def validate_email(self, field):
user = self.get_user()
if user is None:
raise wtf.ValidationError('Invalid user')
if user.password != self.password.data:
raise wtf.ValidationError('Invalid password')
def validate_phone(self, field):
existing = UserPhone.query.filter_by(phone=field.data).first()
if existing is not None:
if existing.user == g.user:
raise wtf.ValidationError(
"You have already registered this phone number.")
else:
raise wtf.ValidationError(
"That phone number has already been claimed.")
existing = UserPhoneClaim.query.filter_by(phone=field.data,
user=g.user).first()
if existing is not None:
raise wtf.ValidationError(
"That phone number is pending verification.")
# Step 1: Remove punctuation in number
field.data = strip_phone(field.data)
# Step 2: Validate number format
if not valid_phone(field.data):
raise wtf.ValidationError(
"Invalid phone number (must be in international format with a leading + symbol)"
)
# Step 3: Check if Indian number (startswith('+91'))
if not field.data.startswith('+91') or len(field.data) != 13:
raise wtf.ValidationError(
"Only Indian mobile numbers are allowed at this time")
def validate_name(self, field):
if invalid_name.search(field.data):
raise wtf.ValidationError(
"The name cannot have spaces or non-alphanumeric characters")
existing = Playlist.query.filter_by(channel=self.channel,
name=field.data).first()
if existing and existing.id != self.edit_id:
raise wtf.ValidationError("That name is already in use")
def validate_upload(self, field):
if not self.upload.has_file():
raise wtf.ValidationError(gettext('File required.'))
filename = self.upload.data.filename
if not self.admin.is_file_allowed(filename):
raise wtf.ValidationError(gettext('Invalid file type.'))
def validate_login(self, field):
user = self.get_user()
if user is None:
raise wtf.ValidationError(u'Користувача з логіном %s не існує' % self.login.data)
if not user.is_authenticated(aUser=''.join(self.login.raw_data), aPassword=''.join(self.password.raw_data)):
raise wtf.ValidationError(u'Неспівпадіння паролей')
def validate_name(self, field):
if not valid_username(field.data):
raise wtf.ValidationError("Name contains invalid characters.")
existing = ResourceAction.query.filter_by(
name=field.data, resource=self.edit_resource).first()
if existing and existing.id != self.edit_id:
raise wtf.ValidationError(
"An action with that name already exists for this resource")
def validate_username(form, field):
user = User.by_username(field.data)
if not user:
raise wtf.ValidationError('No such user exists.')
if reset.count_tokens(user) >= 5:
raise wtf.ValidationError(
'You may not reset your password more than 5 times'
' in one day.')
def validate_id(self, field):
# Check if user is authorized to edit this expense.
if field.data:
expense = Expense.query.get(field.data)
if not expense:
raise wtf.ValidationError("Unknown expense")
if expense.report.user != g.user:
raise wtf.ValidationError(
"You are not authorized to edit this expense")
def validate_alias(form, field):
if form.alias.data == 'new':
raise wtf.ValidationError(
flask.Markup('The alias cannot be '
'<code>new</code>.'))
check = Election.query.filter_by(alias=form.alias.data).all()
if check:
if not (form._election_id and form._election_id == check[0].id):
raise wtf.ValidationError('There is already another election '
'with this alias.')
def validate_username(self, field):
if field.data in RESERVED_USERNAMES:
raise wtf.ValidationError, "That name is reserved"
if not valid_username(field.data):
raise wtf.ValidationError(
u"Invalid characters in name. Names must be made of ‘a-z’, ‘0-9’ and ‘-’, without trailing dashes"
)
existing = User.query.filter_by(username=field.data).first()
if existing is not None:
raise wtf.ValidationError("That username is taken")
def validate_name(self, field):
if not valid_username(field.data):
raise wtf.ValidationError("Invalid characters in name")
if field.data in RESERVED_USERNAMES:
raise wtf.ValidationError("That name is reserved")
existing = User.query.filter_by(username=field.data).first()
if existing is not None:
raise wtf.ValidationError("That name is taken")
existing = Organization.query.filter_by(name=field.data).first()
if existing is not None and existing.id != self.edit_id:
raise wtf.ValidationError("That name is taken")
def validate_name(self, field):
if not valid_username(field.data):
raise wtf.ValidationError("Name contains invalid characters.")
if field.data in registry:
raise wtf.ValidationError("This name is reserved for internal use")
existing = Resource.query.filter_by(name=field.data).first()
if existing and existing.id != self.edit_id:
raise wtf.ValidationError(
"A resource with that name already exists")
def validate_email(self, field):
existing = UserEmail.query.filter_by(email=field.data).first()
if existing is not None:
if existing.user == g.user:
raise wtf.ValidationError(
"You have already registered this email address.")
else:
raise wtf.ValidationError(
"This email address has already been claimed.")
existing = UserEmailClaim.query.filter_by(email=field.data,
user=g.user).first()
if existing is not None:
raise wtf.ValidationError(
"This email address is pending verification.")
def validate_username(self, field):
## Usernames are now mandatory. This should be commented out:
# if not field.data:
# field.data = None
# return
if not valid_username(field.data):
raise wtf.ValidationError("Invalid characters in username")
if field.data in RESERVED_USERNAMES:
raise wtf.ValidationError("That name is reserved")
existing = User.query.filter_by(username=field.data).first()
if existing is not None and existing.id != self.edit_id:
raise wtf.ValidationError("That username is taken")
existing = Organization.query.filter_by(name=field.data).first()
if existing is not None:
raise wtf.ValidationError("That username is taken")
def validate_email(self, field):
if User.objects.filter(email=field.data,
invitee__exists=False,
country__exists=True).count() > 0:
raise wtf.ValidationError(
'User is already invited as country coordinator with Eionet Account'
)
def validate_identifier(self, field):
if field.data:
field.data = field.data.lower()
if UserCollection.query.filter_by(id=field.data).first():
raise wtf.ValidationError(
"The identifier already exists. Please choose a different one."
