perbaikan module partner dan register

aagusti
Commit 253ab48f authored Sep 14, 2022 by aagusti
Showing 4 changed files with 77 additions and 49 deletions
opensipkd/base/__init__.py
opensipkd/base/security.py
opensipkd/base/views/partner.py
opensipkd/base/views/register.py
--- a/opensipkd/base/__init__.py
+++ b/opensipkd/base/__init__.py
@@ -87,14 +87,16 @@ titles = {}
 def add_cors_headers_response_callback(event):
    def cors_headers(request, response):
        response.headers.update({
-        'Access-Control-Allow-Origin': '*',
+            'Access-Control-Allow-Origin': '*',
-        'Access-Control-Allow-Methods': 'POST,GET,DELETE,PUT,OPTIONS',
+            'Access-Control-Allow-Methods': 'POST,GET,DELETE,PUT,OPTIONS',
-        'Access-Control-Allow-Headers': 'Origin, Content-Type, Accept, Authorization',
+            'Access-Control-Allow-Headers': 'Origin, Content-Type, Accept, Authorization',
-        'Access-Control-Allow-Credentials': 'true',
+            'Access-Control-Allow-Credentials': 'true',
-        'Access-Control-Max-Age': '1728000',
+            'Access-Control-Max-Age': '1728000',
        })
    event.request.add_response_callback(cors_headers)
 # https://groups.google.com/forum/#!topic/pylons-discuss/QIj4G82j04c
 def has_permission_(request, perm_names, context=None):
    if isinstance(perm_names, str):
@@ -103,13 +105,16 @@ def has_permission_(request, perm_names, context=None):
        if request.has_permission(perm_name, context):
            return True
 def has_modules_(module_name, context=None):
    modules = get_params("pyramid.includes").split("\n")
    return module_name in modules
 def _get_params(request, params, default=None, settings=None, context=None):
    return get_params(params, default, settings)
 @subscriber(BeforeRender)
 def add_global(event):
    event['has_permission'] = has_permission_
@@ -169,6 +174,13 @@ def get_ini_params(request, params=None, alternate=None, settings=None):
    return get_params(params, alternate, settings)
+def get_id_card_folder(ext=None):
+    folder = get_params("partner_idcard_folder", '/tmp/idcard')
+    if ext:
+        return folder + ext
+    return  folder
 def allow_register(request):
    allow = get_params('allow_register', 'false')
    return allow == 'true' or allow == "True" or allow == True
@@ -321,12 +333,14 @@ def get_menus(request):
    return result
 def format_datetime(v):
    if v.time():
        return dmyhms(v)
    else:
        return dmy(v)
 def json_renderer():
    json_r = JSON()
    json_r.add_adapter(datetime.datetime, lambda v, request: format_datetime(v))
@@ -382,7 +396,7 @@ def set_routes(config, app_id=None):
                                        default_renderer="json_rpc")
-partner_idcard_folder = 'partner/idcard'
+partner_idcard_url = 'partner/idcard'
 def main(global_config, **settings):
@@ -442,14 +456,15 @@ def main(global_config, **settings):
    config.add_request_method(google_signin_client_ids,
                              'google_signin_client_ids', reify=True)
    config.add_request_method(allow_register, 'allow_register', reify=True)
-    config.add_request_method(disable_responsive, 'disable_responsive', reify=True)
+    config.add_request_method(disable_responsive, 'disable_responsive',
+                              reify=True)
    config.add_request_method(get_ini, 'get_ini', reify=True)
    config.add_translation_dirs('opensipkd.base:locale/')
    config.add_static_view('static', 'opensipkd.base:static',
                           cache_max_age=3600)
-    config.add_static_view(partner_idcard_folder,
+    config.add_static_view(partner_idcard_url,
-                           get_params("partner_idcard_folder", '/tmp/idcard'),
+                           get_id_card_folder("/"),
                           cache_max_age=3600)
    config.add_static_view('deform_static', 'deform:static')

--- a/opensipkd/base/security.py
+++ b/opensipkd/base/security.py
@@ -31,19 +31,18 @@ def get_user(request):
    if user_id:
        q = DBSession.query(User).filter_by(id=user_id)
        row = q.first()
-        # get_params("single_browser", False) and
+        #todo restrict multi browser
