Skip to content

irul / opensipkd-base

Go to a project
Commit 8a2074c0 by aa.gustiana@gmail.com
Options

Perbaikan Kebutuhan Pelayanan ada beberapa file yang belum di update

1 parent 6449329b
Inline Side-by-side
Showing 5 changed files with 52 additions and 55 deletions
opensipkd/base/__init__.py
...@@ -69,22 +69,25 @@ def has_modules(module_name, context=None): ...@@ -69,22 +69,25 @@ def has_modules(module_name, context=None):
def add_cors_headers_response_callback(event): def add_cors_headers_response_callback(event):
def cors_headers(request, response): def cors_headers(request, response):
pass # pass
# origin = request.headers.get("Origin", None) # origin = request.headers.get("Origin", None)
# allowed_origin = get_params("allowed_origin", None) # allowed_origin = get_params("allowed_origin", None)
# if allowed_origin: # if allowed_origin:
# if origin not in allowed_origin.split('\n'): # if origin not in allowed_origin.split('\n'):
# origin = "null" # origin = "null"
# headers = { headers = {
# 'Access-Control-Allow-Methods': 'POST,GET,DELETE,PUT,OPTIONS', 'Access-Control-Allow-Methods': '*',
# 'Access-Control-Allow-Headers': 'Origin, Content-Type, Accept, Authorization', 'Access-Control-Allow-Headers': '*',
# 'Access-Control-Max-Age': '1728000', 'Access-Control-Allow-Origin': "*",
# } # 'Access-Control-Allow-Methods': 'POST,GET,DELETE,PUT,OPTIONS',
# 'Access-Control-Allow-Headers': 'Origin, Content-Type, Accept, Authorization',
# 'Access-Control-Max-Age': '1728000',
}
# _logging.info(f"{origin} {request.is_xhr}") # _logging.info(f"{origin} {request.is_xhr}")
# response.headers.update( # response.headers.update(
# {'Access-Control-Allow-Credential': 'true', # {'Access-Control-Allow-Credential': 'true',
# 'Access-Control-Allow-Origin': "*"} # 'Access-Control-Allow-Origin': "*"}
# ) # )
# if origin: # if origin:
# headers['Access-Control-Allow-Origin'] = origin # headers['Access-Control-Allow-Origin'] = origin
...@@ -94,7 +97,7 @@ def add_cors_headers_response_callback(event): ...@@ -94,7 +97,7 @@ def add_cors_headers_response_callback(event):
# headers['Access-Control-Allow-Credentials'] = 'true' # headers['Access-Control-Allow-Credentials'] = 'true'
# _logging.debug(f"Headers: {headers}") # _logging.debug(f"Headers: {headers}")
# response.headers.update(headers) response.headers.update(headers)
_logging.warning(response.headers) _logging.warning(response.headers)
event.request.add_response_callback(cors_headers) event.request.add_response_callback(cors_headers)
......
opensipkd/base/views/base_views.py
...@@ -396,7 +396,14 @@ class BaseView(object): ...@@ -396,7 +396,14 @@ class BaseView(object):
action_suffix += f'?parent_id={parent.id}' action_suffix += f'?parent_id={parent.id}'
schema = self.list_schema() schema = self.list_schema()
schema = schema.bind(request=self.req) if "bindings" in kwargs and kwargs["bindings"]:
bindings = kwargs["bindings"]
elif self.bindings:
bindings = self.bindings
else:
bindings = self.get_bindings()
schema = schema.bind(request=self.req, **bindings)
if not new_buttons: if not new_buttons:
new_buttons = self.new_buttons new_buttons = self.new_buttons
...@@ -651,7 +658,7 @@ class BaseView(object): ...@@ -651,7 +658,7 @@ class BaseView(object):
if not values: if not values:
return self.route_list(msg="Nilai Data tidak ditemukan", error="error") return self.route_list(msg="Nilai Data tidak ditemukan", error="error")
form.set_appstruct(values) form.set_appstruct(values)
table = self.get_item_table(row) table = self.get_item_table(parent=row)
kwargs["readonly"] = True kwargs["readonly"] = True
return self.returned_form(form, table, **kwargs) return self.returned_form(form, table, **kwargs)
...@@ -933,7 +940,7 @@ class BaseView(object): ...@@ -933,7 +940,7 @@ class BaseView(object):
self.bindings = self.get_bindings(row) self.bindings = self.get_bindings(row)
form = self.get_form(self.edit_schema, **kwargs) form = self.get_form(self.edit_schema, **kwargs)
table = self.get_item_table(row) table = self.get_item_table(parent=row)
values = self.get_values(row) values = self.get_values(row)
if request.POST: if request.POST:
if 'save' in request.POST: if 'save' in request.POST:
...@@ -1002,20 +1009,20 @@ class BaseView(object): ...@@ -1002,20 +1009,20 @@ class BaseView(object):