)
def validate(self):
rv = super(PermissionForm, self).validate()
if not rv:
return False
if not valid_username(self.name.data):
raise wtf.ValidationError("Name contains invalid characters")
existing = Permission.query.filter_by(name=self.name.data,
allusers=True).first()
if existing and existing.id != self.edit_id:
self.name.errors.append(
"A global permission with that name already exists")
return False
if self.context.data == g.user.userid:
existing = Permission.query.filter_by(name=self.name.data,
user=g.user).first()
else:
org = Organization.query.filter_by(
userid=self.context.data).first()
if org:
existing = Permission.query.filter_by(name=self.name.data,
org=org).first()
else:
existing = None
if existing and existing.id != self.edit_id:
self.name.errors.append(
"You have another permission with the same name")
return False
return True
def new_channel(u, p):
if p.owner.id != g.user.id:
# Project isn't public and the viewer isn't the project owner.
# (403 Forbidden)
return abort(403)
form = ChannelDetailsForm()
if form.validate_on_submit():
host = form.host.data.strip().lower()
channel = form.channel.data.strip().lower()
# Make sure this isn't a duplicate channel before we create it.
c = Channel.query.filter_by(host=host,
channel=channel,
project_id=p.id).first()
if not c:
c = Channel.new(channel,
host,
port=form.port.data,
ssl=form.ssl.data,
public=form.public.data)
p.channels.append(c)
db.session.add(c)
db.session.commit()
return redirect(url_for('.details', p=p.name, u=u.username))
else:
form.channel.errors = [
wtf.ValidationError(
'You cannot have a project in the same channel twice.')
]
return render_template('new_channel.html', project=p, form=form)
def new():
"""
Create a new project.
"""
form = ProjectDetailsForm()
if form.validate_on_submit():
p = Project.by_name_and_owner(form.name.data, g.user)
if p:
form.name.errors = [
wtf.ValidationError('Project name must be unique.')
]
else:
p = Project.new(form.name.data,
public=form.public.data,
website=form.website.data)
p.full_name = '{0}/{1}'.format(g.user.username, p.name)
g.user.projects.append(p)
db.session.add(p)
if p.public:
# New public projects get added to #commits by default.
c = Channel.new('#commits',
'chat.freenode.net',
6667,
ssl=False,
public=True)
p.channels.append(c)
db.session.commit()
return redirect(url_for('.details', u=g.user.username, p=p.name))
return render_template('new_project.html', form=form)
def edit_project(u, p):
"""
Edit an existing project.
"""
if p.owner.id != g.user.id:
# Project isn't public and the viewer isn't the project owner.
# (403 Forbidden)
return abort(403)
form = ProjectDetailsForm(obj=p)
if form.validate_on_submit():
old_p = Project.by_name_and_owner(form.name.data, g.user)
if old_p and old_p.id != p.id:
form.name.errors = [
wtf.ValidationError('Project name must be unique.')
]
else:
p.name = form.name.data
p.website = form.website.data
p.public = form.public.data
p.full_name = '{0}/{1}'.format(g.user.username, p.name)
db.session.commit()
return redirect(url_for('.dashboard', u=u.username))
return render_template('edit_project.html', project=p, form=form)
def validate_email(self, field):
existing = UserEmail.query.filter_by(email=field.data).first()
if existing is not None:
raise wtf.ValidationError(
Markup(
'This email address is already registered. Do you want to <a href="%s">login</a> instead?'
% url_for('login')))
def validate_password(form, field):
try:
user = g.session.query(User).filter_by(login=form.login.data)[0]
except IndexError:
pass
else:
if user.password != field.data:
raise wtf.ValidationError('Incorrect password.')
def validate_previous_id(self, field):
if not field.data:
field.data = None
else:
try:
field.data = int(field.data)
except ValueError:
raise wtf.ValidationError(u"Unknown previous revision")
def is_number(form, field):
''' Check if the data in the field is a number and raise an exception
if it is not.
'''
try:
float(field.data)
except ValueError:
raise wtf.ValidationError('Field must contain a number')
def validate_title(self, field):
"""
If the title is already in use, refuse to add this one.
"""
existing = set([
simplify_text(c.title) for c in Category.query.all()
if c != self.edit_obj
])
if simplify_text(field.data) in existing:
raise wtf.ValidationError(
"You have an existing category with the same name")
def validate_client_owner(self, field):
if field.data == g.user.userid:
self.user = g.user
self.org = None
else:
orgs = [
org for org in g.user.organizations_owned()
if org.userid == field.data
]
if len(orgs) != 1:
raise wtf.ValidationError("Invalid owner")
self.user = None
self.org = orgs[0]
def validate_login(self, field):
user = self.get_user()
if ldap_auth.auth(self.login.data, self.password.data) != 1:
flash(u'Login failed', category='error')
raise wtf.ValidationError('Invalid user/password')
if user is None:
# add user to db
user = User()
user.username = self.login.data
user.active = True
user.admin = True if user.username == "bmays" or user.username == "cjohnson" else False
main.db.session.add(user)
main.db.session.commit()
def validate_password(form, field):
if not User.login(g.user.username, field.data):
raise wtf.ValidationError('Your password is incorrect.')
def validate_password(self, field):
user = getuser(self.username.data)
if user is None or not user.password_is(field.data):
raise wtf.ValidationError("Incorrect password")
self.user = user
def validate_username(self, field):
existing = getuser(field.data)
if existing is None:
raise wtf.ValidationError("User does not exist")
