def get(self, id_user):
# Parse numbers
try:
id_user = int(id_user)
except:
return Failures.not_a_number('idUser', id_user)
# Validate user exists, is validated and is not blocked
user = user_service.get_user(id_user)
if user is None:
return Failures.unknown_user_id(id_user)
logging.info('User-controller: getUserById: success: %s (%s)', id_user,
user.screen_name)
return {
'success': True,
'user': {
'id': user.id,
'email': user.email,
'locale': user.locale,
'screenname': user.screen_name,
'authentication-source': user.auth_source
}
}
def get(id_user):
# Parse numbers
try:
id_user = int(id_user)
except ValueError:
return Failures.not_a_number('idUser', id_user)
# Validate user exists, is validated and is not blocked
user = user_service.get_user(id_user)
if user is None:
return Failures.unknown_user_id(id_user)
logging.info('User-controller: getUserById: success: %s (%s)', id_user, user.screen_name)
return {'success': True, 'user': {
'id': user.id,
'email': user.email,
'locale': user.locale,
'screenname': user.screen_name,
'authentication-source': user.auth_source,
'bdmonth': user.birth_month,
'bdyear': user.birth_year,
'parent-email': user.parent_email,
'parent-email-source': user.parent_email_source
}}
def post(self):
# Get values
server = request.headers.get('server')
id_user = request.form.get('idUser')
browser = request.form.get('browser')
ip_address = request.form.get('ipAddress')
# Validate required fields
validation = Validation()
validation.add_required_field('server', server)
validation.add_required_field('idUser', id_user)
validation.add_required_field('browser', browser)
validation.add_required_field('ipAddress', ip_address)
if not validation.is_valid():
return validation.get_validation_response()
# Parse numbers
try:
id_user = int(id_user)
except:
return Failures.not_a_number('idUser', id_user)
# Validate user exists, is validated and is not blocked
user = user_service.get_user(id_user)
if user is None:
return Failures.unknown_user_id(id_user)
if not user.confirmed:
return Failures.email_not_confirmed()
if user.blocked:
return Failures.user_blocked()
# Delete expired tokens
AuthenticationToken.query.filter(
AuthenticationToken.validity < datetime.datetime.now()).delete()
db.session.flush()
# Generate token
token = str(uuid.uuid1())
# Save token and browser information
authentication_token = AuthenticationToken()
authentication_token.id_user = id_user
authentication_token.browser = browser
authentication_token.server = server
authentication_token.ip_address = ip_address
authentication_token.validity = datetime.datetime.now(
) + datetime.timedelta(minutes=120)
authentication_token.token = token
db.session.add(authentication_token)
db.session.commit()
logging.info(
'AuthToken-controller: Request auth token: success: %s -> %s*****',
user.id, token[0:6])
return {'success': True, 'token': token}
def get(self, bucket_type, id_user, count):
# Validate required fields
validation = Validation()
validation.add_required_field('bucket_type', bucket_type)
validation.add_required_field('id_user', id_user)
validation.add_required_field('count', count)
if not validation.is_valid():
return validation.get_validation_response()
# Parse numbers
try:
id_user = int(id_user)
except ValueError:
return Failures.not_a_number('idUser', id_user)
try:
count = int(count)
except ValueError:
return Failures.not_a_number('count', count)
# Validate user exists, is validated and is not blocked
user = user_services.get_user(id_user)
if user is None:
return Failures.unknown_user_id(id_user)
if user.blocked:
return Failures.user_blocked()
if not user.confirmed:
return Failures.email_not_confirmed()
bucket_types = app.config['CLOUD_SESSION_PROPERTIES'][
'bucket.types'].split(',')
if bucket_type not in bucket_types:
return Failures.unknown_bucket_type(bucket_type)
result, next_time = rate_limiting_services.consume_tokens(
user.id, bucket_type, 1)
if not result:
db.session.commit()
return Failures.rate_exceeded(
next_time.strftime("%Y-%m-%d %H:%M:%S"))
db.session.commit()
logging.info(
'RateLimiting-controller: ConsumeMultiple: success: %s (%s - %s)',
id_user, bucket_type, count)
return {'success': True}
def post(id_user):
screen_name = request.form.get('screenname')
# Validate required fields
validation = Validation()
validation.add_required_field('id-user', id_user)
validation.add_required_field('screenname', screen_name)
if not validation.is_valid():
return validation.get_validation_response()
# Validate the id parameter as an integer
try:
id_user = int(id_user)
except ValueError:
return Failures.not_a_number('idUser', id_user)
# Validate user exists, is validated and is not blocked
user = user_service.get_user(id_user)
if user is None:
return Failures.unknown_user_id(id_user)
# Attempt to retrieve the proposed screen name to ensure that it is available
user_by_email = user_service.get_user_by_screen_name(screen_name)
if user_by_email is not None:
if user.id != user_by_email.id:
