tobe-test

aa.gustiana@gmail.com
Commit 166dae29 authored May 06, 2025 by aa.gustiana@gmail.com
Showing 16 changed files with 255 additions and 231 deletions
development.ini
development.ini.tpl
opensipkd/base/__init__.py
opensipkd/base/models/base.py
opensipkd/base/models/partner.py
opensipkd/base/scripts/data/routes.csv
opensipkd/base/views/__init__.py
opensipkd/base/views/base_views.py
opensipkd/base/views/partner.py
opensipkd/base/views/register.py
opensipkd/base/views/templates/base5.pt
opensipkd/base/views/templates/form9.pt → opensipkd/base/views/templates/form8.pt
opensipkd/base/views/templates/login.pt
opensipkd/base/views/user_login.py
opensipkd/base/widgets/templates/readonly/form.pt
opensipkd/base/widgets/widget_os.py
--- a/development.ini
+++ b/development.ini
@@ -16,13 +16,12 @@ pyramid.debug_templates = true
 default_locale_name = id
 sqlalchemy.url = postgresql://aagusti:a@localhost:5432/demo2
 session.url = postgresql://aagusti:a@localhost:5432/demo2
 pyramid.includes =
    pyramid_tm
    pyramid_beaker
    pyramid_chameleon
-    pyramid_debugtoolbar
    pyramid_rpc.jsonrpc
+    pyramid_debugtoolbar
 session.type = ext:database
@@ -73,7 +72,7 @@ login_captcha = 1
 ;
 ;modules =
 menus = login:Login
-;    pjdl:PJDL
+   register:PJDL
 ;    bphtb:BPHTB
 ;    five:Five
 ;app_name = GAJI ASN
@@ -117,20 +116,19 @@ port = 6543
 keys = root, opensipkd, sqlalchemy
 [handlers]
-keys = console
+keys = console, filelog
-#, filelog, tabel
+#, tabel
 [formatters]
 keys = generic
 [logger_root]
 level = WARN
-handlers = console
+handlers = 
-#, filelog, tabel
+#, tabel
 [logger_opensipkd]
 level = DEBUG
-handlers =
+handlers =console, filelog
 qualname = opensipkd
 [logger_sqlalchemy]
@@ -143,8 +141,9 @@ qualname = sqlalchemy.engine
 [handler_filelog]
 class = FileHandler
-args = ('log_file_location','a')
+; args = ('log_file','a')
-level = INFO
+args = ('/tmp/logs/opensipkd.log','a')
+level = DEBUG
 formatter = generic

--- a/development.ini.tpl
+++ b/development.ini.tpl
@@ -15,16 +15,14 @@ pyramid.debug_routematch = true
 pyramid.debug_templates = true
 default_locale_name = id
 sqlalchemy.url = postgresql://aagusti:a@localhost:5432/demo2
-session.url = postgresql://aagusti:a@localhost:5433/demo2
+session.url = postgresql://aagusti:a@localhost:5432/demo2
-temp_dir = C:\tmp
-allow_register = true
 pyramid.includes =
    pyramid_tm
    pyramid_beaker
    pyramid_chameleon
-    pyramid_debugtoolbar
    pyramid_rpc.jsonrpc
+    pyramid_debugtoolbar
 session.type = ext:database
 session.secret = s0s3cr3ts
@@ -37,6 +35,20 @@ timezone = Asia/Jakarta
 #localization = Indonesian_indonesia.1252
 localization = English_Australia.1252
+# Base Configuration
+temp_files = C:\tmp
+partner_doc = C:\\tmp\\docs\\partner\\
+# Registrasi User
+allow_register = 1
+reg_form = 
+reg_idcard = 1
+reg_captcha = 1
+reg_verify = 1
+;reg_form =
+login_tpl =
+login_captcha = 1
 ;login_tpl = opensipkd.samsat.jabar.views:templates/login.pt
 ;static_files = %(here)s/../files
@@ -60,7 +72,7 @@ localization = English_Australia.1252
 ;
 ;modules =
 menus = login:Login
-;    pjdl:PJDL
+   register:PJDL
 ;    bphtb:BPHTB
 ;    five:Five
 ;app_name = GAJI ASN
@@ -68,13 +80,7 @@ menus = login:Login
 ;change_unit = False
 ;departemen_chg_id = 3
-# Registrasi User
-;captcha_files = /tmp/captcha
-;reg_captcha = 0
-;reg_idcard = 1
-;reg_verify = 1
-;reg_form =
-;login_tpl =
 # digunakan jika akan menggunakan form registrasi sendiri
@@ -110,20 +116,19 @@ port = 6543
 keys = root, opensipkd, sqlalchemy
 [handlers]
-keys = console
+keys = console, filelog
-#, filelog, tabel
+#, tabel
 [formatters]
 keys = generic
 [logger_root]
 level = WARN
-handlers = console
+handlers = 
-#, filelog, tabel
+#, tabel
 [logger_opensipkd]
 level = DEBUG
-handlers =
+handlers =console, filelog
 qualname = opensipkd
 [logger_sqlalchemy]
@@ -136,8 +141,9 @@ qualname = sqlalchemy.engine
 [handler_filelog]
 class = FileHandler
-args = ('log_file_location','a')
+; args = ('log_file','a')
-level = INFO
+args = ('/tmp/logs/opensipkd.log','a')
+level = DEBUG
