Context navigation

← Previous change
Next change →

Changeset 1006 for WAeUP_SRP/trunk

Timestamp:

7 Dec 2006, 18:18:28 (18 years ago)

Author:

joachim

Message:

student_search fixed for ClearanceOfficers?
getStudentInfo checks for access to not owned Student-Ids and logs them.
search Pins shows all used PIN's

Location:

WAeUP_SRP/trunk/skins

Files:

: 6 edited

waeup_custom/logged_in.py (modified) (2 diffs)
waeup_custom/standard_error_message.pt (modified) (2 diffs)
waeup_pins/search_pins.py (modified) (4 diffs)
waeup_student/getStudentInfo.py (modified) (1 diff)
waeup_student/search_students.py (modified) (3 diffs)
waeup_student/search_students_form.pt (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

WAeUP_SRP/trunk/skins/waeup_custom/logged_in.py

-                      r1004
+                      r1006
 member = mtool.getAuthenticatedMember()
+if not is_anon:
+    if "Student" in member.getRoles():
+        to_waeup_student_home = True
+        students = context.portal_url.getPortalObject().campus.students
+        student = getattr(students,str(member))
+        student_app = getattr(student,'application')
+        student_pume = getattr(student,'pume',None)
+        s_review_state = wftool.getInfoFor(student,'review_state',None)
+        a_review_state = wftool.getInfoFor(student_app,'review_state',None)
+        logger.info('%s review_state %s' % (member,s_review_state))
+        app_doc = student_app.getContent()
+        #from Products.zdb import set_trace
+        #set_trace()
+        if s_review_state in ("student_created","admitted") and\
+        a_review_state == 'created' :
+            wftool.doActionFor(student_app,'open')
+            if student_pume is not None:
+              wftool.doActionFor(student_pume,'close')
+            da = {}
+            pin = request.get('pin')
+            if not pin:
+if redirect_url.endswith('/logged_out'):
+    redirect_to_portal = True
+else:
+    if not is_anon:
+        if "Student" in member.getRoles():
+            to_waeup_student_home = True
+            students = context.portal_url.getPortalObject().campus.students
+            student = getattr(students,str(member))
+            student_app = getattr(student,'application')
+            student_pume = getattr(student,'pume',None)
+            s_review_state = wftool.getInfoFor(student,'review_state',None)
+            a_review_state = wftool.getInfoFor(student_app,'review_state',None)
+            logger.info('%s review_state %s' % (member,s_review_state))
+            app_doc = student_app.getContent()
+            #from Products.zdb import set_trace
+            #set_trace()
+            if s_review_state in ("student_created","admitted") and\
+            a_review_state == 'created' :
+                wftool.doActionFor(student_app,'open')
+                if student_pume is not None:
+                  wftool.doActionFor(student_pume,'close')
+                da = {}
+                pin = request.get('pin')
+                if not pin:
+                    jamb_reg_no = app_doc.jamb_reg_no
+                    for reg_no in (jamb_reg_no,jamb_reg_no.lower(),jamb_reg_no.upper()):
+                        res = context.portal_pins(student=reg_no)
+                        if len(res) > 0:
+                            break
+                    if len(res) > 0:
+                        p = res[0].pin
+                        if len(p) > 10:
+                            pin = "%s-%s-%s" % (p[:3],p[3:4],p[4:])
+                        else:
+                            pin = p
+                da['app_ac_pin'] = pin
+                da['app_ac_date'] = current
+                app_doc.edit(mapping = da)
+            elif s_review_state in ("admitted") and a_review_state == 'opened' and\
+            not app_doc.app_ac_pin:
                 jamb_reg_no = app_doc.jamb_reg_no
                 for reg_no in (jamb_reg_no,jamb_reg_no.lower(),jamb_reg_no.upper()):
 …
                     else:
                         pin = p
+            da['app_ac_pin'] = pin
+            da['app_ac_date'] = current
+            app_doc.edit(mapping = da)
+        elif s_review_state in ("admitted") and a_review_state == 'opened' and\
+        not app_doc.app_ac_pin:
+            jamb_reg_no = app_doc.jamb_reg_no
+            for reg_no in (jamb_reg_no,jamb_reg_no.lower(),jamb_reg_no.upper()):
+                res = context.portal_pins(student=reg_no)
+                if len(res) > 0:
+                    break
+            if len(res) > 0:
+                p = res[0].pin
+                if len(p) > 10:
+                    pin = "%s-%s-%s" % (p[:3],p[3:4],p[4:])
+                else:
+                    pin = p
+                da = {}
+                da['app_ac_pin'] = pin
+                app_doc.edit(mapping = da)
+    elif "Manager" in member.getRoles():
+        pass
+    else:
+        to_member_home, to_workspaces = checkRedirect(portal, mtool)
+                    da = {}
+                    da['app_ac_pin'] = pin
+                    app_doc.edit(mapping = da)
+        elif "Manager" in member.getRoles():
+            pass
+        else:
+            to_member_home, to_workspaces = checkRedirect(portal, mtool)
 if (not to_member_home) and (not to_workspaces):
     redirect_to_portal = True

WAeUP_SRP/trunk/skins/waeup_custom/standard_error_message.pt

-                      r535
+                      r1006
                         p_props here/portal_properties;
                        ">
+<tal:Anauthorized condition="python:error_type == 'Unauthorized'">
+    <metal:block use-macro="here/error_not_found/macros/not_found" />
+</tal:Anauthorized>
+<tal:Anauthorized condition="python:error_type != 'Unauthorized'">
 <metal:body use-macro="here/main_template/macros/master">
 …
 </metal:main>
 </metal:body>
+</tal:Anauthorized>
 </metal:html>

