def create():
if flask.request.method == "GET":
return flask.render_template("user/create.html", title="Create User")
if flask.request.method == "POST":
user_identifier = flask.request.form["identifier"]
parameters = {"display_name": flask.request.form["display_name"]}
try:
service_client.post(
"/user/{user_identifier}/create".format(**locals()),
data=parameters)
flask.flash(
"User '%s' was created successfully." % user_identifier,
"success")
return flask.redirect(
flask.url_for("user_controller.show_collection"))
except requests.HTTPError as exception:
flask.flash(
"User '%s' could not be created: %s." %
(user_identifier,
helpers.get_error_message(exception.response.status_code)),
"error")
return flask.render_template("user/create.html",
title="Create User")
return flask.abort(405)
def index():
view_data = {
"website_information": _get_website_information(),
"service_information": None,
"external_service_collection": None,
}
try:
service_client.get("/")
view_data["service_status"] = { "status": "available" }
except requests.HTTPError as exception:
view_data["service_status"] = {
"status": "unavailable",
"status_code": exception.response.status_code,
"status_message": helpers.get_error_message(exception.response.status_code),
}
if view_data["service_status"]["status"] == "available":
try:
view_data["service_information"] = service_client.get("/admin/information")
view_data["external_service_collection"] = _get_status_for_external_services()
except requests.HTTPError:
logger.error("Failed to retrieve additional service information", exc_info = True)
return flask.render_template("admin/index.html", title = "Administration", **view_data)
def logout():
if flask.request.method == "GET":
if "token" not in flask.session:
return flask.redirect(flask.url_for("website.home"))
return flask.render_template("me/logout.html", title="Log Out")
if flask.request.method == "POST":
if "token" not in flask.session:
return flask.redirect(flask.url_for("website.home"))
try:
service_client.post("/me/logout", {
"token_identifier":
flask.session["token"]["token_identifier"]
})
flask.flash("Logout succeeded.", "success")
flask.session.clear()
return flask.redirect(flask.url_for("website.home"))
except requests.HTTPError as exception:
flask.flash(
"Logout failed: %s." %
helpers.get_error_message(exception.response.status_code),
"error")
return flask.render_template("me/logout.html", title="Log Out")
return flask.abort(405)
def reset_password(user_identifier):
if flask.request.method == "GET":
user = service_client.get("/user/{user_identifier}".format(**locals()))
return flask.render_template("user/reset_password.html",
title="Reset User Password",
user=user)
if flask.request.method == "POST":
parameters = {"password": flask.request.form["password"]}
try:
service_client.post(
"/user/{user_identifier}/reset_password".format(**locals()),
data=parameters)
flask.flash(
"Password for user '%s' was set successfully." %
user_identifier, "success")
return flask.redirect(
flask.url_for("user_controller.show",
user_identifier=user_identifier))
except requests.HTTPError as exception:
flask.flash(
"Password for user '%s' could not be set: %s." %
(user_identifier,
helpers.get_error_message(exception.response.status_code)),
"error")
user = service_client.get(
"/user/{user_identifier}".format(**locals()))
return flask.render_template("user/reset_password.html",
title="Reset User Password",
user=user)
return flask.abort(405)
def create_token():
if flask.request.method == "GET":
return flask.render_template("me/create_token.html",
title="Create Authentication Token")
if flask.request.method == "POST":
parameters = {"description": flask.request.form["description"]}
if flask.request.form["expiration"]:
parameters["expiration"] = flask.request.form["expiration"]
try:
token = service_client.post("/me/token_create", data=parameters)
flask.flash(
"Token '%s' was created successfully." %
token["token_identifier"], "success")
flask.flash("Token secret: '%s'." % token["secret"], "info")
return flask.redirect(flask.url_for("me_controller.show_profile"))
except requests.HTTPError as exception:
flask.flash(
"Token could not be created: %s." %
helpers.get_error_message(exception.response.status_code),
"error")
return flask.render_template("me/create_token.html",
