Beispiel #1
0
 def validate(self):
     if not Form.validate(self):
         return False
     user = db.get_user_by_username(self.username.data)
     if user is not None:
         self.username.errors.append("Username exists")
         return False
     return True
Beispiel #2
0
 def validate(self):
     if not Form.validate(self):
         return False
     self.user = db.get_user_by_username(self.username.data)
     if self.user is None:
         self.username.errors = ("Unknown username",)
         return False
     if not check_password_hash(self.user.passwd, self.password.data):
         self.password.errors = ("Invalid password",)
         return False
     return True
Beispiel #3
0
    def validate(self):
        rv = Form.validate(self)
        if not rv:
            return False

        link = self.link.data
        title = self.title.data
        description = self.description.data
        tags = map(lambda x: {"name": x.strip()}, self.tags.data.split(","))

        # TODO : add id control if create is False (modification mode need a
        # valid bookmark id)
        self.bookmark = ItemBookmark(ptags=tags, plink=link, ptitle=title, pdescription=description, json=True)
        return True
Beispiel #4
0
    def validate(self):
        rv = Form.validate(self)
        if not rv:
            return False

        link = self.link.data
        title = self.title.data
        description = self.description.data
        tags = map(lambda x: {'name': x.strip()}, self.tags.data.split(','))

        # TODO : add id control if create is False (modification mode need a
        # valid bookmark id)
        self.bookmark = ItemBookmark(ptags=tags, plink=link, ptitle=title,
            pdescription=description, json=True)
        return True
Beispiel #5
0
 def validate(self):
     if not Form.validate(self):
         return False
     try:
         self.short_path = json.loads(self.short_path_json.data)
     except ValueError:
         # TODO logging
         self.comment.errors.append("Server upload error")
         return False
     # sanity check for short path
     for elem in self.short_path:
         if type(elem) != list or len(elem) != 2:
             self.comment.errors.append("Server upload error")
             return False
     return True
Beispiel #6
0
    def validate(self):
        rv = Form.validate(self)
        if not rv:
            return False

        print self.admin
        user = User(self.admin.data)
        if user is None:
            self.admin.errors.append('Unknown admin')
            return False

        if not user.check_password(self.password.data):
           self.password.errors.append('Invalid password')
           return False

        return True
Beispiel #7
0
    def validate(self):
        # regular validation
        rv = Form.validate(self)
        if not rv:
            return False

        user = User.query.filter_by(username=self.login_username.data).first()
        if user is None:
            self.login_username.errors.append('unknown username or invalid password')
            return False

        if not user.check_password(self.login_password.data):
            self.password.errors.append('unknown username or invalid password')
            return False

        self.user = user
        return True
Beispiel #8
0
    def validate(self):
        rv = Form.validate(self)
        if not rv:
            return False

        pseudo = self.login.data
        password = self.password.data
        password_confirmation = self.password_confirmation.data

        if password != password_confirmation:
            self.password.errors.append('Passwords mismatch')
            self.password_confirmation.errors.append('Passwords mismatch')
            return False

        self.user = User(pseudo, password)

        return True
Beispiel #9
0
def inject_common_values():
    form = Form()
    ga_id = app.config['CDW']['google_analytics_id']
    ga_id = None if ga_id == 'None' or ga_id == '' else ga_id
    intro_video_id = app.config['CDW']['intro_video_id']

    return {
        'facebook_app_id':
        app.config['SOCIAL_PROVIDERS']['facebook']['oauth']['consumer_key'],
        'google_analytics_id':
        ga_id,
        'media_root':
        app.config['MEDIA_ROOT'],
        'csrf_token':
        form.csrf.data,
        'intro_video_id':
        intro_video_id,
        'local_request':
        app.config['LOCAL_REQUEST']
    }
Beispiel #10
0
    def validate(self):
        rv = Form.validate(self)
        if not rv:
            return False

        pseudo = self.login.data
        password = self.password.data

        try:
            user_exists(self, self.login)
            user = check_password(pseudo, password)
            if user is None:
                self.password.errors.append('Wrong password.')
                return False
        except ValidationError:
            self.login.errors.append('Unknow user.')
            return False

