def index(self):
c.clients_quan = meta.Session.query(sidb.Client).count()
c.sorts = [('name', sidb.Client.name), ('prdate', sidb.Tmppricesstorage.price_date), ('tmpitems', sidb.Tmppricesstorage.tmpitems_quan)]
c.sort_col = request.GET.get("sort_field", 'name')
sort_field = dict(c.sorts).get(c.sort_col)
c.sort_rule = request.GET.get("sort_rule", 'asc')
sort_field = (c.sort_rule == 'desc' and sort_field.desc() or sort_field.asc())
for key, value in request.POST.iteritems():
if key in ['s_name', 's_country', 's_city']: session[key] = value
session.save()
c.s_name = session.has_key('s_name') and session.get('s_name') or u''
c.s_country = session.has_key('s_country') and session.get('s_country') or u''
c.s_city = session.has_key('s_city') and session.get('s_city') or u''
clients_list = meta.Session.query(sidb.Client, sidb.City, sidb.Country, sidb.Clientlogo, sidb.User, sidb.Tmppricesstorage.rid.label('storage_rid'),
sidb.Tmppricesstorage.tmpitems_quan, sidb.Tmppricesstorage.price_date).\
join((sidb.City, sidb.Client._cities_rid == sidb.City.rid)).\
join((sidb.Region, sidb.City._regions_rid == sidb.Region.rid)).\
join((sidb.Country, sidb.Region._countries_rid == sidb.Country.rid)).\
outerjoin((sidb.User, sidb.User._clients_rid == sidb.Client.rid)).\
outerjoin((sidb.Clientlogo, sidb.Clientlogo._clients_rid == sidb.Client.rid)).\
outerjoin((sidb.Tmppricesstorage, sidb.Tmppricesstorage._clients_rid == sidb.Client.rid)).\
group_by(sidb.Client.rid).order_by(sort_field)
if c.s_name: clients_list = clients_list.filter(sidb.Client.name.like('%'+c.s_name+'%'))
if c.s_country: clients_list = clients_list.filter(sidb.Country.name.like('%'+c.s_country+'%'))
if c.s_city: clients_list = clients_list.filter(sidb.City.name.like('%'+c.s_city+'%'))
page = paginate.Page(clients_list, items_per_page=15, page=request.GET.get("page", 1), sort_col=c.sort_col, sort_rule=c.sort_rule)
c.pager = page.pager()
c.clients_list = page.items
c.subtempl = 'clients_list'
return render('be/layouts/clients.html')
def __before__(self, action, **params):
c.user = session.get('user')
c.messages = session.get('messages', [])
c.errors = session.get('errors', [])
session['messages'] = []
session['errors'] = []
session.save()
def extract_model2tar(filename, numpars=100):
pp = model2tar(open(filename))
if os.path.exists(
os.path.join(config['app_conf']['amber_data'],
session.get('DIR_CACHE'), "multijobs.tgz")):
os.remove(
os.path.join(config['app_conf']['amber_data'],
session.get('DIR_CACHE'), "multijobs.tgz"))
tar = tarfile.open(
os.path.join(config['app_conf']['amber_data'],
session.get('DIR_CACHE'), "multijobs.tgz"), "w:gz")
npdb = 0
for p in pp:
print "Par#%d, line# %d:" % (pp.para_num, pp.line_num)
if pp.para_num > numpars: break
check_atom = 0
for i in p.split("\n"):
if i.startswith("ATOM"):
check_atom += 1
if check_atom > 1:
npdb = npdb + 1
tarinfo = tarfile.TarInfo('pdb_%d.pdb' % npdb)
tarinfo.size = len(p)
tar.addfile(tarinfo, StringIO.StringIO(p))
tar.close()
print os.path.join(config['app_conf']['amber_data'],
session.get('DIR_CACHE'), "multijobs.tgz")
return npdb
def index(self):
c.results=[]
c.username = session.get('user')
c.fl_mod = session.get('mod',False)
images = {}
flSave = False
for ping in PseudoPing.query().filter(PseudoPing.fl_decided==False).order_by(PseudoPing.id):
if not images.get(ping.image):
img = ping.Image_fromPing()
if img.in_pool():
images[ping.image] = True
c.results.append(ping)
if len(c.results) >= 2:
break
else:
flSave=True
ping.fl_decided=True
if not len(c.results):
if self.reload():
return self.index()
if flSave: ping.commit()
return render('ping.mako')
def set_pos_zoom(self, latlon=None, zoom=None):
#print "Setting pos to %s"%(latlon,)
if latlon == None:
assert zoom == None
zoomlevel = session.get('zoom', None)
if zoomlevel == None:
zoomlevel = 5
merc_x, merc_y = mapper.latlon2merc((58, 18), zoomlevel)
else:
merc_x, merc_y = session['last_pos']
else:
assert zoom != None
zoomlevel = zoom
if zoomlevel < 5:
zoomlevel = 5
if session.get('mapvariant', None) == 'elev':
if zoomlevel > 8: zoomlevel = 8
else:
if zoomlevel > 13: zoomlevel = 13
merc_x, merc_y = mapper.latlon2merc(latlon, zoomlevel)
merc_limx1, merc_limy1, merc_limx2, merc_limy2 = merc_limits(
zoomlevel, conservative=False, hd=True)
if merc_x > merc_limx2: merc_x = merc_limx2
if merc_y > merc_limy2: merc_y = merc_limy2
if merc_x < merc_limx1: merc_x = merc_limx1
if merc_y < merc_limy1: merc_y = merc_limy1
session['last_pos'] = (merc_x, merc_y)
session['zoom'] = zoomlevel
print "Setting pos to %s, zoom = %d" % (mapper.merc2latlon(
session['last_pos'], zoomlevel), zoomlevel)
session.save()
def more(self, id=None):
