anoopmb
/
frappe
1
0
포크 0
코드 이슈 0 풀 리퀘스트 0 릴리즈 0 위키 활동
25개 이상의 토픽을 선택하실 수 없습니다. Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1333 커밋
1 브렌치
314 MiB
 
 
 
 
 
 
트리: 5da296909f
브랜치 태그
${ item.name }
${ searchTerm } 브랜치 생성
from '5da296909f'
${ noResults }
frappe/py/webnotes/profile.py

303 lines
8.7 KiB
Raw Blame 히스토리 

  1. # Copyright (c) 2012 Web Notes Technologies Pvt Ltd (http://erpnext.com)

  2. # 

  3. # MIT License (MIT)

  4. # 

  5. # Permission is hereby granted, free of charge, to any person obtaining a 

  6. # copy of this software and associated documentation files (the "Software"), 

  7. # to deal in the Software without restriction, including without limitation 

  8. # the rights to use, copy, modify, merge, publish, distribute, sublicense, 

  9. # and/or sell copies of the Software, and to permit persons to whom the 

  10. # Software is furnished to do so, subject to the following conditions:

  11. # 

  12. # The above copyright notice and this permission notice shall be included in 

  13. # all copies or substantial portions of the Software.

  14. # 

  15. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, 

  16. # INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A 

  17. # PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 

  18. # HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF 

  19. # CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE 

  20. # OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

  21. # 

  22. 

  23. import webnotes

  24. 

  25. class Profile:

  26. 	"""

  27. 	A profile object is created at the beginning of every request with details of the use.

  28. 	The global profile object is `webnotes.user`

  29. 	"""

  30. 	def __init__(self, name=''):

  31. 		self.name = name or webnotes.session.get('user')

  32. 		self.roles = []

  33. 		

  34. 		self.all_read = []

  35. 		self.can_create = []

  36. 		self.can_read = []

  37. 		self.can_write = []

  38. 		self.can_cancel = []

  39. 		self.can_search = []

  40. 		self.can_get_report = []

  41. 		self.allow_modules = []

  42. 		

  43. 		# for doctypes with create permission but are not supposed to be created using New

  44. 		self.in_create = []

  45. 		

  46. 	def _load_roles(self):

  47. 		self.roles = webnotes.get_roles()

  48. 		return self.roles

  49. 

  50. 	def get_roles(self):

  51. 		"""get list of roles"""

  52. 		if self.roles:

  53. 			return self.roles

  54. 			

  55. 		return self._load_roles()

  56. 	

  57. 	def build_doctype_map(self):

  58. 		"""build map of special doctype properties"""

  59. 			

  60. 		self.doctype_map = {}

  61. 		for r in webnotes.conn.sql("""select name, in_create, issingle, istable, 

  62. 			read_only, module from tabDocType""", as_dict=1):

  63. 			r['child_tables'] = []

  64. 			self.doctype_map[r['name']] = r

  65. 			

  66. 		for r in webnotes.conn.sql("""select parent, options from tabDocField 

  67. 			where fieldtype="Table"

  68. 			and parent not like "old_parent:%%" 

  69. 			and ifnull(docstatus,0)=0

  70. 			"""):

  71. 			if r[0] in self.doctype_map:

  72. 				self.doctype_map[r[0]]['child_tables'].append(r[1])

  73. 	

  74. 	def build_perm_map(self):

  75. 		"""build map of permissions at level 0"""

  76. 		

  77. 		self.perm_map = {}

  78. 		for r in webnotes.conn.sql("""select parent, `read`, `write`, `create`, `submit`, `cancel` 

  79. 			from tabDocPerm where docstatus=0 

  80. 			and ifnull(permlevel,0)=0

  81. 			and parent not like "old_parent:%%" 

  82. 			and role in ('%s')""" % "','".join(self.get_roles()), as_dict=1):

  83. 			

  84. 			dt = r['parent']

  85. 			

  86. 			if not dt in  self.perm_map:

  87. 				self.perm_map[dt] = {}

  88. 				

  89. 			for k in ('read', 'write', 'create', 'submit', 'cancel'):

  90. 				if not self.perm_map[dt].get(k):

  91. 					self.perm_map[dt][k] = r.get(k)

  92. 						

