Beispiel #1
0
    def reset_password(self, **data):
        """
        Service Layer for resetting a password.
        """
        if (KEY_EMAIL not in data) or len(data[KEY_EMAIL]) < 1:
            raise UsernameException("Empty Email!")

        old_pass, user = None, None
        try:
            email = data[KEY_EMAIL]
            name_hint = data[KEY_USERNAME]
            user = dao.get_user_by_email(email, name_hint)
            if user is None:
                raise UsernameException(
                    "No singular user could be found for the given data!")

            old_pass = user.password
            new_pass = ''.join(
                chr(randint(48, 122)) for _ in range(DEFAULT_PASS_LENGTH))
            user.password = hash_password(new_pass)
            self.edit_user(user, old_pass)
            self.logger.info("Resetting password for email : " + email)
            email_sender.send(FROM_ADDRESS, email, SUBJECT_RECOVERY,
                              TEXT_RECOVERY % (user.username, new_pass))
            return TEXT_DISPLAY
        except Exception as excep:
            if old_pass and len(old_pass) > 1 and user:
                user.password = old_pass
                dao.store_entity(user)
            self.logger.exception("Could not change user password!")
            raise UsernameException(excep)
Beispiel #2
0
    def reset_password(self, **data):
        """
        Service Layer for reseting a password.
        """
        if (KEY_USERNAME not in data) or len(data[KEY_USERNAME]) < 1:
            raise UsernameException("Empty UserName!")
        if (KEY_EMAIL not in data) or len(data[KEY_EMAIL]) < 1:
            raise UsernameException("Empty Email!")

        old_pass, user = None, None
        try:
            user_name = data[KEY_USERNAME]
            email = data[KEY_EMAIL]
            user = dao.get_user_by_name_email(user_name, email)
            if user is None:
                raise UsernameException("Given credentials don't match!")

            old_pass = user.password
            new_pass = ''.join(chr(randint(48, 122)) for _ in range(DEFAULT_PASS_LENGTH))
            user.password = md5(new_pass).hexdigest()
            self.edit_user(user, old_pass)
            self.logger.info("Setting new password for user " + user_name + " !")
            emailsender.send(FROM_ADDRESS, email, SUBJECT_RECOVERY, TEXT_RECOVERY % (new_pass,))
            return TEXT_DISPLAY
        except Exception, excep:
            if old_pass and len(old_pass) > 1 and user:
                user.password = old_pass
                dao.store_entity(user)
            self.logger.error("Could not change user password!")
            self.logger.exception(excep)
            raise UsernameException(excep.message)
    def create_user(self,
                    username=None,
                    password=None,
                    password2=None,
                    role=None,
                    email=None,
                    comment=None,
                    email_msg=None,
                    validated=False):
        """
        Service Layer for creating a new user.
        """
        #Basic fields validation.
        if (username is None) or len(username) < 1:
            raise UsernameException("Empty UserName!")
        if (password is None) or len(password) < 1:
            raise UsernameException("Empty password!")
        if password2 is None:
            password2 = password
        if password != password2:
            raise UsernameException("Passwords do not match!")
        try:
            user_validated = (role == 'ADMINISTRATOR') or validated
            user = model.User(username, password, email, user_validated, role)
            if email_msg is None:
                email_msg = 'Hello ' + username + TEXT_CREATE
            admin_msg = (TEXT_CREATE_TO_ADMIN + username + ' :\n ' +
                         TvbProfile.current.web.BASE_URL + 'user/validate/' +
                         username + '\n\n"' + str(comment) + '"')
            self.logger.info("Registering user " + username + " !")
            if role != 'ADMINISTRATOR' and email is not None:
                admins = UserService.get_administrators()
                admin = admins[randint(0, len(admins) - 1)]
                if admin.email is not None and (
                        admin.email !=
                        TvbProfile.current.web.admin.DEFAULT_ADMIN_EMAIL):
                    # Do not send validation email in case default admin email remained unchanged
                    email_sender.send(FROM_ADDRESS, admin.email,
                                      SUBJECT_REGISTER, admin_msg)
                    self.logger.debug("Email sent to:" + admin.email +
                                      " for validating user:"******" !")
                email_sender.send(FROM_ADDRESS, email, SUBJECT_REGISTER,
                                  email_msg)
                self.logger.debug("Email sent to:" + email +
                                  " for notifying new user:"******" !")
            user = dao.store_entity(user)