return Failures.screen_name_already_in_use(screen_name)
# The screen name is available, Assign it to the user profile
user.screen_name = screen_name
db.session.commit()
logging.info('User-controller: doInfoChange: success: %s (%s)',
id_user, user.screen_name)
return {
'success': True,
'user': {
'id': user.id,
'email': user.email,
'locale': user.locale,
'screenname': user.screen_name,
'authentication-source': user.auth_source,
'bdmonth': user.birth_month,
'bdyear': user.birth_year,
'parent-email': user.parent_email,
'parent-email-source': user.parent_email_source
}
}
def post(id_user):
screen_name = request.form.get('screenname')
# Validate required fields
validation = Validation()
validation.add_required_field('id-user', id_user)
validation.add_required_field('screenname', screen_name)
if not validation.is_valid():
return validation.get_validation_response()
# Validate the id parameter as an integer
try:
id_user = int(id_user)
except ValueError:
return Failures.not_a_number('idUser', id_user)
# Validate user exists, is validated and is not blocked
user = user_service.get_user(id_user)
if user is None:
return Failures.unknown_user_id(id_user)
# Attempt to retrieve the proposed screen name to ensure that it is available
user_by_email = user_service.get_user_by_screen_name(screen_name)
if user_by_email is not None:
if user.id != user_by_email.id:
return Failures.screen_name_already_in_use(screen_name)
# The screen name is available, Assign it to the user profile
user.screen_name = screen_name
db.session.commit()
logging.info('User-controller: doInfoChange: success: %s (%s)', id_user, user.screen_name)
return {'success': True, 'user': {
'id': user.id,
'email': user.email,
'locale': user.locale,
'screenname': user.screen_name,
'authentication-source': user.auth_source,
'bdmonth': user.birth_month,
'bdyear': user.birth_year,
'parent-email': user.parent_email,
'parent-email-source': user.parent_email_source
}}
def send_email_template_for_user(id_user, template, server, **kwargs):
from app.User.services import get_user
logging.info("Sending email to user: %s (%s)", id_user, template)
params = {}
for key, value in kwargs.items():
params[key] = value
user = get_user(id_user)
if user is None:
return False
params['screenname'] = user.screen_name
send_email_template_to_address(user.email, template, server, user.locale,
params)
def get(self, bucket_type, id_user, count):
# Validate required fields
validation = Validation()
validation.add_required_field('bucket_type', bucket_type)
validation.add_required_field('id_user', id_user)
validation.add_required_field('count', count)
if not validation.is_valid():
return validation.get_validation_response()
# Parse numbers
try:
id_user = int(id_user)
except ValueError:
return Failures.not_a_number('idUser', id_user)
try:
count = int(count)
except ValueError:
return Failures.not_a_number('count', count)
# Validate user exists, is validated and is not blocked
user = user_services.get_user(id_user)
if user is None:
return Failures.unknown_user_id(id_user)
if user.blocked:
return Failures.user_blocked()
if not user.confirmed:
return Failures.email_not_confirmed()
bucket_types = app.config['CLOUD_SESSION_PROPERTIES']['bucket.types'].split(',')
if bucket_type not in bucket_types:
return Failures.unknown_bucket_type(bucket_type)
result, next_time = rate_limiting_services.consume_tokens(user.id, bucket_type, 1)
if not result:
db.session.commit()
return Failures.rate_exceeded(next_time.strftime("%Y-%m-%d %H:%M:%S"))
db.session.commit()
logging.info('RateLimiting-controller: ConsumeMultiple: success: %s (%s - %s)', id_user, bucket_type, count)
return {'success': True}
def post(self, id_user):
# Get values
old_password = request.form.get('old-password')
password = request.form.get('password')
password_confirm = request.form.get('password-confirm')
# Validate required fields
validation = Validation()
validation.add_required_field('id_user', id_user)
validation.add_required_field('old-password', old_password)
validation.add_required_field('password', password)
validation.add_required_field('password_confirm', password_confirm)
if not validation.is_valid():
return validation.get_validation_response()
# Validate user exits
user = user_service.get_user(id_user)
if user is None:
return Failures.unknown_user_id(id_user)
if user.auth_source != 'local':
return Failures.wrong_auth_source(user.auth_source)
# Validate password strength and confirm
if password != password_confirm:
return Failures.passwords_do_not_match()
if not user_service.check_password_complexity(password):
return Failures.password_complexity()
if not user_service.check_password(id_user, old_password):
# Token is not for this user
return {'success': False, 'code': 530}
salt, password_hash = user_service.get_password_hash(password)
user.password = password_hash
user.salt = salt
db.session.commit()
logging.info('LocalUser-controller: PasswordChange: success: %s',
user.id)