  93. 	def build_permissions(self):

  94. 		"""build lists of what the user can read / write / create

  95. 		quirks: 

  96. 			read_only => Not in Search

  97. 			in_create => Not in create

  98. 		

  99. 		"""

  100. 		

  101. 		self.build_doctype_map()

  102. 		self.build_perm_map()

  103. 		

  104. 		for dt in self.doctype_map:

  105. 			dtp = self.doctype_map[dt]

  106. 			p = self.perm_map.get(dt, {})

  107. 

  108. 			if not dtp.get('istable'):

  109. 				if p.get('create') and not dtp.get('issingle'):

  110. 					if dtp.get('in_create'):

  111. 						self.in_create.append(dt)

  112. 					else:

  113. 						self.can_create.append(dt)

  114. 				elif p.get('write'):

  115. 					self.can_write.append(dt)

  116. 				elif p.get('read'):

  117. 					if dtp.get('read_only'):

  118. 						self.all_read.append(dt)

  119. 					else:

  120. 						self.can_read.append(dt)

  121. 

  122. 			if p.get('cancel'):

  123. 				self.can_cancel.append(dt)

  124. 

  125. 			if (p.get('read') or p.get('write') or p.get('create')):

  126. 				self.can_get_report.append(dt)

  127. 				self.can_get_report += dtp['child_tables']

  128. 				if not dtp.get('istable'):

  129. 					if not dtp.get('issingle') and not dtp.get('read_only'):

  130. 						self.can_search.append(dt)

  131. 					if not dtp.get('module') in self.allow_modules:

  132. 						self.allow_modules.append(dtp.get('module'))

  133. 

  134. 		self.can_write += self.can_create

  135. 		self.can_write += self.in_create

  136. 		self.can_read += self.can_write

  137. 		self.all_read += self.can_read

  138. 

  139. 	def get_defaults(self):

  140. 		"""

  141. 		Get the user's default values based on user and role profile

  142. 		"""

  143. 		roles = self.get_roles() + [self.name]

  144. 		res = webnotes.conn.sql("""select defkey, defvalue 

  145. 		from `tabDefaultValue` where parent in ("%s")""" % '", "'.join(roles))

  146. 	

  147. 		self.defaults = {'owner': [self.name,]}

  148. 

  149. 		for rec in res: 

  150. 			if not self.defaults.has_key(rec[0]): 

  151. 				self.defaults[rec[0]] = []

  152. 			self.defaults[rec[0]].append(rec[1] or '')

  153. 

  154. 		return self.defaults

  155. 		

  156. 	def get_hide_tips(self):

  157. 		try:

  158. 			return webnotes.conn.sql("select hide_tips from tabProfile where name=%s", self.name)[0][0] or 0

  159. 		except:

  160. 			return 0

  161. 			

  162. 	# update recent documents

  163. 	def update_recent(self, dt, dn):

  164. 		"""

  165. 		Update the user's `Recent` list with the given `dt` and `dn`

  166. 		"""

  167. 		conn = webnotes.conn

  168. 		from webnotes.utils import cstr

  169. 		import json

  170. 

  171. 	

  172. 		# get list of child tables, so we know what not to add in the recent list

  173. 		child_tables = [t[0] for t in conn.sql('select name from tabDocType where ifnull(istable,0) = 1')]

  174. 		

  175. 		if not (dt in ['Print Format', 'Start Page', 'Event', 'ToDo', 'Search Criteria']) \

  176. 			and not (dt in child_tables):

  177. 			r = webnotes.conn.sql("select recent_documents from tabProfile where name=%s", \

  178. 				self.name)[0][0] or ''

  179. 

  180. 			if '~~~' in r:

  181. 				r = '[]'

  182. 			

  183. 			rdl = json.loads(r or '[]')

  184. 			new_rd = [dt, dn]

  185. 			

  186. 			# clear if exists

  187. 			for i in range(len(rdl)):

  188. 				rd = rdl[i]

  189. 				if rd==new_rd:

  190. 					del rdl[i]

  191. 					break

  192. 

  193. 			if len(rdl) > 19:

  194. 				rdl = rdl[:19]

  195. 			

  196. 			rdl = [new_rd] + rdl

  197. 			

  198. 			self.recent = json.dumps(rdl)

  199. 						