            if role == model.ROLE_ADMINISTRATOR:
                handle_event(
                    ".".join([self.__class__.__name__, "create_admin"]), user)
            else:
                handle_event(
                    ".".join([self.__class__.__name__,
                              stack()[0][3]]), user)
            return TEXT_DISPLAY
        except Exception, excep:
            self.logger.error("Could not create user!")
            self.logger.exception(excep)
            raise UsernameException(str(excep))
Beispiel #4
0
    def create_user(self, username=None, display_name=None, password=None, password2=None,
                    role=None, email=None, comment=None, email_msg=None, validated=False, skip_import=False,
                    gid=None, skip_sending_email=False):
        """
        Service Layer for creating a new user.
        """
        if (username is None) or len(username) < 1:
            raise UsernameException("Empty UserName!")
        if (display_name is None) or len(display_name) < 1:
            raise UsernameException("Empty display name!")
        if (password is None) or len(password) < 1:
            raise UsernameException("Empty password!")
        if password2 is None:
            password2 = password
        if password != password2:
            raise UsernameException("Passwords do not match!")

        try:
            user_validated = (role == ROLE_ADMINISTRATOR) or validated
            user = User(username, display_name, password, email, user_validated, role, gid)
            if email_msg is None:
                email_msg = 'Hello ' + username + TEXT_CREATE
            admin_msg = (TEXT_CREATE_TO_ADMIN + username + ' :\n ' + TvbProfile.current.web.BASE_URL +
                         '/user/validate/' + username + '\n\n"' + str(comment) + '"')
            self.logger.info("Registering user " + username + " !")

            if role != ROLE_ADMINISTRATOR and email is not None and not skip_sending_email:
                admins = UserService.get_administrators()
                admin = admins[random.randint(0, len(admins) - 1)]
                if admin.email is not None and (admin.email != TvbProfile.current.web.admin.DEFAULT_ADMIN_EMAIL):
                    # Do not send validation email in case default admin email remained unchanged
                    email_sender.send(FROM_ADDRESS, admin.email, SUBJECT_REGISTER, admin_msg)
                    self.logger.debug("Email sent to:" + admin.email + " for validating user:"******" !")
                email_sender.send(FROM_ADDRESS, email, SUBJECT_REGISTER, email_msg)
                self.logger.debug("Email sent to:" + email + " for notifying new user:"******" !")

            user = dao.store_entity(user)

            if role == ROLE_ADMINISTRATOR and not skip_import:
                to_upload = os.path.join(os.path.dirname(tvb_data.__file__), "Default_Project.zip")
                if not os.path.exists(to_upload):
                    self.logger.warning("Could not find DEFAULT PROJECT at path %s. You might want to import it "
                                        "yourself. See TVB documentation about where to find it!" % to_upload)
                    return TEXT_DISPLAY
                ImportService().import_project_structure(to_upload, user.id)
            else:
                try:
                    default_prj_id = dao.get_project_by_gid(DEFAULT_PROJECT_GID).id
                    dao.add_members_to_project(default_prj_id, [user.id])
                except Exception:
                    self.logger.warning(
                        "Could not link user_id: %d with project_gid: %s " % (user.id, DEFAULT_PROJECT_GID))

            return TEXT_DISPLAY
        except Exception as excep:
            self.logger.exception("Could not create user!")
            raise UsernameException(str(excep))
Beispiel #5
0
 def edit_user(self, edited_user, old_password=None):
     """
     Retrieve a user by and id, then modify it's role and validate status.
     """
     if edited_user.validated:
         self.validate_user(user_id=edited_user.id)
     user = dao.get_user_by_id(edited_user.id)
     user.role = edited_user.role
     user.validated = edited_user.validated
     if old_password is not None:
         if user.password == old_password:
             user.password = edited_user.password
         else:
             raise UsernameException("Invalid old password!")
     user.email = edited_user.email
     for key, value in six.iteritems(edited_user.preferences):
         user.preferences[key] = value
     dao.store_entity(user)
     if user.is_administrator():
         TvbProfile.current.manager.add_entries_to_config_file({
             SettingsService.KEY_ADMIN_EMAIL:
             user.email,
             SettingsService.KEY_ADMIN_PWD:
             user.password
         })
Beispiel #6
0
 def get_users_for_project(self, user_name, project_id, page=1):
     """
     Return tuple: (All Users except the project administrator, Project Members).
     Parameter "user_name" is the current user.
     Parameter "user_name" is used for new projects (project_id is None).
     When "project_id" not None, parameter "user_name" is ignored.
     """
     try:
         admin_name = user_name
         if project_id is not None:
             project = dao.get_project_by_id(project_id)
             if project is not None:
                 admin_name = project.administrator.username
         all_users, total_pages = self.retrieve_all_users(admin_name, page)
         members = dao.get_members_of_project(project_id)
         return all_users, members, total_pages
     except Exception as excep:
         self.logger.exception("Invalid userName or project identifier")
         raise UsernameException(str(excep))