return self.route_list() return self.route_list()
form = self.get_form( form = self.get_form(
self.edit_schema, buttons=(btn_delete, btn_cancel)) self.edit_schema, buttons=(btn_delete, btn_cancel))
table = self.get_item_table(row) table = self.get_item_table(parent=row)
resources = form.get_widget_resources() resources = form.get_widget_resources()
form.set_appstruct(self.get_values(row)) form.set_appstruct(self.get_values(row))
kwargs["readonly"] = True kwargs["readonly"] = True
return self.returned_form(form, table, **kwargs) return self.returned_form(form, table, **kwargs)
def query_id(self): def query_id(self, id=None):
q = self.db_session.query(self.table).filter_by( id=id or self.req.matchdict['id']
id=self.req.matchdict['id']) return self.table.query_id(id)
# if self.req.user: # if self.req.user:
# if hasattr(self.table, 'company_id') and self.req.user.company_id: # if hasattr(self.table, 'company_id') and self.req.user.company_id:
# q = q.filter_by(company_id=self.req.user.company_id) # q = q.filter_by(company_id=self.req.user.company_id)
return q # return q
# def filter_company(self, query): # def filter_company(self, query):
# if self.req.user.company_id: # if self.req.user.company_id:
......
opensipkd/base/views/templates/_table_include.pt 0 → 100644
<script src="${home}/static/v3/js/plugin/datatables/jquery.dataTables.min.js"></script>
<script src="${home}/static/v3/js/plugin/datatables/dataTables.colVis.min.js"></script>
<script src="${home}/static/v3/js/plugin/datatables/dataTables.tableTools.min.js"></script>
<script src="${home}/static/v3/js/plugin/datatables/dataTables.bootstrap.min.js"></script>
<script src="${home}/static/v3/js/plugin/datatable-responsive/datatables.responsive.min.js"></script>
opensipkd/base/views/user_login.py
...@@ -62,7 +62,7 @@ class Login(CSRFSchema): ...@@ -62,7 +62,7 @@ class Login(CSRFSchema):
) )
password = colander.SchemaNode( password = colander.SchemaNode(
colander.String(), widget=widget.PasswordWidget()) colander.String(), widget=widget.PasswordWidget())
def after_bind(self, schema, kwargs): def after_bind(self, schema, kwargs):
request = kwargs["request"] request = kwargs["request"]
csrf_token = new_csrf_token(request) csrf_token = new_csrf_token(request)
...@@ -209,7 +209,7 @@ class ViewAuth(BaseView): ...@@ -209,7 +209,7 @@ class ViewAuth(BaseView):
if BASE_CLASS.allow_register: if BASE_CLASS.allow_register:
buttons += (Button('register', _('Register')),) buttons += (Button('register', _('Register')),)
buttons += (Button('reset', _('Reset')), btn_cancel,) buttons += (Button('reset', _('Reset')), btn_cancel,)
form = Form(schema, buttons=buttons) form = Form(schema, buttons=buttons)
message = "" message = ""
if 'cancel' in request.POST: if 'cancel' in request.POST:
...@@ -301,10 +301,10 @@ class ViewAuth(BaseView): ...@@ -301,10 +301,10 @@ class ViewAuth(BaseView):
# url=get_urls(request.route_url('login')), # url=get_urls(request.route_url('login')),
# next_url=next_url, # next_url=next_url,
# login=login, ) # login=login, )
if self.req.is_xhr:
return Response(json=self.form2dict(form))
if login_tpl: if login_tpl:
if self.req.is_xhr:
# return Response(form.render())
return Response(json=self.form2dict(form))
return render_to_response( return render_to_response(
renderer_name=login_tpl, renderer_name=login_tpl,
request=request, request=request,
...@@ -313,8 +313,8 @@ class ViewAuth(BaseView): ...@@ -313,8 +313,8 @@ class ViewAuth(BaseView):
url=request.route_url('base-login'), url=request.route_url('base-login'),
next_url=next_url, next_url=next_url,
login=login, ), login=login, ),
) )
return dict(form=form.render(),scripts="") return dict(form=form.render(), scripts="")
def view_logout(self): def view_logout(self):
request = self.req request = self.req
...@@ -342,7 +342,7 @@ class ViewAuth(BaseView): ...@@ -342,7 +342,7 @@ class ViewAuth(BaseView):
request.session["login"] = False request.session["login"] = False
return dict(form=form.render()) return dict(form=form.render())
def redirect_login(request, user): def redirect_login(request, user):
set_user_log("Login Sukses", request, log, user.user_name) set_user_log("Login Sukses", request, log, user.user_name)
...@@ -355,7 +355,7 @@ def redirect_login(request, user): ...@@ -355,7 +355,7 @@ def redirect_login(request, user):