 formatter = generic
@@ -163,7 +169,7 @@ script_location = ziggurat_foundations:migrations
 sqlalchemy.url = postgresql://aagusti:a@localhost:5432/demo2
 [alembic_base]
-script_location = opensipkd.base:alembic
+script_location = opensipkd.base.scripts:alembic
 sqlalchemy.url = postgresql://aagusti:a@localhost:5432/demo2
 [pytest]

--- a/opensipkd/base/__init__.py
+++ b/opensipkd/base/__init__.py
@@ -397,6 +397,7 @@ class BaseApp():
        self.reg_form = ""
        self.reg_captcha = ""
        self.captcha_files = ""
+        self.login_captcha = 0
    def static_view(self, config, settings=None):
        self.partner_doc = get_params(
@@ -421,10 +422,12 @@ class BaseApp():
        self.captcha_files = os.path.join(self.temp_files, "captcha")+os.sep
        if not os.path.exists(self.captcha_files):
            os.makedirs(self.captcha_files)
        config.add_static_view(
            'captcha', self.captcha_files, cache_max_age=0)
+        self.login_tpl = get_params("login_tpl", "", settings=settings)
+        self.login_captcha = get_params("login_captcha", 0, settings=settings)
    def add_menu(self, config, route_menus, parent=None, paket="opensipkd.base.views"):
        route_names = []
@@ -523,6 +526,7 @@ class BaseApp():
        self.add_menu(config, new_routes, paket)
    def get_menus(self):
+        _logging.debug(f"Menus: {self.menus}")
        return self.menus
@@ -543,6 +547,8 @@ def has_permission_(request, perm_names, context=None):
 @subscriber(BeforeRender)
 def add_global(event):
    event['has_permission'] = has_permission_
+    event['get_base_menus'] = BASE_CLASS.get_menus
 #     event['has_modules'] = has_modules_
 #     event['urlencode'] = urlencode
 #     event['quote_plus'] = quote_plus

--- a/opensipkd/base/models/base.py
+++ b/opensipkd/base/models/base.py
@@ -110,7 +110,7 @@ class DefaultModel(CommonModel):
        return query
    @classmethod
-    def query_from(cls, db_session=DBSession, columns=None, filters=None):
+    def query_from(cls, db_session=DBSession, columns=[], filters=None):
        query = db_session.query().select_from(cls)
        for c in columns:
            query = query.add_columns(c)

--- a/opensipkd/base/models/partner.py
+++ b/opensipkd/base/models/partner.py
@@ -97,6 +97,13 @@ class Partner(Base, PartnerModel):
            row = cls.query().filter_by(mobile=ident).first()
        return row
+    @classmethod
+    def query_register(cls):
+        columns= [cls.kode, cls.nama, cls.mobile, cls.email, cls.status]
+        return cls.query_from(columns=columns)
 class PartnerFiles(Base, StandarModel):
    __tablename__ = 'partner_files'

--- a/opensipkd/base/scripts/data/routes.csv
+++ b/opensipkd/base/scripts/data/routes.csv
 kode,path,module,file_name,class_name,func_name,order_id,permission,parent_id/routes.kode,nama,status,type,app_id,is_menu,template,csrf,
 base-home,/,base,__init__,Home,view_home,1,,,Home,1,0,,1,home.pt,,
-base-login,/login,base,user_login,ViewLogin,view_login,1,,,Login,1,0,,1,,1,
+base-login,/login,base,user_login,ViewAuth,view_login,1,,,Login,1,0,,0,form6.pt,1,
-base-logout,/logout,base,user_login,ViewLogout,view_logout,1,,,Logout,1,0,,1,logout.pt,,
+base-logout,/logout,base,user_login,ViewAuth,view_logout,1,,,Logout,1,0,,0,logout.pt,,
-base-admin,,base,,,,,,,,,,,1,,,
+base-password-reset,/password/reset,base,user_login,ViewPassword,reset_password,,,,Reset Password,1,0,,0,form6.pt,,
+base-password,/password,base,user_login,ViewPassword,change_password,1,view,,Change Password,1,0,,0,form8.pt,,
+base-password-request,/password/{code}/request,base,user_login,ViewPassword,change_password_request,1,,,Change Password,1,0,,0,form8.pt,,
+base-profile,/profile,base,register,,view_profile,,,,Profile,1,0,,0,form.pt,,
 base-register,/register,base,register,,view_register,,,,Register,1,0,,0,form.pt,,
-base-user,/user,base,user,,view_list,,user-view,,User List,1,0,,1,form.pt,,
+base-recreate-api-key,/recreate-api-key,base,register,ViewPassword,recreate-api-key,,,,Get Api Key,1,0,,0,recreate-api-key.pt,,