# id will be something like d_ping_[ping.id]
# so, I want to get a ping where id > that one.
pid = id.split('_')[-1]
try:
pid = int(pid)
except:
log.debug("couldn't identify the ping %s "%id)
return ""
c.username = session.get('user')
c.fl_mod = session.get('mod',False)
for ping in PseudoPing.query().filter(
PseudoPing.fl_decided==False).filter(PseudoPing.id>pid).order_by(PseudoPing.id):
img = ping.Image_fromPing()
if img.in_pool():
c.ping=ping
c.image=ping.image
c.atts = img.all_atts()
return render('one_ping.mako')
else:
ping.fl_decided=True
ping.commit()
#Guess what. We're empty. get to bottom, go back to top. But this time, we need
# to send back the newest image, rather than the next oldest one.
if not self._reload():
return
return self.more(id)
def show(name):
if session.get(ALLKEY, False):
return False
elif session.get(ONEKEY % name):
return False
else:
return True
def login(self):
""" Show login form.
"""
if request.method != 'POST':
return render('login.html')
# Verify username and password.
auth_fact = AuthFactory()
auth = auth_fact.get_auth(request.params.get('username'), request.params.get('password'), 'nipap')
if not auth.authenticate():
c.error = 'Invalid username or password'
return render('login.html')
# Mark user as logged in
session['user'] = auth.username
session['full_name'] = auth.full_name
session.save()
# Send user back to the page he originally wanted to get to
if session.get('path_before_login'):
log.error(session.get('path_before_login'))
redirect(session['path_before_login'])
else:
# if previous target is unknown just send the user to a welcome page
redirect(url(controller='schema', action='list'))
def archive(self, page=1, direction='dsc',
order_by='timestamp', format=None):
"messages archive"
filters = session.get('filter_by', None)
num_items = session.get('msgs_num_items', 50)
if direction == 'dsc':
sort = desc(order_by)
else:
sort = order_by
messages = self._get_archived().order_by(sort)
msgcount = self._get_msg_count(True)
query = UserFilter(Session, c.user, messages, True)
countquery = UserFilter(Session, c.user, msgcount, True)
messages = query.filter()
msgcount = countquery.filter()
if filters:
dynq = DynaQuery(Archive, messages, filters)
dynmsgq = DynaQuery(Archive, msgcount, filters)
messages = dynq.generate()
msgcount = dynmsgq.generate()
c.order_by = order_by
c.direction = direction
msgcount = msgcount.count()
pages = paginate.Page(messages, page=int(page),
items_per_page=num_items,
item_count=msgcount)
if format == 'json':
response.headers['Content-Type'] = 'application/json'
data = convert_to_json(pages,
direction=direction,
order_by=order_by,
section=None)
return data
c.page = pages
return render('/messages/archive.html')
def handle_request(request, tmpl_context):
from pylons import session
# Work out what language to show the page in.
locales = [] # Locale objects. Ordered highest preference first.
tmpl_context.language = None
if session.get('locale'):
# First look for locale saved in the session (by home controller)
locales.append(Locale.parse(session.get('locale')))
# Browser language detection disabled temporarily - see #1452
## else:
## # Next try to detect languages in the HTTP_ACCEPT_LANGUAGE header
## locale = Locales().negotiate_known_locale(request.languages)
## if locale:
## locales.append(locale)
# Next try the default locale in the CKAN config file
locales.append(Locales().get_default_locale())
locale = set_lang_list(locales)
tmpl_context.language = locale.language
return locale
def old_index(self):
user_id = session.get('user_id')
c.user = session['user']
if not user_id:
raise Exception
# User Info
user = meta.Session.query(User).filter(User.id == session.get('user_id')).one()
accounts = meta.Session.query(Account).filter(sa.and_(Account.authkey_id != None , Account.user_id == session.get('user_id')));
dataString = []
accountHost = {}
for account in accounts:
if accountHost.get(account.resource.hostname, True):
accountDict = {}
accountDict['name'] = account.name
accountDict['hostname'] = account.resource.hostname
dataString.append(accountDict)
accountHost[account.resource.hostname] = False
## c.passwordLessAccount = dataString
meta.Session.close()
c.status = "index"
c.results = ""
#return render('/authentication/gsicreds/gsicreds.mako')
redirect(url(controller='gsicreds', action='gsicreds'))
def get(self, domain):
username = request.params.get('username')
userid = request.params.get('userid')
group = request.params.get('group', None)
startIndex = int(request.params.get('startindex','0'))
maxResults = int(request.params.get('maxresults','25'))
keys = session.get('account_keys', '').split(',')
if not keys:
error = {'provider': domain,
'message': "no user session exists, auth required",
'status': 401
}
return {'result': None, 'error': error}
provider = get_provider(domain)
# even if we have a session key, we must have an account for that
# user for the specified domain.
acct = None
for k in keys:
a = session.get(k)
if a and a.get('domain') == domain and (not username or a.get('username')==username and not userid or a.get('userid')==userid):
acct = a
break
if not acct:
error = {'provider': domain,
'message': "not logged in or no user account for that domain",
'status': 401
}
return {'result': None, 'error': error}
result, error = provider.api(acct).getcontacts(startIndex, maxResults, group)
return {'result': result, 'error': error}
def BaseController_UpdateUserHeader(self):