-        if row.security_code != request.session["token"]:
+        # if row and "g_state" not in request.cookies and \
-            # cek apakah session["token"]= security_code yang disimpan oleh
+        #         ("token" not in request.session or
-            # user_login.Login.login
+        #             not request.session["token"] or
-            # hapus jika beda
+        #             row.security_code != request.session["token"]):
+        #     request.session.flash("Silahkan login ulang")
-            request.session.flash("Silahkan login ulang")
+        #     headers = forget(request)
-            headers = forget(request)
+        #     request.session.delete()
-            request.session.delete()
+        #     request.response.headers.update(headers)
-            request.response.headers.update(headers)
+        #     if "g_state" in request.cookies:
-            if "g_state" in request.cookies:
+        #         request.response.delete_cookie("g_state", '/')
-                request.response.delete_cookie("g_state", '/')
+        #     return
-            return
        return row

--- a/opensipkd/base/views/partner.py
+++ b/opensipkd/base/views/partner.py
 import os
 import colander
+from opensipkd.base import get_params, get_id_card_folder
 from deform import (
    widget,
 )
@@ -18,8 +19,9 @@ from .company import company_widget
 from .partner_base import PartnerSchema, NamaSchema
 from opensipkd.models import DBSession, Partner
-from .. import partner_idcard_folder
+# from .. import partner_idcard_url
 from ..views import BaseView
 _ = TranslationStringFactory("opensipkd")
 SESS_ADD_FAILED = 'Tambah partner gagal'
@@ -55,6 +57,7 @@ class EditSchema(AddSchema):
                             missing=colander.drop,
                             widget=widget.HiddenWidget(),
                             )
    def after_bind(self, schema, kwargs):
        super().after_bind(schema, kwargs)
@@ -76,11 +79,18 @@ class ListSchema(colander.Schema):
    email = colander.SchemaNode(
        colander.String(),
        oid="email")
+    idcard = colander.SchemaNode(
+        colander.String(),
+        oid="idcard",
+        title="Identitas"
+    )
    status = colander.SchemaNode(
        colander.Boolean(),
        widget=widget.CheckboxWidget(),
        oid="status")
+    def after_bind(self, schema, kw):
+        request = kw.get("request")
+        self["idcard"].url = request.static_url(get_id_card_folder("/"))
 class ViewPartner(BaseView):
    def __init__(self, request):
@@ -210,15 +220,20 @@ class ViewPartner(BaseView):
                err_kode()
        elif found:
            err_kode()
-        value['is_vendor'] = 'is_vendor' in value and value['is_vendor'] and 1 or 0
+        value['is_vendor'] = 'is_vendor' in value and value[
-        value['is_customer'] = 'is_customer' in value and value['is_customer'] and 1 or 0
+            'is_vendor'] and 1 or 0
+        value['is_customer'] = 'is_customer' in value and value[
+            'is_customer'] and 1 or 0
        value["status"] = 'status' in value and value['status'] and 1 or 0
    def get_bindings(self, row=None):
        provinsi_list = ResProvinsi.get_list()
-        dati2_list = row and row.provinsi_id and ResDati2.get_list(row.provinsi_id) or []
+        dati2_list = row and row.provinsi_id and ResDati2.get_list(
-        kecamatan_list = row and row.dati2_id and ResKecamatan.get_list(row.dati2_id) or []
+            row.provinsi_id) or []
-        desa_list = row and row.kecamatan_id and ResDesa.get_list(row.kecamatan_id) or []
+        kecamatan_list = row and row.dati2_id and ResKecamatan.get_list(
+            row.dati2_id) or []
+        desa_list = row and row.kecamatan_id and ResDesa.get_list(
+            row.kecamatan_id) or []
        return dict(
            provinsi_list=provinsi_list,
            dati2_list=dati2_list,
@@ -229,11 +244,14 @@ class ViewPartner(BaseView):
    def save_request(self, values, row=None):
        if "idcard" in values and values["idcard"]:
-            if str(self.req.POST['upload'].decode('utf-8'))!="":
+            if str(self.req.POST['upload'].decode('utf-8')) != "":