-base-user-act,/user/{act}/act,base,user,,,,user-view,,User Action,1,0,,,json,,
+base-admin,#,,,,,,view,,Administrator,1,0,,1,,,
-base-user-add,/user/add,base,user,,,,user-edit,,User Add,1,0,,,form6.pt,,
+base-user,/user,base,user,,view_list,,user-view,base-admin,User,1,0,,1,form.pt,,
-base-user-edit,/user/{id}/edit,base,user,,,,user-edit,,User Edit,1,0,,,form6.pt,,
+base-user-act,/user/{act}/act,base,user,,,,user-view,base-user,User Action,1,0,,,json,,
-base-user-view,/user/{id}/view,base,user,,,,user-view,,User View,1,0,,,form6.pt,,
+base-user-add,/user/add,base,user,,,,user-edit,base-user,User Add,1,0,,,form6.pt,,
-base-user-delete,/user/{id}/delete,base,user,,,,user-edit,,User Delete,1,0,,,form6.pt,,
+base-user-edit,/user/{id}/edit,base,user,,,,user-edit,base-user,User Edit,1,0,,,form6.pt,,
-base-partner,/partner,base,partner,,view_list,,admin,,Partner,1,0,,1,form.pt,,
+base-user-view,/user/{id}/view,base,user,,,,user-view,base-user,User View,1,0,,,form6.pt,,
-base-partner-act,/partner/{act}/act,base,partner,,,,admin,,Partner Action,1,0,,,json,,
+base-user-delete,/user/{id}/delete,base,user,,,,user-edit,base-user,User Delete,1,0,,,form6.pt,,
-base-partner-add,/partner/add,base,partner,,,,admin,,Partner Add,1,0,,,form6.pt,,
+base-partner,/partner,base,partner,,view_list,,admin,base-admin,Partner,1,0,,1,form.pt,,
-base-partner-edit,/partner/{id}/edit,base,partner,,,,admin,,Partner Edit,1,0,,,form6.pt,,
+base-partner-act,/partner/{act}/act,base,partner,,,,admin,base-partner,Partner Action,1,0,,,json,,
-base-partner-view,/partner/{id}/view,base,partner,,,,admin,,Partner View,1,0,,,form6.pt,,
+base-partner-add,/partner/add,base,partner,,,,admin,base-partner,Partner Add,1,0,,,form6.pt,,
-base-partner-delete,/partner/{id}/delete,base,partner,,,,admin,,Partner Delete,1,0,,,form6.pt,,
+base-partner-edit,/partner/{id}/edit,base,partner,,,,admin,base-partner,Partner Edit,1,0,,,form6.pt,,
-base-partner-upload,/partner/upload,base,partner,,,,admin,,Partner Uload,1,0,,,form6.pt,,
+base-partner-view,/partner/{id}/view,base,partner,,,,admin,base-partner,Partner View,1,0,,,form6.pt,,
+base-partner-delete,/partner/{id}/delete,base,partner,,,,admin,base-partner,Partner Delete,1,0,,,form6.pt,,
+base-partner-upload,/partner/upload,base,partner,,,,admin,base-partner,Partner Uload,1,0,,,form6.pt,,
 ,,,,,,,,,,,,,,,,
 ,,,,,,,,,,,,,,,,
 ,,,,,,,,,,,,,,,,

--- a/opensipkd/base/views/__init__.py
+++ b/opensipkd/base/views/__init__.py
@@ -49,7 +49,7 @@ def http_forbidden(request):
        # next_url = get_urls(
        #     request.route_url(
        #     'login', _query={'next': request.url}))
-        next_url = request.route_url('login', _query={'next': request.url})
+        next_url = request.route_url('base-login', _query={'next': request.url})
        return HTTPSeeOther(location=next_url)
    request.response.status = 403

--- a/opensipkd/base/views/base_views.py
+++ b/opensipkd/base/views/base_views.py
@@ -556,16 +556,16 @@ class BaseView(object):
    def get_bindings(self, row=None):
        return {"row": row}
-#     def next_edit(self, form, **kwargs):
+    def next_edit(self, form, **kwargs):
-#         """Digunakan untuk memproses button post yang lainnya
+        """Digunakan untuk memproses button post yang lainnya
-#         Args:
+        Args:
-#             form (_type_): _description_
+            form (_type_): _description_
-#         Returns:
+        Returns:
-#             _type_: _description_
+            _type_: _description_
-#         """
+        """
-#         return self.route_list(**kwargs)
+        return self.route_list(**kwargs)
    def returned_form(self, form, table=None, **kwargs):
        resources = form.get_widget_resources()
@@ -576,8 +576,6 @@ class BaseView(object):
            resources["js"].extend(set(table["js"]) - set(resources["js"]))
            resources["css"].extend(set(table["css"]) - set(resources["css"]))
            table = table["form"]
-        # resources["js"] = list(resources["js"])
-        # resources["css"] = list(resources["css"])
        if is_object:
            return dict(form=form,
                        table=table and table.render() or None,
@@ -747,19 +745,19 @@ class BaseView(object):
        """
        return self.route_list(**kwargs)
-#     def get_captcha_url(self):
+    def get_captcha_url(self):
-#         return get_urls("/captcha/") + get_captcha(self.req)
+        return self.req.static_url(BASE_CLASS.captcha_files)
-#     def update_value(self, value, cstruct):
+    def update_value(self, value, cstruct):
-#         for k in cstruct:
+        for k in cstruct:
-#             val = cstruct.get(k)
+            val = cstruct.get(k)
-#             if type(val) is dict:
+            if type(val) is dict:
-#                 if k not in value:
+                if k not in value:
-#                     value[k] = {}
+                    value[k] = {}
-#                 value[k] = self.update_value(value[k], val)
+                value[k] = self.update_value(value[k], val)
-#             elif val:
+            elif val:
-#                 value[k] = cstruct.get(k)
+                value[k] = cstruct.get(k)
-#         return value
+        return value
    def view_add(self, **kwargs):
        # bindings = self.get_bindings()
@@ -800,7 +798,7 @@ class BaseView(object):
        return self.returned_form(form, table, **kwargs)
    def save(self, values, user, row=None):
-        log.info("Save")
+        log.debug("Save")
        log.debug(values)
        values.pop("id", None)
        self.ses["old_email"] = user and user.email or None

--- a/opensipkd/base/views/partner.py
+++ b/opensipkd/base/views/partner.py
@@ -134,10 +134,6 @@ class Views(BaseView):
    #                    }
    #     return super().view_list(new_buttons=new_buttons)
-    # # @view_config(route_name='partner-act', renderer='json',
-    #              permission='user-view')
-    # def view_act(self):
-    #     return super().view_act()
    def next_act(self):
        request = self.req
@@ -203,26 +199,6 @@ class Views(BaseView):
                r.append(d)
            return r
-    # @view_config(route_name='partner-add', renderer='templates/form.pt',
-    #              permission='user-edit')
-    # def view_add(self):
-    #     return super().view_add()
-    # @view_config(route_name='partner-edit', renderer='templates/form.pt',
-    #              permission='user-edit')
-    # def view_edt(self):
-    #     return super().view_edit()
-    # @view_config(route_name='partner-view', renderer='templates/form.pt',
-    #              permission='user-edit')
-    # def view_view(self):
-    #     return super().view_view()
-    # @view_config(route_name='partner-delete', renderer='templates/form.pt',
-    #              permission='user-edit')
-    # def view_delete(self):
-    #     return super().view_delete()
    def form_validator(self, form, value):
        def err_kode():
            raise colander.Invalid(form,
@@ -254,12 +230,6 @@ class Views(BaseView):
            else:
                value.pop("idcard")
-        # value['is_vendor'] = 'is_vendor' in value and \
-        #                      value['is_vendor'] and 1 or 0
-        # value['is_customer'] = 'is_customer' in value and \
-        #                        value['is_customer'] and 1 or 0
-        # value["status"] = 'status' in value and value['status'] and 1 or 0
    def get_bindings(self, row=None):
        result = super().get_bindings(row)
        # provinsi_list = ResProvinsi.get_list()
@@ -279,7 +249,7 @@ class Views(BaseView):
        return result
-    def save_request(self, values, row=None):
+    # def save_request(self, values, row=None):
        # if "idcard" in values and values["idcard"]:
        #     if str(self.req.POST['upload']) != "":
        #         folder = self.get_params("idcard_folder", '/tmp/idcard')
@@ -289,8 +259,8 @@ class Views(BaseView):
        #     else:
        #         del values["idcard"]
-        row = super().save_request(values, row)
+        # row = super().save_request(values, row)
-        return row
+        # return row