WAeUP_SRP/trunk/skins/waeup_pins/search_pins.py

-                      r1002
+                      r1006
 list Students for ClearanceOfficers
 """
 request = REQUEST
 wftool = context.portal_workflow
 …
 if what == 'student':
-    items_2 = context.portal_pins(student = term)
     items_1 = context.portal_pins(student = term.upper())
+    items_2 = context.portal_pins(student = term.lower())
     items = items_1 + items_2
 elif what == 'pin':
 …
     items = []
 l = []
+students_url = "%s/%s" % (context.portal_url(),'students')
+pins = []
 for i in items:
     item = {}
 …
     item['serial'] = i.serial
     item['pin'] = i.pin
+    if i.pin in pins:
+        continue
+    pins.append(i.pins)
     if len(sno)==10:
-    #if bd.prefix == "APP":
         #res = context.portal_catalog(SearchableText=sno,portal_type='StudentApplication')
         res = context.students_catalog(jamb_reg_no=sno.upper())
         if len(res) > 0:
             item['student_url'] = "%s/%s" % (context.portal_url(),res[0].id)
+            item['student_url'] = "%s/campus/students/%s" % (context.portal_url(),res[0].id)
             item['student_id'] = res[0].id
         else:
             item['student_url'] = None
             item['student_id'] = ''
+    elif sno:
+        item['student_url'] = '%s/campus/students/%s' % (students_url,item['student'])
+        item['student_id'] = student
     else:
         item['student_url'] = '%s/%s' % (students_url,item['student'])
         item['student_id'] = student
+        item['student_url'] = ''
+        item['student_id'] = "not used"
     l.append(item)

WAeUP_SRP/trunk/skins/waeup_student/getStudentInfo.py

-                      r971
+                      r1006
 path_info = request.get('PATH_INFO').split('/')
+import logging
+logger = logging.getLogger('getStudentInfo')
 info = {}
 member_id = str(member)
+#from Products.zdb import set_trace
+#set_trace()
+student_id = None
 if student is None:
+    if mtool.isAnonymousUser():
+        return None
+    elif not context.isStudent() and 'students' in path_info:
+        student_id = path_info[path_info.index('students')+1]
+    else:
+    while True:
+        if mtool.isAnonymousUser():
+            return None
+        try:
+            requested_id = path_info[path_info.index('students')+1]
+        except ValueError:
+            student_id = member_id
+            break
+        if not context.isStudent() and 'students' in path_info:
+            student_id = requested_id
+            break
+        if member_id != requested_id:
+            logger.info("Student %s tried to access %s" % (member_id,requested_id))
+            student_id = member_id
+            #mtool.assertViewable(context)
+            break
         student_id = member_id
+        break
 else:
     student_id = student.getId()
 roles = member.getRoles()
 student_path = "%s/campus/students/%s" % (context.portal_url.getPortalPath(),student_id)
 student = context.restrictedTraverse(student_path,default=None)
-#from Products.zdb import set_trace
-#set_trace()
 if student is None or student.portal_type != 'Student':
+if student is None or student.portal_type != "Student":
     return None
 ##res = context.portal_catalog(id = student_id,portal_type='Student')

WAeUP_SRP/trunk/skins/waeup_student/search_students.py

-                      r1000
+                      r1006
 path_info = request.get('PATH_INFO').split('/')
 validate = request.has_key("cpsdocument_edit_button")
+state = "all"
+if "ClearanceOfficers" in member.getGroups():
+    state = "clearance_requested"
 default = {'search_mode': 'name',
         'review_state': 'all',
+        'review_state': state,
         'search_string': ''
+        }
 …
 if items:
     for item in items:
+        #if context.isClearanceOfficer(info):
+        stcat = context.students_catalog
+        record = stcat(id = item)[0]
         info = {}
+        for field in stcat.schema() + stcat.indexes():
+            info[field] = getattr(record, field)
         if "ClearanceOfficers" in member.getGroups():
             co_view = True
+##            droles = member.getRolesInContext(item)
+##            if "ClearanceOfficer" in droles:
+##                info = context.getStudentInfo(item)
+##                students.append(info)
+            res = context.portal_catalog(portal_type='Student', id = item)
+            if len(res) != 1:
+                continue
+            droles = member.getRolesInContext(res[0].getObject())
+            info['review_state'] = res[0].review_state
+            if "ClearanceOfficer" in droles:
+                students.append(info)
         else:
-            #info = context.getStudentInfo(item)
-            info = context.students_catalog(id = item)
             if len(info) == 1:
                 students.append(info[0])
+                students.append(info)
     return context.search_students_form(rendered = rend,
                              psm = "",
-                             #psm = "%d,%d matching Students found QS = %s" %\
-                             #       (len(review_set),len(search_set),query_step),
-                             #psm = "%d found QS = %s items: %s" % (len(items),query_step,items),
                              students = students,
                              allowed = True,
 …
 return context.search_students_form(rendered = rend,
                              psm = "No student found!",
-                             #psm = """Step: %s found: %s Your search for "%s" in %s with state %s failed.<br\>%s""" % (query_step,len(items),st,what,state,bools),
                              students = students,
                              allowed = True,

WAeUP_SRP/trunk/skins/waeup_student/search_students_form.pt

r971	r1006
63	63	<td tal:condition="options/co_view\|nothing">
64	64	<a href="id"
65		tal:attributes="href string:${~~student/student/clearance/absolute_url}~~/external_clearance_edit_form"
	65	tal:attributes="href string:${context/portal_url}/campus/students/${student/id}/clearance/external_clearance_edit_form"
66	66	target="edit"
67	67	onclick="javascript:window.open('','edit','width=600, height=700, directories=no, toolbar=no, location=no, menubar=no, scrollbars=yes, status=no, resizable=no, dependent=no')"

Note: See TracChangeset for help on using the changeset viewer.