Beispiel #1
0
 def POST(self):
     i = web.input()
     user_form = self.form()
     if not user_form.validates():
         return render.admin(model.get_all_users(),user_form)
     if 'uid' in i:
         model.del_user(i.cin, i.uid)
     elif 'username' in i:
         uname, pwd, email = i.username.strip().lower(), i.password.strip(), i.email.strip()
         pwd = bcrypt.hashpw(pwd, bcrypt.gensalt(BCRYPT_WLOAD))
         model.add_user(i.cin, uname,pwd, email)
     return render.admin(model.get_all_users(), user_form)
Beispiel #2
0
 def POST(self):
     i = web.input()
     form = self.form()
     if not form.validates() or i.username in [u.username for u in model.get_all_users()]:
         return render.register(form,model.get_all_users())
     else:
         cin, uname, pwd, email = i.cin, i.username.strip().lower(), i.password.strip(), i.email.strip()
         #register parsing here
         pwd = bcrypt.hashpw(pwd, bcrypt.gensalt(BCRYPT_WLOAD))
         model.add_user(cin, uname,pwd, email)
         session.logged_in = True
         session.username = uname
         session.cin = cin
         raise web.seeother('/')
Beispiel #3
0
 def POST(self):
     """
     Compares given CIN, username and password to db entry
     """
     i = web.input()
     form = self.form()
     logger.debug('Logged_in: %s', session.logged_in)
     output=[]
     if ospath.exists('banned_ip.chess'):
         with open('banned_ip.chess','r') as bfd:
             for line in bfd:
                 if web.ctx['ip'] in line:
                     t = line[line.find('|')+2:-1].strip()
                     d = datetime.strptime(t,self.time_format)
                     dc = datetime.utcnow()
                     if d + self.bannedtimer <= dc:
                         return "<h1>Too many failed login attempts.</h1><br /><h2>Please try again at a later time</h2>"
                     else:
                         output.append(line)
         with open('banned_ip.chess','w') as bfd:
             f.writelines(output)
     if not form.validates():
         return render.login(form, users=model.get_all_users())
     else:
         try:
             u = model.get_user_by_name(i.cin, i.username.strip().lower())[0]
         except IndexError:
             return render.login(form,"User does not exist! If you need an account, please contact your local admin.", users=model.get_all_users())
         check = True if bcrypt.hashpw(i.password, u.password) == u.password else False
     #Check is user authentication was a great success
     if check:
         session.logged_in = True
         session.username = i.username
         session.cin = int(i.cin)
         session.priv = u.privilege
         raise web.seeother('/')
     else:
         try:
             session['loginfails'] += 1
         except KeyError:
             session['loginfails'] = 0
         if session['loginfails'] > MAX_LOGIN_ATTEMPTS:
             ip = web.ctx['ip']
             logger.warning('IP %s has attempted too many unsuccessfull logins', ip)
             session['loginfails']=0
             with open('banned_ip.chess','a') as bfd:
                 bfd.write("%s | %s"%(web.ctx['ip'],datetime.utcnow()))
         return render.login(form,"login failed!", users=model.get_all_users())
Beispiel #4
0
    def GET(self):
        page = 1 if not web.input().get('page') else web.input().get('page')
        user = self.getcurrentuser()

        if user.passwd == "qq" or user.passwd == "douban":
            raise web.seeother('/my')

        #fen ye
        if user.level == 3:
            page = int(page)
            perpage = 20
            offset = (page - 1) * perpage
            users = model.get_all_users(offset=offset, limit=perpage)
            users_count = model.get_user_num()

            pages = users_count.count / perpage

            if users_count.count % perpage > 0:
                pages += 1
            if page > pages:
                raise web.seeother('/admin')
        else:
            users = None
            pages = 0

        return jjenv.get_template('admin.html').render(
            nickname=session.username,
            title="Admin",
            current='admin',
            user=user,
            users=users,
            pages=pages)
Beispiel #5
0
	def GET(self):
		page = 1 if not web.input().get('page') else web.input().get('page')
		user = self.getcurrentuser()

		if user.passwd == "qq" or user.passwd == "douban":
			raise web.seeother('/my')