  200. 			webnotes.conn.sql("""update tabProfile set 

  201. 				recent_documents=%s where name=%s""", (self.recent, self.name))

  202. 			

  203. 	def load_profile(self):

  204. 		"""

  205. 	      	Return a dictionary of user properites to be stored in the session

  206. 		"""

  207. 		t = webnotes.conn.sql("""select email, first_name, last_name, 

  208. 			recent_documents from tabProfile where name = %s""", self.name)[0]

  209. 

  210. 		if not self.can_read:

  211. 			self.build_permissions()

  212. 

  213. 		d = {}

  214. 		d['name'] = self.name

  215. 		d['email'] = t[0] or ''

  216. 		d['first_name'] = t[1] or ''

  217. 		d['last_name'] = t[2] or ''

  218. 		d['recent'] = t[3] or ''

  219. 		

  220. 		d['hide_tips'] = self.get_hide_tips()

  221. 		

  222. 		d['roles'] = self.roles

  223. 		d['defaults'] = self.get_defaults()

  224. 		

  225. 		d['can_create'] = self.can_create

  226. 		d['can_write'] = self.can_write

  227. 		d['can_read'] = list(set(self.can_read))

  228. 		d['can_cancel'] = list(set(self.can_cancel))

  229. 		d['can_get_report'] = list(set(self.can_get_report))

  230. 		d['allow_modules'] = self.allow_modules

  231. 		d['all_read'] = self.all_read

  232. 		d['can_search'] = list(set(self.can_search))

  233. 		

  234. 		d['in_create'] = self.in_create

  235. 		

  236. 		return d

  237. 		

  238. 	def load_from_session(self, d):

  239. 		"""

  240. 		Setup the user profile from the dictionary saved in the session (generated by `load_profile`)

  241. 		"""

  242. 		self.can_create = d['can_create']

  243. 		self.can_read = d['can_read']

  244. 		self.can_write = d['can_write']

  245. 		self.can_search = d['can_search']

  246. 		self.can_get_report = d['can_get_report']

  247. 		self.allow_modules = d['allow_modules']

  248. 		self.all_read = d['all_read']

  249. 

  250. 		self.roles = d['roles']

  251. 		self.defaults = d['defaults']

  252. 

  253. 	

  254. 	def reset_password(self):

  255. 		"""reset password"""

  256. 		from webnotes.utils import random_string, now

  257. 		pwd = random_string(8)

  258. 		

  259. 		# update tab Profile

  260. 		webnotes.conn.sql("""UPDATE tabProfile SET password=password(%s), modified=%s 

  261. 			WHERE name=%s""", (pwd, now(), self.name))

  262. 

  263. 		return pwd

  264. 

  265. 

  266. 	def send_new_pwd(self, pwd):

  267. 		"""

  268. 			Send new password to user

  269. 		"""

  270. 		import os

  271. 		# send email

  272. 		with open(os.path.join(os.path.dirname(__file__), 'password_reset.txt'), 'r') as f:

  273. 			reset_password_mail = f.read()

  274. 		

  275. 		from webnotes.utils.email_lib import sendmail_md

  276. 		sendmail_md(recipients= self.name, \

  277. 			msg = reset_password_mail % {"user": get_user_fullname(self.name), "password": pwd}, \

  278. 			subject = 'Password Reset')

  279. 

  280. 

  281. 

  282. 

  283. @webnotes.whitelist()

  284. def get_user_img():

  285. 	if not webnotes.form.getvalue('username'):

  286. 		webnotes.response['message'] = 'no_img_m'

  287. 		return

  288. 

  289. 	f = webnotes.conn.sql("select file_list from tabProfile where name=%s", webnotes.form.getvalue('username',''))

  290. 	if f:

  291. 		if f[0][0]:

  292. 			lst = f[0][0].split('\n')	

  293. 			webnotes.response['message'] = lst[0].split(',')[1]

  294. 		else:

  295. 			webnotes.response['message'] = 'no_img_m'		

  296. 	else:

  297. 		webnotes.response['message'] = 'no_img_m'

  298. 

  299. 

  300. def get_user_fullname(user):

  301. 	fullname = webnotes.conn.sql("SELECT CONCAT_WS(' ', first_name, last_name) FROM `tabProfile` WHERE name=%s", user)

  302. 	return fullname and fullname[0][0] or ''