    def get_values(self, row, istime=False):
        d = super().get_values(row, istime)
@@ -308,6 +278,8 @@ class Views(BaseView):
    def before_delete(self, row):
        PartnerFiles.query().filter_by(partner_id=row.id).delete()
+    def before_delete(self, row):
+        PartnerFiles.query().filter_by(partner_id=row.id).delete()
 @colander.deferred
 def partner_widget(node, kw):

--- a/opensipkd/base/views/register.py
+++ b/opensipkd/base/views/register.py
--- a/opensipkd/base/views/templates/base5.pt
+++ b/opensipkd/base/views/templates/base5.pt
@@ -125,12 +125,14 @@
                        </span>
                        <i class="fa fa-angle-down"></i> </a>
                    <ul class="dropdown-menu pull-right">
-                        <li><a style="text-transform:capitalize" href="{request.route_url('profile')}">Profile</a></li>
+                        <li><a style="text-transform:capitalize" href="${request.route_url('base-profile')}">Profile</a>
+                        </li>
                        <li tal:condition="not request.user.external">
-                            <a style="text-transform:capitalize" href="{request.route_url('password')}">Ubah
+                            <a style="text-transform:capitalize" href="${request.route_url('base-password')}">Ubah
                                password</a>
                        </li>
-                        <li><a style="text-transform:capitalize" href="${request.route_url('base-logout')}">Logout</a></li>
+                        <li><a style="text-transform:capitalize" href="${request.route_url('base-logout')}">Logout</a>
+                        </li>
                        <li tal:condition="request.user.api_key"><a style="text-transform:capitalize"
                                href="${home}/recreate-api-key">API Key</a></li>
                        <!-- <li talcondition="'core' in request.modules and change_unit(request)">
@@ -150,92 +152,51 @@
    <!-- Left panel : Navigation area -->
    <!-- Note: This width of the aside area can be adjusted through LESS variables -->
    <aside id="left-panel" style="padding-bottom:67px">
+        Menu
        <!-- NAVIGATION : This navigation is also responsive-->
-        <nav style="">
+        <nav class="smart-menu" id="menu">
            <!-- Modul Menu -->
-            <ul metal:define-slot="navs"></ul>
-            <!-- Admin Menu -->
-            <ul tal:condition="has_permission(request, user_path)" style="margin-top: 0; padding-top: 0;">
-                <li>
-                    <a href="#"><i class="fa fa-lg fa-fw fa-shield"></i><span class="menu-item-parent">Admin</span></a>
-                    <ul>
-                        <li tal:condition="has_permission(request, ['user-view', 'user-edit'])"
-                            tal:attributes="class  route_name in user_path and 'active'">
-                            <a href="${home}/user">User</a>
-                        </li>
-                        <li tal:condition="has_permission(request, ['user-view', 'user-edit'])"
-                            tal:attributes="class  route_name in user_area_path and 'active'">
-                            <a href="${home}/user/area">User Area</a>
-                        </li>
-                        <li tal:condition="has_permission(request, ['user-view', 'user-edit'])"
-                            tal:attributes="class  route_name in user_dep_path and 'active'">
-                            <a href="${home}/user/departemen">User Departemen</a>
-                        </li>
-                        <li tal:condition="has_permission(request, ['user-view', 'user-edit'])"
-                            tal:attributes="class  route_name in user_ext_path and 'active'">
-                            <a href="${home}/user/ext">External User</a>
-                        </li>
-                        <li tal:condition="has_permission(request, ['user-view', 'user-edit'])"
-                            tal:attributes="class route_name in group_path and 'active'">
-                            <a href="${home}/group">Group</a>