		#fen ye
		if user.level == 3:
			page = int(page)
			perpage = 20
			offset = (page - 1) * perpage
			users = model.get_all_users(offset=offset,limit=perpage)
			users_count = model.get_user_num()

			pages = users_count.count / perpage

			if users_count.count % perpage > 0:
				pages += 1
			if page > pages:
				raise web.seeother('/admin')
		else:
			users = None
			pages = 0

		return jjenv.get_template('admin.html').render(nickname=session.username,title="Admin", current='admin', user=user, users=users, pages = pages)
Beispiel #6
0
def see_all_users():
    if request.method == 'GET':
        content = model.get_all_users()
        content_len = len(content)
        print(content)
        return render_template('users.html',
                               content=content,
                               content_len=content_len)
    else:
        if 'username' not in session:
            flash('You must be logged in to follow users')
            return redirect('/login')
        else:
            user_to_follow = request.form['follow']
            username = session['username']
            user_to_follow_object = model.set_user_object_from_pk(
                user_to_follow)
            user_to_follow_username = user_to_follow_object.username
            if user_to_follow_username == username:
                flash(f'You can\'t follow yourself!')
                return redirect('/users')
            elif model.test_followed_object(username, user_to_follow_username):
                flash(f'You are already following that user!')
                return redirect('/users')
            else:
                try:
                    model.follow_user(username, user_to_follow_username)
                    flash(f'You are now following {user_to_follow_username}!')
                    return redirect('/users')
                except:
                    flash('Something went wrong, try again')
                    return redirect('/users')
Beispiel #7
0
    def GET(self):
        ret_users = []
        users = model.get_all_users()

        for user in users:
            ret_users.append({
                "fname": user['fname'],
                "lname": user['lname'],
                "address1": user['address1'],
                "address2": user['address2'],
                "city": user['city'],
                "state": user['state'],
                "zipcode": user['zipcode'],
                "country": user['country'],
                "registerDate": str(user['registerDate'])
            })

        accept_header = web.ctx.env.get("HTTP_ACCEPT")
        if "text/html" in accept_header:
            # Show an HTML tabl
            return render.admin()
        elif "application/json" in accept_header:
            # Return a JSON tring
            return json.dumps(ret_users)
        else:
            # Return a 406 Not Acceptable because the client is
            # requesting data be returned in a media type that we
            # don't support
            web.ctx.status = '406 Not Acceptable'
            return
Beispiel #8
0
 def GET(self):
     logger.debug('Logged_in: %s', session.logged_in)
     if logged_in():
         web.seeother('/')
     else:
         form = self.form()
         return render.login(form,users=model.get_all_users())
Beispiel #9
0
 def POST(self):
     if not check_priv_lvl(2):
         raise web.notfound("You don't have the right privilege level to access this")
     i = web.input(cin=None)
     user_form = self.form()
     client_form = self.cin_form()
     if 'uid' in i:
         logger.info("Deleting user")
         model.del_user(i.cin, i.uid)
         logger.debug('User Deleted: %d',i.uid)
     elif 'new_client' in i:
         if client_form.validates():
             logger.info("Adding new client")
             model.add_client(i.new_client, i.client_name)
             logger.debug('Client Added: %d|%s',i.new_client, i.client_name)
     elif 'username' in i:
         logger.info("Adding user")
         if not user_form.validates():
             return render.admin(model.get_all_users() if session.cin==0 else model.get_user_by_cin(session.cin), user_form, client_form)
         uname, pwd, email = i.username.strip().lower(), i.password.strip(), i.email.strip()
         pwd = bcrypt.hashpw(pwd, bcrypt.gensalt(BCRYPT_WLOAD))
         cin = i.cin if i.cin else session.cin
         ret = model.add_user(cin, uname,pwd, email, i.privilege)
         #Checks if CIN exists and if CIN/Username combination exists
         if ret == 0:
             raise web.notfound("No client exists with this CIN")
         elif ret == -1:
             raise web.notfound("Username exists with identical CIN")
         logger.debug('User added %s', uname)
     raise web.seeother('/admin')
Beispiel #10
0
    def GET(self):
        ret_users = []
        users = model.get_all_users()

        for user in users:
            ret_users.append({
                "fname": user['fname'],
                "lname": user['lname'],
                "address1": user['address1'],
                "address2": user['address2'],
                "city": user['city'],
                "state": user['state'],
                "zipcode": user['zipcode'],
                "country": user['country'],
                "registerDate": str(user['registerDate'])
            })

        accept_header = web.ctx.env.get("HTTP_ACCEPT")
        if "text/html" in accept_header:
            # Show an HTML tabl
            return render.admin()
        elif "application/json" in accept_header:
            # Return a JSON tring
            return json.dumps(ret_users)
        else:
            # Return a 406 Not Acceptable because the client is
            # requesting data be returned in a media type that we
            # don't support
            web.ctx.status = '406 Not Acceptable'
            return
Beispiel #11
0
	def POST(self):
		op,p1,p2 = web.input().get('op'), web.input().get('p1'), web.input().get('p2')
		user = self.getcurrentuser()
		if user.level == 3:
			page = 1
			perpage = 20
			offset = (page - 1) * perpage
			users = model.get_all_users(offset=offset,limit=perpage)
			users_count = model.get_user_num()
			pages = users_count.count / perpage
			if users_count.count % perpage > 0:
				pages += 1
		else:
			users = None
			pages = 0

