_locales']
Jan Mach
committed
class AdminUserAccountForm(BaseUserAccountForm):
Jan Mach
committed
Class representing base user account form for admins.
enabled = wtforms.RadioField(
lazy_gettext('State:'),
wtforms.validators.InputRequired(),
],
choices=[
(True, lazy_gettext('Enabled')),
(False, lazy_gettext('Disabled'))
filters=[hawat.forms.str_to_bool],
coerce=hawat.forms.str_to_bool
roles = wtforms.SelectMultipleField(
lazy_gettext('Roles:'),
wtforms.validators.Optional()
]
)
memberships = QuerySelectMultipleField(
lazy_gettext('Group memberships:'),
)
managements = QuerySelectMultipleField(
lazy_gettext('Group managements:'),
)
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
#
# Handle additional custom keywords.
#
# The list of choices for 'roles' attribute comes from outside of the
# form to provide as loose tie as possible to the outer application.
# Another approach would be to load available choices here with:
#
# roles = flask.current_app.config['ROLES']
#
# That would mean direct dependency on flask.Flask application.
self.roles.choices = kwargs['choices_roles']
Jan Mach
committed
class CreateUserAccountForm(AdminUserAccountForm):
"""
Class representing user account create form.
"""
login = wtforms.StringField(
Jan Mach
committed
lazy_gettext('Login:'),
Jan Mach
committed
wtforms.validators.DataRequired(),
wtforms.validators.Length(min=3, max=50),
Jan Mach
committed
check_id_existence
]
)
class UpdateUserAccountForm(BaseUserAccountForm):
"""
Class representing user account update form for regular users.
Jan Mach
committed
class AdminUpdateUserAccountForm(AdminUserAccountForm):
"""
Class representing user account update form for administrators.
"""
login = wtforms.StringField(
Jan Mach
committed
lazy_gettext('Login:'),
wtforms.validators.DataRequired(),
wtforms.validators.Length(min=3, max=50),
check_id_uniqueness
]
)
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
#
# Handle additional custom keywords.
#
# Store the ID of original item in database to enable the ID uniqueness
# check with check_id_uniqueness() validator.
self.db_item_id = kwargs['db_item_id']
class UserSearchForm(hawat.forms.BaseSearchForm):
"""
Class representing simple user search form.
"""
search = wtforms.StringField(
lazy_gettext('Login, name, email:'),
wtforms.validators.Length(min=3, max=100)
description=lazy_gettext(
'User`s login, full name or email address. Search is performed even in the middle of the strings, so for example you may lookup by domain.')
)
dt_from = hawat.forms.SmartDateTimeField(
lazy_gettext('Creation time from:'),
description=lazy_gettext(
'Lower time boundary for item creation time. Timestamp is expected to be in the format <code>YYYY-MM-DD hh:mm:ss</code> and in the timezone according to the user`s preferences.')
)
dt_to = hawat.forms.SmartDateTimeField(
lazy_gettext('Creation time to:'),
description=lazy_gettext(
'Upper time boundary for item creation time. Timestamp is expected to be in the format <code>YYYY-MM-DD hh:mm:ss</code> and in the timezone according to the user`s preferences.')
)
state = wtforms.SelectField(
lazy_gettext('State:'),
('enabled', lazy_gettext('Enabled')),
default='',
description=lazy_gettext('Search for users with particular account state.')
)
role = wtforms.SelectField(
lazy_gettext('Role:'),
default='',
description=lazy_gettext('Search for users with particular role, or without any assigned roles.')
)
membership = QuerySelectField(
lazy_gettext('Group membership:'),
query_factory=get_available_groups,
allow_blank=True,
description=lazy_gettext('Search for users with membership with particular group.')
)
management = QuerySelectField(
lazy_gettext('Group management:'),
query_factory=get_available_groups,
allow_blank=True,
description=lazy_gettext('Search for users with management rights to particular group.')
)
sortby = wtforms.SelectField(
lazy_gettext('Sort result by:'),
('createtime.desc', lazy_gettext('by creation time descending')),
('createtime.asc', lazy_gettext('by creation time ascending')),
('login.desc', lazy_gettext('by login descending')),
('login.asc', lazy_gettext('by login ascending')),
('fullname.desc', lazy_gettext('by name descending')),
('fullname.asc', lazy_gettext('by name ascending')),
('email.desc', lazy_gettext('by email descending')),
('email.asc', lazy_gettext('by email ascending')),
('logintime.desc', lazy_gettext('by login time descending')),
('logintime.asc', lazy_gettext('by login time ascending')),
)
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
#
# Handle additional custom keywords.
#
# The list of choices for 'roles' attribute comes from outside of the
# form to provide as loose tie as possible to the outer application.
# Another approach would be to load available choices here with:
#
# roles = flask.current_app.config['ROLES']
#
# That would mean direct dependency on flask.Flask application.
self.role.choices = [
('', lazy_gettext('Nothing selected')),
(hawat.const.NO_ROLE, lazy_gettext('Without any roles'))
] + kwargs['choices_roles']
@staticmethod
def is_multivalue(field_name):
"""
Check, if given form field is a multivalue field.
:param str field_name: Name of the form field.
:return: ``True``, if the field can contain multiple values, ``False`` otherwise.
:rtype: bool
"""
return False