-                        </li>
-                        <li tal:condition="has_permission(request, 'upload-logo')"
-                            tal:attributes="class route_name in ['upload-logo'] and 'active'">
-                            <a href="${home}/upload/logo">Upload Logo</a>
-                        </li>
-                        <li tal:condition="has_permission(request, 'parameter')"
-                            tal:attributes="class route_name in param_path and 'active'">
-                            <a href="${home}/parameter">Parameter</a>
-                        </li>
-                        <li tal:condition="has_permission(request, 'company')"
-                            tal:attributes="class route_name in company_path  and 'active'">
-                            <a href="${home}/company">Pemerintah</a>
-                        </li>
-                        <li tal:condition="has_permission(request, 'eselon')"
-                            tal:attributes="class route_name in eselon_path and 'active'">
-                            <a href="${home}/eselon">Eselon</a>
-                        </li>
-                        <li tal:condition="has_permission(request, 'jabatan')"
-                            tal:attributes="class  route_name in jabatan_path and 'active'">
-                            <a href="${home}/jabatan">Jabatan</a>
-                        </li>
-                        <li tal:condition="has_permission(request, 'departemen')"
+            <ul metal:define-slot="navs"></ul>
-                            tal:attributes="class route_name in dep_path  and 'active'">
+            <ul style="margin-top: 0; padding-top: 0;">
-                            <a href="${home}/departemen">Departemen</a>
+                <li tal:repeat="menu get_base_menus()"
-                        </li>
+                    tal:attributes="class route_name in menu['route_name'] and 'active'">
-                        <li tal:condition="has_permission(request, 'partner')"
+                    <a tal:condition="python:not menu['children'] and has_permission(request, menu['permission'])"
-                            tal:attributes="class route_name in partner_path  and 'active'">
+                        href="${home}${menu['path']}">
-                            <a href="${home}/partner">Partner</a>
+                        <i tal:condition="menu['icon']" class="fa fa-lg fa-fw ${menu['icon']}"></i>
-                        </li>
+                        <span>${menu['nama']}</span>
-                        <li tal:condition="has_permission(request, 'partner-departemen')"
+                    </a>
-                            tal:attributes="class route_name in part_dep_path and 'active'">
+                    <a tal:condition="python:menu['children'] and has_permission(request, menu['permission'])" href="#">
-                            <a href="${home}/partner/departemen">Partner Departemen</a>
+                        <i tal:condition="menu['icon']" class="fa fa-lg fa-fw ${menu['icon']}"></i>
-                        </li>
+                        <span class="menu-item-parent">${menu['nama']}</span>
-                        <li tal:condition="has_permission(request, 'provinsi')"
+                    </a>
-                            tal:attributes="class route_name in provinsi_path and 'active'">
-                            <a href="${home}/provinsi">Provinsi</a>
+                    <ul tal:condition="python:menu['children'] and has_permission(request, menu['permission'])">
-                        </li>
+                        <li tal:repeat="submenu menu['children']"
-                        <li tal:condition="has_permission(request, 'dati2')"
+                            tal:attributes="class route_name in submenu['route_name'] and 'active'">
-                            tal:attributes="class  route_name in dati2_path and 'active'">
+                            <a tal:condition="python:not submenu['children'] and has_permission(request, submenu['permission'])"
