Changeset 15606 for main/waeup.kofa/trunk/src/waeup/kofa/browser/pages.py

Timestamp:

24 Sep 2019, 17:21:28 (5 years ago)

Author:

Henrik Bettermann

Message:

Parents access implementation (part 1)

File:

• main/waeup.kofa/trunk/src/waeup/kofa/browser/pages.py (modified) (3 diffs)

main/waeup.kofa/trunk/src/waeup/kofa/browser/pages.py

@@ -364 +364 @@
                         self.request.principal.id]
                     rel_link = '/students/%s' % self.request.principal.id
-                    if student.personal_data_expired:
-                        rel_link = '/students/%s/edit_personal' % (
-                            self.request.principal.id)
-                        self.flash(
-                          _('Your personal data record is outdated. Please update.'),
-                          type='warning')
+                    if student.getParentsPassword():
+                        # Add logging message
+                        student.writeLogMessage(self, 'Parents logged in')
+                        # Replace role if parents have logged in
+                        role_manager = IPrincipalRoleManager(student)
+                        role_manager.removeRoleFromPrincipal(
+                            'waeup.local.StudentRecordOwner', student.student_id)
+                        notify(LocalRoleSetEvent(
+                            student, 'waeup.local.StudentRecordOwner',
+                            student.student_id, granted=False))
+                        role_manager.assignRoleToPrincipal(
+                            'waeup.local.Parents', student.student_id)
+                        notify(LocalRoleSetEvent(
+                            student, 'waeup.local.Parents',
+                            student.student_id, granted=True))
+                    else:
+                        # Redirect to personal page if data are outdated
+                        if student.personal_data_expired:
+                            rel_link = '/students/%s/edit_personal' % (
+                                self.request.principal.id)
+                            self.flash(
+                              _('Your personal data record is outdated. Please update.'),
+                              type='warning')
                     self.redirect(self.application_url() + rel_link)
                     return
@@ -402 +419 @@
                 return
             # Display appropriate flash message if credentials are correct
-            # but student has been deactivated or a temporary password
-            # has been set.
+            # but student has been deactivated or a temporary or parents 
+            # password has been set.
             login = self.request.form['form.login']
             if len(login) == 8 and login in grok.getSite()['students']:
@@ -413 +430 @@
                     # The student entered valid credentials.
                     # First we check if a temporary password has been set.
-                    delta = timedelta(minutes=10)
-                    now = datetime.utcnow()
-                    temp_password_dict = getattr(student, 'temp_password', None)
-                    if temp_password_dict is not None and \
-                        now < temp_password_dict.get('timestamp', now) + delta:
+                    if student.getTempPassword():
                         self.flash(
                             _('Your account has been temporarily deactivated.'),
+                            type='warning')
+                        return
+                    # Next we check if a parents password has been set.
+                    if student.getParentsPassword():
+                        self.flash(
+                            _('Your account has been temporarily deactivated '
+                              'because your parents have logged in.'),
                             type='warning')
                         return