# Is the user already logged-in?
if session.get("UserName"):
# User info
c.user_login = "******"
c.user_loginurl = "logout"
c.user_pref = "Preferences"
c.user_prefurl = "preferences"
c.user_name = session.get("UserName")
c.user_points = session.get("UserPoints")
c.user_icon = session.get("UserIconID")
c.is_admin = session.get("IsAdmin")
# Nope! Default to basic URLs
else:
# User info
c.user_login = "******"
c.user_loginurl = "login"
c.user_pref = "Register"
c.user_prefurl = "register"
c.user_name = ""
c.user_points = 0
c.user_icon = 0
c.is_admin = False
# Top-bar directory info
c.group_name = ""
c.group_id = -1
c.challenge_name = ""
c.challenge_id = -1
def autorize():
loged_in = session.get("loged_in")
if loged_in:
email = session.get("email")
password = session.get("password")
pers = Session.query(Person).filter_by(email=email, password=password).first()
pers.last_activity = int(time.time())
Session.commit()
return True
if "email" and "password" in request.cookies:
email = request.cookies.get("email")
password = request.cookies.get("password")
elif request.method == "POST" and "email" in request.POST:
email = request.POST.get("password")
password = md5(request.POST.get("password"))
else:
return False
pers = Session.query(Person).filter_by(email=email, password=password).first()
if pers:
print "pers is ", pers
session["email"] = email
session["password"] = password
session["loged_in"] = True
session["name"] = pers.name
session["person_id"] = pers.id
session.save()
return True
return False
def index(self):
gd_client = gdata.photos.service.PhotosService()
#token = request.GET.getone('token')
parameters = cgi.FieldStorage()
token = parameters['token']
gd_client.auth_token = token
gd_client.UpgradeToSessionToken()
session['picasa_token'] = token
session.save()
if session.get('user_id'):
# a user is already logged in
user = Session.query(User).filter_by(id=session.get('user_id')).first()
else:
# the user is not already logged in, let's see if they have
# already created an account before
user = Session.query(User).filter_by(picasa_token=token).first()
if user:
user.picasa_token = token
Session.commit()
else:
# the user does not have an account. We need to create a new one
# for them.
user = User(picasa_token=token)
Session.add(user)
Session.commit()
user = Session.query(User).filter_by(picasa_token=picasa_token).first()
session['user_id'] = user.id
session['picasa_token'] = token
session.save()
log.info("Logged in user %s", user)
redirect(url('index'))
def __before__(self):
c.admin_user = session.get('admin_user')
c.admin_username = session.get('admin_username')
super(PermissionsController, self).__before__()
self.repo_perms_choices = [('repository.none', _('None'),),
('repository.read', _('Read'),),
('repository.write', _('Write'),),
('repository.admin', _('Admin'),)]
self.group_perms_choices = [('group.none', _('None'),),
('group.read', _('Read'),),
('group.write', _('Write'),),
('group.admin', _('Admin'),)]
self.register_choices = [
('hg.register.none',
_('Disabled')),
('hg.register.manual_activate',
_('Allowed with manual account activation')),
('hg.register.auto_activate',
_('Allowed with automatic account activation')), ]
self.create_choices = [('hg.create.none', _('Disabled')),
('hg.create.repository', _('Enabled'))]
self.fork_choices = [('hg.fork.none', _('Disabled')),
('hg.fork.repository', _('Enabled'))]
# set the global template variables
c.repo_perms_choices = self.repo_perms_choices
c.group_perms_choices = self.group_perms_choices
c.register_choices = self.register_choices
c.create_choices = self.create_choices
c.fork_choices = self.fork_choices
def __before__(self):
c.admin_user = session.get('admin_user')
c.admin_username = session.get('admin_username')
super(PermissionsController, self).__before__()
self.perms_choices = [(
'repository.none',
_('None'),
), (
'repository.read',
_('Read'),
), (
'repository.write',
_('Write'),
), (
'repository.admin',
_('Admin'),
)]
self.register_choices = [
('hg.register.none', _('disabled')),
('hg.register.manual_activate',
_('allowed with manual account activation')),
('hg.register.auto_activate',
_('allowed with automatic account activation')),
]
self.create_choices = [('hg.create.none', _('Disabled')),
('hg.create.repository', _('Enabled'))]
def if_findpasswd(self):
servername = session.get('servername', "NULL")
