def action(self, resource, context, form):
# Get the user
email = form['username'].strip()
user = context.root.get_user_from_login(email)
if form['no_password']:
if not Email.is_valid(email):
message = u'The given username is not an email address.'
context.message = ERROR(message)
return
# Case 1: Register
# check captcha first
captcha = form['captcha'].strip()
crypted = crypt_captcha(captcha)
crypt_imgtext = form['crypt_imgtext'].strip()
decrypt = Password.decode('%s' % crypt_imgtext)
if crypted != decrypt:
error = u"You typed an incorrect captcha string."
context.message = ERROR(error)
return
# does the user exists?
if user is None:
if context.site_root.is_allowed_to_register():
return self._register(resource, context, email)
# FIXME This message does not protect privacy
error = u"You don't have an account, contact the site admin."
context.message = ERROR(error)
return
# Case 2: Forgotten password
email = user.get_property('email')
user.send_forgotten_password(context, email)
path = '/ui/website/forgotten_password.xml'
handler = resource.get_resource(path)
return stl(handler)
# Case 3: Login
password = form['password']
if user is None or not user.authenticate(password, clear=True):
context.message = ERROR(u'The email or the password is incorrect.')
return
# Set cookie & context
user.set_auth_cookie(context, password)
context.user = user
# Come back
referrer = context.get_referrer()
if referrer is None:
goto = get_reference('./')
else:
path = get_uri_path(referrer)
if path.endswith(';login'):
goto = get_reference('./')
else:
goto = referrer
return context.come_back(INFO(u"Welcome to the Phoenix Project!"), goto)
def action_mass_subscribe(self, resource, context, form):
root = context.root
already = []
unallowed = []
invited = []
invalid = []
subscribed_users = resource.get_subscribed_users()
for email in form['emails']:
email = email.strip()
if not email:
continue
# Check if email is valid
if not Email.is_valid(email):
invalid.append(email)
continue
# Checks
user = root.get_user_from_login(email)
if user:
if user.name in subscribed_users:
already.append(user)
continue
if not resource.is_subscription_allowed(user.name):
unallowed.append(user)
continue
# Subscribe
user = resource.subscribe_user(email=email, user=user)
key = resource.set_register_key(user.name)
# Send invitation
subject = resource.invitation_subject.gettext()
confirm_url = context.uri.resolve(';accept_invitation')
confirm_url.query = {'key': key, 'email': email}
text = resource.invitation_text.gettext(uri=confirm_url)
root.send_email(email, subject, text=text)
invited.append(user)
# Ok
context.message = []
add_subscribed_message(MSG_ALREADY, already, context)
add_subscribed_message(MSG_INVALID,
invalid,
context,
users_is_resources=False)
add_subscribed_message(MSG_INVITED, invited, context)
add_subscribed_message(MSG_UNALLOWED, unallowed, context)
def action_mass_subscribe(self, resource, context, form):
root = context.root
already = []
unallowed = []
invited = []
invalid = []
subscribed_users = resource.get_subscribed_users()
for email in form['emails']:
email = email.strip()
if not email:
continue
# Check if email is valid
if not Email.is_valid(email):
invalid.append(email)
continue
# Checks
user = root.get_user_from_login(email)
if user:
if user.name in subscribed_users:
already.append(user)
continue
if not resource.is_subscription_allowed(user.name):
unallowed.append(user)
continue
# Subscribe
user = resource.subscribe_user(email=email, user=user)
key = resource.set_register_key(user.name)
# Send invitation
subject = resource.invitation_subject.gettext()
confirm_url = context.uri.resolve(';accept_invitation')
confirm_url.query = {'key': key, 'email': email}
text = resource.invitation_text.gettext(uri=confirm_url)
root.send_email(email, subject, text=text)
invited.append(user)
# Ok
context.message = []
add_subscribed_message(MSG_ALREADY, already, context)
add_subscribed_message(MSG_INVALID, invalid, context,
users_is_resources=False)
add_subscribed_message(MSG_INVITED, invited, context)
add_subscribed_message(MSG_UNALLOWED, unallowed, context)
def test_Email(self):
for name, result in {'*****@*****.**':True,
'toto@':False}.iteritems():
self.assertEqual(Email.is_valid(name), result)
def is_valid(cls, value):
return Email.is_valid(value)
def GET(self, resource, context):
"""This view load the paybox cgi. That script redirect on paybox
server to show the payment form.
"""
# We get the paybox CGI path on server
cgi_path = join(dirname(sys.executable), 'paybox.cgi')
# Configuration
kw = {}
order = resource.parent
kw['PBX_CMD'] = order.name
kw['PBX_TOTAL'] = int(resource.get_property('amount') * 100)
# Basic configuration
kw['PBX_MODE'] = '4'
kw['PBX_LANGUE'] = 'FRA'
kw['PBX_TYPEPAIEMENT'] = 'CARTE'
kw['PBX_WAIT'] = '0'
kw['PBX_RUF1'] = 'POST'
kw['PBX_RETOUR'] = "transaction:T;autorisation:A;amount:M;advanced_state:E;payment:P;carte:C;sign:K"
# PBX Retour uri
base_uri = context.uri.resolve(context.get_link(resource))
for option in PBXState.get_options():
key = option['pbx']
status = option['name']
uri = '%s/;end?status=%s' % (base_uri, status)
kw[key] = '%s' % uri
# PBX_REPONDRE_A (Url to call to set payment status)
kw['PBX_REPONDRE_A'] = '%s/;callback' % base_uri
# Configuration
payment_way = get_payment_way(resource, 'paybox')
for key in ['PBX_SITE', 'PBX_IDENTIFIANT',
'PBX_RANG', 'PBX_DIFF', 'PBX_AUTOSEULE']:
kw[key] = payment_way.get_property(key)
# Devise
kw['PBX_DEVISE'] = resource.get_property('devise')
# PBX_PORTEUR
# XXX Allow to overide PBX_PORTEUR
# (If someone call and give his card number ?)
email = context.user.get_property('email')
if Email.is_valid(email) is False:
raise ValueError, 'PBX_PORTEUR should be a valid Email address'
kw['PBX_PORTEUR'] = email
# En mode test:
if not payment_way.get_property('real_mode'):
kw.update(payment_way.test_configuration)
# Build cmd
cmd = [cgi_path] + ['%s=%s' % (x[0], x[1]) for x in kw.iteritems()]
log_debug("Calling Paybox: {0!r}".format(cmd))
# Call the CGI
try:
result = check_output(cmd)
# Check if all is ok
html = re.match ('.*?<HEAD>(.*?)</HTML>', result, re.DOTALL)
if html is None:
raise CalledProcessError
except CalledProcessError, e:
# Try do get error number
num_error = re.match ('.*?NUMERR=(.*?)"', e.output, re.DOTALL)
if num_error:
num_error = num_error.group(1)
error = PayboxCGIErrors.get_value(num_error)
else:
error = "Unknow reason"
error = u"Error: payment module can't be loaded. (%s)" % error
raise ValueError, error
def test_Email(self):
emails = {"*****@*****.**": True, "*****@*****.**": True, "toto@": False}
for name, result in emails.iteritems():
self.assertEqual(Email.is_valid(name), result)