-                            <a href="${home}/dati2">Kabupaten/Kota</a>
+                                href="${home}${submenu['path']}">
-                        </li>
+                                <i tal:condition="submenu['icon']" class="fa fa-lg fa-fw ${submenu['icon']}"></i>
-                        <li tal:condition="has_permission(request, 'kecamatan')"
+                                <span>${submenu['nama']}</span>
-                            tal:attributes="class  route_name in kecamatan_path and 'active'">
+                            </a>
-                            <a href="${home}/kecamatan">Kecamatan</a>
-                        </li>
+                            <a tal:condition="submenu['children']" href="#">
-                        <li tal:condition="has_permission(request, 'desa')"
+                                <i tal:condition="submenu['icon']" class="fa fa-lg fa-fw ${submenu['icon']}"></i>
-                            tal:attributes="class  route_name in desa_path and 'active'">
+                                <span class="menu-item-parent">${submenu['nama']}</span>
-                            <a href="${home}/desa">Desa/Kelurahan</a>
+                            </a>
-                        </li>
-                        <li tal:condition="has_permission(request, 'log')"
+                            <ul tal:condition="submenu['children']">
-                            tal:attributes="class route_name in ['log'] and 'active'">
+                                <li tal:repeat="submenu2 submenu['children']"
-                            <a href="${home}/log">Log</a>
+                                    tal:attributes="class route_name in submenu2['route_name'] and 'active'">
+                                    <a href="${home}${submenu2['path']}">${submenu2['nama']}</a>
+                                </li>
+                            </ul>
                        </li>
                    </ul>
                </li>
            </ul>
        </nav>
        <span class="minifyme" data-action="minifyMenu">
            <i class="fa fa-arrow-circle-left hit"></i>

--- a/opensipkd/base/views/templates/form9.pt
+++ b/opensipkd/base/views/templates/form9.pt
 <html metal:use-macro="load: ./base5.pt"
 tal:define="scripts scripts|scripts" >
 <div metal:fill-slot="content">
    <div class="col-md-8 col-md-offset-2">
        <div class="panel panel-default">
            <!-- <div class="panel-heading"> -->
                <!-- <h3 class="panel-title"><i class="fa fa-fw fa-plus"></i>&nbsp;${request.title}</h3> -->
            <!-- </div> -->
            <div class="panel-body">
                <div tal:content="structure form"></div>
            </div>
        </div>
    </div>
 </div>
 <div metal:fill-slot="scripts">
    <script>
        $(document).ready(function () {
        //     $(".read-only").attr("readonly", true);
            $(".readonly").attr("readonly", true);
            $(".date").attr("readonly", true);
            // $(".date").datepicker({
            //     format: 'dd-mm-yyyy'
            // });
                ${structure:scripts}
        });
    </script>
    <div metal:define-slot="scripts"></div>
 </div>
 </html>
--- a/opensipkd/base/views/templates/login.pt
+++ b/opensipkd/base/views/templates/login.pt
@@ -79,6 +79,7 @@
                <b class="tooltip tooltip-top-right"><i class="fa fa-lock txt-color-teal"></i> ISI
                  DENGAN PASSWORD ANDA</b> </label>
            </section>
            <section>
              <div class="form-group">
                <label class=" checkbox checkbox-inline">
@@ -87,15 +88,17 @@
                  <a href="${home}/reset-password" id="lupa" >Lupa Password?</a>
                </div>
              </div>
            </section>
+            <section tal:condition="'captcha' in form">
+              <div tal:define="field form['captcha']">
+                ${structure:field.serialize()}
+              </div>
+            </section>
-            <section>
+            <section tal:condition="'csrf_token' in form">