if request.is_xhr: if request.is_xhr:
return Response(json={"success": True, return Response(json={"success": True,
"token": user.security_code}, headerlist=headers) "token": user.security_code}, headerlist=headers)
if not next_url and request.matched_route.name == 'login': if not next_url and request.matched_route.name == 'login':
url = get_params('modules_default', 'base-home') url = get_params('modules_default', 'base-home')
return HTTPFound(location=request.route_url(url), return HTTPFound(location=request.route_url(url),
...@@ -379,8 +379,7 @@ btn_home = Button("home", css_class="btn-success") ...@@ -379,8 +379,7 @@ btn_home = Button("home", css_class="btn-success")
# class ViewLogout(BaseView): # class ViewLogout(BaseView):
# @view_config(route_name='logout', renderer="templates/logout.pt", require_csrf=False) # @view_config(route_name='logout', renderer="templates/logout.pt", require_csrf=False)
class ViewPassword(BaseView): class ViewPassword(BaseView):
...@@ -406,7 +405,7 @@ class ViewPassword(BaseView): ...@@ -406,7 +405,7 @@ class ViewPassword(BaseView):
return resp return resp
remain = regenerate_security_code(user) remain = regenerate_security_code(user)
set_user_log("Reset password to {}".format(user.email), request, log, set_user_log("Reset password to {}".format(user.email), request, log,
user.user_name) user.user_name)
send_email_security_code( send_email_security_code(
request, user, remain, 'Reset password', 'reset-password-body', request, user, remain, 'Reset password', 'reset-password-body',
'reset-password-body.tpl') 'reset-password-body.tpl')
...@@ -415,10 +414,9 @@ class ViewPassword(BaseView): ...@@ -415,10 +414,9 @@ class ViewPassword(BaseView):
return HTTPFound(location=request.home) return HTTPFound(location=request.home)
elif 'cancel' in request.POST: elif 'cancel' in request.POST:
return HTTPFound(location=request.route_url('base-login')) return HTTPFound(location=request.route_url('base-login'))
resp['form'] = form.render() resp['form'] = form.render()
return resp return resp
def change_password(self): def change_password(self):
""" """
...@@ -436,7 +434,7 @@ class ViewPassword(BaseView): ...@@ -436,7 +434,7 @@ class ViewPassword(BaseView):
form = Form(schema, buttons=buttons) form = Form(schema, buttons=buttons)
if not request.POST: if not request.POST:
return dict(form=form.render(), scripts="") return dict(form=form.render(), scripts="")
if 'save' not in request.POST: if 'save' not in request.POST:
return HTTPFound(location=request.route_url('base-login')) return HTTPFound(location=request.route_url('base-login'))
...@@ -445,13 +443,13 @@ class ViewPassword(BaseView): ...@@ -445,13 +443,13 @@ class ViewPassword(BaseView):
c = form.validate(items) c = form.validate(items)
except ValidationFailure as e: except ValidationFailure as e:
return dict(form=e.render()) return dict(form=e.render())
user = request.user user = request.user
user.security_code = None user.security_code = None
if not UserService.check_password(user, c['password']): if not UserService.check_password(user, c['password']):
request.session.flash('Password lama tidak sesuai', 'error') request.session.flash('Password lama tidak sesuai', 'error')
return HTTPFound(location=request.route_url('base-password')) return HTTPFound(location=request.route_url('base-password'))
UserService.set_password(user, c['new_password']) UserService.set_password(user, c['new_password'])
self.db_session.add(user) self.db_session.add(user)
self.db_session.flush() self.db_session.flush()
...@@ -460,7 +458,6 @@ class ViewPassword(BaseView): ...@@ -460,7 +458,6 @@ class ViewPassword(BaseView):
set_user_log("Change Password", request, log) set_user_log("Change Password", request, log)
return HTTPFound(location=f"{request.home}", headers=headers) return HTTPFound(location=f"{request.home}", headers=headers)
def change_password_request(self): def change_password_request(self):
""" """
Digunakan untuk change password url dari email (register, reset password) Digunakan untuk change password url dari email (register, reset password)
...@@ -480,7 +477,7 @@ class ViewPassword(BaseView): ...@@ -480,7 +477,7 @@ class ViewPassword(BaseView):
if not user or now - user.security_code_date > one_hour: if not user or now - user.security_code_date > one_hour:
request.session.flash('Security code expired', 'error') request.session.flash('Security code expired', 'error')
return HTTPFound(location=request.route_url('base-login')) return HTTPFound(location=request.route_url('base-login'))
schema = ChangePasswordRequest(validator=change_password_validator) schema = ChangePasswordRequest(validator=change_password_validator)
btn_save = Button('save', _('Simpan')) btn_save = Button('save', _('Simpan'))
btn_cancel = Button('cancel', _('Batalkan')) btn_cancel = Button('cancel', _('Batalkan'))
...@@ -490,14 +487,12 @@ class ViewPassword(BaseView): ...@@ -490,14 +487,12 @@ class ViewPassword(BaseView):
return dict(form=form.render(), scripts="") return dict(form=form.render(), scripts="")
if 'save' not in request.POST: if 'save' not in request.POST:
return HTTPFound(location=request.route_url('base-login')) return HTTPFound(location=request.route_url('base-login'))
items = request.POST.items() items = request.POST.items()
try: try:
c = form.validate(items) c = form.validate(items)
except ValidationFailure as e: except ValidationFailure as e:
return dict(form=e.render()) return dict(form=e.render())
user.security_code = None user.security_code = None
UserService.set_password(user, c['new_password']) UserService.set_password(user, c['new_password'])
...@@ -507,9 +502,6 @@ class ViewPassword(BaseView): ...@@ -507,9 +502,6 @@ class ViewPassword(BaseView):
set_user_log("Change Password", request, log) set_user_log("Change Password", request, log)
return HTTPFound(location=f"{request.home}", headers=headers) return HTTPFound(location=f"{request.home}", headers=headers)
def view_recreate_api_key(self): def view_recreate_api_key(self):
request = self.req request = self.req
if not request.user.api_key: if not request.user.api_key:
...@@ -530,6 +522,7 @@ class ViewPassword(BaseView): ...@@ -530,6 +522,7 @@ class ViewPassword(BaseView):
request.session.flash(msg) request.session.flash(msg)
return HTTPFound(location=f"{request.home}") return HTTPFound(location=f"{request.home}")
class ChangePasswordRequest(colander.Schema): class ChangePasswordRequest(colander.Schema):
new_password = colander.SchemaNode( new_password = colander.SchemaNode(
colander.String(), widget=widget.CheckedPasswordWidget()) colander.String(), widget=widget.CheckedPasswordWidget())
...@@ -539,8 +532,8 @@ class ChangePassword(ChangePasswordRequest): ...@@ -539,8 +532,8 @@ class ChangePassword(ChangePasswordRequest):
new_password = colander.SchemaNode( new_password = colander.SchemaNode(
colander.String(), widget=widget.CheckedPasswordWidget()) colander.String(), widget=widget.CheckedPasswordWidget())
password = colander.SchemaNode(colander.String(), password = colander.SchemaNode(colander.String(),
widget=widget.PasswordWidget(), widget=widget.PasswordWidget(),
title=_("Old Password")) title=_("Old Password"))
def change_password_validator(form, value): def change_password_validator(form, value):
...@@ -557,9 +550,6 @@ def change_password_validator(form, value): ...@@ -557,9 +550,6 @@ def change_password_validator(form, value):
# raise exc # raise exc
###################### ######################
# Buat ulang API Key # # Buat ulang API Key #
###################### ######################
...@@ -572,9 +562,6 @@ def generate_api_key(): ...@@ -572,9 +562,6 @@ def generate_api_key():
return UserService.generate_random_string(64) return UserService.generate_random_string(64)
################## ##################
# Reset password # # Reset password #
################## ##################
...@@ -668,9 +655,3 @@ def regenerate_security_code(user, hour=1.0): ...@@ -668,9 +655,3 @@ def regenerate_security_code(user, hour=1.0):
log.debug("Security code: %s", user.security_code) log.debug("Security code: %s", user.security_code)
DBSession.add(user) DBSession.add(user)
return hour return hour
opensipkd/detable/detable.py
...@@ -121,6 +121,7 @@ class DeTable(field.Field): ...@@ -121,6 +121,7 @@ class DeTable(field.Field):
scroll_y=False, scroll_y=False,
**kw **kw
): ):
kw.pop("parent", None)
super().__init__(schema, **kw) super().__init__(schema, **kw)
self.request = kw.get("request") self.request = kw.get("request")
self.rows = kw.get("rows") self.rows = kw.get("rows")
......
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!