		if op is not None and p1 is not None and p2 is not None: #修改密码
			if user.passwd != hashlib.md5(op).hexdigest():
				tips = "原密码错误!"
			elif p1 != p2:
				tips = "两次密码不一致!"
			else:
				tips = "修改成功!"
				passwd = hashlib.md5(p1).hexdigest()
				model.update_user_passwd(user.k_id,passwd)
			return jjenv.get_template('admin.html').render(nickname=session.username,title="Admin",current='admin',user=user,users=users,chpwdtips=tips,pages = pages)
		else:
			return self.GET()
Beispiel #12
0
 def GET(self):
     if not logged_in():
         raise web.seeother('/login')
     if not check_priv_lvl(2):
         raise web.notfound("You don't have the right privilege level to access this")
     users = model.get_user_by_cin(session.cin)
     client_form = self.cin_form()
     user_form = self.form()
     return render.admin(model.get_all_users() if session.cin==0 else users, user_form, client_form)
Beispiel #13
0
def invite_to_circlet():
    if 'user_id' not in session or 'circlet' not in session:
        return "you need to be logged in and creating a circlet to invite users"
    all_users = get_all_users()
    all_other_users = []
    for user in all_users:
        if user.user_id != int(session['user_id']):
            all_other_users.append(user)
    return render_template('invite_to_circlet.html', users=all_other_users)
Beispiel #14
0
 def GET(self):
     user = self.getcurrentuser()
     users = model.get_all_users(
     ) if user.level == 3 else None  #是管理员就得到用户列表
     return jjenv.get_template('admin.html').render(
         nickname=session.username,
         title="Admin",
         current='admin',
         user=user,
         users=users)
Beispiel #15
0
 def POST(self):
     """
     Compares given CIN, username and password to db entry
     TODO: Rewrite me: I need to get rid of authenticate_user as
         it seems to be just doubling my code
     """
     i = web.input()
     form = self.form()
     if not form.validates():
         return render.login(form, users=model.get_all_users())
     else:
         try:
             u = model.get_user_by_name(i.cin, i.username.strip().lower())[0]
         except IndexError:
             return render.login(form,"User does not exist! Need an account? <a href='/register'>Register Here</a>", users=model.get_all_users())
         check = True if bcrypt.hashpw(i.password, u.password) == u.password else False
         print bcrypt.hashpw(i.password, u.password)
     if check:
         session.logged_in = True
         session.username = i.username
         session.cin = i.cin
         raise web.seeother('/admin')
     else:
         return render.login(form,"login failed!", users=model.get_all_users())
Beispiel #16
0
 def get(self):
     models = model.get_devices()
     prefs = model.get_preferences()
     usrrpt = model.get_user_report_counts()
     users = model.get_all_users()
     curusr = model.get_user_by_uname(self.current_user)
     for post in models:
         post['m_count'] = model.get_devices_counts_byname(post['m_device'])
         post['m_detail'] = {'version':""}
         mdtop = model.get_roms_by_devicesname(post['m_device'],5)
         for itm in mdtop:
             post['m_detail'] = itm
             break
     netpref=config.netpref
     netpref['diskuseage'] = utils.run('df -h')
     self.render("publish_index.html", models=models,  prefs=prefs, netpref=netpref, usrrpt=usrrpt,users=users,curusr=curusr, strtime=utils.strtime, getStatuStr=config.getStatuStr, accessAdmin = self.accessAdmin())
Beispiel #17
0
	def POST(self):
		op,p1,p2 = web.input().get('op'), web.input().get('p1'), web.input().get('p2')
		user = self.getcurrentuser()
		users = model.get_all_users() if user.level == 3 else None
		if op is not None and p1 is not None and p2 is not None: #修改密码
			if user.passwd != hashlib.md5(op).hexdigest():
				tips = "原密码错误!"
			elif p1 != p2:
				tips = "两次密码不一致!"
			else:
				tips = "修改成功!"
				passwd = hashlib.md5(p1).hexdigest()
				model.update_user_passwd(user.k_id,passwd)
			return jjenv.get_template('admin.html').render(nickname=session.username,title="Admin",current='admin',user=user,users=users,chpwdtips=tips)
		else:
			return self.GET()
Beispiel #18
0
 def get(self,modname):
     a = self.get_argument("a","")
     f = self.get_argument('f','')
     if (a=='del'):
         fname = "static/downloads/" + modname + '/'+ f
         utils.run('rm -f '+ fname)
         self.logW("删除文件:%s:%s"%(modname, fname))
     f1 = str(utils.run('ls -l '+ "static/downloads/" + modname))
     filelist = []
     f2 = f1.split('\\n')
     if(len(f2)<2): return
     for finfo in f2[1:-1]:
         f3 = {}
         f3['info'] = finfo
         f3['filename'] = finfo.split(' ')[-1]
         filelist.append(f3)
     users = model.get_all_users()
     self.render("publish_romlistfiles.html", netpref=config.netpref, name=modname, filelist=filelist,users=users,  ptitle ="统一管理上传的文件", strdate=utils.strtime, getStatuStr=config.getStatuStr)
Beispiel #19
0
 def POST(self):
     op, p1, p2 = web.input().get('op'), web.input().get(
         'p1'), web.input().get('p2')
     user = self.getcurrentuser()
     users = model.get_all_users() if user.level == 3 else None
     if op is not None and p1 is not None and p2 is not None:  #修改密码
         if user.passwd != hashlib.md5(op).hexdigest():
             tips = "原密码错误!"
         elif p1 != p2:
             tips = "两次密码不一致!"
         else:
             tips = "修改成功!"
             passwd = hashlib.md5(p1).hexdigest()
             model.update_user_passwd(user.k_id, passwd)
         return jjenv.get_template('admin.html').render(
             nickname=session.username,
             title="Admin",
             current='admin',
             user=user,
             users=users,
             chpwdtips=tips)
     else:
         return self.GET()
Beispiel #20
0
    def POST(self):
        op, p1, p2 = web.input().get('op'), web.input().get(
            'p1'), web.input().get('p2')
        user = self.getcurrentuser()
        if user.level == 3:
            page = 1
            perpage = 20
            offset = (page - 1) * perpage
            users = model.get_all_users(offset=offset, limit=perpage)
            users_count = model.get_user_num()
            pages = users_count.count / perpage
            if users_count.count % perpage > 0:
                pages += 1
        else:
            users = None
            pages = 0