username = session.get('username', "NULL")
if servername!="NULL":
c.servername = servername
if username!="NULL":
c.username=username
username = request.params.get('username')
newpasswd=request.params.get('newpasswd')
newpasswdrepeat=request.params.get('newpasswdrepeat')
if newpasswd != newpasswdrepeat:
c.errorMsg = "两次输入密码不相同,请重新输入"
return render("result_find_passwd.mako")
if len(base64.decodestring(newpasswd))<6 or len(base64.decodestring(newpasswd))>64:
c.errorMsg="密码长度必须在6-64之间"
return render("result_find_passwd.mako")
try:
con = MySQLdb.connect(host = g.dbhost, user = g.dbuser, passwd = g.dbpasswd, db = g.dbdb, port = g.dbport, charset = "utf8")
cur = con.cursor()
cur.execute("update users set password=%s where username =%s", (newpasswd,username))
con.commit()
except MySQLdb.Error as e:
print "mysql error %d: %s" %(e.args[0], e.args[1])
c.errorMsg = "往数据库插入新密码错误"
finally:
if con != None:
con.close()
return render("index.mako")
def openid_register(self):
openid_url = session.get('openid_identity')
if not openid_url:
redirect(url('account_register'))
c.openid = session.get('openid_identity')
c.defaults = {}
return render('/accounts/register.mako')
def set_pos_zoom(self,latlon=None,zoom=None):
#print "Setting pos to %s"%(latlon,)
if latlon==None:
assert zoom==None
zoomlevel=session.get('zoom',None)
if zoomlevel==None:
zoomlevel=5
merc_x,merc_y=mapper.latlon2merc((58,18),zoomlevel)
else:
merc_x,merc_y=session['last_pos']
else:
assert zoom!=None
zoomlevel=zoom
if zoomlevel<5:
zoomlevel=5
if session.get('mapvariant',None)=='elev':
if zoomlevel>8: zoomlevel=8
else:
if zoomlevel>13: zoomlevel=13
merc_x,merc_y=mapper.latlon2merc(latlon,zoomlevel)
merc_limx1,merc_limy1,merc_limx2,merc_limy2=merc_limits(zoomlevel,conservative=False,hd=True)
if merc_x>merc_limx2: merc_x=merc_limx2
if merc_y>merc_limy2: merc_y=merc_limy2
if merc_x<merc_limx1: merc_x=merc_limx1
if merc_y<merc_limy1: merc_y=merc_limy1
session['last_pos']=(merc_x,merc_y)
session['zoom']=zoomlevel
print "Setting pos to %s, zoom = %d"%(mapper.merc2latlon(session['last_pos'],zoomlevel),zoomlevel)
session.save()
def move_images(self, id=1):
# os.rename("J:/Pictures/1.jpg", "J:/Pictures/Marked/1.jpg")
path = ""
move_to_path = "Marked" # Default location
to_be_marked = request.POST.getall("Mark")
id = int(id)
if session.get("directory"):
# If they're in a sub directory use it
path = str(session.get("directory")).replace("\\", "/")
if (
session.get("destination") or session.get("destination") == ""
): # because of the parent path is a blank string
move_to_path = str(session.get("destination"))
picture_list = os.listdir("%s%s." % (g.picture_path, path))
picture_list.sort()
if not os.access("%s%s" % (g.picture_path, move_to_path), os.F_OK):
os.mkdir("%s%s" % (g.picture_path, move_to_path))
for img in [picture_list[int(a)] for a in to_be_marked]:
# return "move \"%s%s%s\" \"%sMarked/\"" % (g.picture_path, path, img, g.picture_path)
os.rename("%s%s%s" % (g.picture_path, path, img), "%s%s/%s" % (g.picture_path, move_to_path, img))
return redirect_to(action="index")
def _moneyOutSubmit_factura(self):
''' Обработка заявки на вывод средств посредством счёт-фактуры '''
schema = MoneyOutForm_factura()
if not session.get('factura_file_name'):
return h.JSON({'error': True,
'msg': u'Не загружен файл счёт-фактуры!',
'ok': False})
try:
form = schema.to_python(dict(request.params))
except formencode.Invalid as error:
errorMessage = '<br/>\n'.join(
[x.msg for x in error.error_dict.values()])
return h.JSON({'error': True, 'msg': errorMessage, 'ok': False})
req = model.InvoiceMoneyOutRequest()
req.account = model.Account(c.user)
req.ip = request.environ['REMOTE_ADDR']
req.summ = form.get('moneyOut_facturaSumm')
req.contacts = form.get('moneyOut_facturaContact')
req.phone = form.get('moneyOut_facturaPhone')
req.invoice_filename = session.get('factura_file_name')
req.comment = form.get('moneyOut_facturaComment', '')
try:
req.save()
req.send_confirmation_email()
except model.MoneyOutRequest.NotEnoughMoney:
return h.JSON({'error': True,
'msg': u'Недостаточно средств для вывода!',
'ok': False})
except Exception as ex:
log.debug(unicode(ex))
return h.JSON({'error': False,
'ok': True,
'msg': u'Заявка успешно принята'})
def _gccom_jobs(self, model_key, mode):
c.jobstate = 'build'
c.jobmsg = 'build: setting up the job. before submission.'