                folder = self.get_params("idcard_folder", '/tmp/idcard')
                upload = Upload(folder)
                file_name = upload.save(self.req, 'upload', img_exts)
                values["idcard"] = file_name
+            else:
+                del values["idcard"]
        row = super().save_request(values, row)
        return row
@@ -241,14 +259,16 @@ class ViewPartner(BaseView):
        d = super().get_values(row, istime)
        if "idcard" in d and d["idcard"]:
            filename = d["idcard"]
+            url = self.req.static_url(get_id_card_folder("/"))
            preview_url = "/".join(
-                                [self.home, partner_idcard_folder, filename])
+                [self.req.static_url(url), filename])
            d["idcard"] = {"uid": filename.split(".")[0],
-                            "filename": filename,
+                           "filename": filename,
-                            "preview_url": preview_url
+                           "preview_url": preview_url
-                            }
+                           }
        return d
 @colander.deferred
 def partner_widget(node, kw):
    values = kw.get('partner_list', [])

--- a/opensipkd/base/views/register.py
+++ b/opensipkd/base/views/register.py
@@ -26,30 +26,24 @@ Link dalam module registrasi:
 4. Form edit registrasi http://server/register/{uid}/edit
 5. Form Upload template
 """
-import os
 from datetime import datetime
 import colander
-from deform import (widget, Button, FileData, ValidationFailure)
+from deform import (widget, FileData, ValidationFailure)
-from pyramid.threadlocal import get_current_registry
 from opensipkd.tools import Upload, mem_tmp_store, image_validator
+from opensipkd.tools.buttons import btn_cancel, btn_register, btn_save
 from pyramid.httpexceptions import HTTPFound
 from pyramid.i18n import TranslationStringFactory
 from pyramid.security import forget
 from pyramid.view import view_config
 from ziggurat_foundations.models.services.user import UserService
-from opensipkd.base import get_params, partner_idcard_folder
+from opensipkd.base import get_params, get_id_card_folder
 from opensipkd.base.views.user import email_validator, add_member_count
+from opensipkd.models import User, DBSession, Partner, Group, UserGroup
-from opensipkd.tools.buttons import btn_cancel, btn_register, btn_save
 from . import widget_os
-from .base_views import need_captcha, need_verify, get_url_captcha
+from .base_views import need_captcha, get_url_captcha
-from .user_login import regenerate_security_code, get_login_headers, \
+from .user_login import regenerate_security_code, send_email_security_code
-    send_email_security_code, send_email_pending
-from opensipkd.models import User, DBSession, Partner, Group, UserGroup, \
-    ExternalIdentity
 from ..views import BaseView
 _ = TranslationStringFactory('user')
@@ -333,7 +327,7 @@ class Registrasi(BaseView):
                if d["idcard"]:
                    filename = d["idcard"]
                    preview_url = "/".join(
-                        [self.home, partner_idcard_folder, filename])
+                        [self.req.static_url(get_id_card_folder('/')), filename])
                    d["idcard"] = {"uid": filename.split(".")[0],
                                   "filename": filename,
                                   "preview_url": preview_url
@@ -367,7 +361,7 @@ class Registrasi(BaseView):
        if "idcard" in values and values["idcard"]:
            if self.req.POST['upload'] != b'':
-                path = get_params('idcard_folder', '/tmp/idcard')
+                path = get_id_card_folder()
                upload = Upload(path)
                values["idcard"] = upload.save(self.req, 'upload')
            else:
@@ -388,7 +382,7 @@ class Registrasi(BaseView):
            user = User()
            user.email = row.email
            user.user_name = row.email
-            user.registered_date=datetime.now()
+            user.registered_date = datetime.now()
            DBSession.add(user)
            DBSession.flush()
            remain = regenerate_security_code(user)