def post(self): """ Create a new organization. """ user = get_authenticated_user() org_data = request.get_json() existing = None try: existing = model.organization.get_organization(org_data["name"]) except model.InvalidOrganizationException: pass if not existing: existing = model.user.get_user(org_data["name"]) if existing: msg = "A user or organization with this name already exists" raise request_error(message=msg) if features.MAILING and not org_data.get("email"): raise request_error(message="Email address is required") # If recaptcha is enabled, then verify the user is a human. if features.RECAPTCHA: recaptcha_response = org_data.get("recaptcha_response", "") result = recaptcha2.verify(app.config["RECAPTCHA_SECRET_KEY"], recaptcha_response, get_request_ip()) if not result["success"]: return { "message": "Are you a bot? If not, please revalidate the captcha." }, 400 is_possible_abuser = ip_resolver.is_ip_possible_threat( get_request_ip()) try: model.organization.create_organization( org_data["name"], org_data.get("email"), user, email_required=features.MAILING, is_possible_abuser=is_possible_abuser, ) return "Created", 201 except model.DataModelException as ex: raise request_error(exception=ex)
def post(self): """ Create a new organization. """ user = get_authenticated_user() org_data = request.get_json() existing = None try: existing = model.organization.get_organization(org_data['name']) except model.InvalidOrganizationException: pass if not existing: existing = model.user.get_user(org_data['name']) if existing: msg = 'A user or organization with this name already exists' raise request_error(message=msg) if features.MAILING and not org_data.get('email'): raise request_error(message='Email address is required') # If recaptcha is enabled, then verify the user is a human. if features.RECAPTCHA: recaptcha_response = org_data.get('recaptcha_response', '') result = recaptcha2.verify(app.config['RECAPTCHA_SECRET_KEY'], recaptcha_response, get_request_ip()) if not result['success']: return { 'message': 'Are you a bot? If not, please revalidate the captcha.' }, 400 is_possible_abuser = ip_resolver.is_ip_possible_threat( get_request_ip()) try: model.organization.create_organization( org_data['name'], org_data.get('email'), user, email_required=features.MAILING, is_possible_abuser=is_possible_abuser) return 'Created', 201 except model.DataModelException as ex: raise request_error(exception=ex)
def post(self): """ Create a new user. """ if app.config["AUTHENTICATION_TYPE"] != "Database": abort(404) user_data = request.get_json() invite_code = user_data.get("invite_code", "") existing_user = model.user.get_nonrobot_user(user_data["username"]) if existing_user: raise request_error(message="The username already exists") # Ensure an e-mail address was specified if required. if features.MAILING and not user_data.get("email"): raise request_error(message="Email address is required") # If invite-only user creation is turned on and no invite code was sent, return an error. # Technically, this is handled by the can_create_user call below as well, but it makes # a nicer error. if features.INVITE_ONLY_USER_CREATION and not invite_code: raise request_error(message="Cannot create non-invited user") # Ensure that this user can be created. blacklisted_domains = app.config.get("BLACKLISTED_EMAIL_DOMAINS", []) if not can_create_user(user_data.get("email"), blacklisted_domains=blacklisted_domains): raise request_error( message="Creation of a user account for this e-mail is disabled; please contact an administrator" ) # If recaptcha is enabled, then verify the user is a human. if features.RECAPTCHA: recaptcha_response = user_data.get("recaptcha_response", "") result = recaptcha2.verify( app.config["RECAPTCHA_SECRET_KEY"], recaptcha_response, get_request_ip() ) if not result["success"]: return {"message": "Are you a bot? If not, please revalidate the captcha."}, 400 is_possible_abuser = ip_resolver.is_ip_possible_threat(get_request_ip()) try: prompts = model.user.get_default_user_prompts(features) new_user = model.user.create_user( user_data["username"], user_data["password"], user_data.get("email"), auto_verify=not features.MAILING, email_required=features.MAILING, is_possible_abuser=is_possible_abuser, prompts=prompts, ) email_address_confirmed = handle_invite_code(invite_code, new_user) if features.MAILING and not email_address_confirmed: confirmation_code = model.user.create_confirm_email_code(new_user) send_confirmation_email(new_user.username, new_user.email, confirmation_code) return {"awaiting_verification": True} else: success, headers = common_login(new_user.uuid) if not success: return {"message": "Could not login. Is your account inactive?"}, 403 return user_view(new_user), 200, headers except model.user.DataModelException as ex: raise request_error(exception=ex)