c.model_key = model_key
c.mode = mode
c.error_flash = None
if session.has_key('error_flash'):
c.error_flash = session['error_flash']
try: del session['error_flash']
except Exception as _: pass
c.jobname = '%s_%s' % (model_key, mode)
c.cwuser = session.get('user','user')
c.acct = Gccom.gccom_comm_acct
c.model_param_hdrs = Gccom.model_params['hdrs']
c.model_params = Gccom.model_params[c.model_key]
c.model_desc = str(Gccom.model_info[c.model_key]['desc'])
c.title = 'GCOM %s Simulation: Model:%s for JobName: %s' % (
c.mode, str(c.model_desc), c.jobname)
c.resources = h.get_user_resources(session.get('user_id'))
c.hostname = c.resources.keys()[0] if c.resources else '' #used to init/set default host; reset later
c.grid_key = Gccom.model_info[c.model_key]['grid_key']
c.grid_imax = Gccom.bath_grid[c.grid_key]['IMax']
c.grid_jmax = Gccom.bath_grid[c.grid_key]['JMax']
c.grid_kmax = Gccom.bath_grid[c.grid_key]['KMax']
c.grid_name = Gccom.bath_grid[c.grid_key]['name']
c.grid_fname = Gccom.bath_grid[c.grid_key]['fname']
log.info( 'GCOM:: gccom_jobs: building form data for model_key=%s, desc=%s, jobstate= %s, jobname= %s, gridname= %s, gridfnam=%s' % (c.model_key, c.model_desc,c.jobstate, c.jobname, c.grid_name, c.grid_fname))
return render('/gcem/gccom/app_' + c.mode.lower() + '.mako')
def archive(self, page=1, direction='dsc',
order_by='timestamp', format=None):
"messages archive"
filters = session.get('filter_by', None)
num_items = session.get('msgs_num_items', 50)
if direction == 'dsc':
sort = desc(order_by)
else:
sort = order_by
messages = self._get_archived().order_by(sort)
msgcount = self._get_msg_count(True)
query = UserFilter(Session, c.user, messages, True)
countquery = UserFilter(Session, c.user, msgcount, True)
messages = query.filter()
msgcount = countquery.filter()
if filters:
dynq = DynaQuery(Archive, messages, filters)
dynmsgq = DynaQuery(Archive, msgcount, filters)
messages = dynq.generate()
msgcount = dynmsgq.generate()
c.order_by = order_by
c.direction = direction
msgcount = msgcount.count()
pages = paginate.Page(messages, page=int(page),
items_per_page=num_items,
item_count=msgcount)
if format == 'json':
response.headers['Content-Type'] = 'application/json'
data = convert_to_json(pages,
direction=direction,
order_by=order_by,
section=None)
return data
c.page = pages
return render('/messages/archive.html')
def BaseController_UpdateUserHeader(self):
# Is the user already logged-in?
if session.get("UserName"):
# User info
c.user_login = "******"
c.user_loginurl = "logout"
c.user_pref = "Preferences"
c.user_prefurl = "preferences"
c.user_name = session.get("UserName")
c.user_points = session.get("UserPoints")
c.user_icon = session.get("UserIconID")
c.is_admin = session.get("IsAdmin")
# Nope! Default to basic URLs
else:
# User info
c.user_login = "******"
c.user_loginurl = "login"
c.user_pref = "Register"
c.user_prefurl = "register"
c.user_name = ""
c.user_points = 0
c.user_icon = 0
c.is_admin = False
# Top-bar directory info
c.group_name = ""
c.group_id = -1
c.challenge_name = ""
c.challenge_id = -1
def index(self):
servername = session.get('servername', "NULL")
if servername != "NULL":
c.servername = servername
username = session.get('username', "NULL")
if username != "NULL":
c.username=username
return render('/index.mako')
def userloginpage(self):
servername = session.get('servername', "NULL")
username = session.get('username', "NULL")
if servername!="NULL":
c.servername = servername
if username!="NULL":
c.username=username
return render("userlogin.mako")
def __before__(self, action, **params):
user = session.get('user')
if user and session.get('isManager', False):
self.user = user
request.environ['CURRENT_USER'] = user
request.environ['IS_MANAGER'] = True
else:
self.user = ''
def findpasswd(self):
servername = session.get('servername', "NULL")
if servername != "NULL":
c.servername = servername
username = session.get('username', "NULL")
if username != "NULL":
c.username=username
return render("findpasswd.mako")
def register(self):
servername = session.get('servername', "NULL")
username = session.get('username', "NULL")
if servername!="NULL":
c.servername = servername
if username!="NULL":
c.username=username
return render("register.mako")
def index(self):
code = request.GET.getone('code')
nexturl = request.GET.get('nexturl')
if nexturl:
# we are acting only as an auth server.
# redirect to the server that wants the auth code
redirect(nexturl+'?code=%s' % code)
return
token = fb.get_access_token(code)
if not token:
#lame... this failed for some reason
h.flash("The login process failed :(")
redirect(url('index'))
return
fbuser = fb.GraphUser(access_token=token)
if session.get('user_id'):
# a user is already logged in
user = Session.query(User).filter_by(id=session.get('user_id')).first()
else:
# the user is not already logged in, let's see if they have
# already created an account before
user = Session.query(User).filter_by(fb_uid=fbuser.id).first()
if user:
# the user does have an account, let's update their auth token
user.fb_uid = fbuser.id
user.fb_access_token = token
Session.commit()
else:
# the user does not have an account. We need to create a new one
# for them.
for attempt in xrange(3):
user = User(fb_uid=fbuser.id,
fb_access_token=token)
Session.add(user)
Session.commit()
user = Session.query(User).filter_by(fb_uid=fbuser.id).first()
if user:
break
log.error("Failed to create user with fb_uid=%r attempt %r",
fbuser.id, attempt)
if not user:
log.error("Trying to log in, but couldn't get a user object. "
"user=%r code=%r token=%r fbuser=%r",
user, code, token, fbuser)
session['user_id'] = user.id
session['fb_access_token'] = token
session.save()
log.info("Logged in user %s %s: %s",
fbuser.first_name,
fbuser.last_name,
user)
redirect(url('index'))
def cb(self):