return {'success': True}
def post(self, id_user):
# Get values
old_password = request.form.get('old-password')
password = request.form.get('password')
password_confirm = request.form.get('password-confirm')
# Validate required fields
validation = Validation()
validation.add_required_field('id_user', id_user)
validation.add_required_field('old-password', old_password)
validation.add_required_field('password', password)
validation.add_required_field('password_confirm', password_confirm)
if not validation.is_valid():
return validation.get_validation_response()
# Validate user exits
user = user_service.get_user(id_user)
if user is None:
return Failures.unknown_user_id(id_user)
if user.auth_source != 'local':
return Failures.wrong_auth_source(user.auth_source)
# Validate password strength and confirm
if password != password_confirm:
return Failures.passwords_do_not_match()
if not user_service.check_password_complexity(password):
return Failures.password_complexity()
if not user_service.check_password(id_user, old_password):
# Token is not for this user
return {'success': False, 'code': 530}
salt, password_hash = user_service.get_password_hash(password)
user.password = password_hash
user.salt = salt
db.session.commit()
logging.info('LocalUser-controller: PasswordChange: success: %s', user.id)
return {'success': True}
def post(self, id_user):
screen_name = request.form.get('screenname')
# Validate required fields
validation = Validation()
validation.add_required_field('id-user', id_user)
validation.add_required_field('screenname', screen_name)
if not validation.is_valid():
return validation.get_validation_response()
# Parse numbers
try:
id_user = int(id_user)
except:
return Failures.not_a_number('idUser', id_user)
# Validate user exists, is validated and is not blocked
user = user_service.get_user(id_user)
if user is None:
return Failures.unknown_user_id(id_user)
user_by_email = user_service.get_user_by_screen_name(screen_name)
if user_by_email is not None:
if user.id != user_by_email.id:
return Failures.screen_name_already_in_use(screen_name)
user.screen_name = screen_name
db.session.commit()
logging.info('User-controller: doInfoChange: success: %s (%s)',
id_user, user.screen_name)
return {
'success': True,
'user': {
'id': user.id,
'email': user.email,
'locale': user.locale,
'screenname': user.screen_name,
'authentication-source': user.auth_source
}
}
def post(id_user):
locale = request.form.get('locale')
# Validate required fields
validation = Validation()
validation.add_required_field('id-user', id_user)
validation.add_required_field('locale', locale)
if not validation.is_valid():
return validation.get_validation_response()
# Parse numbers
try:
id_user = int(id_user)
except ValueError:
return Failures.not_a_number('idUser', id_user)
# Validate user exists, is validated and is not blocked
user = user_service.get_user(id_user)
if user is None:
return Failures.unknown_user_id(id_user)
user.locale = locale
db.session.commit()
logging.info('User-controller: doLocaleChange: success: %s (%s)',
id_user, user.screen_name)
return {
'success': True,
'user': {
'id': user.id,
'email': user.email,
'locale': user.locale,
'screenname': user.screen_name,
'authentication-source': user.auth_source,
'bdmonth': user.birth_month,
'bdyear': user.birth_year,
'parent-email': user.parent_email,
'parent-email-source': user.parent_email_source
}
}
def post(id_user):
locale = request.form.get('locale')
# Validate required fields
validation = Validation()
validation.add_required_field('id-user', id_user)
validation.add_required_field('locale', locale)
if not validation.is_valid():
return validation.get_validation_response()
# Parse numbers
try:
id_user = int(id_user)
except ValueError:
return Failures.not_a_number('idUser', id_user)
# Validate user exists, is validated and is not blocked
user = user_service.get_user(id_user)
if user is None:
return Failures.unknown_user_id(id_user)
user.locale = locale
db.session.commit()
logging.info('User-controller: doLocaleChange: success: %s (%s)', id_user, user.screen_name)
return {'success': True, 'user': {
'id': user.id,
'email': user.email,
'locale': user.locale,
'screenname': user.screen_name,
'authentication-source': user.auth_source,
'bdmonth': user.birth_month,
'bdyear': user.birth_year,
'parent-email': user.parent_email,
'parent-email-source': user.parent_email_source
}}
def send_email_template_for_user(id_user, template, server, **kwargs):
from app.User.services import get_user
# Get a copy of the user record
logging.info("Checking for a valid user record for user ID: %s", id_user)
user = get_user(id_user)
if user is None:
logging.error("Cannot send email: Invalid user record")
return False
else:
logging.info("Valid record found for user: %s", user.id)
logging.info("Sending email to user: %s using template: '%s'.", user.email, template)
params = {}
for key, value in kwargs.items():
logging.debug("Logging parameter %s = %s", key, value)