-              <div tal:condition="'csrf_token' in form">
+              <div tal:define="field form['csrf_token']" style="display: none;">
-                <div tal:define="field form['csrf_token']" style="display: none;">
+                  ${structure:field.serialize()}
-                    ${structure:field.serialize()}
-                </div>
              </div>
            </section>

--- a/opensipkd/base/views/user_login.py
+++ b/opensipkd/base/views/user_login.py
--- a/opensipkd/base/widgets/templates/readonly/form.pt
+++ b/opensipkd/base/widgets/templates/readonly/form.pt
+<form
+    tal:define="style style|field.widget.style;
+              css_class css_class|string:${field.widget.css_class or field.css_class or ''};
+              item_template item_template|field.widget.readonly_item_template;
+              title title|field.title;
+              errormsg errormsg|field.errormsg;
+              description description|field.description;
+              buttons buttons|field.buttons;
+              use_ajax use_ajax|field.use_ajax;
+              ajax_options ajax_options|field.ajax_options;
+              formid formid|field.formid;
+              method method|field.method;"
+    tal:attributes="style style;
+                  class css_class;"
+    id="${formid}"
+    method="${method}"
+    enctype="multipart/form-data"
+    accept-charset="utf-8"
+    i18n:domain="deform"
+    class="deform ${field.bootstrap_form_style | 'form-horizontal'}"
+>
+  <fieldset class="deform-form-fieldset">
+    <div class="row">
+      <legend tal:condition="title">${title}</legend>
+      <p class="section first" tal:condition="description">
+        ${description}
+      </p>
+      <div tal:repeat="child field"
+           tal:replace="structure child.render_template(item_template)"/>
+    </div>
+    <div class="row">
+      <div class="form-group deform-form-buttons">
+        <tal:loop tal:repeat="button buttons">
+          <button
+              tal:define="btn_disposition repeat.button.start and 'btn-primary' or 'btn-default';"
+              tal:attributes="disabled button.disabled if button.disabled else None;
+                              attributes|button.attributes|{};"
+              id="${formid+button.name}"
+              name="${button.name}"
+              type="${button.type}"
+              class="btn ${button.css_class or btn_disposition}"
+              value="${button.value}"
+              tal:condition="button.type != 'link'">
+            <span tal:condition="button.icon" class="glyphicon glyphicon-${button.icon}"></span>
+            ${button.title}
+          </button>
+          <a
+              tal:define="btn_disposition repeat.button.start and 'btn-primary' or 'btn-default';
+              btn_href button.value|''"
+              class="btn ${button.css_class or btn_disposition}"
+              id="${field.formid + button.name}"
+              href="${btn_href}"
+              tal:condition="button.type == 'link'">
+            <span tal:condition="button.icon" class="glyphicon glyphicon-${button.icon}"></span>
+            ${button.title}
+          </a>
+        </tal:loop>
+      </div>
+    </div>
+  </fieldset>
+</form>
--- a/opensipkd/base/widgets/widget_os.py
+++ b/opensipkd/base/widgets/widget_os.py
@@ -378,8 +378,6 @@ class CaptchaWidget(Widget):
        kode_captcha, file_name = img_captcha(self.request)
        self.request.session["captcha"] = kode_captcha
        cstruct = self.url+file_name
-        # if cstruct in (null, None):
-            # cstruct = ""
        readonly = kw.get("readonly", self.readonly)
        template = readonly and self.readonly_template or self.template
        values = self.get_template_values(field, cstruct, kw)
@@ -394,6 +392,8 @@ class CaptchaWidget(Widget):
            pstruct = pstruct.strip()
        if not pstruct:
            return null
+        if pstruct != self.request.session["captcha"]:
+            raise Invalid(field.schema, "Captcha tidak sesuai")
        return pstruct