# this is the callback point for the flickr auth.
# we'll get a parameter of ?frob=123412341234
# we call flickr.auth.getToken with the frob, and get
# xml with the username, the token, and permissions.
fapi = FlickrAPI(config['api_key'], config['api_secret'])
frob = request.params.get('frob')
if not frob:
return "Invalid Response"
rsp = fapi.auth_getToken(frob=frob)
auth = rsp.find('auth')
if not auth:
return "invalid response from get token"
username = auth.find('user').get('username').encode('ascii','ignore')
token = auth.find('token').text
nsid = auth.find('user').get('nsid')
if not (username and token):
return "Invalid Response from getToken"
user = model.User.get_byNsid(nsid)
if not user:
user = model.User.get_byName(username)
if not user:
user = model.User()
user.username = username
user.nsid = auth.find('user').get('nsid')
user.make_secret()
user.save()
user.nsid = nsid
user.commit()
else:
# people can change usernames, nsids are static.
if user.username != username:
user.username=username
user.commit()
session['user'] = username
session['nsid'] = nsid
session['mod'] = user.check_mod(token)
if session['mod']:
session['token'] = token
session.save()
# Send user back to the page he originally wanted to get to
if session.get('path_before_login'):
path = session['path_before_login']
del(session['path_before_login'])
redirect(url(path))
else:
if session.get('mod'):
redirect(url('/ping/index'))
redirect(url('/profile/bookmarklet'))
def index(self):
c.articleModel = ModelTags(None)
if session.get('form_errors'):
c.form_errors = session.get('form_errors')
del session['form_errors']
c.articleModel = ModelTags(session.get('new_article'))
del session['new_article']
session.save()
return render('/admin/post_news.html')
def __before__(self):
c.admin_user = session.get('admin_user')
c.admin_username = session.get('admin_username')
c.modules = sorted([(p.project_name, p.version)
for p in pkg_resources.working_set],
key=lambda k: k[0].lower())
c.py_version = platform.python_version()
c.platform = platform.platform()
super(SettingsController, self).__before__()
def _get_logged_user_id(self):
if session.get('logged_in') and session.get('entropy'):
try:
return int(session['entropy'].get('entropy_user_id'))
except (
ValueError,
TypeError,
):
pass
def contact(self):
if request.method == 'POST':
redirect_url = self._process_contact()
redirect(redirect_url)
log1.info ('Generating a form ...')
c.csrf_token_field = secure_form.auth_token_hidden_field()
c.errors = session.get('contactform.errors', None)
c.values = session.get('contactform.values', {})
return render('contactform/contact.html')
def _get_logged_username(self):
if session.get('logged_in') and session.get('entropy'):
try:
return session['entropy'].get('entropy_user')
except (
TypeError,
ValueError,
):
pass
def __before__(self):
c.admin_user = session.get('admin_user')
c.admin_username = session.get('admin_username')
c.modules = sorted([(p.project_name, p.version)
for p in pkg_resources.working_set],
key=lambda k: k[0].lower())
c.py_version = platform.python_version()
c.platform = platform.platform()
super(SettingsController, self).__before__()
def index(self):
code = request.GET.getone('code')
nexturl = request.GET.get('nexturl')
if nexturl:
# we are acting only as an auth server.
# redirect to the server that wants the auth code
redirect(nexturl + '?code=%s' % code)
return
token = fb.get_access_token(code)
if not token:
#lame... this failed for some reason
h.flash("The login process failed :(")
redirect(url('index'))
return
fbuser = fb.GraphUser(access_token=token)
if session.get('user_id'):
# a user is already logged in
user = Session.query(User).filter_by(
id=session.get('user_id')).first()
else:
# the user is not already logged in, let's see if they have
# already created an account before
user = Session.query(User).filter_by(fb_uid=fbuser.id).first()
if user:
# the user does have an account, let's update their auth token
user.fb_uid = fbuser.id
user.fb_access_token = token
Session.commit()
else:
# the user does not have an account. We need to create a new one
# for them.
for attempt in xrange(3):
user = User(fb_uid=fbuser.id, fb_access_token=token)
Session.add(user)
Session.commit()
user = Session.query(User).filter_by(fb_uid=fbuser.id).first()
if user:
break
log.error("Failed to create user with fb_uid=%r attempt %r",
fbuser.id, attempt)
if not user:
log.error(
"Trying to log in, but couldn't get a user object. "
"user=%r code=%r token=%r fbuser=%r", user, code, token,
fbuser)
session['user_id'] = user.id
session['fb_access_token'] = token
session.save()
log.info("Logged in user %s %s: %s", fbuser.first_name,
fbuser.last_name, user)
redirect(url('index'))
def index(self):
user_id = session.get('user_id')
c.user = session['user']
if not user_id:
raise Exception
c.title = config.get('project.shortname', 'CyberWeb') + ' User Page for: ' + session.get('user') or 'you'
c.status = ""
c.results = ""
return render('/authentication/authentication.mako')
def get(self, domain):
username = request.POST.get('username')
userid = request.POST.get('userid')
group = request.POST.get('group', None)
startIndex = int(request.POST.get('startindex', '0'))
maxResults = int(request.POST.get('maxresults', '25'))
keys = session.get('account_keys', '').split(',')
account_data = request.POST.get('account', None)
if not keys:
error = {
'provider': domain,
'message': "no user session exists, auth required",
'status': 401
}
metrics.track(request, 'contacts-unauthed', domain=domain)
return {'result': None, 'error': error}
provider = get_provider(domain)
# even if we have a session key, we must have an account for that
# user for the specified domain.
if account_data is not None:
acct = json.loads(account_data)
else:
# support for old accounts in the session store
acct = None
for k in keys:
a = session.get(k)
if a and a.get('domain') == domain and (
not username or a.get('username') == username
and not userid or a.get('userid') == userid):
acct = a
break
if not acct:
metrics.track(request, 'contacts-noaccount', domain=domain)
error = {
'provider': domain,
'message': "not logged in or no user account for that domain",
'status': 401
}
return {'result': None, 'error': error}
try:
result, error = provider.api(acct).getcontacts(
startIndex, maxResults, group)
except OAuthKeysException, e:
# more than likely we're missing oauth tokens for some reason.
error = {
'provider': domain,
'message': "not logged in or no user account for that domain",
'status': 401
}
result = None
metrics.track(request,
'contacts-oauth-keys-missing',
domain=domain)
def auth(self):
identity = session.get('repoze.who.identity')
if not identity is None:
if session.get('came_from'):
log.debug('redirecting to %s' % session['came_from'])
return redirect_to(session['came_from'])
else:
log.debug('redirecting to /host/list [default]')
return redirect_to(url_for(controller = 'host', action = 'list'))
else:
log.fatal('AUTH: account.auth received no indentity')
def show(name, user):
if not config.get_bool('adhocracy.show_tutorials'):
return False
if user is not None and user.no_help:
return False
if session.get(ALLKEY, False):
return False
elif session.get(ONEKEY % name):
return False
else:
return True
def __before__(self):
c.admin_user = session.get('admin_user')
c.admin_username = session.get('admin_username')
c.search_scope_choices = self.search_scope_choices
c.tls_reqcert_choices = self.tls_reqcert_choices
c.tls_kind_choices = self.tls_kind_choices
c.search_scope_cur = self.search_scope_default
c.tls_reqcert_cur = self.tls_reqcert_default
c.tls_kind_cur = self.tls_kind_default
super(LdapSettingsController, self).__before__()
def __uploadFile(self, file_name, newname=None):
if newname == None:
f = file_name.filename.split('\\')
rfname = os.path.join(config['app_conf']['amber_data'],session.get('DIR_CACHE'), f[len(f)-1])
else:
rfname = os.path.join(config['app_conf']['amber_data'],session.get('DIR_CACHE'), newname)
permanent_file = open(rfname, 'wb')
shutil.copyfileobj(file_name.file, permanent_file)
file_name.file.close()
permanent_file.close()
return rfname
def restart(self):
random.seed()
if session.get('DIR_CACHE', None) is None:
session['DIR_CACHE'] = os.path.join(config['app_conf']['amber_data'], str(random.randint(100000000, 999999999)))
session.save()
if not os.path.isdir(session.get('DIR_CACHE')):
os.makedirs(session.get('DIR_CACHE'))
else:
shutil.rmtree(session.get('DIR_CACHE'))
os.makedirs(session.get('DIR_CACHE'))
return render('/calculations/restart.mako')
def __before__(self, action, **params):
self.user = None
try:
user = session.get('user')
if user:
request.environ['REMOTE_USER'] = user
request.environ['REMOTE_USER_NAME'] = session.get('user_name')
self.user = user
except:
pass
if 'lang' in session:
set_lang(session['lang'])
def preferences(self):
# Forward to main page if not logged in
UserID = ""
if not session.get("UserID"):
redirect(url(controller="main", action="index"))
else:
UserID = session.get("UserID")
# Reset post-back error strings
c.change_error = ""
c.icon_error = ""
c.delete_error = ""
# Are we resetting the password?
if request.params.get("command") == "change":
# Is the form empty, if so render out regular form
OldPassword = request.params.get("change_oldpassword")
NewPassword = request.params.get("change_newpassword")
ConfirmPassword = request.params.get("change_confirmpassword")
# Default error string to nothing...
c.change_error = Users.SetUserPassword(session.get("UserName"),
OldPassword, NewPassword,
ConfirmPassword)
# Else if, are we changing the user's icon?
elif request.params.get("command") == "icon":
# Set the user's icon ID and internally update as needed
c.icon_error = Users.UserSetIconID(UserID,
request.params.get("iconid"))
self.BaseController_UpdateUserHeader()
# Else if, are we deleting the account?
elif request.params.get("command") == "delete":
# Get the post-back
Password = request.params.get("delete_password")
ConfirmPassword = request.params.get("delete_confirmpassword")
# Attempt to delete the account; if "deleted" string is returned that means success
c.delete_error = Users.UserDelete(UserID, Password,
ConfirmPassword)
if c.delete_error == "deleted":
redirect(url(controller="main", action="index"))
# Post the preferences form
c.body_content = render("/form_preferences.html")
return render("/theme.html")
def _generate_login_metadata(self):
if session.get('entropy') and session.get('logged_in'):
if session['entropy'].get('entropy_user_id'):
portal = None
try:
portal = Portal.Portal()
c.is_user_administrator = portal.check_admin(
session['entropy']['entropy_user_id'])
c.is_user_moderator = portal.check_moderator(
session['entropy']['entropy_user_id'])
finally:
if portal is not None:
portal.disconnect()
del portal
def edit(self, id=None):
if id == 'new':
c.usr = model.CMSUser()
c.usr.id = 'new'
else:
c.usr = model.find_cmsuser(int(id))
c.errors = session.get('errors', [])
if c.errors:
rp = session.get('post', {})
for key, val in rp.items():
setattr(c.usr, key, val)
del session['post']
del session['errors']
session.save()
return render('/pages/cmsuser/edit.html')
def __before__(self):
"before"
if 'theme' not in session:
session['theme'] = ''
basedir = config.get('baruwa.themes.base', None)
if basedir:
# Default theme
defaultdir = os.path.join(basedir, 'templates', 'default')
if os.path.exists(defaultdir):
session['theme'] = 'default'
# Host theme
themedir = os.path.join(basedir, 'templates',
request.server_name)
if os.path.exists(themedir):
session['theme'] = request.server_name
session.save()
self.theme = session.get('theme')
if 'lang' in session:
set_lang(session['lang'])
else:
try:
languages = [
lang.split('-')[0] for lang in request.languages
if check_language(lang.split('-')[0])
]
set_lang(languages)
except AttributeError:
default_lang = config.get('baruwa.default.language', 'en')
if check_language(default_lang):
set_lang([default_lang])
else:
set_lang(['en'])
# pylint: disable-msg=W0201
self.invalidate = request.GET.get('uc', None)
self.langchange = request.GET.get('lc', None)
def __call__(self, environ, start_response):
"""Invoke the Controller"""
