def _update_subscription_data(request, subscription): """ Update the subscriptions in the database from form data. Using data from the passed subscription struct, find a subscription in the database, and update it (if it belongs to the current logged-in user). """ sub = Subscriptions.get_by_id(subscription['id']) if sub is None: return { 'errors': { 'subscriptions': _('Subscription not found') }, } # If we're trying to update a subscription for anyone other than # the currently logged-in user, bail fast. # # The error message is deliberately identical to the one above, so # as not to leak any information about who which subscription ids # belong to. if sub.uri != request.authenticated_userid: return { 'errors': { 'subscriptions': _('Subscription not found') }, } sub.active = subscription.get('active', True) request.session.flash(_('Changes saved!'), 'success')
def _update_subscription_data(request, subscription): """ Update the subscriptions in the database from form data. Using data from the passed subscription struct, find a subscription in the database, and update it (if it belongs to the current logged-in user). """ sub = Subscriptions.get_by_id(subscription['id']) if sub is None: return { 'errors': {'subscriptions': _('Subscription not found')}, } # If we're trying to update a subscription for anyone other than # the currently logged-in user, bail fast. # # The error message is deliberately identical to the one above, so # as not to leak any information about who which subscription ids # belong to. if sub.uri != request.authenticated_userid: return { 'errors': {'subscriptions': _('Subscription not found')}, } sub.active = subscription.get('active', True) request.session.flash(_('Changes saved!'), 'success')
def unsubscribe(self): request = self.request subscription_id = request.GET['subscription_id'] subscription = Subscriptions.get_by_id(subscription_id) if subscription: subscription.active = False return {} return {}
def unsubscribe(self): request = self.request subscription_id = request.GET['subscription_id'] subscription = Subscriptions.get_by_id(subscription_id) if subscription: subscription.active = False return {} return {}
def unsubscribe(self): request = self.request subscription_id = request.GET['subscription_id'] subscription = Subscriptions.get_by_id(subscription_id) if subscription: if request.authenticated_userid != subscription.uri: raise httpexceptions.HTTPUnauthorized() subscription.active = False return {} return {}
def unsubscribe(self): request = self.request subscription_id = request.GET['subscription_id'] subscription = Subscriptions.get_by_id(subscription_id) if subscription: if request.authenticated_userid != subscription.uri: raise httpexceptions.HTTPUnauthorized() subscription.active = False return {} return {}
def edit_profile(self): try: appstruct = _validate_edit_profile_request(self.request) except _InvalidEditProfileRequestError as err: return dict(errors=err.errors) username = appstruct['username'] pwd = appstruct['pwd'] subscriptions = appstruct['subscriptions'] if subscriptions: # Update the subscriptions table subs = json.loads(subscriptions) if username == subs['uri']: s = Subscriptions.get_by_id(self.request, subs['id']) if s: s.active = subs['active'] self.db.add(s) return {} else: return dict( errors=[ {'subscriptions': _('Non existing subscription')} ], code=404 ) else: return dict( errors=[{'username': _('Invalid username')}], code=400 ) # Password check user = self.User.get_user(self.request, username, pwd) if user: self.request.context = user response = super(ProfileController, self).edit_profile() # Add the user's email into the model dict that eventually gets # returned to the browser. This is needed so that the edit profile # forms can show the value of the user's current email. if self.request.authenticated_userid: user = h.accounts.models.User.get_by_id( self.request, self.request.authenticated_userid) response.json = {"model": {"email": user.email}} return response else: return dict(errors=[{'pwd': _('Invalid password')}], code=401)
def edit_profile(self): request = self.request schema = schemas.EditProfileSchema().bind(request=request) form = deform.Form(schema) try: appstruct = form.validate(request.POST.items()) except deform.ValidationFailure as e: return dict(errors=e.error.children) username = appstruct['username'] pwd = appstruct['pwd'] subscriptions = appstruct['subscriptions'] if subscriptions: # Update the subscriptions table subs = json.loads(subscriptions) if username == subs['uri']: s = Subscriptions.get_by_id(request, subs['id']) if s: s.active = subs['active'] self.db.add(s) return {} else: return dict( errors=[ {'subscriptions': _('Non existing subscription')} ], code=404 ) else: return dict( errors=[{'username': _('Invalid username')}], code=400 ) # Password check user = self.User.get_user(request, username, pwd) if user: request.context = user return super(ProfileController, self).edit_profile() else: return dict(errors=[{'pwd': _('Invalid password')}], code=401)
def edit_profile(self): request = self.request schema = schemas.EditProfileSchema().bind(request=request) form = deform.Form(schema) try: appstruct = form.validate(request.POST.items()) except deform.ValidationFailure as e: return dict(errors=e.error.children) username = appstruct['username'] pwd = appstruct['pwd'] subscriptions = appstruct['subscriptions'] if subscriptions: # Update the subscriptions table subs = json.loads(subscriptions) if username == subs['uri']: s = Subscriptions.get_by_id(request, subs['id']) if s: s.active = subs['active'] self.db.add(s) return {} else: return dict(errors=[{ 'subscriptions': _('Non existing subscription') }], code=404) else: return dict(errors=[{ 'username': _('Invalid username') }], code=400) # Password check user = self.User.get_user(request, username, pwd) if user: request.context = user return super(ProfileController, self).edit_profile() else: return dict(errors=[{'pwd': _('Invalid password')}], code=401)