        self.user = user

        return True
Beispiel #11
0
 def validate(self):
     if not Form.validate(self):
         return False
     f_sgf = None
     if self.url.data:
         try:
             f_sgf = urllib.urlopen(self.url.data)
         except IOError:
             self.url.errors = ("Invalid url.",)
             return False
     elif self.file.data:
         f_sgf = self.file.data
         if not f_sgf.filename.endswith("sgf"):
             self.url.errors = ("Invalid file extension. Expected .sgf file.",)
             return False
     else:
         self.url.errors = ("One of the fields must be filled.",)
         return False
     assert(f_sgf)
     self.sgf = f_sgf.read()
     return True
Beispiel #12
0
 def __init__(self, *args, ** kwargs):
     Form.__init__(self, *args, ** kwargs)
     self.user = None
Beispiel #13
0
 def __init__(self, *a, **k):
     Form.__init__(self, *a, **k)
     self.short_path = None
Beispiel #14
0
 def __init__(self, *a, **k):
     Form.__init__(self, *a, **k)
     self.sgf = None
Beispiel #15
0
 def __init__(self):
     Form.__init__(self, id="frmUpdate")
Beispiel #16
0
 def __init__(self, *args, **kwargs):
     Form.__init__(self, *args, **kwargs)
     if not self.next.data:
         self.next.data = get_redirect_target() or ''
 def __init__(self, *args, **kwargs):
     Form.__init__(self, *args, **kwargs)
     if not self.next.data:
         self.next.data = get_redirect_target() or ''
Beispiel #18
0
def userlist(page = 1, pending = False, sponsored = False, rolloffs = False):
    # We need to make sure sponsors without admin/labstaff permissions don't go
    # browsing through all the users data
    domains = g.user.get_domains()
    if ((sponsored and 'sponsor' not in domains) or
       (not sponsored and (not g.user_is_labstaff) and (not g.user_is_admin)) or
       (rolloffs and (not g.user_is_labstaff) and (not g.user_is_admin))):  
        flash("Unauthorized.")
        return redirect('index')
    if (pending or rolloffs) and request.method == "POST":
        form = Form(request.form)
        if not form.validate():
            flash("There was an error with your submission.")
            redirect(request.url)
        users = [user for user, value in request.form.iteritems() if value == 'approve']
        if rolloffs:
             users = [user for user, value in request.form.iteritems()]
        users = [User.username == user for user in users]
        if len(users) > 0:
            query = User.query.filter(or_(*users))
            if sponsored:
                # Filter and make sure we only get this sponsors users, for security
                query = query.filter(User.sponsor == g.user.username)
            users = query.all()
            for user in users:
                if sponsored:
                    user.status = 'pending_labstaff'
                elif rolloffs:
                    user.status = 'pending_rolloff'
                else:
                    user.status = 'pending_create'
                db.session.add(user)
            db.session.commit()
        # here we handle denying accounts:
        users = [user for user, value in request.form.iteritems() if value == 'deny']
        users = [User.username == user for user in users]
        if len(users) > 0:
            query = User.query.filter(or_(*users))
            if sponsored:
                query = query.filter(User.sponsor == g.user.username)
            users = query.all()
            for user in users:
                # send rejection emails, silent reject if comments are empty
                if sponsored:
                    mail.sponsor_reject(user)
                elif g.user_is_admin:
                    mail.admin_reject(user)
                # drop rejected users
                db.session.delete(user)
            db.session.commit()

    query = User.query
    sort = 'username'
    sort_col = User.username
    sort_dir = asc
    cols = {'username' : User.username,
            'uid' : User._uid,
            'sponsor' : User.sponsor,
            'email' : User.email,
            'name' : User.last_name,
            'last_name' : User.last_name,
            'first_name' : User.first_name,
            'status' : User.status,
            'grad_date' : User._grad_date}
    # Let's make the filter form
    class FilterForm(Form):
        pass
    for field, col in cols.iteritems():
        setattr(FilterForm, field, TextField())
    filter_form = FilterForm(request.args)
           
    if 'sort' in request.args:
        if request.args['sort'] in cols:
            sort = request.args['sort']
            sort_col = cols[request.args['sort']]
    if 'dir' in request.args and request.args['dir'] == 'desc':
        sort_dir = desc
    
    if sponsored:
        query = query.filter(User.sponsor == g.user.username)
        if pending:
            query = query.filter(User.status == 'pending_sponsor')
        else:
            query = query.filter(User.status != 'pending_sponsor')
    elif rolloffs:
        now = date.today()
        query = query.filter(User._grad_date <= now)
        query = query.filter(User.status != 'pending_sponsor')
        query = query.filter(User.status != 'pending_labstaff')
        query = query.filter(User.status != 'pending_rolloff')
    else:
        if pending:
        	query = query.filter(User.status == 'pending_labstaff')
#        else:
#            query = query.filter(User.status != 'pending_labstaff')
#            query = query.filter(User.status != 'pending_sponsor')
    for field, col in cols.iteritems():
        if field in request.args:
            if request.args[field].strip() == "":
                continue
            query = query.filter(col.like(request.args[field].strip()))
    query = query.order_by(sort_dir(sort_col))
    page = query.paginate(page)
    if pending:
        # Patch a Form. This allows us to keep our CSRF protection
        class F(Form):
            pass
        for user in page.items:
            setattr(F, user.username, RadioField(choices=[('approve', 'Approve'), ('postpone', 'Postpone'), ('deny', 'Deny')], validators=[validators.Required()]))
        # Flask-WTForms likes to pull data from request.form. Force it not to.
        form = F(ImmutableMultiDict())
        # We do this after the fact so WTForms can do some of its binding
        for user in page.items:
            user.radio = getattr(form, user.username)
            user.radio.data = 'postpone'
        if sponsored:
            template = 'sponsorship_requests.html'
        else:
            template = 'list_pending_users.html'
    elif rolloffs:
        class rolloffCheckbox(Form):
            pass
        for user in page.items:
            setattr(rolloffCheckbox, user.username, BooleanField())
        form = rolloffCheckbox(ImmutableMultiDict())
        for user in page.items:
            user.checkbox = getattr(form, user.username)
        template = 'list_upcoming_rolloffs.html'
    else:
        form = Form()
        if sponsored:
            template = 'sponsored_users.html'
        else:
            template = 'userlist.html'
    return render_template(template, page=page, sort=sort, sort_dir='asc' if sort_dir == asc else 'desc', form=form, filter_form=filter_form)
Beispiel #19
0
 def __init__(self, *args, **kwargs):
     kwargs['csrf_enabled'] = False
     Form.__init__(self, *args, **kwargs)
Beispiel #20
0
 def __init__(self, *a, **k):
     Form.__init__(self, *a, **k)
     self.user = None
Beispiel #21
0
    def __init__(self, formdata=None, obj=None, prefix='', **kwargs):
        agent_type_id = AgentType.query.filter_by(name=obj['agent_type']).one().agent_type_id
        kwargs.setdefault('agent_type', agent_type_id)

        Form.__init__(self, formdata, obj, prefix, **kwargs)