# WSGIController.__call__ dispatches to the Controller method
# the request is routed to. This routing information is
# available in environ['pylons.routes_dict']
# Clean out any old cookies as they may contain api keys etc
# This also improves the cachability of our pages as cookies
# prevent proxy servers from caching content unless they have
# been configured to ignore them.
for cookie in request.cookies:
if cookie.startswith('ckan') and cookie not in ['ckan']:
response.delete_cookie(cookie)
# Remove the ckan session cookie if not used e.g. logged out
elif cookie == 'ckan' and not c.user and not h.are_there_flash_messages(
):
if session.id:
if not session.get('lang'):
session.delete()
else:
response.delete_cookie(cookie)
# Remove auth_tkt repoze.who cookie if user not logged in.
elif cookie == 'auth_tkt' and not session.id:
response.delete_cookie(cookie)
try:
return WSGIController.__call__(self, environ, start_response)
finally:
model.Session.remove()
def save(self, filterid, format=None):
"Save a temp filter"
filters = session.get('filter_by', [])
try:
filt = filters[int(filterid)]
filteritems = dict(FILTER_ITEMS)
filterby = dict(FILTER_BY)
saved = SavedFilter(name="%s %s %s" %
(filteritems[filt["field"]],
filterby[filt["filter"]], filt["value"]),
field=filt["field"],
option=filt["filter"],
user=c.user)
saved.value = filt["value"]
Session.add(saved)
Session.commit()
success = True
error_msg = ''
self.invalidate = True
except IndexError:
success = False
error_msg = _("The filter does not exist")
except IntegrityError:
success = False
error_msg = _("The filter already exists")
Session.rollback()
if format == 'json':
response.headers['Content-Type'] = JSON_HEADER
errors = dict(msg=error_msg)
return json.dumps(self._get_data(format, success, errors))
if success:
flash(_("The filter has been saved"))
else:
flash(error_msg)
redirect(url('toplevel', controller='reports'))
def show_filters(self):
"Show filters"
filters = session.get('filter_by', [])
c.active_filters = filters
c.FILTER_BY = FILTER_BY
c.FILTER_ITEMS = FILTER_ITEMS
return render('/reports/show_filters.html')
def handle_request(request, tmpl_context):
from pylons import session
tmpl_context.language = locale = None
if 'locale' in session:
locale = Locale.parse(session.get('locale'))
else:
requested = [l.replace('-', '_') for l in request.languages]
locale = Locale.parse(
Locale.negotiate(get_available_languages(), requested))
if locale is None:
locale = get_default_locale()
tmpl_context.locale = locale
options = [
str(locale), locale.language,
str(get_default_locale()),
get_default_locale().language
]
for language in options:
try:
set_lang(language)
# Lose the territory part of the locale string
tmpl_context.language = get_lang()[0].split('_')[0]
break
except:
pass
def is_in_roles(roles):
if not is_logged_in():
return False
else:
role = session.get('role', '')
return role in roles
def __call__(self, environ, start_response):
"""Invoke the Controller"""
# WSGIController.__call__ dispatches to the Controller method
# the request is routed to. This routing information is
# available in environ['pylons.routes_dict']
start = time.time()
try:
# make sure that we update permissions each time we call controller
api_key = request.GET.get('api_key')
cookie_store = CookieStoreWrapper(session.get('rhodecode_user'))
user_id = cookie_store.get('user_id', None)
username = get_container_username(environ, config)
auth_user = AuthUser(user_id, api_key, username)
request.user = auth_user
self.rhodecode_user = c.rhodecode_user = auth_user
if not self.rhodecode_user.is_authenticated and \
self.rhodecode_user.user_id is not None:
self.rhodecode_user.set_authenticated(
cookie_store.get('is_authenticated')
)
log.info('User: %s accessed %s' % (
auth_user, safe_unicode(environ.get('PATH_INFO')))
)
return WSGIController.__call__(self, environ, start_response)
finally:
log.info('Request to %s time: %.3fs' % (
safe_unicode(environ.get('PATH_INFO')), time.time() - start)
)
meta.Session.remove()
def __before__(self):
if hasattr(self,
"no_login_required") and self.no_login_required == True:
return
# Authentication required?
#print "User:"******""
for seed in open("/dev/urandom").read(8):
base += chr(ord('A') + ord(seed) % 16)
base += chr(ord('A') + ord(seed) / 16)
for i in xrange(1000):
cand = base + str(i)
if meta.Session.query(User).filter(
User.user == cand).count() == 0:
user1 = User(cand, "")
meta.Session.add(user1)
meta.Session.flush()
meta.Session.commit()
#print "Users:",meta.Session.query(User).all()
session['user'] = cand
session['realuser'] = False
session.save()
return
raise Exception("Couldn't generate temporary user name")
if len(users) == 1:
if session.get('isreg', False) != users[0].isregistered:
session['isreg'] = users[0].isregistered