        if op is not None and p1 is not None and p2 is not None:  #修改密码
            if user.passwd != hashlib.md5(op).hexdigest():
                tips = "原密码错误!"
            elif p1 != p2:
                tips = "两次密码不一致!"
            else:
                tips = "修改成功!"
                passwd = hashlib.md5(p1).hexdigest()
                model.update_user_passwd(user.k_id, passwd, user.name)
            return jjenv.get_template('admin.html').render(
                nickname=session.username,
                title="Admin",
                current='admin',
                user=user,
                users=users,
                chpwdtips=tips,
                pages=pages)
        else:
            return self.GET()
Beispiel #21
0
	def GET(self):
		user = self.getcurrentuser()
		users = model.get_all_users() if user.level == 3 else None #是管理员就得到用户列表
		return jjenv.get_template('admin.html').render(nickname=session.username,title="Admin", current='admin', user=user, users=users)
Beispiel #22
0
def show_all_users():
    model.connect_to_db()
    users = model.get_all_users()
    return render_template("all_user.html", users=users)
Beispiel #23
0
def getusers():
    return dumps({"users": get_all_users()})
Beispiel #24
0
 def GET(self):
     form = self.form()
     return render.register(form,model.get_all_users())
Beispiel #25
0
 def get(self,modname):
     romlists = model.get_roms_by_devicesname(modname,-1)
     users = model.get_all_users()
     self.render("publish_romlist.html", netpref=config.netpref, name=modname, roms=romlists,users=users,  ptitle ="已经发布的更新列表", strdate=utils.strtime, getStatuStr=config.getStatuStr)
Beispiel #26
0
 def GET(self):
     if logged_in():
         web.seeother('/')
     else:
         form = self.form()
         return render.login(form,users=model.get_all_users())
Beispiel #27
0
 def GET(self):
     users = model.get_all_users()
     user_form = self.form()
     return render.admin(users, user_form)
def all_users():
    model.conn_db()
    list_of_users = model.get_all_users()
    html = render_template("all_users.html",list_of_users=list_of_users)
    return html
Beispiel #29
0
def index():
    return render_template('index.html', user_list=get_all_users())
Beispiel #30
0
def get_more_users(offset):
    user_list = model.get_all_users(int(offset))
    return render_template("more_users.html", users=user_list)
Beispiel #31
0
def get_users():
    user_list = model.get_all_users(0)
    return render_template("user_list.html", users=user_list)
def user_list():
    all_users=model.get_all_users()
    return render_template('user_list.html', all_users=all_users)