title="Create Authentication Token")
return flask.abort(405)
def change_password():
if flask.request.method == "GET":
return flask.render_template("me/change_password.html",
title="Change Password")
if flask.request.method == "POST":
if flask.request.form["new-password"] != flask.request.form[
"new-password-confirmation"]:
flask.flash("Password change failed: new passwords do not match.",
"error")
return flask.render_template("me/change_password.html",
title="Change Password")
parameters = {
"old_password": flask.request.form["old-password"],
"new_password": flask.request.form["new-password"]
}
try:
service_client.post("/me/change_password", data=parameters)
flask.flash("Password change succeeded.", "success")
return flask.redirect(flask.url_for("me_controller.show_profile"))
except requests.HTTPError as exception:
flask.flash(
"Password change failed: %s." %
helpers.get_error_message(exception.response.status_code),
"error")
return flask.render_template("me/change_password.html",
title="Change Password")
return flask.abort(405)
def login():
if flask.request.method == "GET":
if "token" in flask.session:
return flask.redirect(flask.url_for("website.home"))
return flask.render_template("me/login.html", title="Log In")
if flask.request.method == "POST":
now = flask.current_app.date_time_provider.now()
parameters = {
"user": flask.request.form["user"],
"password": flask.request.form["password"]
}
try:
flask.session["token"] = service_client.post("/me/login",
data=parameters)
flask.session["user"] = service_client.get("/me")
flask.session[
"last_refresh"] = flask.current_app.date_time_provider.serialize(
now)
flask.session.permanent = True
flask.flash("Login succeeded.", "success")
return flask.redirect(flask.url_for("website.home"))
except requests.HTTPError as exception:
if exception.response.status_code == 403:
flask.session.clear()
flask.flash(
"Login failed: %s." %
helpers.get_error_message(exception.response.status_code),
"error")
return flask.render_template("me/login.html", title="Log In")
return flask.abort(405)
def delete_token(token_identifier):
try:
service_client.post(
"/me/token/{token_identifier}/delete".format(**locals()))
flask.flash("Token '%s' was deleted successfully." % token_identifier,
"success")
except requests.HTTPError as exception:
flask.flash(
"Token '%s' could not be deleted: %s." %
(token_identifier,
helpers.get_error_message(exception.response.status_code)),
"error")
return flask.redirect(flask.url_for("me_controller.show_profile"))
def update_identity(user_identifier):
parameters = {"display_name": flask.request.form["display_name"]}
try:
service_client.post(
"/user/{user_identifier}/update_identity".format(**locals()),
data=parameters)
flask.flash(
"Identity for user '%s' was updated successfully." %
user_identifier, "success")
except requests.HTTPError as exception:
flask.flash(
"Identity for user '%s' could not be updated: %s." %
(user_identifier,
helpers.get_error_message(exception.response.status_code)),
"error")
return edit(user_identifier, parameters)
def handle_error(exception):
status_code = exception.code if isinstance(
exception, werkzeug.exceptions.HTTPException) else 500
status_message = helpers.get_error_message(status_code)
request_logger.error("(%s) %s %s (StatusCode: %s)",
flask.request.environ["REMOTE_ADDR"],
flask.request.method,
flask.request.base_url,
status_code,
exc_info=True)
if flask.request.headers.get("Content-Type") == "application/json":
return flask.jsonify({
"status_code": status_code,
"status_message": status_message
}), status_code
return flask.render_template("error.html",
title="Error",
status_message=status_message,
status_code=status_code), status_code
def update_roles(user_identifier):
parameters = {
"roles":
[role.strip() for role in flask.request.form["roles"].splitlines()]
}
try:
service_client.post(
"/user/{user_identifier}/update_roles".format(**locals()),
data=parameters)
flask.flash(
"Roles for user '%s' were updated successfully." % user_identifier,
"success")
except requests.HTTPError as exception:
flask.flash(
"Roles for user '%s' could not be updated: %s." %
(user_identifier,
helpers.get_error_message(exception.response.status_code)),
"error")
return edit(user_identifier, parameters)