params[key] = value
# The elements in the params array represent the data elements that are
# available to the email templates.
params['screenname'] = user.screen_name
params['email'] = user.email
params['registrant-email'] = user.email
params['sponsoremail'] = user.parent_email
params['blocklyprop-host'] = app.config['CLOUD_SESSION_PROPERTIES']['response.host']
# Default the recipient email address
user_email = user.email
coppa = Coppa()
# Send email to parent if user is under 13 years old
if template == 'confirm' and coppa.is_coppa_covered(user.birth_month, user.birth_year):
# Send email only to the sponsor address
user_email = user.parent_email
logging.info("COPPA account has a sponsor type of %s", user.parent_email_source)
if user.parent_email_source == SponsorType.TEACHER:
# Teacher handles the account confirmation
send_email_template_to_address(user_email, 'confirm-teacher', server, user.locale, params)
elif user.parent_email_source == SponsorType.PARENT or\
user.parent_email_source == SponsorType.GUARDIAN:
# Parent handles the account confirmation
send_email_template_to_address(user_email, 'confirm-parent', server, user.locale, params)
else:
logging.info("COPPA account %s has invalid sponsor type [%s]", user.id, user.parent_email_source)
return
elif template == 'reset' and coppa.is_coppa_covered(user.birth_month, user.birth_year):
# Send email only to the sponsor address
logging.info("COPPA account has a sponsor type of %s", user.parent_email_source)
# Send password reset to student and parent
send_email_template_to_address(user.email, 'reset-coppa', server, user.locale, params)
send_email_template_to_address(user.parent_email, 'reset-coppa', server, user.locale, params)
return
else:
# Registration not subject to COPPA regulations.
#
# Evaluate user wanting to use an alternate email address to register
# the account.
logging.info('Non-COPPA registration')
if user.parent_email_source == SponsorType.INDIVIDUAL and user.parent_email:
user_email = user.parent_email
logging.info('Individual sponsor email %s being used', user_email)
if user.parent_email:
user_email = user.parent_email
logging.info('Sponsor email %s being used', user_email)
send_email_template_to_address(user_email, template, server, user.locale, params)
return
def send_email_template_for_user(id_user, template, server, **kwargs):
from app.User.services import get_user
# Get a copy of the user record
logging.info("Checking for a valid user record for user ID: %s", id_user)
user = get_user(id_user)
if user is None:
logging.error("Cannot send email: Invalid user record")
return False
logging.info("Sending email to user: %s using template: '%s'.", user.email, template)
params = {}
for key, value in kwargs.items():
logging.debug("Logging parameter %s = %s", key, value)
params[key] = value
# The elements in the params array represent the data elements that are
# available to the email templates.
params['screenname'] = user.screen_name
params['email'] = user.email
params['registrant-email'] = user.email
params['sponsoremail'] = user.parent_email
params['blocklyprop-host'] = app.config['CLOUD_SESSION_PROPERTIES']['response.host']
# Default the recipient email address
user_email = user.email
coppa = Coppa()
# Send email to parent if user is under 13 years old
if template == 'confirm' and coppa.is_coppa_covered(user.birth_month, user.birth_year):
# Send email only to the sponsor address
user_email = user.parent_email
logging.info("COPPA account has a sponsor type of %s", user.parent_email_source)
if user.parent_email_source == SponsorType.TEACHER:
# Teacher handles the account confirmation
send_email_template_to_address(user_email, 'confirm-teacher', server, user.locale, params)
elif user.parent_email_source == SponsorType.PARENT or\
user.parent_email_source == SponsorType.GUARDIAN:
# Parent handles the account confirmation
send_email_template_to_address(user_email, 'confirm-parent', server, user.locale, params)
else:
logging.info("COPPA account %s has invalid sponsor type [%s]", user.id, user.parent_email_source)
return
elif template == 'reset' and coppa.is_coppa_covered(user.birth_month, user.birth_year):
# Send email only to the sponsor address
logging.info("COPPA account has a sponsor type of %s", user.parent_email_source)
# Send password reset to student and parent
send_email_template_to_address(user.email, 'reset-coppa', server, user.locale, params)
send_email_template_to_address(user.parent_email, 'reset-coppa', server, user.locale, params)
return
else:
# Registration not subject to COPPA regulations.
#
# Evaluate user wanting to use an alternate email address to register
# the account.
logging.info('Non-COPPA registration')
if user.parent_email_source == SponsorType.INDIVIDUAL and user.parent_email:
user_email = user.parent_email
logging.info('Individual sponsor email %s being used', user_email)
if user.parent_email:
user_email = user.parent_email
logging.info('Sponsor email %s being used', user_email)
send_email_template_to_address(user_email, template, server, user.locale, params)
return
